Just a quick note before the Monday shit rain.
A close associate reports spending the weekend patching a zero-day Java vulnerability on tens of thousands of Oracle servers, now vulnerable. The zero-day was reported from…CHINA! Any public-facing Oracle database that uses Java is open, including all the defense department and government systems. My friend speculates that that Amazon outage was an early sign of this exploit. You get read access to any Oracle database (and my friend reports they were getting 10,000 attempts a minute to use this exploit), and
Oracle's legal liability could be astronomical.
Fair warning, sports fans.
No comments:
Post a Comment
Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?