sábado, 20 de diciembre de 2014

Curiosidad de la Publicidad: Intel falló en el lanzamiento publicitario de Core 2 DUO en el 2007

En 2007 el productor de procesadores para ordenadores Intel publicó una publicidad con atletas de raza negra inclinados ante un hombre blanco. El titular rezaba "maximice las capacidades de sus empleados". Consciente del doble sentido de la publicidad, a la cuál se le título de "Racista", la empresa la retiró.

"Deseo poco y lo poco que deseo, lo deseo poco" aplican restricciones.


San Francisco de Asis: Después de una juventud disipada en diversiones, se convirtió, renunció a los bienes paternos y se entregó de lleno a Dios. Abrazó la pobreza y vivió una vida evangélica, predicando a todos el amor de Dios.
San Francisco decía lo que tal vez sea la fórmula de la felicidad:

"deseo poco y lo poco que deseo lo deseo poco"

Mi segundo nombre es Francisco, me lo dieron cuando nací, para recordar a mi abuelo paterno que falleció el mismo día que nací, según me cuentan. Recuerdo con mucho cariño, aunque nunca se lo he dicho a mi madre, las celebraciones del 04 de Octubre, día de mi santo, el cuál por lo general, celebraba con un "pollo asado" delicioso.
Hace muchos años dejé de asistir a una congregación religiosa, pero no he dejado de serlo. Encontré dentro de mi, paz para hablar con EL y hacerle llegar mis preocupaciones, mis logros, mis éxitos y mis desaciertos.
Algunas cosas que no puedo compartir hoy en día con la Iglesia Católica, por múltiples razones, no me alejado de mantener en mi corazón y en mi mente, las enseñas del hijo del carpintero de Belén, a ese mismo, que dentro de poco estaremos celebrando su llegada a este mundo. De igual manera, cada vez que leía la historia de San Francisco de Asís en aquel libro de lectura de 2 grado de la escuela, me permitía volar hacia un mundo fantástico, donde podía hablar con la naturaleza, como si ella me entendiera. Hermana Luna, Hermano Sol, Hermana Tierra, Hermano Lobo, etc, que simple, pero a la vez que profundo; hermanda entre todos los seres vivos de este planeta a cuál llamamos TIERRA. Creo que fue San Francisco, el que me permitió conocer en el otro, al amigo, al hermano, a odiar con todo mi ser las guerras y las injusticias hechas por otros hombres a sus propios hermanos.

Hoy con mucha indignación, me tocó leer esta noticia en LA NACION:http://www.nacion.com/…/frailes-franciscanos-borde-bancarro… y me pregunto una y otra vez, que estará pensando Francisco de Asís. Deseo poco y lo poco que deseo, lo deseo poco. Papa Francisco recordará aquella famosa frase que Francisco le dirigió al Papa de turno: "Qué haces aquí adentro, cuando los pobres están allá afuera". Qué estarían pensando estos seguidores de la orden, a la hora de gastar esas cantidades desproporcionadas de dinero en su hotel cinco estrellas "Il Cantico" de Roma. En dónde quedó las enseñanzas y principios de la orden.?

Tan despreciable son los políticos que roban, como los religiosos que se hacen ricos a costillas de los pobres y los creyentes. Corrupción dicen? Pareciera ser, que hoy en día, esta palabra ha sido incorporada al ADN de la gente, así como lo ha sido los microchips. Estos si dan "ASCO" como dijo la Diputada del Frente Amplio.

Ojalá que la purga que el Papa Francisco esta haciendo, logré establecer en sus seguidores y creyentes, la FE, la esperanza y la confianza, que la iglesia y sus congregaciones deben guardar.

viernes, 19 de diciembre de 2014

Data Encryption and the Oracle ZFS Storage Appliance

When it comes to security, it’s better to be safe than sorry. Watch this five-minute video to learn about data encryption and why the Oracle ZSF Storage Appliance is highly effective at protecting your most sensitive data: http://ora.cl/bTg

