Video: Attacking XML preprocessing

Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format …

Make your pentester work harder for his money

In this video recorded at Infosecurity 2012, Wolfgang Kandek, CTO at Qualys, talks about their recent research dealing with Java. Many modern exploits use Java as a stepping …

Java drive-by generator used in recent attack

A malware delivery campaign that doubles its infections efforts to really make sure the users get compromised has been recently spotted by F-Secure researchers. One of them …

New Mac malware uses Flashback Java exploit

Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …

Apple patches critical Java flaw

Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …

Comprehensive Java testing solution

Parasoft introduced a new release of Parasoft Jtest: a comprehensive Java testing solution that automates static analysis, unit testing, coverage analysis, runtime error …

Ditching Java might be a good move

As unpatched Java vulnerabilities are frequently taken advantage by exploit kits and users often forget to update Java, F-Secure’s Mikko Hypponen says that maybe …

Critical vulnerability in Sun Java

ACROS Security has discovered a vulnerability in Sun Java, which can be exploited by malicious people to compromise a user’s system, according to Secunia. The …

Multiplatform Java botnet spotted in the wild

Cross-platform malware is still a rare occurrence, so when it’s detected, it usually attracts more attention than the malware engineered to affect only one particular …