As if they needed more stress, organizations are facing evolving and increasingly stringent compliance regulations from the Payment Card Industry, as well as Sarbanes-Oxley, HIPAA and others. Here are a few security compliance products that can make the audit process less excruciating.
Here are 10 of the distributor's hottest new offerings winning over solution providers.
New smartphones from Sony, Motorola and the first-ever Twitter-only mobile device -- the TwitterPeek -- headline a busy week for handset makers as the holiday shopping season heats up.
Oracle Warns Of Major WebLogic Vulnerability
3:49 PM EDT Wed. Jul. 30, 2008
In an advisory issued earlier this week, Oracle said an exploit has begun circulating that affects WebLogic Server applications that use versions of the WebLogic plug-in for Apache server released before July 28.
Oracle has yet to release a patch for the affected plug-in, but offered two workarounds that it says will protect users while it works on a fix.
One workaround involves configuring Apache server to reject certain invalid requests, which limits the maximum URL length to less than 4,000 bytes. Oracle notes that users can also protect themselves by downloading and installing the open source Web application firewall from ModSecurity.
Oracle assigned the vulnerability a CVSS severity score of 10 out of 10, as did the National Vulnerability Database. Danish security research firm Secunia gave it a 'highly critical' rating, or 4 on its 5 point severity scale.
Oracle picked up the widely used WebLogic application server in its $6.7 billion acquisition of BEA Systems, which closed in April. Earlier this month, Oracle said that WebLogic will become Oracle's flagship application server offering, but it will continue to develop its own application server.
