Today I was informed about a very strange incident for which I cannot really believe that it can be true:
On July 13th. John Leyden published a post on THEREGISTER in which Oracle U.K. is accused to host computers from which SSH brute force password attacks are launched against servers which run SSH software since May 3rd. 2007.
…Here is Oracle’s response as quoted on Register’s website:
“In response to Register inquiries, Oracle supplied a statement saying that an ongoing investigation is yet to confirm whether its systems have been misused or not.
“Security is a matter Oracle takes seriously and the company’s first priority is meeting customer needs and reducing their risk. As soon as Oracle became aware of the situation an investigation began, which is ongoing, but to date the company has found no evidence for any SSH brute-force attack originating from the Oracle owned machine currently listed on the DenyHosts website.” ®” …
I cannot believe it!