No let-up in outrage against Pakistan a week after Pahalgam terrorist attack
Section: News
Increased Cyberattacks Target Adobe ColdFusion and Oracle Agile PLM
Tue 25th Feb, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding ongoing cyberattacks exploiting vulnerabilities in Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) systems.
CISA's alert highlights several security flaws, some of which are longstanding, that attackers are currently leveraging. One significant issue identified in Adobe ColdFusion involves the Apache BlazeDS library, where a critical Java deserialization vulnerability (CVE-2017-3066) has been identified. Although Adobe has issued a hotfix for this vulnerability back in April 2017 for versions 10, 11, and 2016, the agency has noted that no further details or a Common Vulnerability Scoring System (CVSS) rating have been provided by Adobe.
On the other hand, the vulnerability affecting Oracle Agile PLM has been known for over a year now. CISA describes this particular flaw as a deserialization vulnerability that can be exploited remotely. Attackers can gain full control over an Oracle Agile PLM instance (CVE-2024-20953) with just HTTP access and minimal permissions, resulting in a high-risk scenario with a CVSS score of 8.8.
While CISA has not elaborated on the specifics of how these attacks are being conducted or the extent of their impact, it emphasizes the urgency for IT administrators to implement the necessary updates without delay.
The warning comes on the heels of recent alerts from CISA regarding ongoing attacks against other platforms, including Palo Alto Networks' PAN-OS and Craft CMS. The vulnerabilities in these systems were notably newer, suggesting a critical need for administrators to stay vigilant and apply updates promptly to safeguard networks against potential breaches.
In light of these developments, organizations utilizing Adobe ColdFusion and Oracle Agile PLM are strongly encouraged to review their systems for the mentioned vulnerabilities and apply the necessary patches as soon as possible to mitigate potential threats.
Inside the Conclave: 10 Fascinating Facts About the Secretive Process to Elect a New Pope
Section: Politics
Public vs Private Health Insurance in Germany: What Young Foreign Professionals Need to Know
Section: Health Insurance
Study Finds Significant Eating Disorder Prevalence Among Boys and Men
Section: Health
Practical Strategies for Avoiding Mosquito Bites
Section: Health
Upcoming Conclave: Catholic Laity Advocates for Continued Reform
Section: Politics
Hannover Residents Face Dramatic Increase in Property Costs
Section: News
Increased Flight Incidents in Germany: A Rise in Accidents but Fewer Fatalities
Section: Business
Europe Launches Atomic Clocks to Test Einstein's Theories in Space
Section: Science
Ukraine Targets Outdated Military Equipment in Ongoing Conflict
Section: Politics
German Private Health Insurance
Health Insurance in Germany is compulsory and sometimes complicated, not to mention expensive. As an expat, you are required to navigate this landscape within weeks of arriving, so check our FAQ on PKV. For our guide on resources and access to agents who can give you a competitive quote, try our PKV Cost comparison tool.
Hospital and Clinic Directory
Germany is famous for its medical expertise and extensive number of hospitals and clinics. See this comprehensive directory of hospitals and clinics across the country, complete with links to their websites, addresses, contact info, and specializations/services.
Upcoming Events
Kultur in Emmaus - Jazz im Atrium
Join us for an exciting evening of jazz at the EMMAUSKIRCHE on Sunday, May 25, 2025, from 19:00 to 20:30. Experience fresh sounds from the talented young jazz quintet led by Anton Sigling from Harlaching. This group features award-winning musicians from the Federal Competition 'Jugend jazzt' and...
No comments yet. Be the first to comment!