logo
  • About
  • Contact
  • Instant Response
  • Hall of fame
  • COVID-19

Categories

  • Alerts and warnings
  • BU Safe
  • Hit by ransomware?
  • Incident handling
  • News

Noticed a problem?

Report an Incident
–or–

Recent Posts

  • Researcher Publishes PoC Exploit for Privilege Escalation Flaw (CVE-2023-0179) in Linux Kernel
  • ProxyNotShell, OWASSRF, TabShell: Patch Your Microsoft Exchange Servers Now
  • Vulnerability Summary for the Week of January 23, 2023
  • What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
  • New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

Video

https://www.youtube.com/watch?v=wMsHDH67eb4

RSS NVD Data Feed

  • CVE-2018-25078 (man-db) 26 January 2023
  • CVE-2018-25073 (tsn-ranksystem) 11 January 2023
  • CVE-2019-20627 (autoupdater.net) 23 March 2020
  • CVE-2019-19034 (manageengine_assetexplorer) 23 March 2020
  • CVE-2019-15510 (manageengine_desktop_central) 23 March 2020

RSS CERT-EU News Feed

Information

  • Privacy & Cookies Policy

Zero-day attackers deliver a double dose of ransomware—no clicking required

Posted on 30 April 2019

From arstechnica.com

Screenshot of ransomware warning.

Attackers have been actively exploiting a critical zero-day vulnerability in the widely used Oracle WebLogic server to install ransomware, with no clicking or other interaction necessary on the part of end users, researchers from Cisco Talos said on Tuesday.

Read more…

Posted in News

Post navigation

Previous post: Data: E-Retail Hacks More Lucrative Than Ever
Next post: GitHub-Hosted Malware Targets Accountants With Ransomware
BU CERT
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie
Mellon University

Other CERTs

  • National Cyber Security Centre
  • US-CERT
  • FORTHcert
Proudly powered by WordPress | Theme: bu-cert by Nan Jiang.