The threat actor who claimed responsibility for violating the alleged data in Oracle Cloud threatens to issue or sell data, according to security researchers.
The representative of the threat, which was identified as Rose87168, has been threatened on Sunday to leak stolen data and claimed that Oracle does not cooperate with the infiltrators' demands, according to LinkedIn post Written by Alon Gal, co -founder and CTO in Hudson Rock.
The actor of the threat previously obtained the credit for the Oracle Cloud accident, claiming that he could reach 6 million data records, affecting more than 140,000 tenants.
After initially rejected a breach, Oracle remained so silent about the breach and refused to respond to many requests to comment on the accident. Meanwhile, the security researchers revealed that evidence of data breach supports increased.
Security researchers from Cloudsek The evidence published last week supports the actor's claims to threaten to violate. The researchers said they believed that the infiltrator took advantage of a vulnerability on a zero day or a misfortune in the OATH2 ratification process.
The alleged breach has been linked to critical weakness, listed on the list Cve-2021-35587Weakness in Oracle Manager from Oracle Fusion Middleware. The weakness, which gets CVSS 9.8, allows the non -authenticated striker with an HTTP access to the Oracle Access manager.
The stolen data includes single accreditation data, passwords for access to light guide, OAUTH2 switches and tenant data, according to CloudSek.
CloudSek researchers have been analyzed a sample presented by the infiltrator.
Researchers from Trustwave Spiderbs I released a blog post last week Emphasizing that the infiltrator threatens to sell stolen data and provide multiple purchase options, based on the company's name, retail adoption data and other standards.
“Based on our research and analysis, and other researchers, we feel that this is likely to be a legitimate violation,” said TRUSTWAVE researchers of Cyberssication Dive.
