Tag: business
-
FBI, UK Gov’t urge orgs to patch Oracle E-Business vuln after alleged Clop campaign
FBI Assistant Director Brett Leatherman said “this is ‘stop-what-you’re-doing and patch immediately’ vulnerability.” First seen on therecord.media Jump to article: therecord.media/fbi-uk-urge-orgs-to-patch-after-clop-campaign
-
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/clop-ransomware-oracle-customers-zero-day-flaw
-
Cl0p nutzt Schwachstelle bei Oracle aus
Tags: authentication, breach, bug, business, cve, cvss, cyberattack, exploit, linkedin, mail, mandiant, oracle, update, vulnerability, zero-dayDie Cl0p-Bande nutzt Zero-Day-Schwachstelle bei Oracle für Cyberattacken aus.Oracle hat ein Notfall-Update veröffentlicht, um eine kritische Sicherheitslücke in seiner E-Business Suite (EBS) zu beheben. Das Leck mit Kennung CVE-2025-61882 hat einen CVSS-Score von 9,8 und wurde bereits bei der jüngsten Welle von Cl0p zum Diebstahl von Daten ausgenutzt.Die Sicherheitslücke betrifft einen nicht näher bezeichneten Fehler,…
-
CVE-2025-61882 Mass Exploitation, Oracle E-Business Suite (EBS) Under Attack by Cl0p Ransomware
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2025-61882-mass-exploitation-oracle-e-business-suite-ebs-under-attack-by-cl0p-ransomware
-
Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day
Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/extortion-campaign-oracle-e-business-suite-zero-day/802123/
-
What to Look for in a Fractional CISO
A Proven Fractional CISO Can Help Close Leadership Gaps and Strengthen Resilience Hiring a fractional CISO gives your business the executive security leadership it needs – without the full-time cost. But not all providers are equal. Knowing how to evaluate talent, provider stability and delivery is key to ensuring lasting value, trust and resilience. First…
-
Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch
Oracle is linking a recent data extortion campaign targeting E-Business Suite customers to a zero-day vulnerability, with fixes released to address the critical-severity flaw, in contrast to its previous contention that the attacks resulted from unpatched known vulnerabilities. First seen on crn.com Jump to article: www.crn.com/news/security/2025/oracle-now-says-critical-zero-day-flaw-behind-data-extortion-attacks-releases-patch
-
Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers
Oracle fixed a critical flaw (CVE-2025-61882, CVSS 9.8) in E-Business Suite that is actively exploited by Cl0p cybercrime group. Oracle released an emergency patch to address a critical vulnerability, tracked as CVE-2025-61882 (CVSS 9.8) in its E-Business Suite. >>Updated [10/04/2025]: Oracle has issued Oracle Security Alert Advisory CVE-2025-61882 to provide updates against additional potential exploitation that were discovered during our investigation.
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Cyberbedrohungslage für KMUs spitzt sich zu
Tags: ai, business, cisco, cyberattack, cyersecurity, extortion, germany, infrastructure, leak, phishing, ransomware, risk, vulnerabilityKMUs sind häufig Ziel von Ransomware-Angriffen.Laut der Transferstelle Cybersicherheit im Mittelstand haben sich Cyberangriffe auf deutsche Unternehmen, die auf Leak-Seiten veröffentlicht wurden, zwischen den Jahren 2021 bis 2024 mehr als vervierfacht. Damit ist Deutschland trauriger Spitzenreiter, gefolgt von Italien, Frankreich und Spanien.Auch die Zahlen des Bundeskriminalamts (BKA) bestätigen diese Entwicklung. Der polizeilichen Kriminalstatistik von 2024…
-
Clop crew hits Oracle E-Business Suite users with fresh zero-day
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion First seen on theregister.com Jump to article: www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise…
-
PoC Released for Remotely Exploitable Oracle E-Business Suite 0-Day
Tags: business, cyber, cybersecurity, detection, hacker, oracle, remote-code-execution, threat, vulnerability, zero-dayOracle has issued an urgent security alert for a critical zero-day vulnerability affecting Oracle E-Business Suite that allows remote code execution without authentication. The vulnerability, tracked as CVE-2025-61882, has now received public proof-of-concept detection capabilities from cybersecurity researcher rxerium. Illustration showing a hacker and icons representing cyber threats with a caption about the $10.5 trillion economic…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
Oracle patches EBS zero-day exploited in Clop data theft attacks
Tags: attack, business, data, exploit, flaw, oracle, remote-code-execution, theft, vulnerability, zero-dayOracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/
-
The Guardian view on the Jaguar Land Rover cyber-attack: ministers must pay more attention to this growing risk | Editorial
Tags: attack, business, computer, conference, cyber, cybercrime, finance, government, risk, supply-chain, threatCybercriminals pose a seismic and increasingly sophisticated threat to businesses and national security. Yet Britain seems remarkably ill-preparedThe cause isn’t clear, but the impact has already been devastating. More than a month has passed since Jaguar Land Rover (JLR) was targeted in a cyber-attack that forced the car manufacturer to turn off computers and shut…
-
Does Your NHI Strategy Deliver Value?
What Makes NHI Management a Must-Have for Your Business? Have you ever wondered how machine identities are reshaping cybersecurity frameworks? Non-human identities (NHIs), composed of machine identities, are increasingly pivotal. These machine identities, often unseen yet omnipresent, require a robust strategy to ensure security and efficiency. Let’s explore why a well-formulated NHI strategy is essential……
-
The Role of Cybersecurity in Effective Business Continuity Planning
Business continuity integrates both people and technology to help organizations anticipate, manage, and recover from disruptions to regular business operations. While business continuity planning includes disaster recovery”, the process of restoring IT services after an unexpected outage”, its scope extends beyond that. The primary objective of a business continuity strategy is to ensure that the…
-
The Role of Cybersecurity in Effective Business Continuity Planning
Business continuity integrates both people and technology to help organizations anticipate, manage, and recover from disruptions to regular business operations. While business continuity planning includes disaster recovery”, the process of restoring IT services after an unexpected outage”, its scope extends beyond that. The primary objective of a business continuity strategy is to ensure that the…
-
Scaling NHIs in Fast-Growing Industries
How Can Organizations Effectively Leverage Scalable NHIs for Business Growth? Digital presents a myriad of challenges for businesses striving to maintain robust cloud security while fostering continued growth. Organizations frequently face the daunting task of securing machine identities, which are often more complex and numerous than their human counterparts. This brings us to a crucial……
-
Scaling NHIs in Fast-Growing Industries
How Can Organizations Effectively Leverage Scalable NHIs for Business Growth? Digital presents a myriad of challenges for businesses striving to maintain robust cloud security while fostering continued growth. Organizations frequently face the daunting task of securing machine identities, which are often more complex and numerous than their human counterparts. This brings us to a crucial……
-
Scaling NHIs in Fast-Growing Industries
How Can Organizations Effectively Leverage Scalable NHIs for Business Growth? Digital presents a myriad of challenges for businesses striving to maintain robust cloud security while fostering continued growth. Organizations frequently face the daunting task of securing machine identities, which are often more complex and numerous than their human counterparts. This brings us to a crucial……
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/