WebLogic

Pro-Ocean cryptojacking malware targets cloud applications

A new Pro-Ocean cryptojacking malware targets popular cloud applications including ApacheMQ, Oracle Weblogic and Redis. The malware contains four modules that execute to hide, mine cryptocurrency, watchdog and infect systems.

Tags: , , , , , , , , ,

The top 20 vulnerabilities to patch now (that are most under attack)

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Oracle vulnerability exploited to deliver dual Monero miners

Trend Micro security researchers have spotted an Oracle vulnerability that is being abused to deliver dual Monero miner malware. The Oracle WebLogic WLS-WSAT vulnerability (CVE-2017-10271) allows remote code execution and was patched by Oracle back in October.

Tags: , , , , ,