Mar 09, 2023Ravie LakshmananCryptojacking / Threat Detection, The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell … [Read more...] about New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
Oracle
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and … [Read more...] about CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
Building a scalable RAVPN architecture in Oracle Cloud Infrastructure using Cisco Secure Firewall
Oracle Cloud Infrastructure (OCI) provides a wide range of cloud-computing services, workloads, and applications to organizations globally. With Cisco Secure Firewall, organizations are able to build a scalable RAVPN architecture on OCI, providing employees secure remote access to their organization’s resources from any location or endpoint. This scalable architecture brings … [Read more...] about Building a scalable RAVPN architecture in Oracle Cloud Infrastructure using Cisco Secure Firewall
Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations
If your business operations and security of sensitive data rely on Oracle's E-Business Suite (EBS), make sure you recently updated and are running the latest available version of the software.In a report released by enterprise cybersecurity firm Onapsis and shared with The Hacker News, the firm today disclosed technical details for vulnerabilities it reported in Oracle's … [Read more...] about Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations
Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw
Researchers are urging Oracle WebLogic users to update quickly - after new Muhstik botnet samples started targeting a critical flaw in the servers. Source link … [Read more...] about Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw
Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware
Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware.As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to … [Read more...] about Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware
New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw
A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call "Sodinokibi." Source link … [Read more...] about New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw
‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic
A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild.Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products … [Read more...] about ‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic