Google says ShinyHunters hackers targeting education sector via Oracle exploit | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


The campaign took place between May 27 and ‌June 9, Google said in a blog [File]
| Photo Credit: REUTERS

Alphabet’s cybersecurity unit Mandiant and Google Threat Intelligence Group ​said Thursday they had identified an active ‌compromise and extortion campaign targeting Oracle’s PeopleSoft ​enterprise software, which they attributed ⁠to the hacking group ShinyHunters.

The campaign took place between May 27 and ‌June 9, Google said in a blog.

PeopleSoft is an enterprise ‌resource planning suite used by organisations ‌to ⁠manage core business functions ⁠including human resources, finance and supply-chain operations.

After becoming aware of active scanning and exploitation, Google said ​it notified ‌more than 100 organisations whose IP addresses correlated with potentially vulnerable endpoints. Most were based in the U.S., ‌and 68% were in the ​higher education sector.

Researchers found that the attackers hosted customised MeshCentral agents ⁠disguised as legitimate cloud endpoints, which were used to run administrative command ‌queries.

As the activity occurred before Oracle issued a security advisory on June 10, the hackers were able to exploit the vulnerability as a “zero-day” flaw, meaning there was no ‌patch available at the time of the attacks.

ShinyHunters ​is a hacking group with a history of targeting global ⁠companies for extortion. Last month, the ⁠group struck a deal with Instructure, the parent company of ‌education tool Canvas, to secure stolen student and school data.



Click Here For The Original Source.

——————————————————–

..........

.

.

National Cyber Security

FREE
VIEW