Tag: oracle
-
Cisco Alerts Users to Critical ISE Vulnerability Exposing Sensitive Data
Cisco has issued a critical security advisory (Advisory ID: cisco-sa-ise-aws-static-cred-FPMjUcm7) for its Identity Services Engine (ISE) when deployed on major cloud platforms”, Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). The vulnerability, tracked as CVE-2025-20286 and classified under CWE-259 (Use of Hard-coded Password), carries a CVSS v3.1 base score of 9.9, indicating…
-
Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage
Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI) Object Storage and Scaleway Object Storage to propagate sophisticated attacks using the Lumma Stealer malware. This malware-as-a-service (MaaS) infostealer, also known as LummaC2 Stealer, targets Windows systems to siphon credentials, system data, and cryptocurrency wallets. Investigations conducted in 2025 reveal…
-
Oracle Database TNS vulnerability could leak data to further attacks
First seen on scworld.com Jump to article: www.scworld.com/news/oracle-database-tns-vulnerability-could-leak-data-to-further-attacks
-
European customers report Oracle Cloud identity outage, Big Red is silent
DownDetector reported problems for about 6 hours First seen on theregister.com Jump to article: www.theregister.com/2025/05/19/oci_outage_europe/
-
Ethical hackers exploited zero-day vulnerabilities against popular OS, browsers, VMs and AI frameworks
Virtual machine and container escapes: Virtualization sits at the core of public cloud infrastructure and private data centers, allowing companies to run their workloads and applications inside isolated containers or virtual servers. Any flaw that allows escaping from the confines of a virtual machine or a Linux container poses a risk not only to the…
-
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-vmware-esxi-microsoft-sharepoint-zero-days-at-pwn2own/
-
Pwn2Own Day 1 Windows 11, Red Hat Linux, Oracle VirtualBox Hacked
Security researchers successfully illustrated significant vulnerabilities across several platforms on the first day of Pwn2Own Berlin 2025, taking home a total of $260,000 in prizes. The competition featured 11 different exploit attempts, including the inaugural AI category entries. STAR Labs has taken an early lead in the Master of Pwn competition, showcasing their technical prowess…
-
Windows 11 and Red Hat Linux hacked on first day of Pwn2Own
On the first day of Pwn2Own Berlin 2025, security researchers were awarded $260,000 after successfully demonstrating zero-day exploits for Windows 11, Red Hat Linux, Docker Desktop, and Oracle VirtualBox. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-red-hat-linux-virtualbox-hacked-on-first-day-of-pwn2own/
-
seQure’s Ground-Truth Cybersecurity Platform Launches on Oracle Cloud Infrastructure
First seen on scworld.com Jump to article: www.scworld.com/news/sequres-ground-truth-cybersecurity-platform-launches-on-oracle-cloud-infrastructure
-
Users advised to review Oracle Java use as Big Red’s year end approaches
International Java sales operation and the prospects of audits per-employee license model make the move to open source irresistible First seen on theregister.com Jump to article: www.theregister.com/2025/05/09/users_advised_to_review_oracle_java_use/
-
‘CISOs sprechen heute die Sprache des Business”
Nick Godfrey, Leiter des Office of the CISO bei Google Cloud Google CloudAls Senior Director und Leiter des Office of the CISO bei Google Cloud ist es die Aufgabe von Nick Godfrey, das Unternehmen beim Austausch zwischen CISOs rund um die Themen Cloud und Security zu unterstützen. Godfrey, selbst ehemaliger Sicherheitsverantwortlicher bei einem Finanzdienstleister, leitet…
-
Indiana Health System Notifies 263,000 of Oracle Hack
Union Health System Among Many Cerner Legacy Data Clients Affected by Breach. An Indiana health system is among the first healthcare organizations notifying regulators and thousands of people affected by the Oracle hack in January. Attackers compromised legacy patient data hosted by Cerner servers that were set to migrate to Oracle’s cloud environment. First seen…
-
Cryptohack Roundup: KiloEX Offers Compensation
Also, Nike Sued Over Shutdown of NFT Subsidiary. This week, KiloEX compensation after Oracle exploit, Nike sued over NFT shutdown, SEC dropped probe into PayPal PYUSD, Long Island man sentenced for crypto fraud, Americans lost billions to crypto scams, Loopscale exploiter agreed to return stolen funds and bank regulators softened stance on crypto. First seen…
-
Pythian Expands Oracle Cloud Services with Rittman Mead Acquisition
First seen on scworld.com Jump to article: www.scworld.com/news/pythian-expands-oracle-cloud-services-with-rittman-mead-acquisition
-
Panne bei Wartungsarbeiten: Techniker von Oracle legen IT von 45 Kliniken lahm
Tags: oracleMitarbeiter von Oracle haben bei Wartungsarbeiten versehentlich kritische Ressourcen gelöscht. Zahlreiche Krankenhäuser mussten tagelang mit Papier hantieren. First seen on golem.de Jump to article: www.golem.de/news/panne-bei-wartungsarbeiten-techniker-von-oracle-legen-it-von-45-kliniken-lahm-2504-195757.html
-
CISA Weighs in on Alleged Oracle Cloud Breach
The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/cisa-alleged-oracle-cloud-breach
-
Critical Patch Update Announcement in April for All Oracle Products
Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle Communications Applications and…The…
-
Legacy Oracle cloud breach poses credential exposure risk
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-legacy-oracle-cloud-breach-poses-credential-exposure-risk
-
CISA Flags Risks from Legacy Oracle Cloud Credential Leak
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-flags-risks-from-legacy-oracle-cloud-credential-leak
-
CISA warns companies to secure credentials amid Oracle Cloud breach claims
The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-secure-credentials-oracle-cloud-data/745613/
-
CISA warns companies to secure credentials amid claims of Oracle Cloud data breach
The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-secure-credentials-oracle-cloud-data/745613/
-
CISA Issues Threat Warning After ‘Potential’ Oracle Cloud Breach
While CISA said it has no specifics on a recently reported Oracle Cloud breach, the federal cybersecurity agency warned of a possibility of increased credential risks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-issues-threat-warning-after-potential-oracle-cloud-breach
-
Oracle Patchday April 2025 – Oracle schließt 11 kritische Sicherheitslücken
Tags: oracleFirst seen on security-insider.de Jump to article: www.security-insider.de/oracle-sicherheitsluecken-april-2025-update-a-e2e54b3718e662afe803ab7702b9f8b7/
-
CISA warns of increased breach risks following Oracle Cloud leak
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-increased-breach-risks-following-oracle-cloud-leak/
-
CISA warns of potential data breaches caused by legacy Oracle Cloud leak
The Cybersecurity and Infrastructure Security Agency on Wednesday said that while the scope of the reported Oracle issue remains unconfirmed, it “presents potential risk to organizations and individuals.” First seen on therecord.media Jump to article: therecord.media/cisa-warns-of-potential-data-breaches-tied-to-oracle-issue

