Oracle WebLogic Servers to be Under Attack

Attack begun shortly after the PoC-codes publication 
26 July 2018   1903

Information security specialists from Qihoo 360 Netlab reported that Oracle WebLogic servers were attacked by cybercriminals. It is known that the purpose of attacks were systems that did not have a recently released patch fixing the critical vulnerability of CVE-2018-2893.

The CVE-2018-2893 vulnerability is a flaw in the Oracle WebLogic software component that allows a hacker to subordinate a server and execute arbitrary code, and he does not need to know the password from the device to perform all actions.

On July 18, 2018, Oracle published an update that addresses a number of vulnerabilities. But after three days several PoC-codes got into the web, two of which are still on the Internet. After the spread of information about the existence of exploits, on July 21, the first attacks began.

Experts believe that there are at least two groups of hackers who may have managed to automate their actions to exploit vulnerabilities for their own purposes.

The vulnerability was found in the versions of Oracle WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Employees of the company recommend to the owners of servers for security to quickly install an update released in July 2018, which closes security holes in Java SE, VirtualBox, MySQL and other tools.

Zabbix 4.4 to be Rolled Out

Monitoring system consists of 3 components - server, "agents" (monitor software tools) and frontend
14 October 2019   50

After 6 months of development, a new version of the Zabbix 4.4 monitoring system is available, the code of which is distributed under the GPLv2 license. Zabbix consists of three basic components: a server for coordinating checks, generating test requests and collecting statistics; agents for performing checks on the side of external hosts; frontend for organizing system management.

To relieve the load from the central server and form a distributed monitoring network, a series of proxy servers can be deployed that aggregate data about the verification of the host group. Data can be stored in MySQL, PostgreSQL, TimescaleDB, DB2, and Oracle. Without agents, the Zabbix server can receive data using protocols such as SNMP, IPMI, JMX, SSH / Telnet, ODBC, and test the availability of Web applications and virtualization systems.

Get some more info at the official website.