ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach (#)"
Episode Synopsis
SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt%20by%20Vulnerability%20Scan%20%28CVE-2025-27636%2C%20CVE-2025-29891%29/31814 New Security Requirements for Certificate Authorities Starting in July, certificate authorities need to verify domain ownership data from multiple viewpoints around the internet. They will also have to use linters to verify certificate requests. https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Possible Oracle Breach Oracle still denies being the victim of a data berach as leaked data may show different. https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a https://www.theregister.com/2025/03/30/infosec_news_in_brief/ https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist keywords: oracle; breach; tls; certificates; camel
More episodes of the podcast SANS Internet Storm Center's Daily Network Security News Podcast
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847 (#)
27/12/2025
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues (#)
21/12/2025
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches (#)
14/12/2025
In God we trust