La lucha de Microsoft contra los estafadores de servicio técnico

POR JAVIER GUALIX · DICIEMBRE 20, 2014

Las estafas de servicio técnico no son nuevas, estos timadores actúan denominándose como “técnicos” para conseguir el acceso al ordenador de la gente. Ganan dinero limpiando virus inexistentes y otras infecciones del ordenador del usuario. Además, roban información personal y financiera, e incluso instalan software malicioso.
Microsoft ha revelado hoy que recibió más de 65.000 reclamaciones de clientes en relación con las estafas fraudulentas de servicio técnico. Microsoft ha comenzado a esforzarse en proteger a los clientes de estas posibles estafas, éstos son los consejos a tener en cuenta por si llamáis u os llama un “técnico” de Microsoft:
  • No comprar ningún software o servicio que te ofrezca.
  • Preguntar si hay una cuota de suscripción asociada al “servicio”. Si la hay, es una estafa.
  • Nunca dar el control del ordenador a un tercero a no ser que podáis que confirmar que se trata de un representante legítimo de un servicio técnico del que ya fueseis clientes.
  • No debéis dar vuestro número de tarjeta de crédito o información financiera a alguien que dice ser un técnico de Microsoft.
  • En caso de sospecha, pedid el nombre completo del técnico e informad a las autoridades competentes.
Si habéis sido uno de los afectados por estos timos o conocéis a alguien que lo haya sido, podéis poneros en contacto con Microsoft en su web dedicada a estafas por servicio técnico fraudulento¿Creéis que Microsoft se toma en serio la seguridad del usuario? ¿Veis suficientes estas medidas? ¿Habéis pasado por algo así?

SANS NewsBites December 19,2014

**************************************************************************
SANS NewsBites              December 19, 2014            Vol. 16, Num. 100
**************************************************************************
TOP OF THE NEWS
  FBI Accuses North Korea of Sony Pictures Attack
  US Points Finger at North Korea in Sony Pictures Attack
  Breach Attribution is No Easy Task
  Sony Hack Code Not Sophisticated
THE REST OF THE WEEK'S NEWS
    US Government Personnel Data May Have Been Compromised in Breach
    New York Financial Institutions Will be Evaluated on Cyber Security
    Misfortune Cookie Affects Millions of Routers
    Backdoor in Coolpad Android Devices
    ICANN Accounts Hijacked Through Phishing Attack
    Google Tightens Security for Gmail Extensions
    Google Plans to Warn Chrome Users on All HTTP Connections
    Indications of Breach at Park-n-Fly
    Dutch Privacy Watchdog Hounds Google and Facebook
STORM CENTER TECH CORNER

*********************** Sponsored By Symantec  ****************************

Report Highlights: Over 41 percent of email-borne malware contained a
link to a malicious or compromised website. Kelihos and Gamut are the
top two most active botnets in November. Crypto- ransomware made up 38
percent of all ransomware seen in the month of November.

http://www.sans.org/info/173292

***************************************************************************
TRAINING UPDATE
--Cyber Defense Initiative 2014 | Washington, DC | Dec 10-19, 2014 |
30 courses. Bonus evening presentations include Gone in 60 Minutes: Have
You Patched Your System Today? A Night of Crypto; and NetWars Tournament
of Champions.
http://www.sans.org/event/cyber-defense-initiative-2014
--SANS Security East 2015 | New Orleans, LA | January 16-21, 2015
11 courses. Bonus evening sessions include Stop Giving the Offense an
Unfair Advantage; and Client Access is the Achilles' Heel of the Cloud.
http://www.sans.org/event/security-east-2015
--Cyber Threat Intelligence Summit | Washington, DC | Feb 2-9, 2015 |
Brian Krebs, renowned Data Breach and Cybersecurity journalist who first
reported on the malware that later become known as Stuxnet and also
broke the story on the Target and will keynote the CTI Summit.
Adversaries leverage more knowledge about your organization than you
have, learn how to flip those odds at the CTI Summit combined with 4
intensive DFIR courses.
http://www.sans.org/event/cyber-threat-intelligence-summit-2015
--10th Annual ICS Security Summit | Orlando, FL | Feb 23 - March 2, 2015 |
At the ICS summit you will learn what is the nature of ICS-focused
threats & implications of targeted attacks, what is not working and what
are the paths (options) to build your program around. In addition Kim
Zetter, Author, Countdown to Zero Day: Stuxnet and the Launch of the
World's First Digital Weapon, to keynote. Come prepared to learn about
the recent onset of ICS-focused attacks and how you need to hone your
skills to defend our critical infrastructure systems. Plus 6 top-rated
ICS courses.
http://www.sans.org/event/ics-security-summit-2015
--SANS Munich 2015 | Munich, Germany | February 23-March 7, 2015
6 courses.
http://www.sans.org/event/munich-2015
--Can't travel? SANS offers LIVE online instruction.
Day (www.sans.org/simulcast) and Evening (www.sans.org/vlive) courses available!
--Multi-week Live SANS training
http://www.sans.org/mentor/about
Contact mentor@sans.org
--Looking for training in your own community?
http://www.sans.org/community/
- - --Save on OnDemand training (30 full courses) - See samples at
http://www.sans.org/ondemand/discounts.php#current
Plus Brussels, Dubai, and Bangalore all in the next 90 days.
For a list of all upcoming events, on-line and live: www.sans.org
*****************************************************************************

