oracle | Breaking Cybersecurity News | The Hacker News

A Polish security firm ' Security Explorations' reported two new Java zero-day vulnerabilities , as " issue 54 " and "issue 55 ," with proof of concept code to Oracle. Oracle's security team is currently investigating the issue, but the status flaws not yet confirmed by Oracle. Less than a week after Oracle released its latest Java critical patch update, Researcher and Security Explorations's CEO Adam Gowdiak  have found two previously unknown security issues affecting Java 7. Security experts generally advise users to disable the Java browser plugin, which was exploited in recent targeted attacks on developers at Facebook , Apple and Microsoft. Java has faced an increasing number of zero-day vulnerabilities, bugs that are exploited by criminals before those flaws are patched, or even known by the vendor. Gowdiak confirmed that these newest vulnerabilities can be combined to circumvent Java's anti-exploit sandbox technology and used to attack

Oracle delivered an unusual emergency patch to Java's critical Zero Day vulnerability on Sunday to fix a malicious bug that allowed hackers access to users web browsers. Exploits for the previously undisclosed flaw were being hosted in a number of exploit kits and attacks have already been seen in the wild dropping ransomware and assorted other malware. Security Alert CVE-2013-0422  include two vulnerabilities that are remotely executable. Oracle confirmed that the flaws were only present in Java 7 versions and did not impact Java on servers, Java desktop applications, or embedded Java. Java is used in 3 billion machines, about 2 billion of which are desktop or laptop computers. Similarly, Back in August last year, Oracle issued an urgent fix to seal a dangerous security flaw within its Java software that's left thousands of computers wide open to malicious attacks from hackers. Lamar Bailey , director of security research and development for nCircle  said, " We

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Apple has discontinued its own Java plugin, issuing an 'update' that removes it from MacOS and encourages users to instead download Oracle's version of the software. Its another step by Apple towards making OS X safer on the web. Mac users may have noticed that Java-based websites are displaying a " Missing Plug-in " notification. The Apple Support page states that this update is for OS X 10.7 and later. Apart from stripping browsers of the Java plug-in, it also removes the Java Preferences application, since it is no longer required for applet setting configuration. Just to be clear, the update does not remove Java from your system if its installed, just the Java plugin from your web browsers. In August, Java was blasted as an unsafe plug-in that should only be used when absolutely necessary after a zero-day exploit was discovered, rolled into the user-friendly Blackhole exploit kit and used for nearly a week before Oracle issued a patch. That patch, however,

This afternoon I just got a ping from one of my Friend that Oracle website compromised. Its hard to believe that ORACLE can be compromised ? So lets explore that what going on: Oracle.com , Website Oracle Corporation ,  ( an American multinational computer technology corporation that specializes in developing and marketing computer hardware systems and enterprise software products – particularly database management systems ) homepage showing just " HELLO WORLD " text on page. I tried to open it via mobile, it redirect me to mobile version at  Oracle.mobi , Yes its working fine as normal. Then we start moving on Twitter to find out whats going on, Lots of people tweeting about this and everyone seems to be confused that IS IT A HACK ? or the site is Under Maintenance ? Okay, Next I move to ORACLE twitter accounts @Oracle @OracleDatabase to find out either they have tweeted about this Strange update or not , But there was no tweet from their side from last 12 H