Database Security


From the Web

October 2009 Critical Patch Update Released

October 20, 2009 from: The Oracle Global Product Security Blog

Today's Oracle Critical Patch Update (CPU) provides 38 new security fixes across a number of product groups including: Oracle Database Server, Oracle Application Server, Oracle E-Business Suite, Oracle PeopleSoft Enterprise, Oracle JD Edwards Tools, Oracle WebLogic and Oracle JRockit (formerly from BEA), and Oracle Communications Order and Service Management. Of these 38 vulnerabilities, 19 are re...

Comments  (0)


From the Web

Security Defect Testing

October 08, 2009 from: The Oracle Global Product Security Blog

Software vendors aim to release defect-free products. Earlier posts have discussed Oracle Software Security Assurance (OSSA) program and its processes that aim to get us as close to this goal as possible. Automated testing is an important part of OSSA as it helps catch problems missed in earlier stages of the development...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Where are the DBAs?

October 07, 2009 Added by:Infosec Island Admin

What I really want to know is this: Where are the Database Admins (DBAs) these days? I cant tell you how many times in the past 18 months that I’ve found real enterprises running vulnerable databases with default passwords, weak passwords and no real permissions management.

Comments  (3)


From the Web

Announcement Regarding The October 2009 Critical Patch Update

September 03, 2009 from: The Oracle Global Product Security Blog

Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.

Comments  (0)


From the Web

Ensuring Critical Patch Update Quality

July 24, 2009 from: The Oracle Global Product Security Blog

A commentary about Oracle's Critical Patch Update (CPU) program  works from Eric Maurice of Oracle

Comments  (0)


From the Web

July 2009 Critical Patch Update Released

July 14, 2009 from: The Oracle Global Product Security Blog

This Critical Patch Update includes 10 additional fixes for Oracle Database Server. Three of these 10 vulnerabilities are remotely exploitable without authentication. None of these vulnerabilities affect client-only deployments.

Comments  (0)


From the Web

April 2009 Critical Patch Update Released

July 03, 2009 from: The Oracle Global Product Security Blog

Are you running Oracle? Then you need to see this latest set of Critical Patches that could affect the security of your Oracle-backed applications

Comments  (1)


From the Web

Training development staff in secure coding practices pays huge dividends

July 03, 2009 from: The Oracle Global Product Security Blog

I am often asked what it takes to write secure code. In my experience, developers generally cannot prevent introducing security flaws in their code if they don’t know what to watch out for. It is also my experience that people generally, and developers in particular, want to do the right thing - but they need to know what the right thing is.

Comments  (1)


From the Web

The Evolution Of Common Criteria

July 03, 2009 from: The Oracle Global Product Security Blog

Hi, my name is Adam O’Brien. I help guide Oracle products through Common Criteria evaluations. Common Criteria is a worldwide, government-backed scheme for testing the security of a product or system. Essentially, you state what security functions your product should be able to perform, then an independent lab evaluates if the product implements these functions reliably and robustly.

Comments  (1)


From the Web

SANS Top 25 Most Dangerous Coding Errors

July 03, 2009 from: The Oracle Global Product Security Blog

Bruce Lowenthal, Director of the Oracle Security Alerts Group, discusses the SANS Top 25 Most Dangerous Programming Errors

Comments  (1)


From the Web

Cross-Site Request Forgery – A Significant Threat to Web Applications

July 03, 2009 from: The Oracle Global Product Security Blog

Hi, this is Shaomin Wang. I am a security analyst in Oracle’s Security Alerts Group. My primary responsibility is to evaluate the security vulnerabilities reported externally by security researchers on Oracle Fusion Middleware and to ensure timely resolution through the Critical Patch Update. Today, I am going to talk about a serious type of attack: Cross-Site Request Forgery.

Comments  (1)


From the Web

Mysql security risk?

July 03, 2009 from: hackyourself.net

Michael McLaughlin discusses why using 'IDENTIFIED BY password' in MySQL is the new default behavior and why you should leave it that way.

Comments  (1)

Page « < 9 - 10 - 11 - 12 - 13 > »