Alert: Weblogic vulnerability exploited in the wild (apply April CPUs without delay)

Oracle released a new warning that a previously patched Weblogic vulnerability CVE-2020-2883 is being exploited in the wild. The company further urged organizations should apply April CPUs without delay.

Continue Reading Alert: Weblogic vulnerability exploited in the wild (apply April CPUs without delay)

The top 20 vulnerabilities to patch now (that are most under attack)

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.

Continue Reading The top 20 vulnerabilities to patch now (that are most under attack)

Oracle vulnerability exploited to deliver dual Monero miners

Trend Micro security researchers have spotted an Oracle vulnerability that is being abused to deliver dual Monero miner malware. The Oracle WebLogic WLS-WSAT vulnerability (CVE-2017-10271) allows remote code execution and was patched by Oracle back in October.

Continue Reading Oracle vulnerability exploited to deliver dual Monero miners