TOP OF THE NEWS
--FBI Accuses North Korea of Sony Pictures Attack
(December 19, 2014)
Citing "similarities in specific lines of code, encryption algorithms,
data deletion methods, and compromised networks" as well as classified
pieces of evidence, the FBI today issued a statement saying that it "now
has enough information to conclude that the North Korean government is
responsible for" the attack.
http://www.washingtonpost.com/world/national-security/us-attributes-sony-attack-to-north-korea/2014/12/19/fc3aec60-8790-11e4-a702-fa31ff4ae98e_story.html
http://www.nytimes.com/2014/12/20/world/fbi-accuses-north-korean-government-in-cyberattack-on-sony-pictures.html?hp&action=click&pgtype=Homepage&module=first-column-region&region=top-news&WT.nav=top-news

--US Points Finger at North Korea in Sony Pictures Attack
(December 17, 2014)
US officials say that law enforcement and intelligence agencies have
gathered sufficient evidence to indicate that North Korea is behind the
attack on Sony Pictures. The officials are not providing details, as
doing so might reveal how the US was able to penetrate North Korean
networks to find the source of the attack. Sony has cancelled the
release of the movie that the attackers have been protesting after the
group claiming responsibility for the attack threatened violence at
theaters if the film was released.
http://www.nytimes.com/2014/12/18/world/asia/us-links-north-korea-to-sony-hacking.html
http://www.bloomberg.com/news/2014-12-18/u-s-is-said-set-to-blame-north-korea-for-sony-hack.html
[Editor's Note (Murray): Whether or not North Korea conducted or simply
paid for this attack, they have scored a huge victory. They have
humiliated both the World's remaining "superpower" and Japan, their
ancient enemy and recent occupier. They have won what may be the first
and only battle in this "cyberwar." They have demonstrated not only
that Sony's security was weak but that Sony had documented the weakness
without a budget or schedule for mitigation. They have reinforced the
fear that our national infrastructure is vulnerable to crippling attack
from the Internet. They have demonstrated that they need only whisper
the magic words "nine one one" to get the risk averse, not to say
fearful and feckless, American people to compromise the First Amendment
and betray all those who have sacrificed life and limb to defend it.
Not bad for a starving country that numbers its Internet users in the
low thousands.]

--Breach Attribution is No Easy Task
(December 17 & 18, 2014)
Not everyone agrees that the Sony Pictures attack emanated from North
Korea. Attribution for cyber attacks is difficult. Attackers can use
proxies and phony IP addresses, and they can plant false clues inside
the code of their malware. The initial attack on Sony Pictures appears
to have been financially motivated. The film was not mentioned until
later in the chain of events.
http://www.csmonitor.com/World/Passcode/2014/1218/Did-North-Korea-really-hack-Sony-Cybersecurity-pros-at-odds-video
http://www.wired.com/2014/12/north-korea-did-not-hack-sony-probs/

