CISA adds Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities Catalog

CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) a critical vulnerability impacting Oracle Fusion Middleware, tracked as CVE-2021-35587 (CVSS 3.1 Base Score 9.8), to its Known Exploited Vulnerabilities Catalog. An unauthenticated attacker with network access via HTTP can exploit […]

Continue Reading

Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)

A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its  Known Exploited Vulnerabilities (KEV) Catalog. About CVE-2021-35587 CVE-2021-35587 was discovered by security researchers “Jang” (Nguyen Jang) […]

Continue Reading

Resecurity platform now available on the Oracle Cloud Marketplace

The Resecurity Cyber Threat Intelligence (CTI) and Digital Risk Monitoring (DRM) Platform is now available on the Oracle Cloud Marketplace. The addition to the Oracle Cloud Marketplace will streamline Resecurity’s seamless integration with critical Oracle Cloud applications and services, delivering a high level of compliance in variety of geographical regions according to existing data protection […]

Continue Reading

Oracle’s expanded cloud options enables customers to bring applications and data into the cloud

Oracle has released several new distributed cloud offerings to meet customers’ diverse needs and growing demand for Oracle Cloud Infrastructure (OCI). New options include Oracle Alloy, Oracle MySQL HeatWave for Microsoft Azure, and plans to open new public cloud regions in Chicago, Serbia, and Mexico. OCI’s distributed cloud gives customers the flexibility needed to access […]

Continue Reading

Stellar Cyber Open XDR now available on Oracle Cloud Marketplace

Stellar Cyber has achieved Powered by Oracle Cloud Expertise for its SaaS security operations platform, which is available on Oracle Cloud Marketplace. The Stellar Cyber Open XDR Platform includes XDR (eXtended Detection and Response) and other valuable capabilities needed for security operations, including next-generation security information and event management (NG-SIEM), network detection and response (NDR), […]

Continue Reading

Hackers Exploit WebLogic Vulnerabilities to Deliver Cryptocurrency-Mining Malware

In order to deliver cryptocurrency mining malware, the threat actors are actively exploiting both old and newly discovered vulnerabilities in Oracle WebLogic Server. Recent research by Trend Micro has identified that there is a financially motivated group using Python scripts to exploit the vulnerabilities in Oracle WebLogic Server.  The Security-Enhanced Linux (SELinux) and other OS […]

Continue Reading