In recent weeks, security researchers have observed a surge in attacks exploiting Oracle Database Scheduler’s External Jobs feature to gain a foothold in corporate environments.
This technique abuses the scheduler’s ability to execute arbitrary commands on Windows-based database servers, allowing adversaries to bypass perimeter defenses.
Initial intrusion vectors involve probing publicly exposed Oracle listener ports and leveraging misconfigured credentials or default administrative accounts.
[...]
Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments
Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments
-
rbc
- Secretary
- Posts: 441
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments
Robert B. Carleton + ISC2 Central Mississippi Secretary