Follow Us on Google News
The Pakistan Telecommunication Authority (PTA) has issued a security warning concerning a vulnerability currently being exploited in Oracle WebLogic Server.
The US Cybersecurity and Infrastructure Security Agency (CISA) recently pointed out that cybercriminals are taking advantage of a severe OS command injection weakness, identified as CVE-2017-3506. This flaw allows malicious actors to execute arbitrary code by submitting harmful HTTP requests with specially crafted XML files.
With a CVSS rating of 7.4, this vulnerability has previously been leveraged by the cryptojacking group 8220 Gang to establish botnets for digital currency mining.
The notification specifies that multiple versions of Oracle WebLogic Server, such as 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1, and 12.2.1.2, are vulnerable to this defect. Labeled as a Remote Code Execution (RCE) threat, it enables attackers to potentially breach systems from a distance. This critical advisory highlights the need for organizations utilizing WebLogic Server to enhance their cybersecurity defenses.
PTA urges users of affected Oracle WebLogic Server versions to quickly apply the most recent patches and updates to secure their networks. Other recommendations include keeping an eye on systems for abnormal activity, which may suggest an effort to exploit the flaw. PTA also emphasizes the need for enabling multi-factor authentication (MFA) to boost login security and reduce the chances of unauthorized access.
The advisory further proposes implementing network segmentation to contain and isolate potential threats, limiting their effects on vital systems. Organizations are also advised to adopt a proactive patch management approach to ensure timely deployment of security fixes across all systems and software.
LAHORE: The Punjab government on Friday lifted the time restrictions on markets, shopping malls,...
The buying rate of the UAE Dirham in Pakistan today, December 7, 2024, increased...
Pakistan International Airlines (PIA) announced on Friday that it will restart flights to Europe...