--Sony Hack Code Not Sophisticated
(December 17, 2014)
The malware used in the attack that erased data from hard drives at Sony
Pictures was unsophisticated and riddled with bugs. However, it did what
it was supposed to do; the malware's purpose did not require complex
code. However, the malware's construction indicates a familiarity with
the Sony Pictures network.
http://arstechnica.com/security/2014/12/state-sponsored-or-not-sony-pictures-malware-bomb-used-slapdash-code/
[Editor's Note (Pescatore): The mainstream press tends to focus on
giving the attackers "superpowers," which leads to the "don't blame me,
it was an APT" syndrome and failure to address basic cybersecurity
weaknesses that enable the attacks. It seems popular to say "don't blame
the victims" and it is true that if I leave the keys in my car's
ignitions with the doors unlocked and my wallet on the front seat,
someone stealing my car or wallet is committing a crime. But, it does
*not* mean that my insurance company has to pay off, since I did
*not* live up to basic security hygiene.]

**************************** SPONSORED LINKS ******************************

1) In Case you missed it: Analyst Webcast: Advanced Network Protection
with McAfee Next Generation Firewall with Dave Shackleford and Steve
Smith. http://www.sans.org/info/173297

2) Another chance to win $400 Amazon Card - Take New Survey on Insider
Threats: http://www.sans.org/info/173302

3) In case you missed it: Tis the Season for Data Breaches and Stolen
Identity with Chester Wisniewski: http://www.sans.org/info/173307

***************************************************************************

THE REST OF THE WEEK'S NEWS
--US Government Personnel Data May Have Been Compromised in Breach
(December 18, 2014)
A breach at KeyPoint Government Solutions may have left personally
identifiable information about nearly 50,000 US government employees
exposed to possible theft. KeyPoint conducts federal employee background
checks for security clearances. The Office of Personnel Management has
notified people whose information may have been compromised. This is not
the first time that a company providing background checks for government
employees has suffered a breach. Earlier this year, a breach at USIS
exposed personally identifiable information of 25,000 people.
http://www.nextgov.com/cybersecurity/2014/12/opm-alerts-feds-second-background-check-breach/101622/?oref=ng-HPtopstory
[Editor's Note (Murray): One would expect the remedy for the victims
here to be a class action suit. However, in similar breaches in the
past, it has been difficult to link the damage to the breach. The
courts have accepted the defense argument that the plaintiffs do not
have standing to sue. The government needs to write the contracts in
such a way as to give the victims just compensation and the contractors
sufficient motivation.]

--New York Financial Institutions Will be Evaluated on Cyber Security
(December 18, 2014)
The Superintendent of New York's Department of Financial Services has
asked member organizations to consider cyber security "an integral
aspect of their overall risk management strategy" instead of an issue
for just information technology. Banks and other financial institutions
in New York will be evaluated on their cyber security, including their
use of multi-factor authentication and identity and access management.
The requirements affect all financial institutions operating with a New
York state charter or license.
http://www.zdnet.com/article/ny-bank-regulators-cybersecurity-plan-includes-strong-authentication-identity/
[Editor's Note (Pescatore): Saying "just information technology" to most
businesses today is like saying "just oxygen" to most Earth-based life
forms. Honestly, I really do *not* want cybersecurity assessment blended
into the financial industry "risk management" programs that seem to give
us constant streams of failed investments, financial meltdowns, insider
trading, etc. That said, NY State put together a pretty sensible list
of questions - I'd like to see reduction in use of reusable passwords
move up in priority.
(Murray): New York State only regulates banks that operate with state,
rather than national, charters, i.e., many small institutions rather
than the few "too big to fail" institutions that dominate its market.
The state regulators have indicated that they will expect "multi-factor
authentication," a requirement which federal regulators, under the
"Guidance" of the FFIEC, have artfully avoided.]

