Unit 42 researchers detail how attacks against the newly patched Oracle Weblogic vulnerability may increase based on details of the vulnerability and analysis of activity seen to date. Research also shows how attackers are using the vulnerability to plant XMRig cryptominer on vulnerable systems.
Unit 42 releases new details on two vulnerabilities in Social Warfare (CVE-2019-9978). Both vulnerabilities are present in all versions of Social Warfare prior to 3.5.3: an estimated 42,000 websites are potentially vulnerable. Unit 42 researchers found five compromised sites actively used for hosting malicious exploit code, which allows the attackers to control more websites. In this blog post we provide new details on the root cause of the vulnerabilities, proof of concept code (PoC) to demonstrate the vulnerability, and information on attacks we observed in the wild as well as the scope of vulnerable sites.
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.