Security News

New Linux malware Hadooken targets Oracle WebLogic servers
2024-09-13 17:05

Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken, which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. [...]

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency
2024-09-13 05:39

Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle...

'Hadooken' Linux malware targets Oracle WebLogic servers
2024-09-13 00:31

Nastyware seeks creds, mines crypto, and plants ransomware that isnt deployed - for now? An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an...

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining
2024-06-28 11:59

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor...

7-year-old Oracle WebLogic bug under active exploitation
2024-06-06 10:37

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
2024-06-04 03:25

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing...

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
2023-12-20 12:59

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
2023-12-19 06:58

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming...

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
2023-05-18 09:31

The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506, which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands remotely.

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
2023-03-09 08:10

The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt.