Security news aggregator

Latest coverage for Oracle

Oracle develops databases, cloud services, and business software; vulnerabilities in these products can expose sensitive data and systems.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Oracle is an enterprise technology ecosystem best known in security contexts for Oracle Database, along with Java, application servers, business applications, and cloud services. These products often process sensitive business and personal data, so the tag commonly covers vulnerabilities, insecure configurations, and security updates affecting Oracle software and its integrations.

Material risks include exposed database listeners or management interfaces, excessive privileges, weak authentication, SQL injection, and vulnerable components that may permit unauthorized queries or code execution. Practitioners should inventory Oracle versions and dependencies, apply relevant security updates through controlled testing, restrict network access, enforce least privilege and encryption, and monitor database activity. Advisories should be assessed against the exact product and release, exploit prerequisites, and available mitigations; unsupported versions may remain exposed to known flaws.

Showing 9 most recent headlines Filtered view
Bank Info Security 1 year, 3 months ago

Cybersecurity Experts Slam Oracle's Handling of Big Breach

Technology Giant Accused of Using 'Wordplay' to Previously Deny Breach ReportsCybersecurity experts have slammed Oracle's handling of a large data breach that it's reportedly confirming to 140,000 affected cloud infrastructure clients - but only verbally, and not in writing - following nearly two weeks of it having denied that any such breach occurred.

Bank Info Security 1 year, 3 months ago

Oracle Health Responding to Hack of Legacy Cerner EHR Data

Customer Credentials Possibly Compromised at EHR Vendor Acquired by Oracle in 2022Oracle is dealing with a hacking incident involving legacy patient data of Cerner electronic health record customers. Oracle, which acquired Cerner in 2022, is reportedly telling clients the hack involved compromised credentials for systems scheduled to migrate to the cloud.