Security News


Survey: Security Not a Top Priority for Many Software Developers

According to a new study by comScore, more than 40 percent of software developers globally say that security isn't a top priority for them, and a similar percentage don't use a secure application program process.

Java Remote Access Tool Used In PRISM Phishing Attack Targeting Gov't Workers

An attack campaign focused on government agencies is employing phishing e-mails to deliver a malicious payload containing a Java Remote Access Tool (RAT) called jRAT.

Study: Bad Enterprise Patch Management Results in 'Frightening' Java Vulnerabilities

Most browser Java installations continue to be unpatched or outdated, leaving the majority of users vulnerable to exploit code already in use in the wild.

Oracle: Renewed Security Focus Will Delay Java 8

"As a consequence of this renewed focus on security the Java 8 schedule, with a GA release in early September, is no longer achievable," the company said in a blog post made today.

Oracle Releases Massive Patch for 43 Java Vulnerabilities

Oracle made available for download a critical security update for its Web-based Java programming language on Tuesday.

RSA Keynote: Big Data Will Become 'Big Intelligence'

Big Data will transform the security industry as it morphs into "Big Intelligence."

Oracle Updating Recent Java Fix

Oracle announced that the out-of-band patch released earlier in the month to fix 50 vulnerabilities in Java will be updated with a number of addendums that did not make it to the unscheduled release.

Oracle Releases 'Critical' Java Patch Ahead of Schedule

Oracle today released Update 13 for Java 7 and Update 39 for Java 6.

Oracle Issues Security Fixes for MySQL, Other Database Products

Database developers were put on watch this week as Oracle issued a Critical Patch Update targeting 86 security vulnerabilities, including 18 for its MySQL database products.

CSA Releases Mobile Device Guidance

An assessment and threat report on the state of mobile computing was recently released by the Cloud Security Alliance (CSA).

Hacker Selling Java Zero-Day Vulnerability Online

According to researchers at Krebs on Security, an issue in the latest version of Java is being shopped around online by an unknown seller.

Security: Is Android Becoming the Windows of Mobile?

Android has seen the number of Trojans targeting the platform nearly triple in just the last three months.

Mobile Security Authentication Firm PhoneFactor Acquired by Microsoft

According to an announcement made yesterday, Microsoft has acquired PhoneFactor, a provider of mobile-based authentication solutions.

Researchers Discover Yet Another Java Zero-Day Issue

Researchers have discovered a "critical" zero-day issue with Oracle's Java plugin. This marks the second time in less than a month that researchers have found an issue with Java.

Flaw Exposes Oracle Database Passwords

A vulnerability in Oracle Database 11g Releases 1 and 2 could allow an attacker to remotely steal information located on the database, including user passwords.

Recent Java Update Contains New Flaw

The day after Oracle released Java Version 7 Update 7, a fix for three vulnerabilities (including last week's zero-day disclosure), a security firm has found a new error in the latest version.

Oracle Releases Update for Recently Disclosed Java Flaw

An update for Java 7 that addresses "3 distinct but related vulnerabilities and one security-in-depth issue affecting Java running in desktop browsers" was released by Oracle on Wednesday.

Newly Discovered Java Flaw Seen Exploited in Wild

Information on a Java flaw that has been seen in targeted attacks in the wild, and has been tested to work on most major Web browsers for both Mac and PC, was reported on Monday by security firm FireEye.

Amazon Releases AWS Cloud Security Practices

Last week the company submitted a 42-page document detailing security policies for Amazon Web Services (AWS).

Tool Analyzes Open Source Components in Your Java Apps

Sonatype on Wednesday launched a new on-demand service that analyzes the open-source components in Java applications for security, licensing and quality problems.

Upcoming Events

AppTrends

Sign up for our newsletter.

I agree to this site's Privacy Policy.