Clop infiltrators caught the Uracle Zero-Day Bug to steal the personal data of executives

Oracle has fixed a zero security vulnerability in one of the leading business programs products that the Piracy Group currently treats to steal personal information about companies executives.

in Short It was updated during the weekend, and said Rob Daart, chief security officer in Oracle, said that the technology giant issued a new correction to repair the vulnerability in the Oracle E-Business suite, and urged customers to install the update as soon as possible.

the Security consultations “The consultant provided many alleged indicators of the settlement to help Oracle customers identify the evidence of the infiltrators of their systems, indicating that infiltrators are currently taking advantage of the weakness of stealing sensitive customer data.

Oracle He says Thousands of institutions around the world use the e -business group to operate their companies, including storing their customer data and human resources files for their employees.

The error is known as a Zero day Because Oracle, in this case, has not been given time to correct the error before it is harmful.

The updated Duhart’s publication is almost an encounter earlier this week, when a previous version said, Oracle was aware that some executives “received blackmail email messages” associated with the weakness that was previously identified in July, indicating that the blackmail campaign had ended. Recently identified errors indicate that infiltrators continued to exploit defects in the e -commercial Oracle program that were not known to Oracle at that time.

News of the extortion attempts targeting companies’ executives last week appeared.

On October 2, Google Security researchers said they found the heavy piracy group called CLOP, which was linked to many Ransom and Blackfield attempts In recent years, it was Send emails to Oracle Executive managers About September 29, asking money not to publish their personal information online.

Charles Karmal, chief technology official in Google’s Accident Response Unit, said in A. It was published on Sunday to LinkedIn The weaknesses of the Oracle electronic business program were used in the “collective exploitation” campaign to steal data and extortion.

Karmal said, after the launch of the July forces, after the issuance of July spots.

“Klopp has sent emails extortion to many victims since last Monday,” Karmal said, but they indicated that the infiltrators have not communicated with all the victims yet.