Oracle WebLogic Server | Breaking Cybersecurity News | The Hacker News

Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server. According to Oracle, the vulnerability—which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10—is already being exploited in the wild by an unnamed group of attackers. Oracle WebLogic is a Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on the cloud, which is popular across both, cloud environment and conventional environments. The reported vulnerability is a deserialization issue via XMLDecoder in Oracle WebLogic Server Web Services that could allow unauthorized remote attackers to execute arbitrary code on the targeted servers and take control over them. "This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password," the advisor...

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a never-before-seen ransomware variant, which researchers dubbed " Sodinokibi ." Last weekend, The Hacker News learned about a critical deserialization remote code execution vulnerability in Oracle WebLogic Server that could allow attackers to remotely run arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization. To address this vulnerability (CVE-2019-2725), which affected all versions of the Oracle WebLogic software and was given a severity score of 9.8 out of 10, Oracle rolled out an out-of-band security update on...

Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model , exemplified through Microsoft 365's approach, offers a framework for comprehending and implementing effective cybersecurity measures.  The Essence of Shared Responsibility  Think of cloud security like a well-maintained building: the property manager handles structural integrity and common areas, while tenants secure their individual units. Similarly, the shared responsibility model creates a clear division of security duties between cloud providers and their users. This partnership approach ensures comprehensive protection through clearly defined roles and responsibilities.  What Your Cloud Provider Handles  Microsoft maintains comprehensive responsibility for securing the foundational eleme...

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on the cloud. It's popular across both, cloud environment and conventional environments. Oracle WebLogic application reportedly contains a critical deserialization remote code execution vulnerability that affects all versions of the software, which can be triggered if the "wls9_async_response.war" and "wls-wsat.war" components are enabled. The vulnerability, spotted by the researchers from KnownSec 404, allows attackers to remotely execute arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization....

Earlier this month, Oracle patched a highly critical Java deserialization remote code execution vulnerability in its WebLogic Server component of Fusion Middleware that could allow attackers to easily gain complete control of a vulnerable server. However, a security researcher, who operates through the Twitter handle @pyn3rd and claims to be part of the Alibaba security team, has now found a way using which attackers can bypass the security patch and exploit the WebLogic vulnerability once again. WebLogic Server acts as a middle layer between the front end user interface and the backend database of a multi-tier enterprise application. It provides a complete set of services for all components and handles details of the application behavior automatically. Initially discovered in November last year by Liao Xinxi of NSFOCUS security team, the Oracle WebLogic Server flaw (CVE-2018-2628) can be exploited with network access over TCP port 7001. If exploited successfully, the fl...