Java 0-day exploit served from over 100 sites

The problem of the two unpatched Java zero-day vulnerabilities that are actively exploited in the wild by attackers looking to gain access to their targets’ computers is …

Critical Java 0-day flaw exploited in the wild

Researchers from security firm FireEye have discovered targeted attacks exploiting a zero-day Java vulnerability to deliver the Poison Ivy RAT onto the unsuspecting …

The dangers of Java and what to do about it

Since late 2010, Java exploits have become way more popular with hackers than the Adobe-related ones. The problem with Java is not so much in the newly discovered …

Video: Attacking XML preprocessing

Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format …

Make your pentester work harder for his money

In this video recorded at Infosecurity 2012, Wolfgang Kandek, CTO at Qualys, talks about their recent research dealing with Java. Many modern exploits use Java as a stepping …

Java drive-by generator used in recent attack

A malware delivery campaign that doubles its infections efforts to really make sure the users get compromised has been recently spotted by F-Secure researchers. One of them …

New Mac malware uses Flashback Java exploit

Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …

Apple patches critical Java flaw

Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …