viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Hackers are on the hunt for Oracle servers vulnerable to potent exploit
Technology

Hackers are on the hunt for Oracle servers vulnerable to potent exploit

29/10/2020

Photograph of computer server.

Hackers are scanning the Internet for machines that have yet to patch a recently disclosed flaw that force Oracle’s WebLogic server to execute malicious code, a researcher warned Wednesday night.

Johannes Ullrich, dean of research at the SANS Technology Institute, said his organization’s honeypots had detected Internetwide scans that probe for vulnerable servers. CVE-2020-14882, as the vulnerability is tracked, has a severity rating of 9.8 out of 10 on the CVSS scale. Oracle’s October advisory accompanying a patch said exploits are low in complexity and require low privileges and no user interaction.

“At this point, we are seeing the scans slow down a bit,” Ullrich wrote in a post. “But they have reached ‘saturation’ meaning that all IPv4 addresses have been scanned for this vulnerability. If you find a vulnerable server in your network: Assume it has been compromised.”

Honeypots are servers that are deliberately left exposed or unpatched. They’re meant to act as a barometer for tracking Internet attack activity. When hackers scan or exploit them, researchers know that specific vulnerabilities are under threat of attack.

Ullrich said in an interview that SANS honeypots have received GET Web requests that attempt to query whether a server is running a vulnerable version of WebLogic. The honeypots weren’t set up to respond that they were vulnerable, so he doesn’t yet know if the attackers are simply compiling a list of vulnerable machines or are actively exploiting them once they’re found.

Advertisement

In the past few hours, he configured the servers to indicate they’re vulnerable, but so far he has yet to see active exploits. He also said it’s possible that some of the scans are coming from people doing benign research.

The scans come amid warnings that Russian ransomware hackers are targeting hundreds of US hospitals and healthcare providers. Exploits as potent as those against CVE-2020-14882 would likely provide everything needed to initiate such an attack.

Vulnerable versions of WebLogic include 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Oracle credited voidfyoo of Chaitin Security Research Lab with its discovery.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

Uber plans to gobble up delivery rival Postmates in $2.6 billion deal
Enlarge / Bicycle couriers making deliveries to Uber Eats customers …

Uber plans to gobble up delivery rival Postmates in $2.6 billion deal

Apple releases iOS 13.4, iPadOS 13.4, macOS 10.15.4, tvOS 13.4, and watchOS 6.2 betas
Three months after Apple released the first 13.3 betas for …

Apple releases iOS 13.4, iPadOS 13.4, macOS 10.15.4, tvOS 13.4, and watchOS 6.2 betas

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • How Xbox Game Pass is giving fans the first Battletoads in 26 years
    How Xbox Game Pass is giving fans …
    22/08/2020
  • How to watch Transform 2020 live
    How to watch Transform 2020 live
    15/07/2020
  • Ford releases a data set to accelerate autonomous car development
    Ford releases a data set to accelerate …
    19/03/2020
  • Japan’s top carriers announce 5G launches as 2020 Olympics face delay
    Japan’s top carriers announce 5G launches as …
    24/03/2020
  • TechCrunch’s Favorite Things of 2019
    India launches WhatsApp chatbot to create awareness …
    21/03/2020

Popular Posts

  • 100 million more IoT devices are exposed—and they won’t be the last
    100 million more IoT devices are exposed—and …
    14/04/2021 0
  • Top 10 Places Creepier Than Stephen King’s …
    17/03/2021 0
  • Top 10 Things You Should Know About …
    17/03/2021 0
  • I was a teenage Twitter hacker. Graham Ivan Clark gets 3-year sentence
    I was a teenage Twitter hacker. Graham …
    17/03/2021 0
  • DDoSers are abusing Microsoft RDP to make attacks more powerful
    ~4,300 publicly reachable servers are posing a …
    18/03/2021 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2021 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh