India, Oct. 8 -- In August 2023 a zero day was dropped by one of the most functional ransomware gangs and wasand was unknown to most, including security researchers and journalists. CVE-2023-21839, a vulnerability in Oracle WebLogic Server, wasn't getting any publicity until it was too late. But the Clop ransomware gang was already exploiting this in various technical writings that went largely unnoticed. No malware, no encryption, just surgical data theft.

This wasn't a new exploit, but a paradigm shift. If you're still thinking about this vulnerability in terms of your firewall alerts and EDR alerts, you're playing the wrong game.

It's a remote unauthenticated vulnerability in Oracle's WebLogic Server, which is still being used by tho...