Firefox 26 blocks Java plugins by default
Mozilla released Firefox 26 which includes five critical, three high, three moderate, and three low security updates. All Java plug-ins are defaulted to ‘click to …
Browser hygiene tips for making online shopping safer
The fuller schedules and longer to-do lists of the holiday season often mean multi-tasking and stress. And busy, distracted people doing their holiday shopping online may be …
Java exploits jump, Android malware emerges outside app stores
A continued rise in exploit-based attacks, particularly against Java, and an increasing sophistication in mobile threats characterized the first half of 2013, which saw its …
A short overview of Android banking malware
As more and more people use their mobile phones to do their online banking, money transfers, and so on, cyber crooks wielding banking malware are increasingly turning to …
Java finally gets a whitelisting feature
The latest Java Development Kit update (JDK 7u40) includes a number of bug fixes, new security features and changes, and among them is one that has been long overdue: a …
Attacks targeting unsupported Java 6 are on the rise
As predicted at the end of 2012 and proved by the ever expanding use of exploit kits, vulnerabilities in popular and widespread software such as Java and Adobe’s Acrobat …
Shielding targeted applications
When we discuss exploit prevention, we often talk about “targeted applications.’ This term refers to end-user applications which can be exploited by hackers for …
Cross-platform Frutas RAT delivered via targeted emails
The cross-platform Frutas RAT is being used in a new email phishing campaign targeting high-profile finance, mining, and telecom companies as well as governments in Europe and …
Cross-platform backdoor created with RAT available online
For malware authors and attackers, the ideal malware is that which works on as many platforms as possible. As Java is used in a wide variety of computing platforms, it stands …
Multiple Java versions on endpoints risky for enterprises
Java represents a significant security risk to enterprises because it is the endpoint technology most targeted by cyber attacks, show the results of Bit9 research. The …
File infector EXPIRO hits US, steals FTP credentials
An unusual attack has been spotted in the wild, using an unexpected combination of threats. This attack used exploit kits (in particular Java and PDF exploits) to deliver file …
Multi-platform Java RAT targeting government agencies
A new spear-phishing campaign targeting government agencies mostly in the US, Canada, Australia, a few European countries and the Russian Federation has been spotted by …