Java Security

Oracle updates Java versioning to allow more security fixes

Thu, 16 May 2013 12:38:48 GMT

Source: lxer.com --- Thursday, May 16, 2013
Seemingly borrowing a page from the old, line-numbered BASIC programs of the 1980s, Oracle has adopted a new version numbering strategy for the Java Development Kit (JDK) â one that skips numbers, in case Oracle has to go back and plunk in new code later. Traditionally, Oracle has issued new patches for the JDK on a predictable, regular basis, shipping Critical Patch Updates (CPUs) three times a year on an advertised schedule. That practice was designed to suit the needs of enterprise IT admins, who typically need lots of time to test new patches before they apply them. ...

Viral Scam Detector 1.0 (Java Security)

Wed, 15 May 2013 19:22:35 GMT

Source: opendesktop.org --- Wednesday, May 15, 2013
Viral Scam Detector 1.0 (Java Security) Viral Scam Detector is a FREE application designed to detect scam e-mails. Simply, copy and paste your e-mail content into the application and find out whether you're at risk or not. [read more] job recommendations: [more jobs] ...

Urgent Customer Security Warning: Java Vulnerability - Warning

Wed, 15 May 2013 15:00:02 GMT

Source: www.millersmiles.co.uk --- Wednesday, May 15, 2013
Important customer Security update: Java vulnerability affecting 850 MILLION COMPUTERSSECURITY WARNING: HOMELAND Security WARNS OF WIDEPSREAD Java VULNERABILITY - SCAN NOW 2013/14/05 A Security vulnerability in Java exposing approximately 850 million computer users has been identified by securityexperts. The vulnerability, which affects users of Windows, Mac and Linux operating systems, allows hackers to installransomware on users' computers. The vuln... ...

Oracle Java SE JVM 2D Subcomponent Remote Code Execution Vulnerability (Oracle Security Alert for CVE-2013-1493)

Mon, 13 May 2013 07:22:04 GMT

Source: www.net-security.org --- Monday, May 13, 2013
...

metztli: ♺ @LinuxSec #Security readings: Digging Deeper into #RedKit | Kahu Security http://t.co/CzVh1xYlDF #exploit #java #malware #redirection

Sun, 12 May 2013 11:43:54 GMT

Source: identi.ca --- Sunday, May 12, 2013
♺ @LinuxSec # Security readings: Digging Deeper into # RedKit | Kahu Security http://t.co/CzVh1xYlDF # exploit # Java # malware # redirection ...

Java Security (Document)

Wed, 08 May 2013 19:51:11 GMT

Source: www.scinsight.com --- Wednesday, May 08, 2013
More. Better. Faster. Those are common themes d... ...

Mandriva Linux Security Update Advisory - java-1.7.0-openjdk (MDVSA-2013:161)

Tue, 07 May 2013 09:31:04 GMT

Source: www.net-security.org --- Tuesday, May 07, 2013
_______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:161 http://www.mandriva.com/en/support/Security/ __... ...

[SE-2012-01] New security vulnerabilities and broken fixes in IBM Java

Mon, 06 May 2013 14:38:16 GMT

Source: seclists.org --- Monday, May 06, 2013
Posted by Security Explorations on May 06 Hello All, Security Explorations discovered 7 additional Security issues (#62-68) in the latest version of IBM SDK, Java Technology Edition software [1]. A majority of the new flaws are due to insecure use or implementation of Java Reflection API. Additionally to the above, we found out that four issues reported to IBM in Sep 2012 [2] had not been fixed correctly by the company. Upon simple exploit codes modifications they can be still used to... ...

The H Roundup - Linux 3.9, better fonts for all and Note-d Java holes (Heise Security News)

Sun, 05 May 2013 05:41:11 GMT

Source: isc.sans.edu --- Saturday, May 04, 2013
...

Ways to Increase Security of Java Web Applications

Sat, 04 May 2013 22:35:00 GMT

Source: www.articlesolve.com --- Saturday, May 04, 2013
Web applications are prone to threats and Java web applications are no exception Due to their connectivity with both the user and the web their prospects of getting bruised by hackers increase up to ten folds This could ruin the integrity of the content published on web as well as hamper the image of the organization or business Therefore it is vital to safeguard the Java web applications Read the article to know the ways to safeguard your Java Internet applications ...

What Security Token Service can be easy integrated with ColdFusion 10 or just java?

