Tag: oracle
-
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise…
-
PoC Released for Remotely Exploitable Oracle E-Business Suite 0-Day
Tags: business, cyber, cybersecurity, detection, hacker, oracle, remote-code-execution, threat, vulnerability, zero-dayOracle has issued an urgent security alert for a critical zero-day vulnerability affecting Oracle E-Business Suite that allows remote code execution without authentication. The vulnerability, tracked as CVE-2025-61882, has now received public proof-of-concept detection capabilities from cybersecurity researcher rxerium. Illustration showing a hacker and icons representing cyber threats with a caption about the $10.5 trillion economic…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
Oracle patches EBS zero-day exploited in Clop data theft attacks
Tags: attack, business, data, exploit, flaw, oracle, remote-code-execution, theft, vulnerability, zero-dayOracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/
-
Cybervorfälle: Asahi, Bonify, Renault Dacia, Oracle, Salesforce
Ich fasse mal einige neue Informationen über Ransomware-Infektionen, Datenlecks bzw. solche Vorfälle zusammen. Der Cyberangriff auf den japanischen Bierbrauer Asahi war Ransomware. Dann sind Daten bei Bonify, Dacia und Renault abgeflossen. Oracle hatte die Clop-Ransomware in den Systemen und eine … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/05/cybervorfaelle-asahi-bonify-renault-dacia-oracle-salesforce/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-flaws-oracle-ebs/
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…
-
Google warns of Cl0p extortion campaign against Oracle E-Business users
Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a suspected Cl0p ransomware group’s activity, where threat actors attempt to extort executives with claims of stealing Oracle E-Business Suite data. >>A group of hackers claimed to…
-
Google warns of Cl0p extortion campaign against Oracle E-Business users
Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a suspected Cl0p ransomware group’s activity, where threat actors attempt to extort executives with claims of stealing Oracle E-Business Suite data. >>A group of hackers claimed to…
-
Cl0p-linked threat actors target Oracle E-Business Suite in extortion campaign
Execs: Don’t ‘engage rashly’: There are no common vulnerabilities and exposures (CVEs) for this attack; the issue “stems from configuration and default business logic abuse rather than a specific vulnerability,” according to Halcyon.The firm advises organizations to check if EBS portals are publicly accessible (via /OA_HTML/AppsLocalLogin.jsp#) and if so, immediately restrict exposure. It is also…
-
Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group
After breaching the security of Oracle’s E-Business Suite, a well-known group of hackers is actively trying to extort execs for millions of dollars. The post Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-e-business-suite-breach-ransom-extortion-clop/
-
Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group
After breaching the security of Oracle’s E-Business Suite, a well-known group of hackers is actively trying to extort execs for millions of dollars. The post Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-e-business-suite-breach-ransom-extortion-clop/
-
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment. First seen on cyberscoop.com Jump to article: cyberscoop.com/extortion-email-clop-oracle-customers/
-
Cybercriminals are trying to extort executives with data allegedly stolen through Oracle tool
Incident responders at Google are warning about an extortion campaign, possibly connected to the Clop gang, that targets executives with data that cybercriminals claim was stolen via an Oracle tool. First seen on therecord.media Jump to article: therecord.media/possible-clop-campaign-extortion-executives-stolen-data
-
Hackers claiming ties to Clop launch wide extortion campaign targeting corporate executives
The email-based campaign purports to have sensitive data from breached Oracle E-Business Suite applications.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-clop-extortion-campaign-executives/801808/
-
Hackers are sending extortion emails to executives after claiming Oracle apps’ data breach
Google says hackers associated with the Clop ransomware gang are emailing executives at multiple organizations claiming to have stolen their personal information from a suite of Oracle E-Business apps. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/02/hackers-are-sending-extortion-emails-to-executives-after-claiming-oracle-apps-data-breach/
-
Google Mandiant: Emails Sent to Corporate Execs Claiming Oracle Data Theft
Corporate executives at multiple organizations are receiving malicious emails from threat actors saying they are associated with the Cl0p ransomware group and have sensitive data a stolen from the targets’ Oracle E-Business Suite accounts. Google and Mandiant researchers are investigating, saying that it’s too early to attribute the emails to a particular bad actor. First…
-
‘High-Volume’ Extortion Campaign Claims Oracle E-Business Data Theft: Mandiant
Mandiant and Google threat researchers are tracking an extortion campaign that involves claims of “sensitive” data theft from Oracle E-Business Suite customers, the researchers disclosed. First seen on crn.com Jump to article: www.crn.com/news/security/2025/high-volume-extortion-campaign-claims-oracle-e-business-data-theft-mandiant
-
Extortionists Claim Mass Oracle E-Business Suite Data Theft
Executives Receiving Ransom Demands of Up to $50 Million, Warns Ransomware Expert. Extortionists are shaking down executives at organizations that use Oracle E-Business Suite, claiming to have stolen their sensitive data and demanding ransoms of up to $50 million, multiple cybersecurity firms are warning. The criminals claim to be associated with the Clop ransomware group.…
-
Clop-linked crims shake down Oracle execs with data theft claims
Extortion emails name-drop Big Red’s E-Business Suite, though Google and Mandiant yet to find proof of any breach First seen on theregister.com Jump to article: www.theregister.com/2025/10/02/clop_oracle_extortion/
-
Vectra AI Snaps Up Netography to Fortify Multi-Cloud Muscle
Acquisition Provides Enhanced Visibility Into Cloud Logs From AWS, Azure, GCP, OCI. Vectra AI’s acquisition of Netography boosts its ability to deliver real-time visibility and detection in multi-cloud environments. The deal enables deeper visibility into flow logs across AWS, Azure, Google Cloud and Oracle, helping enterprises detect threats before and during attacks. First seen on…
-
Clop-linked crims shake down Oracle execs with data theft claims
Extortion emails name-drop Big Red’s E-Business Suite, though Google and Mandiant yet to find proof of any breach First seen on theregister.com Jump to article: www.theregister.com/2025/10/02/clop_oracle_extortion/
-
Oracle customers targeted with emails claiming E-Business Suite breach, data theft
Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/02/oracle-ebs-data-theft-extortion/