The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This vulnerability allows remote authenticated attackers to […]
The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands remotely. […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The security vulnerabilities are as follows – CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 (CVSS score: 9.0) – Apache Log4j2 Deserialization of Untrusted Data Vulnerability […]
Oracle Access Manager (OAM) contains a pre-authentication RCE vulnerability (CVE-2021-35587) that was fixed in January 2022. However, the vulnerability is still being exploited by adversaries in the wild, as confirmed by the Cybersecurity and Infrastructure Security Agency, which added the vulnerability to its Catalog. CVE-2021-35587 has been added to the Known Exploited Vulnerabilities Catalog by CISA, […]
Researchers have disclosed a new severe Oracle Cloud Infrastructure (OCI) vulnerability that could be exploited by users to access the virtual disks of other Oracle customers. “Each virtual disk in Oracle’s cloud has a unique identifier called OCID,” Shir Tamari, head of research at Wiz, said in a series of tweets. “This identifier is not […]
In its quarterly Critical Patch Update (CPU), Oracle has included a total of 520 patches to address all sorts of vulnerabilities. This update fixes security flaws in dozens of products, with special focus on three bugs that received critical scores according to the Common Vulnerability Scoring System (CVSS). Oracle recommends its users update their products […]
Google holds the top slot with over 547 vulnerabilities, Microsoft is on number two with 432 unwanted exposure instances and Oracle is on number three with 316 vulnerabilities in H1 2021. The latest AtlasVPN report analyzes mobile security and common vulnerabilities in the current cybersecurity landscape. The report revealed that in early 2021, Google, Microsoft, and Oracle […]
In the quarterly Critical Patch Update for July 2021, Oracle has released 342 fixes for several of its products range. The security experts at Oracle have claimed that among those fixes there are some critical flaws, and a threat actor can easily exploit these flaws remotely. The most critical one is the deserialization flaw through […]
pax Exploit padding oracles for fun and profit! Pax (PAdding oracle eXploiter) is a tool for exploiting padding oracles in order to: Obtain plaintext for a given piece of CBC encrypted data. Obtain encrypted bytes for a given piece of plaintext, using the unknown encryption algorithm used by the oracle. This can be used to […]
A research published by vulnerability testing experts at security firm Onapsis claims that multiple vulnerabilities have been discovered in Oracle’s E-Business Suite. If exploited, these flaws would allow threat actors to gain full control of electronic transfers and even print undetected checks. The report mentions that the attack, known as Oracle Payday, involves exploiting two […]
Recently, Apache Shiro Padding Oracle reveals remote code execution vulnerability. After we analysis and judgment, it is judged that the level of the vulnerability is serious and the damage surface/wide impact is wide. At present, Apache Shiro does not issue official patches and mitigation solutions. Apache Shiro is an open-source software security framework that performs […]
Oracle Autonomous Linux OS has been announced to simplify cloud computing needs for server-side computers. It is the world’s first autonomous operating system and comes with Oracle OS management services. Oracle Autonomous Linux OS will mainly be used as a server-side solution on an enterprise scale. This Linux OS will provide a great deal of […]
A group of web application security experts from Trend Micro firm have detected a hacking campaign against Oracle WebLogic Server implementations to install malicious cryptocurrency mining software. Hackers exploit a vulnerability to install the miner bypassing the detection of system administrators. The National Vulnerability Database (NVD) published last April the security alert regarding a severe […]
Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Malware Infection Malware exploits CVE-2019-2725 to […]
A couple of weeks back, a zero-day vulnerability was discovered in Oracle WebLogic Servers that can trigger the deserialization of malicious code and allow hackers to take over the targeted system. Now, a recent report suggests that this zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers through ransomware. So far, two […]
Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a never-before-seen ransomware […]
Hackers exploiting the recently disclosed Oracle WebLogic Server remote code execution vulnerability to install a new variant of ransomware called “Sodinokibi.” The vulnerability allows anyone with HTTP access to the server can carry out the attack without authentication. The vulnerability affects Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, Oracle fixed the issue on April 26, and […]
A new Oracle WebLogic server zero-day vulnerability is being exploited in the wild, reported vulnerability testing specialists. The company has already been notified of the flaw, although the corrections are likely to come a little further, as Oracle had just released its quarterly update package a couple of days before receiving the vulnerability report. Vulnerability […]
To say that Google knows more about you than you know about yourself would not be an exaggeration. In a fresh attack on Google, Oracle has submitted a 17-page attachment titled “Google’s Shadow Profile” to Australian Competition and Consumer Commission’s digital platform inquiry. Oracle has accused Google of building profiles of Australian users by logging […]
Google has appealed to the Supreme Court to review the long-running legal trial with Oracle, where the latter is suing Google for copying Oracle’s Java language to create the Android operating system. The case dates back to 2010 when Oracle purchased Sun Microsystems, the creator of Java. After the acquisition, the new owners of the language sued Google for $8.8 […]
The company recommends that system administrators stay on the lookout for the release of update patches During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network […]