WebLogic

Pierluigi Paganini November 07, 2020
Ransomware operators target CVE-2020-14882 WebLogic flaw

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. At the end of October, threat actors have started scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the […]

Pierluigi Paganini May 01, 2020
Hackers are targeting recently patched WebLogic security vulnerability

Oracle warns of attacks against recently patched WebLogic security bug Oracle warns of attacks in the wild exploiting a recently patched vulnerability in WebLogic servers for which a PoC code is available on GitHub. IT giant Oracle published a security alert to warn organizations running WebLogic servers of ongoing attacks that exploit the CVE-2020-2883 vulnerability. […]

Pierluigi Paganini June 19, 2019
Another Remote Code Execution flaw in WebLogic exploited in the wild

Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server. On Tuesday, Oracle released emergency patches for another critical remote code execution vulnerability affecting the WebLogic Server. The vulnerability, tracked as CVE-2019-2729, affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The vulnerability is a remotely exploitable deserialization vulnerability via XMLDecoder in Oracle WebLogic […]

Pierluigi Paganini May 01, 2019
Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Threat actors are delivering a new piece of malware, tracked as Sodinokibi, by exploiting a recently patched Oracle WebLogic Server vulnerability. Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation, it […]

Pierluigi Paganini April 30, 2018
Oracle botches CVE-2018-2628 patch and hackers promptly start scanning for vulnerable WebLogic installs

According to a security expert, Oracle appears to have botched the CVE-2018-2628 fix, this means that attackers could bypass it to take over WebLogic servers. Earlier April, Oracle patched the critical CVE-2018-2628 vulnerability in Oracle WebLogic server, but an Alibaba security researcher @pyn3rd discovered that the proposed fix could be bypassed. https://twitter.com/pyn3rd/status/990114565219344384 The CVE-2018-2628 flaw was […]