Tag: security

RDP Issue – CredSSP encryption Oracle remediation

Introduction We have recently had some issues accessing a few client servers and found it is related to a Windows security update that was released earlier in May 2018. The problem is when you try to RDP to a server…

Read More >

Exciting updates from Microsoft Build 2018

The Build conference is Microsoft’s premier event targeted at software developers. Over the years, a lot of big technology announcements have been made at this conference and this year was no exception. As expected, Azure keeps taking the spotlight over…

Read More >

Using LetsEncrypt Certs with Oracle E-Business suite

Enabling TLS/SSL is the first step of securing Oracle E-Business Suite, especially if you have internet facing DMZ nodes. TLS is what powers the Oracle EBS to use https URLs. LetsEncrypt makes this process easy. Let’s Encrypt is a certificate…

Read More >

Using Oracle Wallets and SEPS with Perl, JDBC, and ODBC

A few years ago I wrote a couple of popular blog articles on using Secure External Password Stores (SEPS) and Credential Wallets to manage passwords used by scripts for database connections: Securing Oracle Monitoring And Backup Scripts Issues With Oracle…

Read More >

Oracle’s Database Security Assessment Tool (DBSAT) Version 2 (2.0.1)

Background Oracle recently released a new version of their Database Security Assessment Tool (DBSAT) – version 2.0.1. This is a welcome update as it’s been a while since the initial release in 2016. In fact, the tool hasn’t been enhanced…

Read More >

How to respond to the meltdown and spectre CPU vulnerabilities

Google’s “Project Zero” has released details about three vulnerabilities that impact all Intel, AMD and ARM based systems running any operating system, including systems on all major cloud platforms. The three vulnerabilities may allow an attacker to access sensitive areas…

Read More >

Advice for responding to the WPA2 security flaw

By now everyone’s likely heard about the serious vulnerability affecting the Wi-Fi security protocol WPA2 that secures the wireless communications of just about every consumer device out there. The Key Reinstallation Attacks (KRACK) allow an attacker to control the encryption…

Read More >

Why privileged access management isn’t optional at Pythian

According to the Washington Post, at the end of June the FBI and the Department of Homeland Security sent a joint alert to the energy sector stating that “advanced, persistent threat actors” — a euphemism for sophisticated foreign hackers —…

Read More >

New MySQL file system vulnerabilities

Get insight into the recent MySQL file system vulnerabilities.

Read More >

DirtyC0w – is that a beverage? Ensuring the security of your Linux servers

What should you do about the Dirty C0w vulnerability?

Read More >
Page 1 of 41234