Weekly News: the response to *that* Oracle article, a huge breach for Carphone Warehouse and how to pen test a city

Oracle CSO Mary Ann Davidson wrote a blog post widely condemned by the infosec community (and now deleted), in which she criticised bug bounties and security researchers who reverse engineer Oracle’s code. There was much comment, but particularly measured ones can be read here and here.

Carphone Warehouse said the personal details of up to 2.4 million of its customers,  and the encrypted credit card details of up to 90,000 people, may have been accessed in a cyber-attack.

Police began investigating a ‘new’ crime of cyber-flashing after a woman received an indecent image on her phone as she travelled to work.

If you missed Black Hat in Vegas, Tripwire summarised the presentations they found most intriguing, including a vulnerability affecting hundreds of millions of Android devices, how Saudi Aramco responded to being attacked and city-level penetration testing.