Security News

An ongoing heatwave in the United Kingdom has led to Google Cloud and Oracle Cloud outages after cooling systems failed at the companies' data centers. Today, with temperatures reaching a record-breaking 40.2 degrees Celsius, cooling systems at data centers used by Google and Oracle to host their cloud infrastructure have begun to fail.

TikTok's Global Chief Security Officer Roland Cloutier has "Transitioned" from his job into "a strategic advisory role focusing on the business impact of security and trust programs." Cloutier's change was revealed in a Saturday organizational update that starts with Cloutier himself signing off from the job on grounds that TikTok has "Made significant progress in delivering on the promises we've made to our global community, business partners, and governments around the world."

Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations. Java 15-18 ECDSA doesn't sanity check that the random x coordinate and signature proof are nonzero; a signature validates any message.

A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads.

A recent AtlasVPN report highlights the companies that have amassed the most security vulnerabilities through the first half of 2021. In the first six months of 2021, Google and Microsoft have "Accumulated the most vulnerabilities," according to Atlas VPN findings based on a recent Telefonica Tech report.

Windows 11 is no longer compatible with the immensely popular Oracle VirtualBox virtualization platform after Microsoft changed its hardware requirement policies for virtual machines. "Microsoft recognizes that the user experience when running the Windows 11 in virtualized environments may vary from the experience when running non-virtualized. So, while Microsoft recommends that all virtualized instances of the Windows 11 follow the same minimum hardware requirements as described in Section 1.2, the Windows 11 does not apply the hardware-compliance check for virtualized instances either during setup or upgrade," explains Microsoft in their Windows 11 minimum hardware requirements document.

Oracle announced availability of MySQL Autopilot, a new component of MySQL HeatWave service, the in-memory query acceleration engine for MySQL Database Service in Oracle Cloud Infrastructure. MySQL Autopilot makes the HeatWave query optimizer increasingly intelligent as more queries are executed, resulting in continually improving system performance over time-a capability not available on Amazon Aurora, Amazon Redshift, Snowflake, or other MySQL-based database services.

Oracle on Tuesday released its quarterly Critical Patch Update for July 2021 with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them is CVE-2019-2729, a critical deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services that's remotely exploitable without authentication.

Oracle on Tuesday announced the availability of a total of 342 new security patches as part of its July 2021 Critical Patch Update. The most severe of these issues is CVE-2021-2244, a security bug in the Essbase Analytic Provider Services product of Oracle Essbase that could be exploited remotely without authentication and which could lead to the complete takeover of the affected product.

"As organizations across Canada continue to accelerate their technology transformation programs, we anticipate the demand for Oracle solutions to grow significantly," said Jeffrey Russell, president of Accenture in Canada. Jennifer Jackson, Accenture Technology lead for Canada, said, "Cloudworks is a well-known Oracle services provider that has worked with organizations across Canada and across industries. We are thrilled to grow our Technology practice in Canada with the Cloudworks team who strengthen our ability to meet the growing need from Canadian organizations to unleash the power of cloud, data and innovation to create truly future-ready organizations."