Security News > 2020 > December > Recent Oracle WebLogic Vulnerability Exploited to Deliver DarkIRC Malware

Recent Oracle WebLogic Vulnerability Exploited to Deliver DarkIRC Malware
2020-12-02 16:02

Threat actors are targeting an Oracle WebLogic flaw patched last month in an attempt to install a piece of malware named DarkIRC on vulnerable systems.

The first attacks targeting it were observed roughly one week after and, in early November, Oracle issued an out-of-band update to address an easy bypass for the initial patch.

According to Juniper Threat Labs' security researchers, there are approximately 3,100 Oracle WebLogic servers that are accessible from the Internet.

The DarkIRC bot, the researchers say, is only one of the several payloads that adversaries are attempting to drop onto the vulnerable servers they discover.

"This vulnerability was fixed by Oracle in October and a subsequent out of cycle patch was also released in November to fix a hole in the previous patch. We recommend affected systems to patch immediately," Juniper Threat Labs notes.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/FVLPHCZjBgY/recent-oracle-weblogic-vulnerability-exploited-deliver-darkirc-malware

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Oracle 781 388 3148 2078 432 6046