REN-ISAC ADVISORY: Oracle WebLogic Vulnerability Being Exploited by Bitcoin Miners

[Doug Pearson <dodpears () REN-ISAC NET>]

Happy New Year,

REN-ISAC has received widespread reports from university and research
institutions about Oracle WebLogic vulnerabilit(ies) exploited by
attackers to run bitcoin mining malware. The first reported observation
was December 13, 2017; malicious activity continues to this date.

The attached TLP:WHITE (public) Advisory provides details.

We're interested in additional reports and feedback.

Thanks!
Doug Pearson
Technical Director, REN-ISAC
dodpears () ren-isac net
soc () ren-isac net

Attachment: REN-ISAC_ADVISORY_Oracle_WebLogic_Vulnerability_Bitcoin_Miner_Attacks_20180105v1.pdf
Description:

Attachment: signature.asc
Description: OpenPGP digital signature