Browsing tag
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office’s […]
The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands remotely. […]
Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as Security-Enhanced Linux (SELinux), […]
A new Oracle WebLogic server zero-day vulnerability is being exploited in the wild, reported vulnerability testing specialists. The company has already been notified of the flaw, although the corrections are likely to come a little further, as Oracle had just released its quarterly update package a couple of days before receiving the vulnerability report. Vulnerability […]
There is a rapid growth in cryptocurrency attacks from the mid of 2017, mining cryptocurrency requires more computing power, which requires significant amounts of energy. Attackers abuses Oracle WebLogic Server vulnerability to deliver Monero Miner Payloads. As long as your server has RCE vulnerability attackers take an advantage of it and include malicious scripts. The […]
Oracle WebLogic application server is vulnerable to cryptocurrency mining.The security researcher has found this exploit to mine monero coins in the compromised machine. This critical bug allows hackers to run arbitrary commands with WebLogic server with user privileges. The vulnerability (CVE 2017-10271) was present in the WebLogic Web Services component (wls-wsat) and due to lack of improperly […]