System News
back4 5 6 7 8 9 10 11 12 13 14 next
Archived Security Articles
22 Jan 2015
open to premium members only
Why Customers Should Upgrade Directory Server Enterprise Edition (DSEE) to Oracle Unified Directory (OUD) [40462]
By Forest Yin

Forest Yin writes, "Lightweight Directory Access Protocol (LDAP) is the foundation of Identity Management. LDAP directories are designed to store identity and policy information and provide runtime access to that information. Oracle's Directory Server Enterprise Edition (DSEE) is the most widely deployed directory in the industry with thousands of production deployments. Some customer deployments include hundreds of millions of entries and even over a billion entries for a single deployment..."
(Get More Information . .)

20 Jan 2015
open to premium members only
January 2015 Critical Patch Update Released [40461]
By Eric P. Maurice

Eric writes that Oracle "released the January 2015 Critical Patch Update. This Critical Patch Update provides 169 new fixes for security issues across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Enterprise Manager, Oracle E-Business Suite, Oracle Supply Chain Suite, Oracle PeopleSoft Enterprise, Oracle JDEdwards EnterpriseOne, Oracle Siebel CRM, Oracle iLearning, Oracle Java SE, Oracle Sun Systems Products Suite, Oracle Linux and Virtualization, and Oracle MySQL..."
(Get More Information . .)

14 Jan 2015
open to premium members only
The Future of User Authentication [40346]
By Prateek Mishra

Prateek Mishra writes, "As business and citizen services, entertainment and social life all become digitized and virtualized, passwords emerge as a key piece of data to be used for stealing information and online resources. In the past, this was a possibility and an occasional occurrence but in recent years the Apple Celebrity Photo breach [1], JPMorgan [2] and Pharmaceutical Company [3] data breaches have demonstrated the increasing scale and range of password-based threats to businesses. It is interesting to observe that each of these three breaches demonstrates a *different aspect* of the "password problem": ability to guess or reset passwords, password re-use and subsequent discovery from a website with weak security controls, and last, phishing attacks targeted at executives or administrators..."
(Get More Information . .)

13 Jan 2015
open to premium members only
34% of Organizations Say Data Breach 'Somewhat likely' to 'Inevitable' in 2015 [40345]
By Troy Kitch

Troy writes, "According to the latest Independent Oracle Users Group (IOUG) Enterprise Data Security Survey, one third of organizations say that a data breach is "somewhat likely" to "inevitable" in the next 12 months, up from 20% in 2008.

Are organizations coming to the realization that data breaches will happen?..."
(Get More Information . .)

31 Dec 2014
open to premium members only
Multiple vulnerabilities in NTP [40124]
resolved as of ntp-4.2.8

NTF's NTP Project has been notified of a number of vulnerabilities from Neel Mehta and Stephen Roettger of Google's Security Team.

The two most serious of these issues and four less serious issues have been resolved as of ntp-4.2.8, which was released on 18 December 2014. Latest version of NTP shipped with Solaris 10 and Solaris 11.2 is not impacted by CVE-2014-9293 and CVE-2014-9294.

Please upgrade to Solaris 11.2 SRU 4.4 or Solaris 11.1 SRU 13.6 to install the Solaris 11.x IDRs.

workaround instructions
(Get More Information . .)

20 Nov 2014
open to premium members only
Advanced Registration Now Open for new Oracle Mobile Security Primer eBook [39391]
Will provide a deeper understanding of the complex issues related to mobile security

Eric Renaud writes, "Today, just as organizations are starting to understand the first wave of the mobile revolution, there are now numerous demands being placed on IT to support the second wave as new generation devices and applications are coming online to take advantage of these new capabilities in today's corporate environment...

The Oracle Mobile Security Primer will provide a deeper understanding of not only the fundamentals, but also the complex issues related to mobile security in today's corporate mobility environment. If you maintain the role of a mobility planner, security architect, CISO, security director, IT director, operations manager or just simply want to stay up on the latest trends around mobile security, then pre-register for this new eBook: Oracle Mobile Security Primer..."
(Get More Information . .)

 
back4 5 6 7 8 9 10 11 12 13 14 next