立即注册  找回密码
 立即注册
CeraNetworksBGVM服务器主机交流会员请立即修改密码Sharktech防护
查看: 48|回复: 3

甲骨文被盗号了

[复制链接]

甲骨文被盗号了

[复制链接]

24

主题

27

回帖

466

积分

中级会员

积分
466
mzt1988

24

主题

27

回帖

466

积分

中级会员

积分
466
2024-8-7 15:07:07 | 显示全部楼层 |阅读模式
本帖最后由 mzt1988 于 2024-8-7 15:15 编辑

原始邮箱一直收不到重置密码的邮件,然后注册了SR,提交了SR发现我的邮箱都被改了,这牛逼。不记得这个号之前是不是用过API刷过机器了。这么一看,之前的死的账户可能也是盗了,慢慢找吧。



还有个被封的账户是账户一直在SR无权限,重置密码成功后,登录账户还是密码错误





Hello Amsterdam -

We reviewed your tenancy. It looks like your tenancy is compromised. User has changed your email address in both domains ( default and OracleIdentityCloudService). Hence, you are not able to login or reset your password.

Our plan is to create new user and grant him administrator role in your Default domain. This way, you can login and clean up users and resources created. For this purpose, we need your alternative email address and make sure that you have access to the email. If you do not have alternative email, you can quickly create new email account and share below email.
=============

In accordance with Oracle’s Security Policy, we require an authorization email from a named User, using the Account’s email address, authorizing us to create the following User as an Account Administrator on your environment(s). Thank you for your understanding and compliance in this matter.

This authorization email must be sent by the authorization provider from the Sold To party (End User) domain email account i.e. abc@companyname.com, instead of personal accounts such as gmail.com;
The authorization email cannot come from the User that will be set as Admin (ideally, it should come from the present Administrator);
The attachment format must be in email/message format (.msg, .EML, .pdf), not a screenshot.


Here is the example information:

Subject of email: Add admin request.

Email body:

I authorize Oracle Support to create the following User as  (Account Administrator OR Domain Administrator OR Order Activator) on my Cloud Account.

Tenancy name: a%%%
Full Name:  
Email:
Role: Account Administrator & Identity administrator
SR#: ####
IDCS GUID:####

Please attach above authz email in .msg or PDF format to the SR.
============

Please note: Please send above email from new admin's email address to old admin email address (Amsterxxm@pingxxxxle.onmicrosoft.com). Old admin has to send "approved"/"approval" email as response. Then, attach this email to the SR for processing the request.
回复

使用道具 举报

13

主题

144

回帖

541

积分

高级会员

积分
541
sxlcolin

13

主题

144

回帖

541

积分

高级会员

积分
541
2024-8-7 15:12:04 | 显示全部楼层
没搞懂,这段时间为什么那么多人都觉得是被盗了,那么复杂的密码,怎么盗?攻破甲骨文的安防系统更是不可能。

那么有没有更可能的情况发生,就是你的号被封了
回复

使用道具 举报

24

主题

27

回帖

466

积分

中级会员

积分
466
mzt1988 楼主

24

主题

27

回帖

466

积分

中级会员

积分
466
2024-8-7 15:16:00 | 显示全部楼层

sxlcolin 发表于 2024-8-7 15:12

没搞懂,这段时间为什么那么多人都觉得是被盗了,那么复杂的密码,怎么盗?攻破甲骨文的安防系统更是不可能 ...

API泄露,另外据说之前甲骨文账户有过泄露,
回复

使用道具 举报

34

主题

112

回帖

512

积分

高级会员

积分
512
guyuefeng

34

主题

112

回帖

512

积分

高级会员

积分
512
2024-8-7 15:12:00 | 显示全部楼层
甲骨文不是有验证程序吗,还会被盗?
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|小黑屋|HS2V主机综合交流论坛

GMT+8, 2024-12-23 12:30 , Processed in 0.015915 second(s), 3 queries , Gzip On, Redis On.

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表