Tag: Oracle

January 17, 2018

Oracle on Tuesday released its first Critical Patch Update for 2018 to deliver 237 new security fixes across its product portfolio. Over half of the addressed vulnerabilities could be remotely exploited without authentication. As part of the January 2018 Critical […]

January 10, 2018

PeopleSoft and WebLogic app servers, as well as cloud systems using WebLogic, hacked and used to net some $226K in digital currency. Enterprises that failed to install Oracle’s critical WebLogic patch last October could find their PeopleSoft and cloud-based servers […]

December 12, 2017

Oracle updates its Identity SOC and management cloud with security tools to verify and manage users trusted with access to cloud-based data and applications. Oracle is expanding its Identity SOC portfolio and Management Cloud with new cloud-based tools for identity […]

November 17, 2017

Oracle pushed out an emergency update for vulnerabilities affecting several of its products that rely on its proprietary Jolt protocol. The bugs were discovered by researchers at ERPScan who named the series of five vulnerabilities JoltandBleed. The vulnerabilities are severe, […]

October 18, 2017

Oracle patched 250 vulnerabilities across hundreds of different products as part of its quarterly Critical Patch Update released today. Rounding out the list of products with the most patches is Oracle Fusion Middleware with 38, Oracle Hospitality Applications with 37 […]

September 27, 2017

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities, including a critical remote code execution vulnerability (CVE-2017-9805) that could let an attacker take control of an affected system, late last week. The Apache Software Foundation patched […]

June 5, 2017

Oracle on Monday announced enhancements to its Identity-based Security Operations Center (SOC) cloud services, including improvements to machine learning, artificial intelligence and contextual awareness. The Oracle Identity SOC offering includes several cloud services, including the Cloud Access Security Broker (CASB), […]

April 21, 2017

Oracle’s Critical Patch Update (CPU) for April 2017 contains 299 fixes, the highest number compared to previous CPUs. More than half of the vulnerabilities could be remotely exploitable without authentication. 40 of the issues were rated Critical, and 25 had […]

November 22, 2016

Last month, the entire internet went down for a few hours. At least that’s what one of the biggest denial-of-service attacks in recent memory felt like to a lot of people. Sites from Netflix, Spotify, and Reddit to The New […]

October 20, 2016

Bigger is not necessarily better, but it’s beginning to look like Oracle will release a monster Critical Patch Update (CPU) every quarter. These security updates affect databases, networking components, operating systems, applications server, Java, and ERP systems, leaving IT administrators […]

August 9, 2016

The hack has affected 700 computer systems at Micros and is thought to have begun with infiltration on a single machine at the company, said Brian Krebs on his Krebs on Security blog on Monday. The incident is worrying for […]

July 21, 2016

In case you missed it, Oracle’s July 2016 Critical Patch Update is out, and it’s bigger than ever before. It plugs 276 security issues across hundreds of Oracle products, including Oracle Database Server, Oracle E-Business Suite, Oracle Industry Applications, Oracle […]

January 22, 2016

Oracle has published their Critical Patch Update (CPU) for January 2016. The Oracle CPU is quarterly and addresses the flaws in large Oracle’s product line, including their core product the relational database, but also in a large number of acquisitions […]

October 19, 2015

#oracle puts out four #critical patch updates per year and the final one of 2015 – scheduled for #release on Oct. 20 – contains 153 security fixes across hundreds of Oracle products, according to a pre-release announcement. Perhaps the biggest […]

August 11, 2015

If you take apart Oracle’s software and find a hackable vulnerability, don’t tell the company. Or at least not its chief security officer. “If you are trying to get the code in a different form from the way we shipped […]

May 29, 2015

During his talk at the #hack in the Box conference, Alexey Tyurin, Head of the Oracle Security Department at ERPScan, spotlighted several vulnerabilities in Oracle PeopleSoft applications. Oracle is the second largest vendor on the ERP market, and its PeopleSoft is […]