Apple: A Thing Unto Itself Sans Java
...Back in October of 2010, Apple announced they would drop support for Java. This did not spur Oracle to directly support this Unix platform as it did for other... more…CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows
...We found design flaw/weakness in Java Usage Tracker that can enable hackers to create arbitrary files, inject attacker-specified parameters, and elevate local privileges. In turn, these can be... more…How to Protect Your Devices from a Fast Spreading Java Virus
...Last week, a new security issue surfaced for a popular programming language known as Java. This Java security issue is classified as a zero-day threat, and it spreads malicious... more…How to Use Java – If You Must
...With Java going through another embarrassing zero-day vulnerability recently, it has become a common bit of advice for users to “uninstall Java”. In general, this is sound advice. If... more…Java Zero-Day Exploit and Ruby on Rails Vulnerabilities
...During the past two days there has been a lot of activity and concern around vulnerabilities in two different widely used technologies: Java and Ruby on Rails. With this... more…Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor
...to the new Java 7 classcom.sun.beans.finder.ClassFinder that allows the sun.awt.SunToolkit class to load, modify and execute the malicious code. This threat is composed of an HTML page with malicious JavaScript... more…The Current Web-Delivered Java 0day
...The Java 0day activity that we have been monitoring and preventing for almost the past week has been irresponsibly reported on other blogs, with early posts publicly linking... more…Java Zero-Day Exploit In The Wild, Spreading Ransomware
...A new zero-day exploit in Java has been found in the wild. Currently, this exploit is being used by toolkits like the Blackhole Exploit Kit (BHEK) and the Cool... more…
A Mysterious Java Exploit
...Last week Kahu Security blogged about Escalating Java Attacks. Kahu’s post dissects two Java exploits. The first exploit targets CVE-2012-0507, the latest Java vulnerability that’s been seen being exploited... more…Adwind: FAQ
...as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which makes it cross-platform.... more…Spam Campaign Delivers Cross-platform Remote Access Trojan Adwind
...installed with Java, including Windows, Mac OSX, Linux, and Android. Unsurprisingly we saw it resurface in another spam campaign. This time, however, it’s mainly targeting enterprises in the aerospace industry,... more…Java 7 Update 10 allows users to restrict the use of Java in browsers
...A recent Java 7 update allows users to completely prevent Java applications from running inside browsers or to restrict how Web-based Java content is handled by the Java Runtime... more…Tips For Java Junkies
...So, according to our recent poll, only 12% of you don’t have Java Runtime Environment (JRE) installed. And the rest of you (88%) are Java junkies to one degree... more…The “Nitro” Campaign and Java Zero-Day
...The security community has been focused on the new Java zero-day exploits that appear to have been taken from a Chinese exploit pack (known as Gondad or KaiXin) used... more…Waratek upgrades Java protection
...Waratek is introducing a feature to its Java-protection platform that enables upgrading to the current version of Java without having to install Java updates or touch the apps... more…Oracle Java SE/Java SE Embedded CVE-2019-2978 Remote Security Vulnerability
...Type: Vulnerability. Oracle Java SE and Java SE Embedded are prone to a remote vulnerability; fixes are available. More information: Oracle Java SE/Java SE Embedded CVE-2019-2978 Remote Security Vulnerability... more…Kam dál?
- France: Let’s make the internet safer! US: ‘How about NO?!’
- McAfee Data Loss Prevention CVE-2019-3640 Information Disclosure Vulnerability
- UK Regulator Issues Advice on ‘Consent’ Within GDPR
- Kaspersky calls for help to probe Gauss malware
- Google AI lets phone owners know about shoulder surfers
- Inside the $100M ‘Business Club’ Crime Gang
- California court dismisses Google Glass traffic ticket
- How to spy on campaigns of competitors who use URL shorteners
- Black Hat keynote: Why security culture needs to change
- Finally, a practical use for the Leap motion controller