HackDig : Dig high-quality web security articles for hacker

Zimperium Mobile Threat Detection Available in Oracle Cloud

In recent weeks we have been discussing some of the ways Zimperium delivers mobile threat defense (MTD) at scale. As the only true enterprise-class MTD solution available, we take that role seriously. So we are pleased to deliver another option for enterprises to implement mobile threat defense and take advantage of available infrastructure and resources. Yo
Publish At:2017-09-28 20:35 | Read:2036 | Comments:0 | Tags:Partners Oracle Cloud

Oracle July 2017 Critical Patch Update addresses record-breaking 308 issues

Oracle just released the July 2017 Critical Patch Update (CPU) to address a total of 308 flaws in its solutions, it’s a record for the IT giant. Oracle issued its quarterly update, the July 2017 Critical Patch Update (CPU), that addresses 308 security vulnerabilities, 30 of them are rated as critical. This July 2017 Critical Patch Update (CPU) address
Publish At:2017-07-20 03:35 | Read:1070 | Comments:0 | Tags:Breaking News Hacking CPU Oracle

Oracle patch update for April 2017 also fixed Struts and Shadow Brokers exploits

Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits. Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools. The Oracle
Publish At:2017-04-20 04:35 | Read:1481 | Comments:0 | Tags:Breaking News Hacking Apache Struts Oracle Oracle patch upda

Payments Giant Verifone Investigating Breach

Credit and debit card payments giant Verifone [NYSE: PAY] is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions, according to sources. Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted.
Publish At:2017-03-07 20:00 | Read:2422 | Comments:0 | Tags:Other Andy Payment Anunak avivah litan Carbanak Foregenix Ga

Visa Alert and Update on the Oracle Breach

Credit card industry giant Visa on Friday issued a security alert warning companies using point-of-sale devices made by Oracle‘s MICROS retail unit to double-check the machines for malicious software or unusual network activity, and to change passwords on the devices. Visa also published a list of Internet addresses that may have been involved in the O
Publish At:2016-08-13 21:00 | Read:3238 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm alex hold

Security week-in-review: The Oracle vulnerability enterprises should know about

It’s hard to keep up with the hundreds of security-specific headlines published every week. So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore patches to Oracle’s SDKs, Google’s Chrome browser, Apple’s iOS, and more . Check back every Friday to learn about the latest in
Publish At:2016-07-22 19:35 | Read:1539 | Comments:0 | Tags:Security Apple Chrome DDoS Firefox google Library of Congres

Patch Java immediately or attackers can hack you

The CVE-2016-0636 flaw affects Java SE running in web browsers on desktops, attackers can trigger it remotely to takeover your PC. Once again a serious security vulnerability affects the Java Oracle software, the new flaw coded as CVE-2016-0636 scored a 9.3 on the Common Vulnerability Scoring System bug severity rating. The CVE-2016-0636 vulnerability affect
Publish At:2016-03-24 13:55 | Read:2607 | Comments:0 | Tags:Breaking News Security CVE-2016-0636 Hacking Java Oracle Pie

Google will switch from Java APIs to OpenJDK

Google confirms that the next Android versions will use Oracle’s open-source OpenJDK instead the Java APIs, a strategic choice. Google is leaving Java application programming interfaces (APIs) in future versions of its mobile operating system Android. The company is planning to adopt as an alternative an open source solution
Publish At:2015-12-31 21:25 | Read:2502 | Comments:0 | Tags:Security Mobile Breaking News Google Oracle OpenJDK Java Pla

Oracle Settles with FTC Over ‘Deceptive’ Java Security Updates

Oracle’s stewardship of Java has been scrutinized by the security community, which in 2013 languished through nearly a full year of targeted attacks exploiting zero days and other vulnerabilities in the platform.Since then, Oracle has improved the Java user experience by denying unsigned applets the ability to execute by default, and putting security r
Publish At:2015-12-22 19:45 | Read:2325 | Comments:0 | Tags:Web Security Vulnerabilities Government vulnerabilities gove

Oracle settles with FTC over Java’s “deceptive” security patching

Oracle received a public slap on the wrist from the US Federal Trade Commission over Java SE, the desktop runtime for Java. The FTC announced today that it had reached a settlement with Oracle Corporation over a complaint not about the security of Java itself, but about Oracle's patching process—and how it unintentionally left consumers to believe that the p
Publish At:2015-12-21 22:25 | Read:1870 | Comments:0 | Tags:Risk Assessment Technology Lab Java oracle security fails

2 LOWs can make 1 HIGH

Hello Peter, what's happening?I have a day job that requires me to risk rate security vulnerabilities pretty much all the damn time. :D The risk rating portion isn't too bad but it's not hard to get challenged for the certain rating you give. Anyway, the main point of this post is: LOW doesn't mean OK-LETS-NOT-GIVE-A-SHIT. A combination of two LOW-rated vul
Publish At:2015-10-29 10:35 | Read:1516 | Comments:0 | Tags:.perf iplanet jsessionid low2pwn oracle oracle iplanet perf

Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes

A tweak carried out by Google in the Google App Engine for Java continues to stir up security concerns.Oracle this week patched the latest vulnerability in Java SE-the flaw also lives in Google’s platform-as-a-service entry-after it was privately disclosed by Java bug-hunters from Security Explorations, a security consultancy in Poland. The vulnerabi
Publish At:2015-10-22 21:40 | Read:5089 | Comments:0 | Tags:Google Vulnerabilities Web Security Adam Gowdiak GAE google

Oracle Quarterly Security Update Patches 154 Vulnerabilities

Oracle on Tuesday patched 154 vulnerabilities in 54 different products as part of its regularly scheduled Critical Patch Update.More than half of the patches, 84 to be exact, address vulnerabilities that Oracle claims may be remotely exploitable without authentication. Java SE is responsible for 24 of the vulnerabilities, seven which are actually marked as
Publish At:2015-10-21 09:40 | Read:1448 | Comments:0 | Tags:Vulnerabilities Web Security Oracle Oracle CPU Patch managem

This Week in Security: Oracle’s Blog Blunder, Facebook’s Privacy Flaw and Lenovo Strikes Again

Our security roundup series covers the week’s trending topics in the world of information security. In this compilation, we’ll let you know of the latest announcements, reports and controversies that the industry has been talking about recently.Here’s what you don’t want to miss from the week of August 9th, 2015:The biggest controversy of the week goes to Or
Publish At:2015-08-14 20:10 | Read:2086 | Comments:0 | Tags:This Week in Security Dropbox Facebook Lenovo Mary Ann David

Security, Reverse Engineering and EULAs

Like more than a few others, I experienced the infosec outrage against Mary Ann Davidson, Oracle’s Chief Security Officer, before I actually read the now-redacted blog post. After taking the time to read what she actually wrote (still available through Google’s web cache), I think there’s more discussion to be had than I’ve seen so far.First, it
Publish At:2015-08-14 02:35 | Read:2014 | Comments:0 | Tags:Connecting Security to the Business Featured Articles black

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud