WebLogic – WindowsTechs.com

A WebLogic Vulnerability Highlights the Path-Based Authorization Dilemma

Posted on November 2, 2020 by Craig Young

A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post detailed the steps needed to bypass authentication and achieve remote code execution on unpatched systems. Although there … Continue reading A WebLogic Vulnerability Highlights the Path-Based Authorization Dilemma→

How Does Ransomware Work (And Is It Still A Threat)?

Posted on May 6, 2019 by SentinelOne

Ransomware is making a comeback while cryptojacking takes a vacation. Learn how criminals obtain and deploy ransomware, and what can you do to stay safe.
The post How Does Ransomware Work (And Is It Still A Threat)? appeared first on Security Boulevard.
Continue reading How Does Ransomware Work (And Is It Still A Threat)?→

Aleksei Tiurin, Acunetix – Application Security Weekly #42

Posted on December 5, 2018 by Security Weekly Productions

Aleksei Tiurin is the Senior Security Researcher for Acunetix. He is performing a technical segment on reverse proxies using weblogic, Tomcat, and Nginx. To learn more about Acunetix, go to: www.acunetix.com/securityweekly Full Show Notes Follow us on … Continue reading Aleksei Tiurin, Acunetix – Application Security Weekly #42→

Patch for Critical Oracle WebLogic Vulnerability Can Be Bypassed

Posted on May 1, 2018 by Lucian Constantin

Security researchers warn that a patch recently released by Oracle for a critical vulnerability in its WebLogic Java application server can easily be bypassed. The risk of exploitation is high especially since exploit code is already available for the… Continue reading Patch for Critical Oracle WebLogic Vulnerability Can Be Bypassed→

Oracle Ships 237 Fixes in Latest Critical Patch Update

Posted on January 17, 2018 by Christopher Kanaracus

Enterprise applications from Oracle and others could be becoming juicier targets for attackers. Continue reading Oracle Ships 237 Fixes in Latest Critical Patch Update→

NVIDIA, Oracle, Coinbase, and Bitcoin – Application Security Weekly #1

Posted on January 14, 2018 by Paul Asadoorian

In the Application Security News, Paul and Keith discuss how malicious NPM packages could harvest credit card numbers and passwords from your site, NVIDIA updates video drivers to help address CPU memory security, multiple vulnerabilities in PHP could … Continue reading NVIDIA, Oracle, Coinbase, and Bitcoin – Application Security Weekly #1→

San Francisco Rail System Hacker Hacked

Posted on November 29, 2016 by BrianKrebs

The San Francisco Municipal Transportation Agency (SFMTA) was hit with a ransomware attack on Friday, causing fare station terminals to carry the message, “You Hacked. ALL Data Encrypted.” Turns out, the miscreant behind this extortion attempt got hacked himself this past weekend, revealing details about other victims as well as tantalizing clues about his identity and location. Continue reading San Francisco Rail System Hacker Hacked→