Oracle WebLogic Servers to be Under Attack

Attack begun shortly after the PoC-codes publication 
26 July 2018   1409

Information security specialists from Qihoo 360 Netlab reported that Oracle WebLogic servers were attacked by cybercriminals. It is known that the purpose of attacks were systems that did not have a recently released patch fixing the critical vulnerability of CVE-2018-2893.

The CVE-2018-2893 vulnerability is a flaw in the Oracle WebLogic software component that allows a hacker to subordinate a server and execute arbitrary code, and he does not need to know the password from the device to perform all actions.

On July 18, 2018, Oracle published an update that addresses a number of vulnerabilities. But after three days several PoC-codes got into the web, two of which are still on the Internet. After the spread of information about the existence of exploits, on July 21, the first attacks began.

Experts believe that there are at least two groups of hackers who may have managed to automate their actions to exploit vulnerabilities for their own purposes.

The vulnerability was found in the versions of Oracle WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Employees of the company recommend to the owners of servers for security to quickly install an update released in July 2018, which closes security holes in Java SE, VirtualBox, MySQL and other tools.

Bisq Decentelized Exchange v. 1.0 Released

According to GitHib repository, it is written in Java programming language
16 April 2019   290

The developers of Bisq presented a new version of the decentralized exchange (v1.0).

The project repository on GitHub notes that version 1.0 is the most important milestone in the development of the Bisq platform.

Thus, the new version of the software implements a decentralized autonomous organization mechanism (Bisq DAO). It allows exchange users to directly participate in project management.

For example, those who contribute to the development of Bisq may receive rewards in BSQ tokens. Also, the use of these assets can reduce trade commissions by 90%.

Among other changes - bug fixes, minor improvements to the user interface.