Published at: 12:11 pm - Saturday November 16 2013
Now here’s a first — crooks who realize the importance of customer service. It’s the latest twist in the global CryptoLocker ransomware attack. This diabolically nasty malware locks up all of the victim’s personal files — and in some cases, backup files, too — with state-of-the-art encryption. The bad guys have the only decryption key and […]
Published at: 07:08 pm - Thursday August 30 2012
Out of nowhere Oracle has released an emergency update to address the zero-day vulnerabilities being exploited by many different criminal groups. Surprisingly they included some previously unknown vulnerabilities that we can only assume may also have been in use in the wild. The good news is customers who require Java in their environments can now deploy […]
Published at: 06:08 am - Thursday August 30 2012
A potent Java security vulnerability that first appeared earlier this week actually leverages two zero-day flaws. The revelation comes as it emerged Oracle knew about the holes as early as April. Windows, Mac OS X and Linux desktops running multiple browser platforms are all vulnerable to attacks. Exploit code already in circulation first uses a vulnerability to […]
Published at: 02:08 pm - Wednesday August 29 2012
The critical Java vulnerabilities that have security experts cautioning users to disable Java in their browsers are not new discoveries, a security firm claims. On the contrary, Oracle has known about them for months, and it has probably had a patch ready since before an exploit was discovered in the wild. Security Explorations, a startup based in […]
Published at: 01:08 am - Tuesday August 28 2012
In recent years, the Java development platform has become a favored target for hackers, leading to a growing list of Java-specific vulnerabilities being discovered and exploited by various malware. As such, many security researchers and national computer security organizations caution users to limit their usage of Java, unless required for business reasons, or to remove […]
Published at: 11:08 pm - Monday August 27 2012
A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle’s Java patch schedule, it may be some time before a fix becomes widely available. The vulnerability is present in the Java Runtime Environment (JRE) version 1.7 […]
Published at: 12:03 am - Saturday March 31 2012
VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers. Update, 4:32 p.m. ET: Atlanta-based processor Global Payments just confirmed that they discovered a breach in early March 2012. […]