Changes to the Java security model
The upcoming security changes in Oracle Java address three long-standing issues with the Java security model. The most significant change is how signed applets are handled. In …
Oracle plugs a host of critical Java vulnerabilities
Oracle’s Java SE Critical Patch Update for April 2013 contains 19 CVEs with CVSS base score of 10 (the highest you can go) indicating that exploiting the vulnerability …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
MiniDuke does not come only via email
Researchers from Kaspersky and CrySyS Lab continue to analyze the MiniDuke backdoor and have discovered two previously unknown infection mechanisms. Recently discovered to …
Malicious Java applet uses stolen certificate to run automatically
A signed but malicious applet that will apparently fool even the latest Java 6 update has been discovered on a German online dictionary website infected by the g01pack exploit …
Oracle releases emergency patch to fix exploited Java flaw
Oracle has released an out-of-band Java patch to fix the CVE-2013-1493 vulnerability that is currently being exploited in attacks in the wild. The security alert accompanying …
Dangerous beans: Oracle deep in the storm
Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making …
Oracle, Apple release critical updates for Java
Oracle has released on Tuesday a new Java SE Critical Patch Update. “This Critical Patch Update includes all fixes provided in the Oracle Java SE Critical Patch Update …
Oracle releases MySQL 5.6
Oracle today announced MySQL 5.6, the world’s most popular open source database. With increased performance, scalability, reliability and manageability, MySQL 5.6 helps …
Oracle rushes out emergency Java patch
If you’re still among the users who haven’t disabled Java in their browsers or on their computer, be advised that Oracle has released a critical patch update for …
Watering hole campaign targeting “Reporters without Borders” visitors
Watering hole attacks continue unabated and, according to Avast’s Director of Threat Intelligence Jindrich Kubec, the finger could be safely pointed to China once again. …
Newest Java update doesn’t fix fresh critical vulnerabilities
Another week, another zero-day threatening millions of Java users. As you might remember, last week Oracle released Java 7 Update 11, which patched the zero-day vulnerability …
Featured news
Sponsored
Don't miss
- Sumo Logic discloses potential breach via compromised AWS credential
- Marina Bay Sands breach exposed data of 665,000 customers
- The 3 key stages of ransomware attacks and useful indicators of compromise
- Aqua Trivy open-source security scanner now finds Kubernetes security risks
- AI-assisted coding and its impact on developers