Oracle patches Java 0-day, researchers say there’s another one
Oracle has finally issued an update for Java 7 (v 1.7.0_07) which solves the problem of the CVE-2012-4681 vulnerability (which actually consists of two distinct flaws). The …
Java 0-day exploit served from over 100 sites
The problem of the two unpatched Java zero-day vulnerabilities that are actively exploited in the wild by attackers looking to gain access to their targets’ computers is …
Java 0-day exploit added to Blackhole kit, still no news about patch
The recently discovered Java zero-day flaw that has been spotted being used in limited targeted attacks in the wild has created quite a stir. A module that exploits the …
Critical Java 0-day flaw exploited in the wild
Researchers from security firm FireEye have discovered targeted attacks exploiting a zero-day Java vulnerability to deliver the Poison Ivy RAT onto the unsuspecting …
The dangers of Java and what to do about it
Since late 2010, Java exploits have become way more popular with hackers than the Adobe-related ones. The problem with Java is not so much in the newly discovered …
Multi-platform backdoor served through compromised website
The compromised website of a Colombian transport company has been found serving a signed Java applet that detects whether the visitor is using a Windows, OS X or Linux machine …
Video: Attacking XML preprocessing
Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format …
Make your pentester work harder for his money
In this video recorded at Infosecurity 2012, Wolfgang Kandek, CTO at Qualys, talks about their recent research dealing with Java. Many modern exploits use Java as a stepping …
Android security: Protection of Java and native apps
Arxan Technologies enhanced its Mobile Application Protection Suite to include multi-layered, end-to-end protection for Android applications. Given the open source nature of …
Java drive-by generator used in recent attack
A malware delivery campaign that doubles its infections efforts to really make sure the users get compromised has been recently spotted by F-Secure researchers. One of them …
New Mac malware uses Flashback Java exploit
Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …
Apple patches critical Java flaw
Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …