News

Krebs on Security14y
Exploit Packs Run on Java Juice
The first, from an unusually elaborate exploit kit called “Dragon Pack ... functionality to ask the visitor to run a malicious Java applet. On Dec. 29, the SANS Internet Storm Center warned ...
Ars Technica16y
Newly-found hybrid attack embeds Java applet in GIF file
The GIFAR exploit works because two different programs ... but when the "image" actually reaches the client, it's opened as a Java applet and run. Simply viewing a GIFAR won't infect a system ...
Macworld12y
Java security threats: What you need to know
The exploit for the first vulnerability was quickly ... is that Apple by default disabled Java applet support in Web browsers in its most recent Java security update. Starting with OS X 10.7 ...
NBC News12y
Why and How to Disable Java on Your Computer Now
(The exploit may affect Java 6 as well.) "A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code," the alert said. "An attacker ...
InfoWorld12y
Java exploit used in Red October cyberespionage attacks, researchers say
The hundreds of government, military and research organizations targeted in a large-scale cyberespionage operation dubbed Red October were not only attacked using malicious Excel and Word ...
PC World12y
Latest Java zero-day exploit is linked to Bit9 hacker attack
Security researchers from FireEye, who found the new Java attacks last week, said that the Java exploit installs a remote ... inserted a malicious Java applet onto those sites that used a ...
Threat Post11y
Java 6 Zero Day a Reminder to Upgrade Browser Plug-In
While signed applets do limit the effectiveness of some ... less attractive for attackers,” Gowdiak said. As for the Java 6 exploit, the fact that it has been introduced into an exploit kit ...
Computerworld12y
Rogue Microsoft Services Agreement emails lead to latest Java exploit
Hackers are distributing rogue email notifications about changes in Microsoft’s Services Agreement to trick people into visiting malicious pages that use a recently circulated Java exploit to ...
Ars Technica11y
Malware attacks thousands of Yahoo.com visitors through Java exploit
but Java applets are a stupid idea, and we won't be touching them in this course". That has held true ever since. Even as I've used Java every day in my career, I've taken that advice to heart.
InfoWorld12y
Researchers warn of new Java exploit being used by attackers
The exploit reported by FireEye seems to target ... set your Java security settings to ‘High’ and do not execute any unknown Java applets outside of your organization.” ...
ZDNet22y
Microsoft warns of Java VM flaws
This would allow the hacker to create a Java applet that loads from a different Web site than the one the browser is accessing. The exploit would allow the hacker to access, but not change ...