Schedule a Demo

I just read an article about how Oracle Database suffers from “stealth password cracking vulnerability“. This means someone trying to exploit this vulnerability can brute force your passwords and you would never know about it. Oracle fixed this vulnerability in the new version of the authentication protocol but decided not to patch the previous version. Therefore, everyone running Oracle 11G will need to upgrade.  Upgrading is going to be an issue for many companies running Oracle 11G since either they cannot or will not upgrade for many reasons. Maybe it is time to rethink this policy in your organization. There is a paper published about the problems in the Oracle Authentication protocol, so your databases are possible being attacked right now. Because many companies do not upgrade, this vulnerability is going to be around for a long time.

Explore more blog posts

Adversary Simulation

CVE-2024-28989: Weak Encryption Key Management in Solar Winds Web Help Desk

March 10, 2025

Learn how an attacker with access to a backup file could potentially recover certain encrypted passwords.

Learn More
Penetration Testing as a Service (PTaaS)

Penetration Testing vs. Vulnerability Scanning: What’s the Difference?

March 3, 2025

Learn the differences between penetration testing and vulnerability scanning to choose the right cybersecurity approach for your organization.

Learn More
Attack Surface Management (ASM)

Harnessing Exposure Management with Continuous Attack Surface Testing 

January 29, 2025

Continuous attack surface testing helps organizations prioritize remediation steps and focus cybersecurity resources on the most valuable efforts.

Learn More