Following the recent release of proof-of-concept code to exploit CVE-2020-14882, several opportunistic threat actors are attempting to use the exploit to gain a foothold on vulnerable Oracle WebLogic devices and drop Colbalt Stike Beacon. Cobalt Strike is a powerful post-compromise tool that is commercially available to legitimate security teams and service providers engaged in attacker simulation efforts, but unlicensed versions of Cobalt Strike are also used extensively by actual threat actors to achieve domain control and distribute ransomware. If Cobalt Strike software is used against a company that has not commissioned a red team engagement, the likelihood of ransomware being dropped increases dramatically. Oracle urges organizations to patch as soon as possible to mitigate risk.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security