Huawei launches AI-backed database to target enterprise customers

China’s Huawei is making a serious foray into the enterprise business market after it unveiled a new database management product on Wednesday, putting it in direct competition with entrenched vendors like IBM, Oracle and Microsoft.

The Shenzhen-based company, best known for making smartphones and telecom equipment, claims its newly minted database uses artificial intelligence capabilities to improve tuning performance, a process that traditionally involves human administrators, by over 60 percent.

Called the GaussDB, the database works both locally as well as on public and private clouds. When running on Huawei’s own cloud, GaussDB provides data warehouse services for customers across the board, from the financial, logistics, education to automotive industries.

The database launch was first reported by The Information on Tuesday citing sources saying it is designed by the company’s secretive database research group called Gauss and will initially focus on the Chinese market.

The announcement comes at a time when Huawei’s core telecom business is drawing scrutiny in the West over the company’s alleged ties to the Chinese government. That segment accounted for 40.8 percent of Huawei’s total revenues in 2018, according to financial details released by the privately-held firm.

Huawei’s consumer unit, which is driven by its fast-growing smartphone and device sales, made up almost a half of the company’s annual revenues. Enterprise businesses made up less than a quarter of earnings, but Huawei’s new push into database management is set to add new fuel to the segment.

Meanwhile, at Oracle, more than 900 employees, most of whom worked for its 1,600-staff research and development center in China, were recently let go amid a major company restructuring, multiple media outlets reported earlier this month.

Data provided to TechCrunch by Boss Zhipin offers clues to the layoff: The Chinese recruiting platform has recently seen a surge in newly registered users who work at Oracle China. But the door is still open for new candidates as the American giant is currently recruiting for more than 100 positions through Boss, including many related to cloud computing.

Let’s block ads! (Why?)

Link to original source

Announcing TechCrunch Sessions: Enterprise this September in San Francisco

Of the many categories in the tech world, none is more ferociously competitive than enterprise. For decades, SAP, Oracle, Adobe, Microsoft, IBM and Salesforce, to name a few of the giants, have battled to deliver the tools businesses want to become more productive and competitive. That market is closing in on $500 billion in sales per year, which explains why hundreds of new enterprise startups launch every year and dozens are acquired by the big incumbents trying to maintain their edge.

Last year alone, the top 10 enterprise acquisitions were worth $87 billion and included IBM’s acquiring Red Hat for $34 billion, SAP paying $8 billion for Qualtrics, Microsoft landing GitHub for $7.5 billion, Salesforce acquiring MuleSoft for $6.5 billion and Adobe grabbing Marketo for $4.75 billion. No startup category has made more VCs and founders wildly wealthy, and none has seen more mighty companies rise faster or fall harder. That technology and business thrill ride makes enterprise a category TechCrunch has long wanted to tackle head on.

TC Sessions: Enterprise (September 5 at San Francisco’s Yerba Buena Center) will take on the big challenges and promise facing enterprise companies today. TechCrunch’s editors, notably Frederic Lardinois, Ron Miller and Connie Loizos, will bring to the stage founders and leaders from established and emerging companies to address rising questions like the promised revolution from machine learning and AI, intelligent marketing automation and the inevitability of the cloud, as well as the outer reaches of technology, like quantum and blockchain.

We’ll enlist proven enterprise-focused VCs to reveal where they are directing their early, middle and late-stage investments. And we’ll ask the most proven serial entrepreneurs to tell us what it really took to build that company, and which company they would like to create next. All throughout the show, TechCrunch’s editors will zero in on emerging enterprise technologies to sort the hype from the reality. Whether you are a founder, an investor, enterprise-minded engineer or a corporate CTO / CIO, TC Sessions: Enterprise will provide a valuable day of new insights and great networking.

Tickets are now available for purchase on our website at the early-bird rate of $395. Want to bring a group of people from your company? Get an automatic 15% savings when you purchase four or more tickets at once. Are you an early-stage startup? We have a limited number of Startup Demo Packages available for $2,000, which includes four tickets to attend the event. Students are invited to apply for a reduced-price student ticket at just $245. Additionally, for each ticket purchased for TC Sessions: Enterprise, you will also be registered for a complimentary Expo Only pass to TechCrunch Disrupt SF on October 2-4.

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.

Let’s block ads! (Why?)

Link to original source

Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware

ransomware attack oracle weblogic server

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware.

