January 17, 2018
Via: Security WeekOracle on Tuesday released its first Critical Patch Update for 2018 to deliver 237 new security fixes across its product portfolio. Over half of the addressed vulnerabilities could be remotely exploited without authentication. As part of the January 2018 Critical […]
January 10, 2018
Via: Dark ReadingPeopleSoft and WebLogic app servers, as well as cloud systems using WebLogic, hacked and used to net some $226K in digital currency. Enterprises that failed to install Oracle’s critical WebLogic patch last October could find their PeopleSoft and cloud-based servers […]
December 12, 2017
Via: Dark ReadingOracle updates its Identity SOC and management cloud with security tools to verify and manage users trusted with access to cloud-based data and applications. Oracle is expanding its Identity SOC portfolio and Management Cloud with new cloud-based tools for identity […]
November 17, 2017
Via: Threat PostOracle pushed out an emergency update for vulnerabilities affecting several of its products that rely on its proprietary Jolt protocol. The bugs were discovered by researchers at ERPScan who named the series of five vulnerabilities JoltandBleed. The vulnerabilities are severe, […]
October 18, 2017
Via: Threat PostOracle patched 250 vulnerabilities across hundreds of different products as part of its quarterly Critical Patch Update released today. Rounding out the list of products with the most patches is Oracle Fusion Middleware with 38, Oracle Hospitality Applications with 37 […]
September 27, 2017
Via: Threat PostOracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities, including a critical remote code execution vulnerability (CVE-2017-9805) that could let an attacker take control of an affected system, late last week. The Apache Software Foundation patched […]
June 5, 2017
Via: Security WeekOracle on Monday announced enhancements to its Identity-based Security Operations Center (SOC) cloud services, including improvements to machine learning, artificial intelligence and contextual awareness. The Oracle Identity SOC offering includes several cloud services, including the Cloud Access Security Broker (CASB), […]
April 21, 2017
Via: InfoSecurity LiveOracle’s Critical Patch Update (CPU) for April 2017 contains 299 fixes, the highest number compared to previous CPUs. More than half of the vulnerabilities could be remotely exploitable without authentication. 40 of the issues were rated Critical, and 25 had […]
November 22, 2016
Via: WiredLast month, the entire internet went down for a few hours. At least that’s what one of the biggest denial-of-service attacks in recent memory felt like to a lot of people. Sites from Netflix, Spotify, and Reddit to The New […]
October 20, 2016
Via: InfoWorldBigger is not necessarily better, but it’s beginning to look like Oracle will release a monster Critical Patch Update (CPU) every quarter. These security updates affect databases, networking components, operating systems, applications server, Java, and ERP systems, leaving IT administrators […]
August 9, 2016
Via: CSO OnlineThe hack has affected 700 computer systems at Micros and is thought to have begun with infiltration on a single machine at the company, said Brian Krebs on his Krebs on Security blog on Monday. The incident is worrying for […]
July 21, 2016
Via: Help Net SecurityIn case you missed it, Oracle’s July 2016 Critical Patch Update is out, and it’s bigger than ever before. It plugs 276 security issues across hundreds of Oracle products, including Oracle Database Server, Oracle E-Business Suite, Oracle Industry Applications, Oracle […]
January 22, 2016
Via: Help Net SecurityOracle has published their Critical Patch Update (CPU) for January 2016. The Oracle CPU is quarterly and addresses the flaws in large Oracle’s product line, including their core product the relational database, but also in a large number of acquisitions […]
October 19, 2015
Via: vulnerabilities#oracle puts out four #critical patch updates per year and the final one of 2015 – scheduled for #release on Oct. 20 – contains 153 security fixes across hundreds of Oracle products, according to a pre-release announcement. Perhaps the biggest […]
August 11, 2015
Via: hackerIf you take apart Oracle’s software and find a hackable vulnerability, don’t tell the company. Or at least not its chief security officer. “If you are trying to get the code in a different form from the way we shipped […]
May 29, 2015
Via: vulnerabilitiesDuring his talk at the #hack in the Box conference, Alexey Tyurin, Head of the Oracle Security Department at ERPScan, spotlighted several vulnerabilities in Oracle PeopleSoft applications. Oracle is the second largest vendor on the ERP market, and its PeopleSoft is […]
April 30, 2024
April 11, 2024
April 30, 2024