Tag: CVE-2017-1000353
Last week, a malware campaign targeting Jenkins automation servers was reported by CheckPoint researchers.1 The attackers exploited a deserialization vulnerability2 in Jenkin’s bidirectional channel (CVE-2017-1000353)3 to deploy Monero cryptomining malware that generated an estimated profit of $3 million. Following this disclosure, F5 researchers observed what appears to be the same threat actor group, as they…
Read MoreThreat actors continue to find creative yet relatively unsophisticated ways to launch new campaigns to reap profits from crypto-mining operations. Source link lol
Read MoreOracle WebLogic WLS Security Component RCE (CVE-2019-2725) On April 21, 2019, information regarding a deserialization vulnerability in Oracle WebLogic Server was published by KnownSec 404 Team. According to the CVE, the vulnerability exists in the Web Services subcomponent of Oracle WebLogic. Similar to the previous Oracle WebLogic vulnerability discussed above, this new vulnerability also stems…
Read MoreRecent Posts
- Applied Digital CEO Wes Cummins Talks Nvidia, Liquid Cooling, And Finding Capacity Amid ‘This Big Infrastructure Revolution’
- Intel Stock Rises After Report Says It’s An ‘Acquisition Target’
- CISA and FBI Release Updated Guidance on Product Security Bad Practices | CISA
- IBM Looks To Purchase Oracle Consultancy Amid HashiCorp Scrutiny
- Cybersecurity Snapshot: CISA Lists Security Features OT Products Should Have and Publishes AI Collaboration Playbook