Oracle is making Microsoft look good
If you haven't patched WebLogic server console flaws in the last eight days 'assume it has been compromised'
Last week Oracle released one of its mammoth quarterly patch dumps - with 402 fixes. Well, it turns out that if you missed one and you're running WebLogic 10.3.6.0.0, 22.214.171.124.0, 126.96.36.199.0, 188.8.131.52.0 and 184.108.40.206.0, you've probably already been tagged by hackers. On Thursday Johannes Ullrich, Dean of Research at the SANS …
Friday 30th October 2020 00:36 GMT Anonymous Coward
White hats need to look out as well...
> "At this point, we are seeing the scans slow down a bit," he explained. But they have reached "saturation," meaning that all IPv4 addresses have been scanned for this vulnerability. If you find a vulnerable server in your network: Assume it has been compromised."
And the corollary is: if you are a hacker and you find a new server that is vulnerable then it's likely a honeypot.
Friday 30th October 2020 00:45 GMT Anonymous Coward
Friday 30th October 2020 08:54 GMT Anonymous Coward
Is that still a thing? Does anyone really still use it? I remember a long time ago when EJB briefly ruled corporate IT - WebLogic was expensive, bloated, buggy, slow and pointless, but people used it because it was a tiny bit better than IBM’s grim bundle of failure, WebSphere.
Has anything changed?
Friday 30th October 2020 11:02 GMT snellasaurus
Friday 30th October 2020 15:00 GMT JoshOvki