Oracle News, Articles and Updates

Double cryptominer delivered via Oracle server exploit

Threat actors exploited the CVE-2017-10271 vulnerability which allows for remote code execution to deliver both a 64-bit variant and a 32-bit variant of an XMRig Monero miner, according to a 26 February blog post.

Vulnerability in Oracle's WebLogic installs Monero cryptominer on victims' machines

A malicious campaign that's been exploiting a vulnerability in Oracle's WebLogic application servers in order to install a Monero cryptominer on victims' machines spreads the threat worldwide, across virtually all industry sectors.

POS vulnerability affecting 300,000 systems patched by Oracle

Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an attacker to read any file and receive information about various services without authentication from a vulnerable MICROS workstation.

Oracle issues emergency patch for JoltandBleed bug in Tuxedo middleware

Oracle Corporation issued a series of emergency patches on Tuesday last week, fixing five vulnerabilities in its Tuxedo middleware platform, including a critical one that has been compared to Heartbleed.

Oracle patches 252 bugs, increase in E-Business Suite and PeopleSoft flaws

Oracle Corp's quarterly Critical Patch Update (CPU) has fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.

Oracle patches 7 Apache Struts 2 vulnerabilities

Oracle issued seven security updates to patch vulnerabilities found in Apache Struts 2.

Oracle pulls CSO's reverse engineering and bug bounty programme rant

Oracle CSO Mary Ann Davidson penned a blog post on Monday and warned researchers they would receive a legal letter if they continued to reverse engineer the company's code.

Yahoo-culprit Java targeted as Oracle promises 147 security fixes

Patch Tuesday sees major slew of vulnerabilities to be fixed

Yahoo.com visitors infected by malware-ridden ads

Hundreds of thousands of visitors to the Yahoo.com website may have encountered malware from the website's own advertising servers, according to security experts.

Java vulnerabilities on Oracle highlighted

Oracle say 12 of the new vulnerabilities identified in Java could allow full take-over of a device if left unfixed.

Oracle makes plans for Java security

Oracle has said that making Java more secure is a priority, as it lines up regular patch updates.

Oracle to issue Java patch following US Homeland Security warning

Oracle has announced a security update for the zero-day flaw in Java that was widely reported last week that will be released soon.