Oracle releases critical security updates for Java
Oracle released 40 new Java security fixes. 37 of the vulnerabilities may be remotely exploitable without authentication. This was described as the possibility of being …
Oracle released 40 new Java security fixes. 37 of the vulnerabilities may be remotely exploitable without authentication. This was described as the possibility of being …
The upcoming security changes in Oracle Java address three long-standing issues with the Java security model. The most significant change is how signed applets are handled. In …
Most drive-by exploit kits use a minimal exploit shellcode that downloads and runs the final payload. This is akin to a two-stage ICBM (InterContinental Ballistic Missile) …
If you are still using Java, you insist on updating in manually and you haven’t gotten around to installing the latest Critical Patch Update released a week ago, you are …
Oracle’s Java SE Critical Patch Update for April 2013 contains 19 CVEs with CVSS base score of 10 (the highest you can go) indicating that exploiting the vulnerability …
I believe that most infosec professionals have, at one time or other, wished they could fight back when some of the resources they are tasked with protecting came under attack …
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Researchers from Kaspersky and CrySyS Lab continue to analyze the MiniDuke backdoor and have discovered two previously unknown infection mechanisms. Recently discovered to …
Day two of the Pwn2Own competition at CanSecWest was again successful for French Vupen security, as they succeeded in exploiting Adobe Flash on Internet Explorer 9 on Windows …
The Pwn2Own competition is underway at the CanSecWest conference in Vancouver, and during the first day of competition Java, IE 10, Firefox and Chrome were successfully …
A signed but malicious applet that will apparently fool even the latest Java 6 update has been discovered on a German online dictionary website infected by the g01pack exploit …
Webroot’s Dancho Danchev is known for combing through the wilds of the Internet for places where cyber criminals congregate and reporting back with interesting news …