"The Cl0p ransomware and extortion group has taken credit for the EBS hacking campaign, which involved exploiting zero-day vulnerabilities to access data stored by organizations in Oracle's enterprise management software. The compromised data was then leveraged for extortion. While Cl0p serves as the public-facing extortion brand for the campaign, the cybersecurity community believes the operation may have been driven by a cluster of threat actors, most notably FIN11."
"The hackers have listed more than 100 alleged victims of the Oracle EBS campaign on the Cl0p leak website, including organizations in sectors such as technology, telecommunications, software, heavy industry, manufacturing, engineering, retail, consumer goods, energy, utilities, media, finance, and entertainment. For most of the victims, the cybercriminals published torrent files pointing to information allegedly stolen from their systems."
"A majority of the large organizations targeted in the campaign have issued a public statement confirming a data breach. Many claimed that the impact of the incident is limited, but still notified affected individuals about the potential risks. However, a handful of very large companies do not appear to have issued any public statements on the matter, neither to confirm nor deny being hit."
The Cl0p ransomware group exploited zero-day vulnerabilities in Oracle E-Business Suite to compromise over 100 organizations across multiple sectors including technology, telecommunications, manufacturing, finance, and entertainment. The cybersecurity community attributes the operation to threat actor cluster FIN11 using Cl0p as the extortion brand. Most victims published torrent files of stolen data, indicating ransom refusal. While many large organizations issued public statements confirming breaches with limited impact claims, several major companies including Broadcom, Bechtel, Estée Lauder, and Abbott Laboratories have issued no public statements regarding their alleged compromise.
#oracle-ebs-zero-day-vulnerabilities #cl0p-ransomware-campaign #corporate-data-breach-silence #fin11-threat-actor #ransomware-extortion
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]