- In late March, cybersecurity firm CybelAngel also revealed that Oracle told customers that an attacker deployed a web shell and additional malware on some of its Gen 1 (also known as Oracle Cloud Classic) servers as early as January 2025.
- Until the breach was detected in late February, the attacker allegedly stole data from the Oracle Identity Manager (IDM) database, which included hashed passwords, usernames, and user emails.
CISA warns of increased breach risks following Oracle Cloud leak
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks.
The U.S. cybersecurity agency also released guidance to mitigate the risks linked to the resulting credential leak, urging network defenders to reset affected users' passwords, replace hardcoded or embedded credentials with secure authentication methods, enforce phishing-resistant multi-factor authentication (MFA) wherever possible, and monitor authentication logs for suspicious activity.
This warning comes after Oracle confirmed in email notifications sent to customers that a threat actor leaked credentials stolen from what the company described as "two obsolete servers."
However, Oracle added that its Oracle Cloud servers were not compromised, and the incident didn't impact its cloud services or customer data.
- Oracle also privately acknowledged in calls with some of its clients that attackers stole old client credentials after breaching a "legacy environment" last used in 2017.
- However, the hacker behind the breach posted newer records from 2025 on BreachForums and shared data with BleepingComputer from the end of 2024.
Last month, BleepingComputer first reported that Oracle also issued private customer notifications regarding another January breach at Oracle Health (a SaaS company previously known as Cerner) that impacted patient data at multiple U.S. healthcare organizations and hospitals.
Get this open-box Microsoft Surface SE laptop for just $189.99 in this deal
If you're in the market for a simple, reliable laptop for schoolwork, browsing, or everyday tasks, this deal might be right up your alley. Right now, you can grab an open-box Microsoft Surface SE laptop for just $189.99—marked down from its original price of $378.99.
- April 17, 2025
- 07:05 AM
0
New Windows Server emergency updates fix container launch issue
Microsoft has released emergency Windows Server updates to address a known issue preventing Windows containers from launching.
- April 17, 2025
- 06:36 AM
- 0
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability.
- April 17, 2025
- 04:54 AM
- 0
Over 16,000 Fortinet devices compromised with symlink backdoor
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.
- April 16, 2025
- 04:47 PM
- 0
Google blocked over 5 billion ads in 2024 amid rise in AI-powered scams
Google blocked 5.1 billion ads and suspended more than 39.2 million advertiser accounts in 2024, according to its 2024 Ads Safety Report released this week.
- April 16, 2025
- 03:16 PM
- 2
Eliminate PDFs frustrations with this PDF software deal
Rather than pay recurring fees for a PDF management suite, you could pay a one-time fee for UPDF and gain access to every tool you need to edit, convert, organize, and secure your PDFs. Grab lifetime access for only $47.97 (reg. $149) through April 27.
- April 16, 2025
- 02:07 PM
- 0
Apple fixes two zero-days exploited in targeted iPhone attacks
Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones.
- April 16, 2025
- 02:06 PM
- 0
Google begins unifying search country domains to Google.com
Google has announced that it's retiring separate country code top-level domain names like google.co.uk or google.com.br and redirecting users to Google.com.
- April 16, 2025
- 10:47 AM
- 1
Jira Down: Atlassian users experiencing degraded performance
Atlassian users are experiencing degraded performance amid an 'active incident' affecting multiple Jira products since morning hours today. Jira, Jira Service Management, Jira Work Management and Jira Product Discovery are among the impacted products.
- April 16, 2025
- 10:38 AM
- 0
41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That
Your dashboards say you're secure—but 41% of threats still get through. Picus Security's Adversarial Exposure Validation uncovers what your stack is missing with continuous attack simulations and automated pentesting.
- April 16, 2025
- 10:02 AM
- 0
CISA extends funding to ensure 'no lapse in critical CVE services'
CISA says the U.S. government has extended MITRE's funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.
- April 16, 2025
- 09:05 AM
- 0
Microsoft warns of blue screen crashes caused by April updates
Microsoft warned customers this week that their systems might crash with a blue screen error caused by a secure kernel fatal error after installing Windows updates released since March.
- April 16, 2025
- 07:21 AM
- 2
.webp?w=1600&resize=1600,900&ssl=1)
No comments:
Post a Comment