A botnet called DarkIRC is targeting severe remote execution vulnerability in Oracle WebLogic that was patched last month. The web logic flaw tracked as CVE-2020-14882 is a remote code execution vulnerability that can be exploited over a network and does not require a username or password.
Juniper Threat Labs’ security researchers say there are around 3,100 Oracle WebLogic servers that can be accessed on the Internet.
Read More: IoT is Emerging Increasingly – Connections Will Touch 83 Billion by 2024
In addition to the DarkIRC malware, security researchers at Juniper Threat Labs are also tracking four other malware variants – Cobalt Strike, Perlbot, Meterpreter, and Mirai – that are trying to take advantage of the WebLogic vulnerability.
Source: securityweek