CyberSecurityBoard
Sponsor Register Login

Oracle EBS Attack Victims More Numerous Than Expected

Oracle E-Business Suite (EBS) vulnerabilities have led to a surge in cyberattacks, with victims far exceeding initial estimates. This article delves into the recent findings that reveal a broader impact of these attacks on organizations using Oracle EBS. The vulnerabilities exploited allow attackers to gain unauthorized access, potentially leading to data breaches and operational disruptions. Cybersecurity experts emphasize the importance of timely patching and robust monitoring to mitigate risks. The article also highlights the tactics, techniques, and procedures (TTPs) employed by threat actors targeting Oracle EBS environments, underscoring the need for enhanced security measures. Organizations are urged to conduct comprehensive security assessments and adopt best practices to safeguard their critical enterprise applications from evolving threats. This detailed analysis serves as a crucial resource for cybersecurity professionals aiming to understand and counteract the growing threat landscape surrounding Oracle EBS.

This Cyber News was published on www.darkreading.com. Publication date: Tue, 28 Oct 2025 20:20:04 +0000


Cyber News related to Oracle EBS Attack Victims More Numerous Than Expected

CVE-2019-5303 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
2 years ago
CVE-2019-5302 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
2 years ago
Oracle EBS Attack Victims More Numerous Than Expected - Oracle E-Business Suite (EBS) vulnerabilities have led to a surge in cyberattacks, with victims far exceeding initial estimates. This article delves into the recent findings that reveal a broader impact of these attacks on organizations using Oracle ...
2 months ago Darkreading.com CVE-2023-21839 CVE-2023-21840
CVE-2016-0635 - Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, ...
6 years ago
NCSC Urges Patch for Critical Oracle E-Business Suite Flaw - The UK's National Cyber Security Centre (NCSC) has issued an urgent advisory to patch a critical vulnerability in Oracle E-Business Suite (EBS). This flaw, identified as CVE-2023-21839, allows remote attackers to execute arbitrary code, posing a ...
2 months ago Infosecurity-magazine.com CVE-2023-21839
Hackers exploit flaws in Oracle EBS to steal data - Recent cyberattacks have exploited critical vulnerabilities in Oracle E-Business Suite (EBS), allowing hackers to steal sensitive data. Oracle EBS, widely used by enterprises for business process management, has been targeted due to flaws that enable ...
2 months ago Infosecurity-magazine.com CVE-2023-21839 CVE-2023-21840
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
2 years ago Securityweek.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com
Oracle patches EBS zero-day exploited in Clop data theft attacks - Oracle has released critical security patches addressing a zero-day vulnerability in its E-Business Suite (EBS) software, which has been actively exploited by the Clop ransomware group. This vulnerability allowed attackers to gain unauthorized access ...
2 months ago Bleepingcomputer.com CVE-2023-21839 Clop
Vulnerability Summary for the Week of January 15, 2024 - This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. Successful attacks require human interaction from a ...
1 year ago Cisa.gov
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
2 years ago Securityweek.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
The Top 5 Ransomware Takedowns - Learn about the recent achievements in the fight against ransomware as law enforcement agencies and cybersecurity organizations successfully disrupt operations, seize infrastructure, and safeguard victims from further attacks. Trigona ransomware, a ...
2 years ago Securityboulevard.com Trigona Ragnar Locker
CVE-2017-9278 - The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables. ...
6 years ago
Oracle says "obsolete servers" hacked, denies cloud breach - BleepingComputer has also separately confirmed with multiple Oracle customers that samples of the leaked data (including associated LDAP display names, email addresses, given names, and other identifying information) received from the threat actor ...
8 months ago Bleepingcomputer.com
Oracle privately confirms Cloud breach to customers - This comes after a threat actor (known as rose87168) put up for sale 6 million data records on BreachForums on March 20 and released multiple text files containing a sample database, LDAP information, and a list of the companies as proof that the ...
8 months ago Bleepingcomputer.com
Oracle privately confirms Cloud breach to customers - This comes after a threat actor (known as rose87168) put up for sale 6 million data records on BreachForums on March 20 and released multiple text files containing a sample database, LDAP information, and a list of the companies as proof that the ...
8 months ago Bleepingcomputer.com
Oracle Health breach compromises patient data at US hospitals - In a notice sent to impacted customers and seen by BleepingComputer, Oracle Health said it became aware of a breach of legacy Cerner data migration servers on February 20, 2025. Oracle Health has not yet publicly disclosed the incident, but in ...
9 months ago Bleepingcomputer.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
1 year ago Americansecuritytoday.com LockBit
20 Best Remote Monitoring Tools - 2025 - What is Good ?What Could Be Better ?Strong abilities to keep an eye on devices and systems.Some parts may take time to figure out.It gives you tools for remote control and troubleshooting.There could be more ways to change things.Lets you automate ...
8 months ago Cybersecuritynews.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
2 years ago Securityweek.com
Vulnerability Summary for the Week of February 12, 2024 - Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise ...
1 year ago Cisa.gov
CVE-2020-9069 - There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: ...
4 years ago
Cyber scam call center slavery expands beyond southeast Asia The Register - Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated. Interpol revealed this week that an ongoing investigation has discovered evidence of abuse emanating ...
2 years ago Go.theregister.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)