As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a never-before-seen ransomware variant, which researchers dubbed “Sodinokibi.”

Last weekend, The Hacker News learned about a critical deserialization remote code execution vulnerability in Oracle WebLogic Server that could allow attackers to remotely run arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization.

To address this vulnerability (CVE-2019-2725), which affected all versions of the Oracle WebLogic software and was given a severity score of 9.8 out of 10, Oracle rolled out an out-of-band security update on April 26, just a day after the vulnerability was made public and several in-the-wild attacks were observed.

According to cybersecurity researchers from Cisco Talos’ threat research team, an unknown group of hackers has been exploiting this vulnerability since at least April 25 to infect vulnerable servers with a new piece of ransomware malware.

ransomware attack

Sodinokibi is a dangerous ransomware variant which has been designed to encrypt files in a user’s directory and then delete shadow copy backups from the system in an effort to prevent victims from recovering their data without paying a ransom.

No Interaction Required to Deploy Ransomware

Since attackers are leveraging a remote code execution vulnerability in the WebLogic Server, unlike typical ransomware attacks, deploying the Sodinokibi ransomware requires no user interaction.

“Historically, most varieties of ransomware have required some form of user interaction, such as a user opening an attachment to an email message, clicking on a malicious link, or running a piece of malware on the device,” researchers explain in a blog post.

“In this case, the attackers simply leveraged the Oracle WebLogic vulnerability, causing the affected server to download a copy of the ransomware from attacker-controlled IP addresses.”

Once downloaded, the Sodinokibi ransomware encrypts the victim’s systems and displays a ransom note demanding up to $2,500 in Bitcoin. The amount doubles to $5,000 if the ransom is not paid within a specified number of days—which may vary from two days to six days.

Hackers Are Also Installing GandCrab Ransomware

Researchers also noted that roughly eight hours after deploying Sodinokibi on an infected system, the attackers exploited the same WebLogic Server vulnerability to install another piece of ransomware known as GandCrab (v5.2).

ransomware attack

“We find it strange the attackers would choose to distribute additional, different ransomware on the same target,” the researchers say. “Sodinokibi being a new flavor of ransomware, perhaps the attackers felt their earlier attempts had been unsuccessful and were still looking to cash in by distributing Gandcrab.”

Attackers have been exploiting the Oracle WebLogic Server vulnerability in the wild since at least April 17 to distribute cryptocurrency miners and other types of malware.

WebLogic Server is a popular Java-based multi-tier enterprise application server typically used by businesses to support enterprise apps, which makes it an often target of attackers trying to carry out malicious operations, like running cryptocurrency miners and infecting with ransomware.

Organizations that use Oracle WebLogic Server should make sure to update their installations to the latest version of the software as soon as possible.

Let’s block ads! (Why?)

Link to original source

'Highly Critical' Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

oracle weblogic server vulnerability

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild.

Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on the cloud. It’s popular across both, cloud environment and conventional environments.

Oracle WebLogic application reportedly contains a critical deserialization remote code execution vulnerability that affects all versions of the software, which can be triggered if the “wls9_async_response.war” and “wls-wsat.war” components are enabled.

The vulnerability, spotted by the researchers from KnownSec 404, allows attackers to remotely execute arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization.

oracle weblogic server vulnerability

“Since the WAR package has a defect in deserializing the input information, the attacker can obtain the authority of the target server by sending a carefully constructed malicious HTTP request, and execute the command remotely without authorization,” explains Chinese National Information Security Vulnerability Sharing Platform (CNVD).

The researchers also shared details of the zero-day vulnerability, tracked as CNVD-C-2019-48814, with the Oracle’s team, but the company has not yet released a patch. The affected Oracle WebLogic versions are as follows:

  • WebLogic 10.X
  • WebLogic 12.1.3

According to the ZoomEye cyberspace search engine, more than 36,000 WebLogic servers are publicly accessible on the Internet, though it’s unknown how many of these have the vulnerable components enabled.

A maximum number of Oracle WebLogic servers are deployed in the United States and China, with a lesser number in Iran, Germany, India, and so on.

oracle weblogic server vulnerability

Since Oracle releases security updates every three months and had already released a Critical Patch Update just this month, this zero-day issue is unlikely to be patched anytime soon (i.e., not before July), unless the company decides to roll out an out-of-band security update.

