Security News

Sloppy string sanitization sabotages system security of millions of Java-powered 3G IoT kit: Patch me if you can

2020-08-20 10:02

A vulnerability in Thales' Cinterion EHS8 M2M module, a Java-powered embedded 3G system used in millions of Internet-of-Things devices for connectivity, was revealed yesterday by IBM's X-Force Red. The bug, disclosed to Thales and addressed in a patch made available to IoT vendors in February, makes it possible for an attacker to extract the code and other resources from a vulnerable device.

#3G #IOT #java #patch #sabotage #security

Multi-Platform 'Tycoon' Ransomware Uses Rare Java Image Format for Evasion

2020-06-04 18:38

A recently discovered multi-platform Java ransomware uses a Java image file to evade detection, BlackBerry security researchers report. After establishing a foothold onto the environment, the attackers executed the Java ransomware module, which encrypted all file servers connected to the network, including backup systems.

#java #multi #ransomware

Yo, sysadmins! Thought Patch Tuesday was big? Oracle says 'hold my Java' with huge 334 security flaw fix bundle

2020-01-15 21:33

Oracle has released a sweeping set of security patches across the breadth of its software line. The January update, delivered one day after Microsoft, Intel, Adobe, and others dropped their scheduled monthly patches, addresses a total of 334 security vulnerabilities across 93 different products from the enterprise giant.

#java #oracle #patch #patchtuesday #security #sysadmin #CVE-2020-2696

Oracle, Gemalto Downplay Java Card Vulnerabilities

2019-04-25 14:22

A cybersecurity research company has uncovered over 30 security issues in Java Card technology, but Oracle and Gemalto appear to downplay the impact of the flaws. read more

#gemalto #java #oracle #vulnerabilities

Oracle splats 300 vulns in MySQL, Database, Fusion, etc, pours fresh brew of Java SE terms

2019-04-16 22:52

Multiple pre-auth remote code exec holes need pasting over, enterprise IT giant warns Oracle has issued its quarterly security updates, patching a total of 296 vulnerabilities across its massive...

#database #java #oracle

Unofficial Patch Released for Java Flaws Found by Google Researcher

2019-04-05 13:19

Unofficial patches have been released for two unfixed Oracle Java Runtime Environment (RE) vulnerabilities discovered by Google Project Zero researcher Mateusz Jurczyk. read more

#google #java #patch #researcher

Security storm brewing for Oracle Java-powered smart cards: More than a dirty dozen flaws found, fixes... er, any fixes?

2019-03-22 22:08

Vuln hunters warn malicious applets can bust through protections, snoop on or hijack access gizmos Bug hunters say Oracle's Java Card platform is host to a dozen and a half security flaws that...

#java #oracle #security #smart

Many Vulnerabilities Found in Oracle's Java Card Technology

2019-03-21 14:35

Poland-based cybersecurity research firm Security Explorations claims to have identified nearly 20 vulnerabilities in Oracle’s Java Card, including flaws that could be exploited to compromise the...

#java #oracle #vulnerabilities

Oracle Java SE 12 brings improvements to developer productivity

2019-03-19 13:25

Oracle announced the general availability of Java SE 12 (JDK 12), continuing the six-month release cadence that provides enterprises and developers faster access to completed enhancements to the...

#developer #java #oracle

Bad cup of Java leaves nasty taste in IBM Watson's 'AI' mouth: Five security bugs to splat in analytics gear

2019-03-18 20:08

Worst brew than that time El Reg went on a road trip and stopped at a Denny's IBM has issued a security alert over five vulnerabilities in its golden boy Watson analytics system.…

#AI #analytics #IBM #java #security

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News