Tag: oracle
-
Java 26 ships with new cryptography API and HTTP/3 support
Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/java-26-security-features/
-
How to Govern AI Access to ERP and Financial Systems
AI is now sitting in the middle of your financial systems, making decisions at machine speed with access to data that used to be tightly contained in ERP. If you don’t explicitly govern how copilots and AI agents touch Oracle, SAP, and other business”‘critical systems, you end up with opaque data flows, Segregation of Duties……
-
How to Govern AI Access to ERP and Financial Systems
AI is now sitting in the middle of your financial systems, making decisions at machine speed with access to data that used to be tightly contained in ERP. If you don’t explicitly govern how copilots and AI agents touch Oracle, SAP, and other business”‘critical systems, you end up with opaque data flows, Segregation of Duties……
-
How to Govern AI Access to ERP and Financial Systems
AI is now sitting in the middle of your financial systems, making decisions at machine speed with access to data that used to be tightly contained in ERP. If you don’t explicitly govern how copilots and AI agents touch Oracle, SAP, and other business”‘critical systems, you end up with opaque data flows, Segregation of Duties……
-
Zero-day exploits hit enterprises faster and harder
Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-dayEnterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
-
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
-
NDSS 2025 Siniel: Distributed Privacy-Preserving zkSNARK
Tags: blockchain, china, computer, computing, conference, cryptography, data, framework, Internet, network, oracle, privacySession 14B: Privacy & Cryptography 2 Authors, Creators & Presenters: Yunbo Yang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Yuejia Cheng (Shanghai DeCareer Consulting Co., Ltd), Kailun Wang (Beijing Jiaotong University), Xiaoguo Li (College of Computer Science, Chongqing University), Jianfei Sun (School of Computing and Information Systems, Singapore Management University), Jiachen…
-
NDSS 2025 Siniel: Distributed Privacy-Preserving zkSNARK
Tags: blockchain, china, computer, computing, conference, cryptography, data, framework, Internet, network, oracle, privacySession 14B: Privacy & Cryptography 2 Authors, Creators & Presenters: Yunbo Yang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Yuejia Cheng (Shanghai DeCareer Consulting Co., Ltd), Kailun Wang (Beijing Jiaotong University), Xiaoguo Li (College of Computer Science, Chongqing University), Jianfei Sun (School of Computing and Information Systems, Singapore Management University), Jiachen…
-
VirtualBox – 7 Zero-Day-Schwachstellen in Open-Source-Lösung von Oracle
First seen on security-insider.de Jump to article: www.security-insider.de/oracle-virtualbox-zero-day-sicherheitsluecken-a-eb3c07e756b4939344dad321a4eec6a5/
-
Querying the free DNSBLs via Oracle? Move to Spamhaus Technology’s free Data Query Service
If you’re using the free DNS Blocklists (DNSBLs) through the Public Mirrors while running on Oracle’s network, you’ll need to make a few small adjustments to your email setup. These changes are simple to apply, but if you don’t take action, you risk having some – or even all – of your email blocked after…
-
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
srcset=”https://b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?quality=50&strip=all 1200w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=300%2C200&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=768%2C512&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=1024%2C683&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=150%2C100&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=1046%2C697&quality=50&strip=all 1046w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=252%2C168&quality=50&strip=all 252w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=126%2C84&quality=50&strip=all 126w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=720%2C480&quality=50&strip=all 720w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=540%2C360&quality=50&strip=all 540w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=375%2C250&quality=50&strip=all 375w” width=”1024″ height=”683″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”> Cyber NewsWireGovernance and Privilege Failures DominateThe highest-ranked risks for 2026 include:Access Control VulnerabilitiesBusiness Logic VulnerabilitiesPrice Oracle ManipulationFlash LoanFacilitated AttacksProxy & Upgradeability VulnerabilitiesAnalysis of 2025 incidents shows…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerabilitySecurity shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…
-
Oracle seeks to build bridges with MySQL developers
Tags: oracleBig Red promises ‘new era’ as long-frustrated contributors weigh whether to believe it First seen on theregister.com Jump to article: www.theregister.com/2026/01/30/oracle_mysql/
-
NDSS 2025 PropertyGPT
