The Clop ransomware group has been identified as exploiting a zero-day vulnerability within Oracle E-Business Suite (EBS). This critical cyberattack resulted in a confirmed breach at Barts Health NHS.

Oracle EBS Zero-Day: The Attack Vector

The core of this incident involved the active exploitation of an Oracle EBS zero-day vulnerability. A zero-day vulnerability refers to a flaw in software that is unknown to the vendor, meaning no patch exists at the time of its discovery and exploitation. In this specific event, the unpatched nature of the Oracle EBS flaw allowed the Clop ransomware group to successfully leverage it as an entry point.

Clop Ransomware Group Targets Barts Health NHS

The Clop ransomware group specifically utilized the Oracle EBS zero-day to breach the systems of Barts Health NHS. This event confirms Clop’s direct involvement in exploiting the previously unknown vulnerability to compromise the healthcare organization’s infrastructure. The breach at Barts Health NHS is a direct consequence of Clop’s malicious activity involving the zero-day.

The incident highlights the dangers posed by sophisticated threat actors like the Clop ransomware group who actively seek and exploit unknown software vulnerabilities. The use of an Oracle EBS zero-day by Clop directly led to the security compromise of Barts Health NHS.

Source: https://securityaffairs.com/185447/data-breach/oracle-ebs-zero-day-used-by-clop-to-breach-barts-health-nhs.html