-
Thousands of Enterprises At Risk Due to Oracle EBS Critical Flaws
Two critical security vulnerabilities discovered in Oracle's E-Business Suite (EBS) could allow potential attackers to take full control over a company's entire enterprise resource planning (ERP) solution.
- November 20, 2019
- 03:00 AM
0
-
Oracle Cancels Venezuela Partner Contracts Citing US Sanctions
Oracle has sent out letters to partners in Venezuela stating that they will no longer be able to work with them in order to comply with President Trump's Executive Order 13884.
- October 10, 2019
- 06:09 PM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Adobe To Ban Users From Venezuela Due to U.S. Executive Order
Adobe published today a support document saying that the company is deactivating all accounts in Venezuela starting October 28 due to U.S. Government's Executive Order 13884 issued on August 7, 2019.
- October 07, 2019
- 04:13 PM
- 4
-
Oracle Fixes Critical Bug in WebLogic Server Web Services
Oracle on Tuesday announced a patch for a remote code execution vulnerability affecting specific versions of the WebLogic Server. The bug bypasses a previously fixed flaw and researchers say it is actively used in attacks.
- June 19, 2019
- 07:46 AM
- 0
-
Echobot Botnet Spreads via 26 Exploits, Targets Oracle, VMware Apps
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too.
- June 14, 2019
- 12:33 PM
- 0
-
Oracle Sends Warning Emails About Paid-for Critical Java 8 Update
An email being sent by Oracle sales representatives about upcoming critical security updates for Java 8 being only available to licensed users has sparked controversy due to its wording that to some feel like it is an extortion or a scare tactic.
- March 29, 2019
- 03:57 PM
- 3
-
Safari, Virtualbox, VMware Get Hacked During First Day of Pwn2Own 2019
During the first day of Pwn2Own Vancouver 2019, contestants were able to successfully hack into the Apple Safari web browser, Oracle's VirtualBox, and VMware Workstation, earning a total of $240,000 in cash awards.
- March 21, 2019
- 02:21 PM
- 0
-
Get 93% off The Oracle Professional Certification Training Bundle
This deal is for a 2 course bundle with 24 hours of preparation for the Oracle SQL Fundamentals: 12c OCP 1Z0-061 and Oracle Database 12c Administration 1Z0-062 certifications. These courses normally have a combined value of $924, but have been discounted more than 93% to $59 as part of this deal.
- February 07, 2019
- 08:23 AM
- 0
-
Attacks on Oracle WebLogic Servers Detected After Publication of PoC Code
Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability.
- July 24, 2018
- 12:00 AM
- 0
-
Oracle Plans to Drop Java Serialization Support, the Source of Most Security Bugs
Oracle plans to drop support for data serialization/deserialization from the main body of the Java language, according to Mark Reinhold, chief architect of the Java platform group at Oracle.
- May 28, 2018
- 12:15 AM
- 1
-
New MassMiner Malware Targets Web Servers With an Assortment of Exploits
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner.
- May 02, 2018
- 10:52 AM
- 0
-
Hackers Scan the Web for Vulnerable WebLogic Servers After Oracle Botches Patch
For more than a week hackers have started scanning the Internet, searching for machines running Oracle WebLogic servers. Scans started after April 17, when Oracle published its quarterly Critical Patch Update (CPU) security advisory.
- April 30, 2018
- 04:42 AM
- 0
-
Three Execs Get Prison Time for Pirating Oracle Firmware Patches
An Ohio court sentenced yesterday four high-ranking TERiX executives for their role in a pirating scheme through which they stole and resold Sun and Oracle firmware patches. Three of the four execs received prison sentences.
- April 06, 2018
- 02:22 PM
- 4
-
Security Bug Affects Over 300,000 Oracle POS Systems
Hackers have a new security flaw in their arsenal they can exploit to install POS malware on Oracle Micros point-of-sale systems.
- January 31, 2018
- 08:30 AM
- 0
-
Hackers Make Whopping $226K Installing Monero Miners on Oracle WebLogic Servers
A group of hackers has made over a quarter-million dollars worth of Monero by breaking into Oracle WebLogic servers and installing a cryptocurrency miner.
- January 11, 2018
- 10:56 AM
- 1
-
Oracle Products Affected by Critical JOLTandBLEED Vulnerabilities
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
- November 17, 2017
- 04:32 AM
- 0
-
Oracle Fixes "Default Account" Issue Rated 10 Out of 10 on Severity Scale
Oracle has released patches for a security issue affecting the Oracle Identity Manager that has received a rare 10 out of 10 score on the CVSSv3 bug severity scale.
- October 31, 2017
- 01:00 AM
- 1
-
Oracle Delivers a Whopping 299 Fixes in April 2017's Critical Patch Update
Today, Oracle released their April 2017 Critical Patch Update, or CPU, that resolves a record breaking 299 vulnerabilities across all of their products. Of these 299 vulnerabilities, over 100 are remotely executable.
- April 18, 2017
- 10:15 PM
- 0
-
Former Sysadmin Accused of Planting "Time Bomb" in Company's Database
Allegro MicroSystems LLC is suing a former IT employee for sabotaging its database using a "time bomb" that deleted crucial financial data in the first week of the new fiscal year.
- April 13, 2017
- 03:20 PM
- 3
-
Java and Python Contain Security Flaws That Allow Attackers to Bypass Firewalls
Both Java and Python contain similar security flaws that allow an attacker to bypass firewalls by injecting malicious commands inside FTP URLs.
- February 21, 2017
- 06:33 AM
- 0
1