Fri, 03 May 2013 21:57:28 GMT

Source: stackoverflow.com --- Friday, May 03, 2013
I prefer something that integrates with ColdFusion 10 but Java would do the work as well. I am looking for a Security service token (or similar) to use in a web service to authenticate and authorize remote clients (mobile or web), and how to integrate into my current application framework (currently in ColdFusion). I think the token service is ideal because it store in the client, so I can keep the mobile phone logged for as long as I decide. ...

Security Bulletin: IBM Notes accepts Java applet and JavaScript tags inside HTML emails - Available IF for 9.0 and 8.5.4 releases

Fri, 03 May 2013 06:53:12 GMT

Source: www.zarazaga.net --- Thursday, May 02, 2013
There's a Security problem with HTML mail that affects IBM Notes 8.0.x, 8.5.x, 9.0: IBM Notes accepts Java applet and JavaScript tags inside HTML emails For this vulnerability IBM has published IF ... ...

Enabling dynamic security policy in the Java security manager

Thu, 02 May 2013 17:55:54 GMT

Source: www.engineeringvillage.com --- Thursday, May 02, 2013
...

Java: Changeset [9252]: New 2.2.x security release: http://bit.ly/14RjZpX (Portage version: ...

Thu, 02 May 2013 11:21:01 GMT

Source: overlays.gentoo.org --- Thursday, May 02, 2013
New 2.2.x Security release: http://bit.ly/14RjZpX (Portage version: 2.2.0_alpha173/svn/Linux x86_64, signed Manifest commit with key 248BDC07) ...

Upcoming Webinar: Why Java Exploits Remain a Top Security Risk

Wed, 01 May 2013 06:05:00 GMT

Source: community.websense.com --- Tuesday, April 30, 2013
Java vulnerabilities and zero-days are a serious problem in today's businesses. Frequently discovered vulnerabilities are consistently opening the door for data theft. Recent research by the Websense Security Labs found that 94 percent of computers are vulnerable to Java exploit . On Wednesday, May 8, please join us for a "Why Java Exploits Remain a Top Security Risk" webinar. We'll cover: The top findings of our Java vulnerability research How these vulnerabilities are increasingly being exploited through the use of exploit kits Why Java is so vexing to manage Why many 'best practices' are now falling short of their original promise And provide some specific recommendations on how to stay protected Here is the link to the registration page for the event on Wednesday, May 8 at 10 a.m. PT / 1 p.m. ET. How frequent are holes in Java? Well, as I write this it's been just a single day since the last Java zero-day. Earlier this month hackers used this type of exploit to crack into both Apple and Facebook. Have any initial questions on our Java vulnerability research, Java zero-days or exploit kits? Drop a comment below, or save it for the webinar and we can discuss at that time. I look forward to discussing all of these items with you. ...

Information on New Java Security Pop-Up: Recently Oracle released another new ve...

Tue, 30 Apr 2013 15:28:05 GMT

Source: www.facebook.com --- Tuesday, April 30, 2013
Information on New Java Security Pop-Up: Recently Oracle released another new version of Java. Those who keep their Java up to date will likely notice a new pop up with a Security warning. http://bit.ly/11UPqtC ...

The Latest Java Exploit with Security Prompt/Warning Bypass (CVE-2013-2423)

Mon, 29 Apr 2013 13:58:03 GMT

Source: www.securitytube.net --- Monday, April 29, 2013
From Java SE 7 update 11 oracle has introduced a new Security features called Security warning that prompts a window every time an applet request for execution ... http://Security-obscurity.blogspot.com/2013/04/the-latest-Java-exploit-with-Security.html ...

Oracle Releases Updated Version of Java to Address Latest Security Vulnerabilities

Sat, 27 Apr 2013 19:52:12 GMT

Source: www.technology.pitt.edu --- Saturday, April 27, 2013
Friday, April 19, 2013---Oracle Releases Updated Version of Java to Address Latest Security Vulnerabilities ...

Lost+Found: Java tweaks and iPhone certificates (Heise Security News)

Sat, 27 Apr 2013 14:47:31 GMT

Source: isc.sans.edu --- Saturday, April 27, 2013
...

Yet another Java security flaw discovered - Number 53

Sat, 27 Apr 2013 03:44:35 GMT

Source: blogs.computerworld.com --- Friday, April 26, 2013
The river of Security flaws in Java just keeps flowing. Today, January 27th, Adam Gowdiak of Security Enterprises, announced that he has found yet another vulnerability. This one lets an unsigned Java program run inside a web page even when the Java 7 Update 11 Security rules should prevent it. ...