NWOUG 2015 Lunch-n-Learn Presentation: Database Security: Running Oracle databases on Linux with minimum RPMs

Earlier this month, I did a Lunch-n-Learn presentation for the Northwest Oracle User Group.

To secure your Oracle databases, you need to secure the underlying operating system. Security experts agree that minimizing the software installed on your system will improve your security; it’s fewer places for hackers to penetrate your systems. So, how hard is […]

NWOUG Fall 2014 Presentation: Oracle Enterprise Manager 12c: The Oracle Monitoring tool of choice

At the Fall 2014 Northwest Oracle User Group conference, I did a presentation about Oracle Enterprise Manager 12c.

OEM 12c has a much different architecture than 11g, and it is *so* much better. ITIL-like event management, pluggable target types, a new security model, etc. Wow – not just a face lift! Come and see Oracle’s […]

UPDATE: Heartbleed: A tail of woe, and a possible conspiracy and conflict of interest. Hhmmmmm….


UPDATE: an exploit tool for Heartbleed has been published on the Packet Store Security hacker website. Lovely. It is called the Bleed Out Heartbleed Command Line Tool.

Oracle has just emailed it’s community about it. Here is the notice: Security Alert for OpenSSL vulnerability, Heartbleed for CVE-2014-0160. Oracle’s alert says:

Due to the severity […]

Facebook Vulnerability Discloses Friends Lists Defined as Private

This came through the bugtraq mailing list yesterday.

Researchers from the Quotium Seeker Research Center identified a security flaw in Facebook privacy controls. The vulnerability allows attackers to see the friends list of any user on Facebook. This attack is carried out by abusing the ‘People You May Know’ mechanism on Facebook, which is the […]