Get a Pentest and security assessment of your IT network.

Cyber Security

Critical Oracle WebLogic flaw actively exploited by DarkIRC malware

A botnet known as DarkIRC is actively targeting exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution (RCE) vulnerability fixed by Oracle two months ago. Almost 3,000 Oracle Weblogic servers are reachable over the Internet based on Shodan stats and allow unauthenticated attackers to execute remote code on targeted servers. Juniper Threat Labs didn’t say that this threat actor is behind the ongoing DarkICE attacks even though the filename of one of the recently detected payloads is similar to a FUD (Fully Undetected) Crypter file also advertised by Freak_OG earlier this month.

Source: https://www.bleepingcomputer.com/news/security/critical-oracle-weblogic-flaw-actively-exploited-by-darkirc-malware/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation