System News
back3 4 5 6 7 8 9 10 11 12 13 next
Archived Security Articles
27 Jan 2015
open to premium members only
Data Encryption ... Be Safe or Be Sorry [40578]
How to Prevent the Next Data Breach with Encryption (Part 1)

John Szlendak writes, "Another day, another costly data breach headline. This time, it was Sony Pictures as the victim of a devastating cyber attack. Newspapers report that North Korean hackers broke into Sony's computer systems stealing and exposing a trove of sensitive documents. The studio's reputation is in tatters as embarrassing revelations spill from tens of thousands of leaked emails, private documents and other company sensitive materials. Millions of dollars in lawsuits are expected from ex-employees over leaked Social Security number and other personal information.

Sony is not alone..."
(Get More Information . .)

22 Jan 2015
open to premium members only
Why Customers Should Upgrade Directory Server Enterprise Edition (DSEE) to Oracle Unified Directory (OUD) [40462]
By Forest Yin

Forest Yin writes, "Lightweight Directory Access Protocol (LDAP) is the foundation of Identity Management. LDAP directories are designed to store identity and policy information and provide runtime access to that information. Oracle's Directory Server Enterprise Edition (DSEE) is the most widely deployed directory in the industry with thousands of production deployments. Some customer deployments include hundreds of millions of entries and even over a billion entries for a single deployment..."
(Get More Information . .)

20 Jan 2015
open to premium members only
January 2015 Critical Patch Update Released [40461]
By Eric P. Maurice

Eric writes that Oracle "released the January 2015 Critical Patch Update. This Critical Patch Update provides 169 new fixes for security issues across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Enterprise Manager, Oracle E-Business Suite, Oracle Supply Chain Suite, Oracle PeopleSoft Enterprise, Oracle JDEdwards EnterpriseOne, Oracle Siebel CRM, Oracle iLearning, Oracle Java SE, Oracle Sun Systems Products Suite, Oracle Linux and Virtualization, and Oracle MySQL..."
(Get More Information . .)

14 Jan 2015
open to premium members only
The Future of User Authentication [40346]
By Prateek Mishra

Prateek Mishra writes, "As business and citizen services, entertainment and social life all become digitized and virtualized, passwords emerge as a key piece of data to be used for stealing information and online resources. In the past, this was a possibility and an occasional occurrence but in recent years the Apple Celebrity Photo breach [1], JPMorgan [2] and Pharmaceutical Company [3] data breaches have demonstrated the increasing scale and range of password-based threats to businesses. It is interesting to observe that each of these three breaches demonstrates a *different aspect* of the "password problem": ability to guess or reset passwords, password re-use and subsequent discovery from a website with weak security controls, and last, phishing attacks targeted at executives or administrators..."
(Get More Information . .)

13 Jan 2015
open to premium members only
34% of Organizations Say Data Breach 'Somewhat likely' to 'Inevitable' in 2015 [40345]
By Troy Kitch

Troy writes, "According to the latest Independent Oracle Users Group (IOUG) Enterprise Data Security Survey, one third of organizations say that a data breach is "somewhat likely" to "inevitable" in the next 12 months, up from 20% in 2008.

Are organizations coming to the realization that data breaches will happen?..."
(Get More Information . .)

31 Dec 2014
open to premium members only
Multiple vulnerabilities in NTP [40124]
resolved as of ntp-4.2.8

NTF's NTP Project has been notified of a number of vulnerabilities from Neel Mehta and Stephen Roettger of Google's Security Team.

The two most serious of these issues and four less serious issues have been resolved as of ntp-4.2.8, which was released on 18 December 2014. Latest version of NTP shipped with Solaris 10 and Solaris 11.2 is not impacted by CVE-2014-9293 and CVE-2014-9294.

Please upgrade to Solaris 11.2 SRU 4.4 or Solaris 11.1 SRU 13.6 to install the Solaris 11.x IDRs.

workaround instructions
(Get More Information . .)

 
back3 4 5 6 7 8 9 10 11 12 13 next