- February 12, 2019
Davi Ottenheimer, MongoDB's head of product security, discusses his company's efforts to prevent accidental database exposures and why so many misconfigurations occur.
- July 20, 2018
News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.
- December 05, 2017
A keyboard data leak by mobile developer Ai.type exposed millions of personal records through misconfigured MongoDB database settings.
- May 13, 2016
DHS US-CERT warns of a patched SAP Java vulnerability from 2010 that has enabled breaches at three dozen global enterprises due to configuration issues.
- October 22, 2015
Oracle patches 154 flaws in its quarterly update. Experts said patches need to be released faster, but Oracle stands by its release schedule.
- June 02, 2015
Researchers find that insecure implementation of cloud backups by mobile apps may affect hundreds of thousands of apps and leave as many as 56 million credentials exposed.
- March 04, 2015
NoSQL database security has taken a backseat to performance in Hadoop-based security big data analytics systems, but that may soon change thanks to growing demand and maturing NoSQL security products.
- March 02, 2015
Following the theft of data affecting about 50,000 of its drivers, Uber says it has filed a subpoena to obtain GitHub data that may pinpoint the source of its data breach.
- October 17, 2014
The October 2014 Oracle CPU delivered fixes for 154 unique bugs, with Java vulnerabilities making up the bulk of the most pressing updates.
- August 07, 2014
At Black Hat, David Litchfield skewered Oracle and its approach to security while detailing several flaws in a new Oracle database security feature.
- July 18, 2014
With another round of patches for several serious Java flaws, Oracle's quarterly CPU showed that Java security problems are not receding.
- January 27, 2014
A researcher says Oracle hasn't properly addressed long-standing Oracle Forms and Reports flaws, which could be exploited to gain remote access.
- January 21, 2014
The first Oracle Critical Patch Update of 2014 included fixes for 36 Java vulnerabilities, but only 5 Oracle Database vulnerabilities. Why so few?
- August 13, 2012
A privilege escalation flaw, which prominent security researcher David Litchfield disclosed at Black Hat, can be exploited to gain system privileges.
- July 26, 2012
At Black Hat 2012, longtime Oracle thorn David Litchfield presents working exploits targeting Oracle database indexing vulnerabilities.