--Misfortune Cookie Affects Millions of Routers
(December 18, 2014)
A critical flaw in more than 200 models of residential gateway devices
and small office home routers could be exploited to gain administrative
privileges. The issue lies in an embedded web server that the routers
use. Attackers could potentially sniff traffic and launch attacks
against other systems. The vulnerability has been called Misfortune
Cookie because it resides in a problem within the HTTP cookie management
mechanism.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/
http://www.computerworld.com/article/2860843/vulnerability-in-embedded-web-server-exposes-millions-of-routers-to-hacking.html
http://www.scmagazine.com/crucial-vulnerability-could-compromise-at-least-200-router-models/article/389149/

--Backdoor in Coolpad Android Devices
(December 18, 2014)
A backdoor in certain Android devices made by Chinese smartphone
manufacturer Coolpad could be exploited to download, install, and
activate applications without user interaction; disable other
applications; remove data from the device; and receive updates that
install applications. Known as CoolReaper, the backdoor appears to be
deliberately installed on the devices by the manufacturer.
http://www.siliconrepublic.com/digital-life/item/39925-chinese-coolpad-devices/
http://www.theregister.co.uk/2014/12/18/coolreaper_android_backdoor/

--ICANN Accounts Hijacked Through Phishing Attack
(December 17 & 18, 2014)
The ICANN was the target of a data breach following a phishing campaign.
The organization's root zone administration system was compromised. The
attack occurred late last month and was detected a week later. The
compromised data include personal information of people who do business
with the organization.
http://www.bbc.com/news/technology-30497392
http://www.theregister.co.uk/2014/12/17/icann_hacked_admin_access_to_zone_files/
http://www.computerworld.com/article/2860408/icann-data-compromised-in-spearphishing-attack.html
http://arstechnica.com/security/2014/12/icann-e-mail-accounts-zone-database-breached-in-spearphishing-attack/

--Google Tightens Security for Gmail Extensions
(December 16 & 17, 2014)
Google has implemented the W3C's Content Security Policy (CSP) standard
for Gmail extensions. CSP provides a layer of protection against
cross-site scripting attacks. Those extensions that do not comply with
the standard will no longer be functional.
http://www.theregister.co.uk/2014/12/17/google_bakes_w3c_malwarebuster_into_gmail/
http://gmailblog.blogspot.com/2014/12/reject-unexpected-content-security.html

--Google Plans to Warn Chrome Users on All HTTP Connections
(December 16, 2014)
Google plans to flag all HTTP traffic as unsecure in its Chrome browser.
Chrome users will see alerts when they attempt to visit HTTP sites.
Google plans to implement the change in 2015.
http://www.theregister.co.uk/2014/12/16/chrome_devs_hatch_plan_to_mark_all_http_traffic_insecure/
http://www.bbc.com/news/technology-30505970
http://www.eweek.com/cloud/google-chrome-browser-to-warn-users-of-sites-that-dont-use-https.html
[Editor's Note (Pescatore): I think Google is actually trying to kick
off a debate about how to warn browser users of good/questionable/lack
of SSL connections. However, today all browsers already give
red/yellow/green indications when SSL is in use but the browser/CA
industry has never made any investment in educating users/consumers what
it means! More colors and beeps and popups without such education is a
waste of time. The "questionable use of SSL" is critical for education,
just pushing "SSL in use will make everything secure" philosophy just
sends us back to the eyewash days of "as long as you see the little
solid key, no worries".]

--Indications of Breach at Park-n-Fly
(December 16, 2014)
Financial institutions are noting a pattern of fraud suggesting that
Park-n-Fly, a company operates parking lots near airports, experienced
a security breach, exposing customers' payment card data, according to
KrebsOnSecurity. The company said it has employed third-party security
companies to investigate claims of breaches. The breach could also be
in the chain of the company's online payment card processing system.
http://krebsonsecurity.com/2014/12/banks-park-n-fly-online-card-breach/

--Dutch Privacy Watchdog Hounds Google and Facebook
(December 16 & 17, 2014)
The Dutch data protection authority College Bescherming Persoonsgegevens
(CBP) has ordered Google to abide by that country's privacy rules or be
subject to penalties of as much as 15 million euros (US $18.4 million).
Google has been using user data to offer targeted advertising. The
watchdog group has also turned its attention to Facebook, launching an
investigation into that company's new privacy policy, which is scheduled
to take effect on January 1, 2015.
http://touch.latimes.com/#section/618/article/p2p-82306693/
http://www.zdnet.com/article/facebook-to-dutch-regulators-whats-the-privacy-problem-nothings-changed/
http://www.theguardian.com/technology/2014/dec/16/google-15m-fines-privacy-breaches-netherlands
[Editor's Note (Murray): Google and Facebook users have struck a bargain
with the devil. Nation states will find that undoing that bargain will
be somewhere between very difficult and impossible.]