Tags: blockchain, bug-bounty, conference, crypto, guide, Internet, LLM, network, oracle, strategy, tool, vulnerability, zero-daySession 11A: Blockchain Security 2 Authors, Creators & Presenters: Ye Liu (Singapore Management University), Yue Xue (MetaTrust Labs), Daoyuan Wu (The Hong Kong University of Science and Technology), Yuqiang Sun (Nanyang Technological University), Yi Li (Nanyang Technological University), Miaolei Shi (MetaTrust Labs), Yang Liu (Nanyang Technological University) PAPER PropertyGPT: LLM-driven Formal Verification of Smart Contracts…
-
Banker claims Oracle may slash up to 30,000 jobs, sell health unit to pay for AI build-out
Cerner, though acquired in 2022, is nothing to multibillion black hole First seen on theregister.com Jump to article: www.theregister.com/2026/01/29/oracle_td_cowen_note/
-
NDSS 2025 On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
Session 10C: Privacy Preservation Authors, Creators & Presenters: Xiaoguang Li (Xidian University, Purdue University), Zitao Li (Alibaba Group (U.S.) Inc.), Ninghui Li (Purdue University), Wenhai Sun (Purdue University, West Lafayette, USA) PAPER On the Robustness of LDP Protocols for Numerical Attributes under Data Poisoning Attacks Recent studies reveal that local differential privacy (LDP) protocols are…
-
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP access can exploit this flaw by sending crafted requests to the affected proxy components and bypass security controls. Successful exploitation can result……
-
Oracle AI sailed the world on Royal Navy flagship via cloudthe-edge kit
Big Red says ‘sovereign’ platform supports decision-making and operational learning at sea First seen on theregister.com Jump to article: www.theregister.com/2026/01/26/royal_navy_oracle_ai/
-
Oracle AI sailed the world on Royal Navy flagship via cloudthe-edge kit
Big Red says ‘sovereign’ platform supports decision-making and operational learning at sea First seen on theregister.com Jump to article: www.theregister.com/2026/01/26/royal_navy_oracle_ai/
-
As Oracle loses interest in MySQL, devs mull future options
As Big Red’s governance of the popular database comes into question, contributors to MySQL consider wresting control First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/mysql_post_oracle/
-
Oracle WebLogic Proxy Bug Enables Unauthenticated Remote Compromise
CVE-2026-21962 lets unauthenticated attackers remotely compromise Oracle WebLogic proxies. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/oracle-weblogic-proxy-bug-enables-unauthenticated-remote-compromise/
-
January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention
More priorities: Executives should also prioritize rapid patching and risk reduction efforts this month around the Windows Local Security Authority Subsystem Service Remote Code Execution, Windows Graphics Component Elevation of Privilege, and Windows Virtualization Based Security Enclave Elevation of Privilege flaws, Bicer said, as these vulnerabilities directly enable full system or trust boundary compromise.Strategic focus…
-
Bank of England’s Oracle cloud migration bill triples as project grinds on
Initial £7M estimate proves optimistic after multiple contract uplifts First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/bank_of_england_oracle/
-
AI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026?
Tags: access, ai, api, application-security, attack, authentication, automation, business, ciso, cloud, compliance, computer, computing, container, control, crypto, cryptography, cyber, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, flaw, framework, governance, government, healthcare, iam, identity, infrastructure, injection, LLM, malicious, metric, monitoring, network, nist, open-source, oracle, regulation, resilience, risk, service, skills, software, strategy, supply-chain, threat, tool, vulnerability, vulnerability-management, waf, zero-day, zero-trustAI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026? madhav Tue, 01/06/2026 – 04:44 If we think 2025 has been fast-paced, it’s going to feel like a warm-up for the changes on the horizon in 2026. Every time this year, Thales experts become cybersecurity oracles and predict where the industry is…
-
NDSS 2025 CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP
Tags: attack, conference, control, data-breach, exploit, germany, Hardware, Internet, leak, malicious, network, oracle, side-channelSession 7B: Trusted Hardware and Execution Authors, Creators & Presenters: Stefan Gast (Graz University of Technology), Hannes Weissteiner (Graz University of Technology), Robin Leander Schröder (Fraunhofer SIT, Darmstadt, Germany and Fraunhofer Austria, Vienna, Austria), Daniel Gruss (Graz University of Technology) – PAPER CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP Confidential virtual machines (VMs) promise higher security…
-
University of Phoenix Data Breach: 3.5M Individuals Affected
Full Scope of Clop Ransomware Group’s Oracle E-Business Suite Hits Still Emerging. The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group’s supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities. First…
-
University of Phoenix Data Breach: 3.5M Individuals Affected
Full Scope of Clop Ransomware Group’s Oracle E-Business Suite Hits Still Emerging. The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group’s supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities. First…

