Tag: Security

  • Cosmo, the Hacker ‘God’ Who Fell to Earth

    Following up from the Epic Hack, here’s an interesting piece about the guy who supposedly pioneered some of the new social engineering hacks. I wonder how much of everything else Cosmo has told me is true. The only thing I am certain of is that online security is an illusion. But I think he is…

    By

    ·

  • Epic Hacking

    Why can’t I get rid of the nagging feeling that this guy asked the hacker himself to do it, to get a great story into Wired and everywhere? Staged like this, the story is much better than if he simply reported that it was theoretically possible to remote wipe somebody’s iDevices just by abusing Amazon’s…

    By

    ·

  • April 2011 Critical Patch Update Released

    Already 3 months gone by? April 2011 Critical Patch Update Released (direct link to Database vulnerabilities). Mostly obscure components that aren’t in widespread use in the DB world, but who knows…

    By

    ·

  • Intel’s McAfee Acquires Sentrigo To Boost Database Security Offerings

    Intel’s McAfee Acquires Sentrigo To Boost Database Security Offerings. That’s not surprising, given that Sentrigo has the best product in that space. Oracle already acquired Secerno last year, so other vendors now have to build their portfolio. Dave DeWalt, president of McAfee said of the acquisition: McAfee is continuing to broaden its security portfolio to…

    By

    ·

  • Oracle Database Firewall

    Oracle recently released it’s Oracle Database Firewall. [The] release of Oracle Database Firewall is the culmination of the company’s  acquisition of database security vendor Secerno last year. The product  creates a defensive perimeter around databases by looking at SQL  statements sent to the database through the wire to determine whether to  pass, log, alert, block,…

    By

    ·

  • January 2011 Oracle Critical Patch Update Released

    It’s that time of the year again: January 2011 Oracle Critical Patch Update Released. People using OEM Grid Control on 11g versions and people using RAC on 10g and newer are vulnerable to remote vulnerabilities not requiring authentication, so again quite a serious CPU. Go and patch!

    By

    ·

  • What are the criteria used by Oracle to decide whether a vulnerability warrants a fix in the CPU?

    Oracle answer one of the most asked questions around CPUs: What are the criteria used by Oracle to decide whether a vulnerability warrants a fix in the CPU?

    By

    ·

  • NoSQL and Cloud Security

    NoSQL and Cloud Security: it’s in a bad shape, says Jeff Darcy, so pretty much single-user only on firewalled machines. Make sure you know what you’re doing!

    By

    ·

  • Oracle Critical Patch Update October 2010

    The Oracle Critical Patch Update October 2010 is out, see the Oracle Security Blog for commentary. Of the 9 Database related vulnerabilities, 7 do not apply if you are on the latest patchset on 10gR2 or 11gR2, a much higher than usual number, and hopefully a good sign for what’s to come. On the other…

    By

    ·

  • Project Lockdown updated for 11gR2

    Arup Nanda finally updated his Project Lockdown series of Oracle Security articles for 11gR2. Definitely worth a read (and I’m surprised I can’t find an article on my blog about the first version of Project Lockdown – must’ve happened during a low-impact-blogging phase). Via Alexander Kornbrust.

    By

    ·

By

·