STORM CENTER TECH CORNER

Evolution of the Nuclear Exploit Kit
https://isc.sans.edu/forums/diary/Exploit+Kit+Evolution+During+2014+-+Nuclear+Pack/19081

phpBB Compromised
https://www.phpbb.com/community/viewtopic.php?f=14&t=2278081

Checkpoint Misfortune Cookie
http://mis.fortunecook.ie

Git Vulnerability
https://github.com/blog/1938-git-client-vulnerability-announced

Microsoft Releases Fixed IE Patch
http://support.microsoft.com/kb/3025390

Coolpad Adds ROM Backdoor to Smartphones
https://www.paloaltonetworks.com/threat-research.html

Delta Mobile Boarding Pass Hackable
https://medium.com/@thedanigrant/need-a-last-minute-flight-45af88ec8df3

Linux x86_64 Kernel Priv. Escalation Vulnerabilities
http://seclists.org/oss-sec/2014/q4/1052

Ettercap Vulnerabilities
https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

Memory Forensics with "Forensic Suite" and Volatility
https://isc.sans.edu/forums/diary/Some+Memory+Forensic+with+Forensic+Suite+Volatility+plugins+/19071

"Grinch" Polkit Vulnerability
https://www.alertlogic.com/blog/dont-let-grinch-steal-christmas/

***********************************************************************
The Editorial Board of SANS NewsBites

John Pescatore was Vice President at Gartner Inc. for fourteen years.
He became a director of the SANS Institute in 2013. He has worked in
computer and network security since 1978 including time at the NSA and
the U.S. Secret Service.

Shawn Henry recently retired as FBI Executive Assistant Director
responsible for all criminal and cyber programs and investigations
worldwide, as well as international operations and the FBI's critical
incident response. He is now president of CrowdStrike Services.

Stephen Northcutt teaches advanced courses in cyber security management;
he founded the GIAC certification and was the founding President of STI,
the premier skills-based cyber security graduate school, www.sans.edu.

Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm
Center and Dean of the Faculty of the graduate school at the SANS
Technology Institute.

Ed Skoudis is co-founder of CounterHack, the nation's top producer of
cyber ranges, simulations, and competitive challenges, now used from
high schools to the Air Force. He is also author and lead instructor of
the SANS Hacker Exploits and Incident Handling course, and Penetration
Testing course.

Michael Assante was Vice President and Chief Security Officer at NERC,
led a key control systems group at Idaho National Labs, and was American
Electric Power's CSO. He now leads the global cyber skills development
program at SANS for power, oil & gas and other critical infrastructure
industries.

Mark Weatherford is a Principal at The Chertoff Group and the former Deputy
Under Secretary of Cybersecurity at the US Department of Homeland Security.

William Hugh Murray is an executive consultant and trainer in
Information Assurance and Associate Professor at the Naval Postgraduate
School.

Sean McBride is Director of Analysis and co-founder of Critical
Intelligence, and, while at Idaho National Laboratory, he initiated the
situational awareness effort that became the ICS-CERT.

Rob Lee is the SANS Institute's top forensics instructor and director
of the digital forensics and incident response research and education
program at SANS (computer-forensics.sans.org).

Tom Liston is a Senior Security Consultant and Malware Analyst for
InGuardians, a handler for the SANS Institute's Internet Storm Center,
and co-author of the book Counter Hack Reloaded.

Dr. Eric Cole is an instructor, author and fellow with The SANS
Institute. He has written five books, including Insider Threat and he
is a founder with Secure Anchor Consulting.

