WebLogic Archives - Security Affairs

Pierluigi Paganini November 07, 2020

Ransomware operators target CVE-2020-14882 WebLogic flaw

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. At the end of October, threat actors have started scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the […]

Pierluigi Paganini May 01, 2020

Hackers are targeting recently patched WebLogic security vulnerability

Oracle warns of attacks against recently patched WebLogic security bug Oracle warns of attacks in the wild exploiting a recently patched vulnerability in WebLogic servers for which a PoC code is available on GitHub. IT giant Oracle published a security alert to warn organizations running WebLogic servers of ongoing attacks that exploit the CVE-2020-2883 vulnerability. […]

Pierluigi Paganini June 19, 2019

Another Remote Code Execution flaw in WebLogic exploited in the wild

Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server. On Tuesday, Oracle released emergency patches for another critical remote code execution vulnerability affecting the WebLogic Server. The vulnerability, tracked as CVE-2019-2729, affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The vulnerability is a remotely exploitable deserialization vulnerability via XMLDecoder in Oracle WebLogic […]

Pierluigi Paganini May 01, 2019

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Threat actors are delivering a new piece of malware, tracked as Sodinokibi, by exploiting a recently patched Oracle WebLogic Server vulnerability. Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation, it […]

Pierluigi Paganini April 30, 2018

Oracle botches CVE-2018-2628 patch and hackers promptly start scanning for vulnerable WebLogic installs

According to a security expert, Oracle appears to have botched the CVE-2018-2628 fix, this means that attackers could bypass it to take over WebLogic servers. Earlier April, Oracle patched the critical CVE-2018-2628 vulnerability in Oracle WebLogic server, but an Alibaba security researcher @pyn3rd discovered that the proposed fix could be bypassed. https://twitter.com/pyn3rd/status/990114565219344384 The CVE-2018-2628 flaw was […]

WebLogic

Ransomware operators target CVE-2020-14882 WebLogic flaw

Hackers are targeting recently patched WebLogic security vulnerability

Another Remote Code Execution flaw in WebLogic exploited in the wild

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Oracle botches CVE-2018-2628 patch and hackers promptly start scanning for vulnerable WebLogic installs

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco confirms active exploitation of ISE and ISE-PIC flaws

SharePoint under fire: new ToolShell attacks target enterprises

CrushFTP zero-day actively exploited at least since July 18

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

QUICK LINKS

WebLogic

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!