Security News

Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes (Threatpost)
2015-10-22 13:06

Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.

How The Pawn Storm Zero-Day Evaded Java's Click-to-Play Protection (Reddit)
2015-10-21 20:35

Oracle Patches Java Zero-Day Exploited by Pawn Storm Attackers (SecurityWeek)
2015-10-21 11:35

Older Java sandbox escape writeup (Reddit)
2015-10-21 11:35

Oracle releases 154 fixes, plugs click-to-play bypass Java flaw used in attacks (Help Net Security)
2015-10-21 11:33

Oracle has released its quarterly patch update that contains 154 security fixes for its various products. What will interest end users the most are the fixes released for Java, a plugin often targe...

Developer-friendly security platform prevents data breaches in .NET / Java apps (Reddit)
2015-10-07 02:28

The origins of Java (IT Toolbox Blogs)
2015-10-01 23:50

SecuriTeam Advisory Symantec NetBackup OpsCenter Server Java Code Injection RCE (Reddit)
2015-08-26 13:34

Javas SSLSocket: How Bad APIs Compromise Security (Reddit)
2015-08-03 20:18

Java Back In The Bullseye (Dark Reading)
2015-07-16 18:50