Oracle's software was hacked by interns in an hour, researcher says
Just this month, Oracle issued 154 new security patches for its software. 12 of those patches were for Oracle's E-Business Suite, its main financials app (the app that competes with rival SAP's main enterprise resource planning product).Six of those 12 holes were found in about an hour by interns working at security researcher ERPScan Research, founder Alexander Polyakov tells Business Insider.
ERPScan Research set the interns on Oracle's software after Oracle Chief Security Officer Mary Ann Davidson got herself into hot water last August.Davidson want on a rant in a now-deleted blog post about how she doesn't want Oracle's customers or outside security researchers to look for and report security bugs in Oracle's software products. She told the world that Oracle was more than capable of finding all the holes itself.
Oracle took down the blog post and spokespeople quickly distanced Oracle from Davidson's comments, saying they "didn't reflect" the company.So maybe it's not big surprise that security is a big focus for the company right now.On Tuesday afternoon, Oracle's executive chairman and CTO Larry Ellison will be giving details on his company's brand new plans to make Oracle's software more secure. He hinted that the new security tech could be built into Oracle's hardware, possibly inside the computer chip itself, and will be turned on by default, with no way to turn it off saying:
It's just a huge problem that most of the security features we give you, we give them to you and we tell you how to use them and we tell them how to turn them on and we train you. Wouldn't it be nicer if it was always on and always works and you didn't have to do anything?
- India's contact tracing app Aarogya Setu comes under the scanner again — three departments fail to explain their role in its development
- Acer announces 11th gen processors starting at ₹54,999
- LG Wing swivel phone and Velvet dual screen phone launched in India
- Hong Kong bars Air India flights for fourth time as passengers test positive for COVID-19
- Goa government allows casinos to reopen from November 1