Get a Pentest and security assessment of your IT network.

Cyber Security

Oracle Solaris Zero-Day Attack Revealed

A previously known threat group, called UNC1945, has been compromising telecommunications companies and targeting financial and professional consulting industries using an Oracle flaw. The bug, CVE-2020-14871, was recently addressed in Oracle s October 2020 Critical Patch Update. The vulnerability exists in the Oracle Solaris Pluggable Authentication Module (PAM) and allows an unauthenticated attacker with network access via multiple protocols to exploit and compromise the operating system. Researchers said that the group was exploiting the bug when it was a zero-day, long before a patch arrived.

Source: https://threatpost.com/oracle-solaris-zero-day-attack/160929/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation