Old Oracle WebLogic flaw becomes new attack target

20 December 2023

Healthcare, telecommunications, and financial services firms across the U.S., Mexico, Columbia, Spain, and South Africa are having their Oracle WebLogic servers vulnerable to the remote code execution flaw, tracked as CVE-202014883, targeted by the threat operation 8220 Gang to facilitate malware distribution, The Hacker News reports. Such a vulnerability which is usually used alongside another WebLogic server bug, tracked as CVE-2020-14882 has been leveraged by 8220 Gang for XML file creation and code execution for the deployment of the Agent Tesla, nasqa, and rhajk payloads, a report from Imperva revealed.

Source: SC Magazine

Date:

20 December 2023

Categorie(s):

NEWS

Tag(s):

IT, Old, Oracle, Threat Intelligence, WebLogic

Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024