Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle e-business suite |
Chinese Earth Krahang hackers breach 70 orgs in 23 countries By Bill Toulas March 18, 2024 04:49 PM 0 A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat (APT) group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. According to Trend Micro researchers monitoring the activity, the campaign has been underway since early 2022 and focuses primarily on government organizations. Specifically, the hackers have compromi...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus potential links to I-Soon, researchers say
Chinese cyberspies have compromised at least 70 organizations, mostly government entities, and targeted more than 116 victims across the globe, according to security researchers. The Beijing-backed hacking crew, dubbed Earth Krahang, exploits public-facing servers and uses phishing emails to deploy two custom backdoors, according to Trend Micro, which has been monitoring the cyberespionage campaign since early 2022. "One of the threat actor's favorite tactics involves using its malicious a...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Or so says opsec firm, which confirms 70% of all industrial org ransomware in 2023 targeted manufacturers
Analysis Cybercriminals follow the money, and increasingly last year that led them to ransomware attacks against the manufacturing industry. Operational technology security firm Dragos, in its 2023 year-in-review report [PDF], found 70 percent of all industrial org ransomware infections hit manufacturing companies. Specifically: 638 entities across 33 unique manufacturing subsectors fell victim to ransomware last year. "Sure, we're seeing [attacks against] oil and gas and electric, but man...