Oracle has issued an alert (PDF
) detailing high risk security holes affecting all SSL products in the Oracle9i Application Server, the Oracle9i and Oracle8i Database Servers, and Oracle HTTP server. "Any client that is able to access the server may exploit the vulnerabilities," the company said in its alert.
Cable & Wireless
has agreed to sell its money-losing US operations to a Los Angeles investment firm for an announced price of $125 million. The deal includes a Chapter 11 filing for the American unit, which is a separate corporate entity from the British parent company.
The purchase by a unit of Gores Technology Group allows Cable & Wireless to exit its unprofitable US hosting business, which includes assets bought from Exodus and Digital Island. The bankruptcy filing will allow the company to dramatically slash the cost of exiting leases of surplus data center facilities. Under Chapter 11, debtor companies can reject leases for unneeded properties, and renegotiate leases to reduce costs going forward. As part of the bankruptcy filing, Cable & Wireless will provide the US unit with $100 million in debtor in protection (DIP) financing. This type of loan must be repaid prior to pre-bankruptcy financial obligations.
Nat West's internet bank www.nwolb.com
has been unavailable today, coinciding with an electronic mail fraud attack on the bank's customers.
The mail [below] tries to trick NatWest customers to give away their account details in a similar fashion to an earlier wave of attacks
on UK banks a month ago.
Conventionally, the drop sites for these attacks are hosted in Asia, however the ip address in this mail is registered to Pacific Bell, and is most plausibly a Pacific Bell ADSL customer machine acting as a reverse proxy to the actual machine collecting the Nat West customer banking details.
The recent spate of attacks on internet bank account holders
by fraudsters has extended to credit card accounts, with a mass mailed attempt to trick Visa account holders into giving out their account details.
During November www.nyi.net
was the most reliable hosting company site monitored by us with just one failed request from our five measurement points during the month. New York Internet is the first company to be top of the table for two months, having previously been top in June.
Sites running on BSD operating systems occupied six out of the first seven places: Secure Dog Hosting runs OpenBSD, while New York Internet, INetU, USWest, IPowerweb, and Yahoo all use FreeBSD.
Ranking by Failed Requests and Connection time,
November 1st - November 30th
said today that a server it uses to distribute its software was compromised by attackers
on Tuesday. Gentoo's security team said the intrusion was detected within an hour, and it was "reasonably confident" that no distribution files were altered.
The Gentoo event comes just two weeks after a server compromise at The Debian Project was traced to an exploit in the Linux kernel that allowed local users running Userland software to upgrade their privileges to root.