Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "How to Unwrap PL/SQL BlackHat las vegas 2006 presentation slides are available"] [Next entry: "Defcon 2006: Oracle not so "unbreakable""]

High bidders with low motives

High bidders with low motives - Patrick Gray

"THE 21st-century hacker has three options upon discovery of a vulnerability in popular software: sell it to a security company; give details of the bug to the company that makes the software; or sell it to the criminal underground.

Legitimate security companies are bidding against criminal syndicates to buy the hackers' handiwork, experts say. Security specialist iDefense actively markets its links to independent bug hunters, offering top-dollar to hackers for information it can pass to its vulnerable customers."