CVE-2019-2725 Exploited and Certificate Files Used for Obfuscation to Deliver Monero Miner

by Mark Vicente, Johnlery Triunfante, and Byron Gelera In April 2019, a security advisory was released for CVE-2019-2725 , a deserialization vulnerability involving the widely used Oracle WebLogic Server. Soon after the advisory was published, reports emerged on the SANS ISC InfoSec forums that the vulnerability was already being actively exploited to install cryptocurrency miners.

Source: CVE-2019-2725 Exploited and Certificate Files Used for Obfuscation to Deliver Monero Miner

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s