While data can be a valuable target and will probably the goal as this exploit matures, it is not the only goal this exploit is being used for. A common payload for this currently is a cryptominer. It's also being used to create nodes on a botnet. Compute power and network bandwidth have value also.
On Wed, 2021-12-15 at 06:38 -0700, Charles Wilt wrote:
I suspect that on a perfectly configured system, with a properly configured
object authority scheme in place the amount of damage would be limited.
I also suspect, very few such systems exist. :/
Even if the Java app isn't running under a profile with special
authorities, in my experience it's likely running under a profile that's
used by multiple apps. Thus increasing the amount of data exposed.
On Tue, Dec 14, 2021 at 11:16 PM Peter Dow <petercdow@xxxxxxxxx<mailto:petercdow@xxxxxxxxx>> wrote:
Wouldn't they need authority to do something like DLTLIB *ALL?
I mean they may not need credentials, but wouldn't it inherit the
authorities of whatever context the Java app is in?
Senior Programmer Analyst
MEDDATA / MEDTRON
120 Innwood Drive
Covington LA 70433
Toll Free: 877-893-2550<tel:877-893-2550>
This document and any accompanying this email transmission contain confidential information, belonging to the sender that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party and is required to destroy the information after its stated need has been fulfilled. If you are not the intended recipient, or the employee of agent responsible to deliver it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or action taken in reliance on the contents of these documents is STRICTLY PROHIBITED. If you have received this email in error, please notify the sender immediately to arrange for return or destruction of these documents.
As an Amazon Associate we earn from qualifying purchases.