all InfoSec news
Oracle WebLogic Authentication Bypass Attack (CVE-2020-14883, CVE-2020-14882)
Dec. 21, 2023, 7:29 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
An attack campaign led by the 8220 gang has been seen leveraging a 3-year old Oracle WebLogic Server vulnerabilities (CVE-2020-14883 which is commonly chained with CVE-2020-14882) to distribute malware. The attackers are able to download maliciously crafted XML files, allowing remote code execution, and finally deploying stealer and cryptominer malware such as AgentTesla, rhajk, nasqa. The high IPS detection rate suggests that the exploitation is at large.
What is the Vendor Solution?
Oracle has released relevant …
8220 gang attack attackers authentication authentication bypass bypass campaign code code execution cryptominer cve cve-2020-14882 cve-2020-14883 download files gang led malware old oracle oracle weblogic oracle weblogic server remote code remote code execution server stealer vulnerabilities weblogic what is xml
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
GitLab Password Reset Vulnerability (CVE-2023-7028)
3 days, 12 hours ago |
fortiguard.fortinet.com
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)
4 days, 11 hours ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Sr Security Engineer - Colombia
@ Nubank | Colombia, Bogota
Security Engineer, Investigations - i3
@ Meta | Menlo Park, CA | Washington, DC | Remote, US
Cyber Security Engineer
@ ASSYSTEM | Bridgwater, United Kingdom
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
GRC Analyst
@ Richemont | Shelton, CT, US
Security Specialist
@ Peraton | Government Site, MD, United States