So, until the company releases an update to patch the vulnerability, server administrators are highly recommended to prevent their systems from exploitation by changing either of the two following settings:

  • Finding and deleting wls9_async_response.war, wls-wsat.war and restarting the Weblogic service, or
  • Preventing access to the /_async/* and /wls-wsat/* URL paths via access policy control.
Since Oracle WebLogic servers are an often target of attackers, there will be no surprise if attackers have already started exploiting this zero-day and then use vulnerable servers for their nefarious purposes.

Let’s block ads! (Why?)

Link to original source

Oracle turns to innovation hubs to drive cultural and business shift to cloud

Oracle was founded in 1977. While it’s not exactly IBM or GE, both of which date back to the late 19th and early 20th centuries respectively, it is old enough to be experiencing a fair bit of disruption in its own right. For a good part of its existence, it sold databases to some of the biggest companies in the world, but today as the market changes and shifts from on-prem data centers to the cloud, how does a company like Oracle make that transition?

Of course, Oracle has been making the shift to the cloud for the last several years, but it would be fair to say that it came late. Plus, it takes more than building some data centers and pushing out some products to change a company the size of Oracle. The company leadership recognizes this, and has been thinking at the highest levels of the organization about how to successfully transform into a cloud company from a cultural and business perspective.

To that end, Oracle has opened 5 innovation hubs over the last several years with locations in Austin, Texas; Reston, Virginia; Burlington, Massachusetts; Bangalore, India and Santa Monica, California. What are these centers hoping to achieve, and how will it extend the lessons learned to the rest of the company? Those are big questions Oracle must answer to make some headway in the cloud market.

Understanding the problem

Oracle seems to understand it has to do something different to change market perception and its flagging market position. Synergy Research, a firm that tracks cloud marketshare reports that the company is struggling

“For cloud infrastructure services (IaaS, PaaS, hosted private cloud services) — Oracle has a 2 percent share,” John Dinsdale, chief analyst and managing director at Synergy told TechCrunch. He added, “It is a top ten player but it is nowhere near the scale of the leading cloud providers; and its market share has been steadily eroding.”

The news is a bit better when it comes SaaS. “Along with SAP, Oracle is one of the leaders in the ERP segment. But enterprise SaaS is much broader than ERP and across all of enterprise SaaS it is the number 4 ranked provider behind Microsoft, Salesforce and Adobe. Oracle worldwide market share in Q4 was 6 percent,” Dinsdale said.

The company knows that it will take a vast shift to change from an organization that mostly sold software licenses and maintenance agreements. It pushed those hard, sometimes so hard that it left IT pros with a sour taste in their mouths. Today, with the cloud, the selling landscape has changed dramatically to a partnership model. The company knows that it must change too. The question is, how?

That will take an entirely new approach to product development, sales and marketing; and the innovation hubs have become a kind of laboratory where engineers can experiment with more focussed projects, and learn to present their ideas with goal of showing instead of telling customers what they can do.

And the young shall lead

One way to change the culture is to infuse it with fresh-thinking, smart young people and that’s what Oracle is attempting to do with these centers, where they are hiring youthful engineers, many right out of college, to lead the change with the help of more seasoned Oracle executives.

They are looking for ways to rethink Oracle’s cloud products, to pull the services together into packages of useful tools that helped solve a specific business problems from prescription opioid abuse to predicting avocado yields. The idea isn’t just to have a some section of the company where people work on dream projects. They want them to relate to real business problems that results eventually in actual sales and measurable results.

Hamza Jahangir, group vice president for the cloud solution hubs at Oracle says they look for people who want to dig into new solutions, but they want a practical streak in their innovation hub hires. “We don’t want just tinkerers. If the only problem you’re solving is that of your own boredom, that’s not the type of person we are looking for,” he said.

Executive buy-in

The idea of the innovation center actually began with co-CEO Mark Hurd, according to Jahangir. He had been working for several years to change the nature of the sales force, the one that had a reputation of strong-arming IT pros, with a new generation by hiring people right out of college with a fresh approach.

Hurd didn’t want to stop with sales though. He began looking at taking that same idea of hiring younger employees to drive that cultural shift in engineering too. “About two years ago, Mark challenged us to think about how can we change the customer-facing tech workforce as the business model was moving to the cloud,” Jahangir said.

