Don't-Miss Stories

Apple keeps patching Java on OS X Snow Leopard after proposed drop-dead date

Apple Tuesday patched Java for the aged OS X Snow Leopard and tweaked Safari to give users more control over what websites they let run the vulnerability plagued Oracle software.

on techhive.com

java

Outdated (and vulnerable) Java usage abounds, analysis finds

Despite the widespread and well-publicized exploitation of vulnerabilities in Java, large numbers of organizations continue to use versions that are weeks, months, or even years out of date, a Websense survey of its customers reports.

java

Websense: Most Java-enabled browsers vulnerable to widespread Java exploits

Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits currently used in popular Web attack toolkits, according to statistics published by security vendor Websense.

java

Researchers: Java's security problems unlikely to be resolved soon

Since the start of the year, hackers have been exploiting vulnerabilities in Java to carry out a string of attacks against companies including Microsoft, Apple, Facebook and Twitter, as well as home users. Oracle has made an effort to respond faster to the threats and to strengthen its Java software, but security experts say the attacks are unlikely to let up any time soon.

How I ditched the security risks and lived without Java, Reader, and Flash

Java, Reader, and Flash are irresistible targets for hacking exploits. So what's it like living without the oh-so-vulnerable trio?

Researchers rake in $280K at Pwn2Own hacking contest

Research teams Wednesday cracked Microsoft's Internet Explorer 10 (IE10), Google's Chrome and Mozilla's Firefox at the Pwn2Own hacking contest, pulling in more than $250,000 in prizes.

Cybercriminals using digitally signed Java exploits to trick users

Security researchers warn that cybercriminals have started using Java exploits signed with digital certificates to trick users into allowing the malicious code to run inside browsers.

java

Five new flaws found in the latest version of Java

This latest vulnerability report follows a week after the same company reported two other holes in Oracle's plug-in

Oracle releases emergency fix for Java zero-day exploit

Oracle released emergency patches for Java on Monday to address two critical vulnerabilities, one of which is actively being exploited by hackers in targeted attacks.

java

Latest Java zero-day exploit is linked to Bit9 hacker attack

The attacks discovered last week that exploited a previously unknown Java vulnerability were likely launched by the same attackers that previously targeted security firm Bit9 and its customers, according to researchers from antivirus vendor Symantec.