Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Oracle has warned its corporate customers of a critical vulnerability in its PeopleSoft software, which large companies use to manage payroll and human resources, a day after a cybercrime group took credit for exploiting the flaw as part of a mass hacking campaign.
Company Publish security advice on Thursday after the hacking group ShinyHunters claimed To hack more than 100 organizations Which uses PeopleSoft servers.
Mandiant, the Google-owned security unit that investigates cyberattacks, Beware of blog posts The new Oracle flaw is the same one being exploited by ShinyHunters in a hacking campaign targeting PeopleSoft customers.
Oracle, which has not released a patch for the vulnerability at the time of writing, said in the advisory that the vulnerability can be exploited online without requiring any authentication, such as a password.
The tech giant recommended that customers using PeopleSoft implement its mitigations to prevent exploitation.
On Wednesday, a ShinyHunters member told TechCrunch that the gang harmed companies by exploiting an unpatched flaw in PeopleSoft’s servers. The error is known as a Zero day Because the affected company, in this case Oracle, did not have enough time to fix it before it was discovered and exploited.
Mandiant confirmed that it had also notified more than “100 global organizations”, most of them in the United States, in an attempt to restrict access to their potentially vulnerable systems. About two-thirds of these organizations are in higher education, the cybersecurity group said, which is consistent with what ShinyHunters previously claimed.
“While many organizations were successful in blocking the activity or remediating vulnerabilities, others faced compromise, resulting in the stolen data being published on ShinyHunters (the data leak site),” Mandiant wrote.
Oracle did not respond to TechCrunch’s request for comment.
Contact us
Do you have more information about this hacking campaign? Or other data breaches? We would love to hear from you. From a device and network outside of work, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Email.
A ShinyHunters member told TechCrunch this week that some of the organizations that were hacked were universities and colleges.
The hacker shared a message they said was sent to one of the victim schools, in which the hackers claimed to have stolen “hundreds of thousands of student records containing full name, home address, phone, email, date of birth, gender, race, enrollment status, GPA, major, and student ID across all universities,” among other data.
PeopleSoft and its customers are the latest victims in a long line of hacking campaigns in which the ShinyHunters gang has targeted organizations that all share the same vulnerable software.
Last year, the group targeted several companies that use… Sales force and stupidityin addition to the programs it offers Education giant Instructureand among other things.
Once hackers identify vulnerable software and companies using it, they attempt to steal company or customer data and then threaten to release it unless victims pay a ransom.
Earlier this year, education technology company Instructure He said it paid the hackers After they hacked into the company’s systems twice. As part of a piracy campaign ShinyHunters has defaced login pages Of the many schools using Instructure’s popular school information portal Canvas.
When you make a purchase through the links in our articles, We may earn a small commission. This does not affect our editorial independence.
