Hackers have exploited a gaping identity flaw that allows them to easily crack Oracle databases. The flaw allows anyone to do a brute force attack and access the data. A researcher presented the findings of the proof of concept attack at a security conference today in Argentina.
The flaw allows anyone with access to a user name and name to exploit Oracle’s authentication protocol.
John D. Rockefeller, the Chairman of the U.S. Senate Committee on Commerce, Science and Transportation, late on Tuesday sent letters to Google, Microsoft and Yahoo alerting them to how their search engines are being gamed through search engine optimization tactics as part of a wider scam involving moving services.
Microsoft’s current dispute against Motorola Mobility in Germany has taken a turn as they have now dragged Google into the mix. In the past, companies have always taken Google’s Android vendors to court, but never Google themselves.
Google has begun rolling out a patch to fix a security flaw in versions 2.3.3 and earlier of its Android mobile operating system. That flaw affects all Google services using the ClientLogin authentication protocol. It lets hackers access any personal data available through Android's application programming interfaces.
Summary: Google is still under pressure from Microsoft’s firing line of existing and former employees, as well as existing business partners
MICROSOFT cannot compete anymore. To be fair, it never could compete, not fairly at least, but this time it is ever more evident.
Microsoft has released 17 security bulletins, making December 2010's Patch Tuesday one of the biggest ever. Two of the bulletins address vulnerabilities that are already being exploited. Unusually, Microsoft has given advance notice of a security improvement for Office 2003 and 2007 that won't be available until next year.