- November 13, 2015
News roundup: WebSphere, JBoss, Jenkins and more hit by Java vulnerability in an open source library. Plus, SAP HANA deals with critical vulnerabilities, and more.
- June 02, 2015
Researchers find that insecure implementation of cloud backups by mobile apps may affect hundreds of thousands of apps and leave as many as 56 million credentials exposed.
- March 04, 2015
NoSQL database security has taken a backseat to performance in Hadoop-based security big data analytics systems, but that may soon change thanks to growing demand and maturing NoSQL security products.
- January 06, 2015
Research from IBM indicates cyberattackers are going after retailers with surgical precision, using fewer attack attempts yet frequently compromising vulnerable databases.
- October 17, 2014
The October 2014 Oracle CPU delivered fixes for 154 unique bugs, with Java vulnerabilities making up the bulk of the most pressing updates.
- August 07, 2014
At Black Hat, David Litchfield skewered Oracle and its approach to security while detailing several flaws in a new Oracle database security feature.
- July 18, 2014
With another round of patches for several serious Java flaws, Oracle's quarterly CPU showed that Java security problems are not receding.
- January 27, 2014
A researcher says Oracle hasn't properly addressed long-standing Oracle Forms and Reports flaws, which could be exploited to gain remote access.
- January 21, 2014
The first Oracle Critical Patch Update of 2014 included fixes for 36 Java vulnerabilities, but only 5 Oracle Database vulnerabilities. Why so few?
- August 13, 2012
A privilege escalation flaw, which prominent security researcher David Litchfield disclosed at Black Hat, can be exploited to gain system privileges.
- July 26, 2012
At Black Hat 2012, longtime Oracle thorn David Litchfield presents working exploits targeting Oracle database indexing vulnerabilities.
- June 12, 2012
Hashing and salting passwords help deter cybercriminals from cracking them, but the goal should be to keep attackers out of the database, say security experts.
- May 01, 2012
Despite the accidental release of attack code for a bug in Oracle’s database, the company won’t change the code for fear of “regression.”
- January 16, 2012
Symantec said the $115 million-dollar deal boosts its e-discovery business and offer security and antispam capabilities for on-premise and hosted email.
- August 02, 2011
The new Veracode technology, Dnyamic MP, is said to be able to scan thousands of websites simultaneously to spot an SQL attack or other attack types.