- May 13, 2016
DHS US-CERT warns of a patched SAP Java vulnerability from 2010 that has enabled breaches at three dozen global enterprises due to configuration issues.
- October 22, 2015
Oracle patches 154 flaws in its quarterly update. Experts said patches need to be released faster, but Oracle stands by its release schedule.
- June 02, 2015
Researchers find that insecure implementation of cloud backups by mobile apps may affect hundreds of thousands of apps and leave as many as 56 million credentials exposed.
- March 04, 2015
NoSQL database security has taken a backseat to performance in Hadoop-based security big data analytics systems, but that may soon change thanks to growing demand and maturing NoSQL security products.
- March 02, 2015
Following the theft of data affecting about 50,000 of its drivers, Uber says it has filed a subpoena to obtain GitHub data that may pinpoint the source of its data breach.
- October 17, 2014
The October 2014 Oracle CPU delivered fixes for 154 unique bugs, with Java vulnerabilities making up the bulk of the most pressing updates.
- August 07, 2014
At Black Hat, David Litchfield skewered Oracle and its approach to security while detailing several flaws in a new Oracle database security feature.
- July 18, 2014
With another round of patches for several serious Java flaws, Oracle's quarterly CPU showed that Java security problems are not receding.
- January 27, 2014
A researcher says Oracle hasn't properly addressed long-standing Oracle Forms and Reports flaws, which could be exploited to gain remote access.
- January 21, 2014
The first Oracle Critical Patch Update of 2014 included fixes for 36 Java vulnerabilities, but only 5 Oracle Database vulnerabilities. Why so few?
- August 13, 2012
A privilege escalation flaw, which prominent security researcher David Litchfield disclosed at Black Hat, can be exploited to gain system privileges.
- July 26, 2012
At Black Hat 2012, longtime Oracle thorn David Litchfield presents working exploits targeting Oracle database indexing vulnerabilities.
- June 25, 2012
Many organizations have acquired legacy applications over the years, storing password data and other information in clear text, according to one noted security expert.
- June 12, 2012
Hashing and salting passwords help deter cybercriminals from cracking them, but the goal should be to keep attackers out of the database, say security experts.
- May 24, 2012
Editor Eric B. Parizo says controversies involving Oracle security patches and InfoSec World 2012 prove the importance of differing opinions.