Ever wonder what happens to vulnerabilities after they're forgotten?
In a new blog from the GreyNoise Labs team, we look at CVE-2023-22527, an Atlassian Confluence vulnerability that was all over the news back in January/2024, then forgotten a week later. But even though the media has forgotten, attackers haven't!
The Labs team digs a little into who the attacker is and their techniques - killing other malware, deleting log files, and even using SSH keys to infect other hosts.
If you're interested in how attackers use old vulnerabilities and what they do once they're on a host, check it out!
This article is a summary of the full, in-depth version on the GreyNoise Labs blog.
Read the full report