Oracle WebLogic – WindowsTechs.com

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

Posted on December 20, 2023 by Helga Labus

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency mi… Continue reading 8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers→

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

Posted on October 29, 2020 by Zeljka Zorz

A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle WebLogic is a Java EE application server that is part of Oracle’s Fusion Middle… Continue reading Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)→

Self-Propagating Lucifer Malware Targets Windows Systems

Posted on June 24, 2020 by Lindsey O'Donnell

A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Continue reading Self-Propagating Lucifer Malware Targets Windows Systems→

Serialization: Protecting Enterprise Critical Applications

Posted on July 12, 2019 by John Matthew Holt

Enterprise organizations have built much of their foundations on Oracle’s WebLogic servers. As ubiquitous as they are, it’s no wonder that they are often the target of sophisticated attacks aimed at harvesting sensitive data. It’s no surprise that lar… Continue reading Serialization: Protecting Enterprise Critical Applications→

Another Oracle WebLogic Server RCE under active exploitation

Posted on June 19, 2019 by Zeljka Zorz

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security update as soon as possible. Speed is of the essence as, … Continue reading Another Oracle WebLogic Server RCE under active exploitation→

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Posted on May 6, 2019 by Tara Seals

Snowballing attacks using a recently patched critical bug show no sign of abating. Continue reading Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig→

Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws

Posted on May 2, 2019 by Zeljka Zorz

Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine cryptocurrency and make the compromised machines participate in DDoS attacks. The Ora… Continue reading Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws→

Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw

Posted on May 1, 2019 by Lindsey O'Donnell

Researchers are urging Oracle WebLogic users to update quickly – after new Muhstik botnet samples started targeting a critical flaw in the servers. Continue reading Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw→

New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw

Posted on April 30, 2019 by Lindsey O'Donnell

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call “Sodinokibi.” Continue reading New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw→

Researchers flag new Oracle WebLogic zero-day RCE flaw

Posted on April 25, 2019 by Zeljka Zorz

Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat components trigger deserialization remote command execution vulnerability. This v… Continue reading Researchers flag new Oracle WebLogic zero-day RCE flaw→