Threat actors have begun exploiting the Oracle Database Scheduler’s External Jobs feature to execute arbitrary commands on corporate database servers, enabling stealthy initial footholds and rapid escalation of privileges. By abusing the extjobo.exe executable, attackers can run encoded PowerShell commands, establish encrypted tunnels with Ngrok, and deploy ransomware, all while evading detection through aggressive cleanup […]

The post Threat Actors Exploit Oracle Database Scheduler to Infiltrate Corporate Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/oracle-database-scheduler/