Mason Brown is one of a very small number of people in the information
security field who have held a top management position in a Fortune 50
company (Alcoa). He leads SANS' efforts to raise the bar in
cybersecurity education around the world.

David Hoelzer is the director of research & principal examiner for
Enclave Forensics and a senior fellow with the SANS Technology
Institute.

Gal Shpantzer is a trusted advisor to CSOs of large corporations,
technology startups, Ivy League universities and non-profits
specializing in critical infrastructure protection. Gal created the
Security Outliers project in 2009, focusing on the role of culture in
risk management outcomes and contributes to the Infosec Burnout project.

Alan Paller is director of research at the SANS Institute.

Brian Honan is an independent security consultant based in Dublin, Ireland.

David Turley is SANS operations manager and serves as production manager
and final editor on SANS NewsBites.

Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/

Ask the Oracle Experts - The Database under the Application

Oracle Architect Steven Feuerstein as he goes under the covers of applications to remind everyone that while the flashy stuff is fun, it's just part of what software professionals do. He explains how SQL and PL/SQL are an essential part of the software development process and will always be important.

jueves, 18 de diciembre de 2014

Partner Webcast – Oracle SOA 12c: BPM 12c integration with OEP 12c

Partner Webcast – Oracle Database 12.1.0.2: Are you ready for the Future of the Database? Part 1

Oracle Database 12c was launched over a year ago delivering the next-generation of the #1 database, designed to meet modern business needs, providing a new multitenant architecture on top of a fast, scalable, reliable, and secure database platform.

A couple months ago, Oracle Database 12.1.0.2 was made available for download, being the most comprehensive patch set we've ever built, adding exciting new features and key options, such as In-Memory Option, but also with many fixes over the already very stable first release of Oracle Database 12c.

  • Oracle Multitenant is already helping customers to more easily consolidate and manage multiple databases as one, resulting in improved efficiency and simplified management with maximum availability.
  • The newly available Oracle Database In-Memory option transparently extends the power of Oracle Database 12c to enable organizations to discover business insights in real-time while simultaneously increasing transactional performance.
  • Major enhancements in availability, security, big data support and more
These unique advancements make Oracle Database 12c the ideal platform for private and public cloud deployments, providing a competitive advantage for you and your end users/customers.

Join us on our webcast, to learn more about the latest new features of Oracle Database 12c (12.1.0.2) and find out why it is now the right time to modernize your database either upgrading existing Oracle Databases or directly adopting the new Oracle Database 12c.

The future of Database has begun with Oracle Database 12c. Are you ready? Or are you going to stay behind?

Part 1 http://youtu.be/EK7d2RF5kGg
Part 2 http://youtu.be/-8rvG8kN7Pg

Oracle Communications WebRTC Session Controller Extends WebRTC Functionality to Mobile Applications

Communications service providers and enterprises can now offer WebRTC-based capabilities in native iOS or Android client applications

REDWOOD SHORES, Calif. – Dec. 16, 2014

News Summary

In response to the growing demand for real-time communications (RTC) anytime, anywhere, and from virtually any device, many communications service providers (CSPs) and enterprises are now offering browser-based WebRTC capabilities and services. The latest release of Oracle Communications WebRTC Session Controller provides the secure and reliable functionalities that users want—such as voice calling, video, and chat—within an iOS and Android client application for a seamless, device-independent customer experience.

News Facts

Oracle today announced the release of Oracle Communications WebRTC Session Controller 7.1, which brings WebRTC support to native mobile iOS and Android applications for a seamless, cross-device customer experience.

The new release also improves bandwidth utilization and cost savings by intelligently switching among anchored media, peer-2-peer (P2P) media, and P2P data depending on the CSP’s or enterprise’s network topology.

Oracle Communications WebRTC Session Controller provides better connectivity into CSP and enterprise environments with restrictive firewalls by supporting advanced Network Address Translation traversal functionality.

In addition, the new release enables secure and reliable RTC services by delivering GSMA’s Rich Communications Suite (RCS) capabilities through Oracle Communications WebRTC Session Controller APIs. This functionality allows CSPs to extend their RCS investments to devices that are WebRTC-capable.

