Morning Overview on MSN

A 9.8-rated Oracle flaw let hackers seize servers for two weeks before any patch existed

Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, ...

Oracle warns customers of critical PeopleSoft attack after hundreds of servers hacked by apparent ShinyHunters data theft attacks

High-severity CVSS 9.8 PeopleSoft vulnerability caused over 100 organizations to become victims, including universities.

ShinyHunters Hack Claims Trigger Oracle Emergency Alert Over Critical PeopleSoft Vulnerability

A critical Oracle PeopleSoft vulnerability is being actively exploited by hackers, according to Oracle and Mandiant.
SecurityWeek

Oracle’s First Monthly Patches Resolve 77 Vulnerabilities

Oracle has released its first monthly Critical Security Patch Update (CSPU) to resolve 77 vulnerabilities across its products ...
CSO Online

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to ...
Dark Reading

Few Oracle Customers Have Official Database Patching Policies

Most organizations running Oracle databases don't require the application of the database vendor's Critical Patch Updates -- in fact, only 26 percent need them, according to a new report. "What I ...