Monday, December 20, 2021

Fair Warning to Auditors of Public Companies: You Could Get Sued This Year!


When I said you should short Oracle stock, you should have listened to me. Why? Just read today's Washington Post (CLICK HERE).

Because China has been using the Java logging 0-day exploit to drop stuff into Oracle sites for a while. You think patching the system solves the problems? Hell, not while these systems have been open for so long. You ain't seen nothin' yet.

But the good news for Oracle is that ANYBODY using Java logging has been wide open and well-and-truly screwed. If I were the auditor for a public company, I'd ask some tough questions before certifying their annual report. Otherwise, a disgruntled stockholder might just sue the auditor along with that firm's client.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?