Hurd gave him some budget to open the first two centers in Austin and Reston and he began experimenting, trying to find the right kinds of employees and projects to work on. The funding came without of a lot of strings or conditions associated with it. Hurd wanted to see what could happen if they unleashed a new generation of workers and gave them a certain amount of freedom to work differently than the traditional way of working at Oracle.

Changing expectations

Jahangir was very frank when it came to assessing customer’s expectations around Oracle moving to the cloud. There has been a lot of skepticism and part of the reason for the innovation centers was to find practical solutions that could show customers that they actually had modern approaches to computing, given a chance.

The general customer stance has been, “We don’t believe you have anything real, and we need to see true value realized by us before we pay you any money,” he said. That took a fundamental shift to focussing on actual solutions. It started with the premise that the customers shouldn’t believe any of the marketing stuff. Instead it would show them.

“Don’t bother watching a Powerpoint presentation. Ask us to show you real solutions and use cases where we have solved real material problems — and then we can have a discussion.”

Even Chairman and company founder Larry Ellison recognizes the relationship and selling model needed to change as the company moves to the cloud. Jahangir relayed something he said in a recent internal meeting, “In the cloud we are now no longer selling giant monolithic software. Instead we are selling small bites of the apple. The relationship between the vendor and the buyer is becoming more like a consumer model.” That in turn requires a new way of selling and delivering solutions, precisely what they are trying to figure out at the innovation hubs.

Putting the idea to work

Once you have a new way of thinking, you have to put it to work, and as the company has created these various hubs, that has been the approach. As an example, one that isn’t necessarily original, but that puts Oracle features together in a practical way, is the connected patient. The patient wears a Fitbit-like monitor, uses a smart blood pressure cuff and a smart pill box.

The patient can then monitor his or her own health with these tools in a consolidated mobile application that pulls this data together for them using the Internet of Things cloud service, Oracle Mobile Cloud and Oracle Integration Cloud. What’s more, that information gets shared with the patient’s pharmacy and doctor, who can monitor the patient’s health and get warnings when there is a serious issue, such as dangerously high blood pressure.

Another project involved a partnership with Waypoint Robotics, where they demonstrated a robot that worked alongside human workers. The humans interacted with the robots, but the robot moved the goods from workstation to workstation acting as a quality control agent along the way. If it found defects or problems, it communicated that to the worker via a screen on the side of the unit, and to the cloud. Every interaction between the humans, goods and robot was updated in the Oracle cloud.

Waypoint Robotics Robot inspecting iPhones. Information on the display shows it communicating with the Oracle cloud. Photo: Ron Miller

One other project worked with farmers and distributors to help stores stay stocked with avocados, surely as good a Gen Z project as you are likely to find. The tool looks at weather data, historical sales and information coming from sensors at the farm, and it combines all of that data to make predictions about avocado yields, making use of Oracle Autonomous Data Warehouse, Oracle Analytics Cloud and other services from Oracle cloud stack.

Moving beyond the hubs

This type of innovation hub has become popular in recent years as a way to help stave off disruption, and Oracle’s approach is actually in line with this trend. While companies sometimes isolate them to protect them from negativity and naysayers in an organization, leaving them isolated often prevents the lessons learned from being applied to the broader organization at large, essentially defeating the very purpose of creating them in the first place.

Jahangir says that they are attempting to avoid that problem by meeting with others in the company and sharing their learnings and the kinds of metrics that they use in the innovation center to measure success, which might be different from the rest of the company.

He says to put Oracle on the customer agenda, they have to move the conversation from from religious battles, as he calls how people support or condemn tech from certain companies. “We have to overcome religious battles and perceptions. I don’t like to fight religion with more religion. We need to step out of that conversation. The best way we have seen for engaging developer community is to show them how to build really cool things, then we can hire developers to do that, and showcase that to the community to show that it’s not just lip service.”

The trick will be doing that, and perhaps the innovation centers will help. As of today, the company is not sharing its cloud revenue, so it’s hard to measure just how well this is helping contribute to the overall success of the company, but Oracle clearly has a lot of work to do to change the perception of the enterprise buyer about its cloud products and services, and to increase its share of the growing cloud pie. It hopes these innovations hubs will lead the way to doing that.

Jahangir recognizes that he has to constantly keep adjusting the approach. “The Hub model is still maturing. We are finding and solving new problems where we need new tooling and engagement models in the organization. We are still learning and evolving,” he said.

Let’s block ads! (Why?)

Link to original source