Following the recent release of proof-of-concept code to exploit CVE-2020-14882, several opportunistic threat actors are attempting to use the exploit to gain a foothold on vulnerable Oracle WebLogic devices and drop Colbalt Stike Beacon. Cobalt Strike is a powerful post-compromise tool that is commercially available to legitimate security teams and service providers engaged in attacker simulation efforts, but unlicensed versions of Cobalt Strike are also used extensively by actual threat actors to achieve domain control and distribute ransomware. If Cobalt Strike software is used against a company that has not commissioned a red team engagement, the likelihood of ransomware being dropped increases dramatically. Oracle urges organizations to patch as soon as possible to mitigate risk.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.