Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Public *
Kevin Beaumont

Somebody is claiming to have exfiltrated 6 million lines of data with Oracle Cloud’s SSO and LDAP that includes JKS files, encrypted SSO passwords, key files and enterprise manager JPS keys from servers on login.*.oraclecloud.com

The poster has no prior reputation, it is unclear if they're LARPing. Some of the sample data does align with prior infostealer logs, I'm told. breachforums.st/Thread-SELLING

#threatintel
Public
Kevin Beaumont

If anybody is interested, the servers they claim they targeted all run Oracle WebLogic and are managed by Oracle as a SaaS service.

Public
Kevin Beaumont

Has anybody else got Oracle to comment on this? No reply to my queries.

Silva

@GossiTheDog
As far as I know, no official comment from Oracle, but big customers are already being contacted and credentials/mfa are being reset as we speak.

Mar 21, 2025, 11:29 PM·Quiet public·Fedilab
7boosts·14favorites
ExploreLive feeds
About