
Oracle Business Software Under Active Attack: Companies Need to Update Now
Hackers are actively exploiting a critical flaw in widely used Oracle business software. Home users are not affected, but small business owners should act.
Source
CyberScoop
Original headline: Researchers spot exploitation of another critical Oracle defect
Plain-English summary by GetCyberRight. Read the full report at the source above.
Security researchers have discovered that hackers are actively exploiting a critical security flaw in Oracle business applications. Oracle makes software that many companies use to manage finances, inventory, customer data, and other business operations. This particular collection of business applications has been targeted by attackers before in large scale attack campaigns. The current exploitation means attackers are already using this flaw in the wild, not just theoretically. This issue affects businesses that use Oracle applications, not home computer users or families. If you do not run a business or use Oracle software at work, you do not need to take action on this specific threat. However, if you own a small business that uses Oracle products for accounting, customer management, or other operations, your systems could be vulnerable. The attackers have targeted these applications before, which means they know how valuable the data inside can be. If your business uses Oracle applications, act immediately.
Here is what you need to do:
- Contact your IT support provider or Oracle representative today to confirm whether you are running the affected software.
- Apply the security patches Oracle has released as soon as possible.
- Review your system access logs for any suspicious activity or unauthorized logins from the past few weeks.
- If you store customer data in these systems, prepare to notify customers if you discover any evidence of a breach.
- Change administrative passwords for these systems after applying the patches. Business owners should establish a relationship with a trusted IT professional if they do not already have one. Many small businesses run critical software without realizing when security updates are available. Set up a monthly check in with your IT provider specifically about security patches. Ask them to monitor vendor announcements for your critical business systems. Being proactive about updates is much easier and cheaper than recovering from a data breach.
Curated from trusted cybersecurity sources by GetCyberRight
Source: CyberScoopStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Major Security Flaw Exposed 75,000 Business Firewalls. Here's Why It Matters to You
A security flaw called FortiBleed left 75,000 firewalls vulnerable. If your employer, school, or service provider uses Fortinet, your data may be at risk.
2 min read
Major Security Flaw Left 75,000 Business Firewalls Wide Open
A security problem called FortiBleed exposed business networks for years. If your workplace uses Fortinet systems, ask IT about updates.
2 min read
If Your Business Uses Fortinet Security Software, Take Action Now
Criminals stole login credentials from Fortinet security systems and are using them to break into business networks and install ransomware.
2 min read
Massive Password Theft Campaign Targets Business Security Systems
Criminals stole credentials from Fortinet security systems to prepare for ransomware attacks. If your workplace uses Fortinet, discuss security updates with your IT team.
2 min read