Critical Oracle Weblogic Flaw Let Remote Attacker Take Control of The System
In the quarterly Critical Patch Update for July 2021, Oracle has released 342 fixes for several of its products range. The security experts
[...]
oracle
Beware!! New Cryptojacking Malware Attacking Apache, Oracle, Redis Servers
The security researchers at unit 42 are keeping a stern eye on China-based cybercrime group Rocke. This hacking group was detected in 2019
[...]
Critical Oracle WebLogic Vulnerability Flaw Actively Exploited by DarkIRC Malware
Juniper Threat Labs researchers observed active attacks on Oracle WebLogic software using CVE-2020-14882. This vulnerability, if successfully exploited, allows unauthenticated remote code execution.
[...]
ModPipe Malware Steals Sensitive Information from Oracle POS Software used by Hundreds of Thousands of Hotels
A new Point-of-Sale (PoS) named ModPipe malware is targeting devices utilized by many thousands of organizations within the hospitality sector, researchers have warned.
[...]
Oracle Issues Out-of-Band Update for Remote-Access Vulnerability
The exploit could give an attacker complete control of vulnerable WebLogic servers.
Source: Dark Reading – Threat Intelligence – Oracle Issues Out-of-Band
[...]
Oracle Issues Emergency Patch for Remote Code Execution Vulnerability in Oracle WebLogic Server
IT giant Oracle, on 1st November 2020, issued a Security Alert Advisory, CVE-2020-14750, regarding a remote code execution vulnerability on Oracle WebLogic Server.
[...]
Oracle WebLogic Server RCE Flaw Under Active Attack
The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn.
Source: Threat Post – Web
[...]
Oracle Releases Another Mammoth Security Patch Update
October’s CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.
[...]
Oracle Kills 402 Bugs in Massive October Patch Update
Over half of Oracle’s flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS
[...]
Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection
CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches.
Source: Threat Post – Web Security – Unpatched Bugs in Oracle
[...]