Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks
securityweek
The recent data theft and extortion campaign targeting Oracle E-Business Suite customers has been confirmed to be the work of the notorious Cl0p ransomware group, and Oracle has admitted that the hackers have exploited a zero-day vulnerability.
The attacks targeting Oracle E-Business Suite (EBS) customers came to light last week, when Google Threat Intelligence Group (GTIG) and Mandiant warned that executives at many organizations using the enterprise resource planning product received extortion emails.
The emails, apparently coming from the Cl0p group, informed recipients that sensitive data had been stolen from their Oracle EBS instance and urged them to get in touch with the cybercriminals.
GTIG and Mandiant researchers, who found that the emails were coming from compromised accounts previously associated with the FIN11 cybercrime group, initially could not confirm that Cl0p was behind the attacks. However, the researchers have now confirmed that Cl0p is indeed responsible.
This is not surprising ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE