Collaborate Disseminate
CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular ent… Continue reading Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog.
The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek.
Continue reading CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency mi… Continue reading 8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle WebLogic is a Java EE application server that is part of Oracle’s Fusion Middle… Continue reading Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)
A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Continue reading Self-Propagating Lucifer Malware Targets Windows Systems
Enterprise organizations have built much of their foundations on Oracle’s WebLogic servers. As ubiquitous as they are, it’s no wonder that they are often the target of sophisticated attacks aimed at harvesting sensitive data. It’s no surprise that lar… Continue reading Serialization: Protecting Enterprise Critical Applications
Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security update as soon as possible. Speed is of the essence as, … Continue reading Another Oracle WebLogic Server RCE under active exploitation
Snowballing attacks using a recently patched critical bug show no sign of abating. Continue reading Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig
Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine cryptocurrency and make the compromised machines participate in DDoS attacks. The Ora… Continue reading Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws
Researchers are urging Oracle WebLogic users to update quickly – after new Muhstik botnet samples started targeting a critical flaw in the servers. Continue reading Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw