{"uuid": "75a9c514-9682-4b0c-898d-89274bfeebf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-2725", "type": "exploited", "source": "https://t.me/information_security_channel/28287", "content": "Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Malware Infection Malware exploits CVE-2019-2725 to [\u2026]\nThe post Hackers Exploit Critical Oracle WebLogic Server Vulnerability by Hiding Malware in Certificate Files(.cer) (https://gbhackers.com/oracle-weblogic-server-vulnerability-2/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-06-10T13:48:58.000000Z"}