Cerber

Cerber is a type of malware, specifically a ransomware variant that targets systems to exploit and damage them. Ransomware is a form of malicious software designed to block access to a computer system until a sum of money is paid. Cerber infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operations and hold data hostage for ransom. A Linux variant of Cerber has been identified as targeting Atlassian servers, exploiting a vulnerability known as CVE-2023-22518. This was discovered when threat actors started using this flaw to deliver the Cerber ransomware, prompting Atlassian to elevate the severity rating of the vulnerability. Hackers exploited an authentication bypass flaw in Atlassian to encrypt files with the Cerber ransomware. In some instances, threat groups were able to deploy the Cerber ransomware by exploiting two recent vulnerabilities in Atlassian Confluence. The exploitation of this vulnerability by Cerber ransomware has had significant impacts. For example, the Allied Pilots Association reported a suspected ransomware attack that knocked several systems offline. Other notable attacks include a major ransomware attack on Mexico City's Querétaro Intercontinental Airport by the LockBit group and a threat of a massive data breach faced by Shimano from the same group. In response to these escalating threats, an alliance of 40 countries has vowed not to pay ransoms to cybercriminals.