Soosaarayaasha mashruuca MidnightBSD, kaas oo soo saara nidaamka hawlgalka desktop-ujeeda ee ku saleysan FreeBSD oo leh walxo laga soo dejiyay DragonFly BSD, OpenBSD iyo NetBSD, ayaa uga digay isticmaaleyaasha inay aqoonsadaan raadadka jabsiga mid ka mid ah adeegayaasha. Jabsiga waxaa loo galay ka faa'iidaysiga dayacanka CVE-2021-26084 ee la ogaaday dhamaadkii Agoosto ee matoorka wada shaqaynta lahaanshaha ee Confluence (Atlassian waxay siisay fursad ay alaabtan ugu isticmaasho lacag la'aan mashaariicda aan ganacsi iyo il furan ahayn).
Server-ku waxa kale oo uu maamulay mashruuca DBMS oo uu marti galiyay meel lagu kaydiyo faylka, taas oo loo isticmaalay, waxyaabo kale, kaydinta dhexe ee noocyada cusub ee xidhmooyinka ka hor inta aan lagu daabicin serfarka FTP-ga hoose. Marka loo eego xogta hordhaca ah, kaydka xirmada ugu weyn iyo sawirada iso ee diyaarka u ah soo dejinta lama jabiyo.
Sida muuqata, weerarka lama bartilmaameedsan iyo mashruuca MidnightBSD noqday mid ka mid ah dhibanayaasha jabsiga ballaaran ee server-yada leh noocyada nugul ee Confluence, ka dib markii weerarka, malware loogu talagalay macdanta cryptocurrency la rakibay. Hadda, software-ka server-ka la jabsaday ayaa dib loo rakibay iyada oo eber laga soo bilaabo 90% adeegyada naafada ah ka dib markii la jabsaday. Waxaa la go'aamiyay in dib loo dhigo sii deynta soo socota ee MidnightBSD 2.1.
Source: opennet.ru