Product Details

The latest release of Oracle Communications WebRTC Session Controller offers support for:
Integrating highly scalable media server platforms to offload complex, hardware-intensive media processing such as audio/video transcoding, recording, and conferencing Instant messaging through a Message Session Relay Protocol Gateway, allowing client applications to access a messaging server and eliminating the need to run a separate application Virtualization, enabling CSPs and enterprises to deploy solutions in a cloud environment free from hardware requirements Oracle Communications WebRTC Session Controller improves network integration with standard, off-the-shelf interfaces for policy and media servers.
latest release provides a consistent user experience across applications and devices via a new flexible client registration management system that can efficiently handle WebRTC subscribers with multiple simultaneous sessions and identities across numerous devices.

Supporting Quotes

“The demand for real-time communications from any device will only continue to grow, from within both web browsers and mobile apps,” said Dean Bubley, director of Disruptive Analysis. “Oracle’s integration of WebRTC-based communications with new and existing mobile clients aligns with this broad trend towards embedded voice and video.”


“The latest release of Oracle Communications WebRTC Session Controller further demonstrates Oracle’s dedication to improving the mobile user experience. We are rapidly innovating to remove the road blocks to real-time communications from anywhere, at any time, and from any device,” said Bhaskar Gorti, senior vice president and general manager, Oracle Communications.

Oracle SAAS, PAAS AND IAAS CLOUD REVENUE UP 45% to $516 MILLION

SOFTWARE AND CLOUD REVENUE UP 5% TO $7.3 BILLION

REDWOOD SHORES, Calif. – December 17, 2014

Oracle Corporation (NYSE: ORCL) today announced that fiscal 2015 Q2 Total Revenues were up 3% to $9.6 billion. Software and Cloud Revenues was up 5% to $7.3 billion. Cloud software-as-a-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) revenue was up 45% to $516 million. Hardware Systems revenues were up 1% to $1.3 billion. GAAP operating income was up 4% to $3.5 billion, and the GAAP operating margin was 37%. Non-GAAP operating income was up 3% to $4.4 billion, and the non-GAAP operating margin was 46%. GAAP net income was down 2% to $2.5 billion while non-GAAP net income was down 1% to $3.1 billion. GAAP earnings per share were $0.56, unchanged from last year, while non-GAAP earnings per share were up 1% at $0.69. GAAP operating cash flow on a trailing twelve-month basis was $15.3 billion.

Without the impact of the US dollar strengthening compared to foreign currencies, Oracle’s reported Q2 GAAP and non-GAAP earnings per share would have been up 5%; Q2 Total Revenues would have been up 7%; Software and Cloud revenues would have been up 8%; and Hardware Systems revenues would have been up 4%.

“We continue to deliver industry-leading operating margins and cash flow even after adding the thousands of specialized sales people and engineers necessary to accelerate the growth of our new cloud businesses,” said Oracle CEO, Safra Catz.

“Total Q2 new cloud bookings grew at a rate of more than 140%,” said Oracle CEO, Mark Hurd. “We now have over 600 ERP Fusion Cloud customers – that’s five-times more ERP customers than Workday.”

“By Q4 of this year we expect our new cloud bookings to exceed $250 million,” said Oracle Chairman and Chief Technology Officer Larry Ellison. “Next fiscal year our new cloud bookings will be well over the billion dollars mark."

The Board of Directors also declared a quarterly cash dividend of $0.12 per share of outstanding common stock. This dividend will be paid to stockholders of record as of the close of business on January 7, 2015, with a payment date of January 28, 2015.

Q2 Fiscal 2015 Earnings Conference Call and Webcast

Oracle will hold a conference call and webcast today to discuss these results at 2:00 p.m. Pacific. You may listen to the call by dialing (816) 287-5563, Passcode: 425392. To access the live webcast of this event, please visit the Oracle Investor Relations website at http://www.oracle.com/investor. In addition, Oracle’s Q2 results and Fiscal 2015 financial tables are available on the Oracle Investor Relations website.

A replay of the conference call will also be available by dialing (855) 859-2056 or (404) 537-3406, Pass Code: 46975514.