"Oracle conceded earlier this week that the hackers behind the extortion campaign were still abusing its software to steal personal information about corporate executives and their companies. Days earlier, Oracle's chief security officer, Rob Duhart, claimed in the same post - since scrubbed - that the extortion campaign was linked to previously identified vulnerabilities that Oracle patched in July, suggesting the hacks were over."
"The Russia-linked Clop ransomware and extortion gang has made a name for itself in recent years for mass-hacking campaigns, often involving the abuse of vulnerabilities unknown to the software vendor at the time they were exploited, to steal large amounts of corporate and customer data. This includes managed file transfer tools, like Cleo Software, MOVEit, and GoAnywhere, which companies use as a way to send sensitive corporate data over the internet."
Clop extortion actors exploited multiple vulnerabilities in Oracle E-Business Suite to steal significant amounts of data from affected organizations. The software stores customer records and employees' human resources files. The campaign targeting Oracle customers dates back to at least July 10, months before the breaches were first detected. Oracle acknowledged that attackers continued abusing its software to steal personal information about corporate executives and companies, after an earlier claim that patched vulnerabilities ended the campaign. Oracle published a security advisory saying the zero-day can be exploited over a network without a username or password. Clop has a history of mass-hacking campaigns and abuse of managed file transfer tools like Cleo, MOVEit, and GoAnywhere.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]