#oracle-e-business-suite

[ follow ]
#cve-2025-61882 #clop #cl0p #data-breach #extortion #ransomware #cve-2025-61884 #zero-day-exploitation #zero-day
#clop-ransomware
fromTheregister
5 days ago
Information security

Washington Post admits Clop crew lifted bank and SSN data

Nearly 10,000 employees and contractors had sensitive personal data stolen in Clop-linked attacks exploiting a previously unknown Oracle E-Business Suite vulnerability.
fromTheregister
1 month ago
Information security

Oracle tells Clop-targeted EBS users to apply July patch

Oracle E-Business Suite users are being targeted by Clop-linked extortionists exploiting vulnerabilities patched in July; organizations must apply the Critical Patch Update and secure local accounts.
more#clop-ransomware
Information security
fromTheregister
1 week ago

Hitachi-owned GlobalLogic admits data stolen by Clop

GlobalLogic confirmed exposure of personal data for 10,471 people after Oracle E-Business Suite vulnerabilities (CVE-2025-61882, CVE-2025-61884) were exploited in a Clop-linked campaign.
#clop
fromTechCrunch
1 month ago
Information security

Hackers are sending extortion emails to executives after claiming Oracle apps' data breach | TechCrunch

fromTechCrunch
1 month ago
Information security

Hackers are sending extortion emails to executives after claiming Oracle apps' data breach | TechCrunch

more#clop
Information security
fromSecuritymagazine
3 weeks ago

Security Leaders Discuss Cyberattack on American Airlines Subsidiary

Envoy Air suffered a cyberattack tied to an Oracle E-Business Suite campaign; customer data appears unaffected, but some business contact information may have been compromised.
#cve-2025-61884
more#cve-2025-61884
fromTheregister
1 month ago

Envoy caught in Clop's Oracle EBS raid

We are aware of the incident involving Envoy's Oracle E-Business Suite application,
Information security
#cl0p
more#cl0p
#cve-2025-61882
more#cve-2025-61882
fromIT Pro
1 month ago

Oracle patches EBS amid extortion attacks

And over the weekend, exploit code for the recently patched flaw was made public, making it even easier for other attackers to make use of it. "It's likely that almost no one patched over the weekend," noted Jake Knott, principal security researcher at watchTowr. "So we're waking up to a critical vulnerability with public exploit code and unpatched systems everywhere. Based on the evidence, we believe this is Cl0p activity, and we fully expect to see mass, indiscriminate exploitation from multiple groups within days."
Information security
fromTechCrunch
1 month ago

Clop hackers caught exploiting Oracle zero-day bug to steal executives' personal data | TechCrunch

The security advisory said the bug, tracked officially as CVE-2025-61882, can be "exploited over a network without the need for a username and password." The advisory provided several so-called indicators of compromise to help Oracle customers identify evidence of hackers on their systems, suggesting that hackers are currently exploiting the vulnerability to steal customers' sensitive data. Oracle says thousands of organizations around the world use its E-Business Suite to run their companies, including storing their customer data and their employee's human resources files.
Information security
Information security
fromSecurityWeek
1 month ago

Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks

Extortion emails targeting Oracle E-Business Suite customers indicate possible exploitation of vulnerabilities fixed in Oracle's July 2025 Critical Patch Update; Cl0p and FIN11 links suspected.
#extortion
fromIT Pro
1 month ago
Information security

Google warns executives are being targeted for extortion with leaked Oracle data

fromIT Pro
1 month ago
Information security

Google warns executives are being targeted for extortion with leaked Oracle data

more#extortion
[ Load more ]