Security News

American tech giant Microsoft said Sunday its offer to buy TikTok was rejected, leaving Oracle as the sole remaining bidder ahead of the imminent deadline for the Chinese-owned video app to sell or shut down its US operations. The Wall Street Journal and The New York Times reported that Oracle had won the bidding war, citing people familiar with the deal, although the company did not immediately confirm that to AFP. But two Chinese state media outlets - CGTN and China News Service - said Monday that ByteDance will not sell TikTok to Oracle either, citing unnamed sources.

Data Intensity announced the launch of Safe-Switch, a life-cycle approach to migrating and managing Oracle applications and database platforms on Microsoft Azure. In response to the Oracle and Microsoft Cloud Interoperability Partnership announcement, Safe-Switch was created to help customers accelerate their consumption of heterogenous cloud adoption, with freedom of choice and seamless integration for Oracle and Microsoft workloads.

The number of vulnerabilities being disclosed by major technology companies is returning to normal levels after a lower-than-usual first quarter, due in no small part to the disruption from the coronavirus pandemic. "It is also important to note that 2015's single Fujiwhara event saw a total of 277 disclosed vulnerabilities from all reports that day, less than half of what we saw from the April Fujiwhara this year. During April's Fujiwhara event we saw 506 new vulnerabilities reported, 79% of which came from seven vendors. Compared to other Patch Tuesdays this year, the highest reported"only" 273 new vulnerabilities on June 9th.".

Sourcepoint has formed a relationship to help Oracle customers protect consumer privacy and manage compliance and user consent. Sourcepoint offers a fully customizable compliance management platform that allows companies to capture, manage, and optimize customer privacy preferences across a range of channels, including web, apps, AMP, and even emerging areas such as OTT and audio.

Salesforce and Oracle are to face a GDPR lawsuit in London and the Netherlands that could cost them up to €10bn in fines, a legally aggressive privacy campaign group has claimed to The Register. Dr Rebecca Rumbul of the Privacy Collective told The Register: "We're looking at informed consent. Bluekai would collect data not just on one particular site but other sites too and then aggregate that data. The key thing is, under GDPR who is the data processor legally? You should be able to figure that out."

With this offering, enterprises get the exact same complete set of modern cloud services, APIs, industry-leading SLAs, superior price-performance, and highest levels of security available from Oracle's public cloud regions in their own datacenters. Over the past few years, enterprise adoption of public clouds has gone mainstream as companies took advantage of the pay-as-you-go economics, scale, and agility of cloud computing.

NETSCOUT SYSTEMS announced that it is collaborating with Oracle to help customers gain end-to-end visibility for service assurance and security of mission-critical applications and services across their hybrid cloud infrastructures. NETSCOUT's vSTREAM and virtual nGeniusONE are now available from the Oracle Cloud Marketplace, offering Oracle Cloud customers best-in-class application visibility and the ability to leverage authentic information contained in application and network traffic for real-time telemetry.

CoreSite announced it will offer on-demand connectivity to Oracle Cloud through Oracle Cloud Infrastructure FastConnect on the CoreSite Open Cloud Exchange. CoreSite's cloud-enabled data center campuses now offer low-latency connectivity to each of the Oracle Cloud regions in the United States located in Ashburn, VA and Phoenix, AZ. Oracle customers can harness the power of scalable, low-latency, hybrid architectures at CoreSite to unlock innovation and drive business growth.

Two vulnerabilities patched recently by Oracle in its E-Business Suite solution can be exploited by hackers for various purposes, including to tamper with an organization's financial records. Researchers at Onapsis, a company that specializes in protecting business-critical applications, last year discovered several vulnerabilities in Oracle EBS. Some of the flaws were patched by the vendor in April 2019, but two of them, which Onapsis has dubbed "BigDebIT," were only fixed with the critical patch update released by Oracle in January 2020.

If your business operations and security of sensitive data rely on Oracle's E-Business Suite, make sure you recently updated and are running the latest available version of the software. It's worth noting that the BigDebIT attack vectors add to the already reported PAYDAY vulnerabilities in EBS discovered by Onapsis three years ago, following which Oracle released a series of patches as late as April 2019.Targeting General Ledger for Financial Fraud Tracked as CVE-2020-2586 and CVE-2020-2587, the new flaws reside in its Oracle Human Resources Management System in a component called Hierarchy Diagrammer that enables users to create organization and position hierarchies associated with an enterprise.