Security News

Oracle's Quarterly Critical Patch Update Is Another Whopper

Oracle's latest quarterly Critical Patch Update was the second-largest ever, providing fixes for 253 security vulnerabilities for 76 of the company's products, including seven security updates for Java SE 6, 7 and 8, and eight for the Java EE-based WebLogic and GlassFish application servers.

HPE DevOps Report: Security Hindered by Pressure to Release Apps Quickly

In an age of huge data breaches and hacked IoT devices bringing down the Internet, it seems strange that enterprise developers still need to be reminded of the importance of security, but that's exactly what Hewlett Packard Enterprise does in its new DevOps research.

Waratek Adds RASP Plug-In to AppSecurity for Java

Application security tools provider Waratek has released a new version of its AppSecurity for Java platform that automatically modernizes the security capabilities of older Java apps with a simple RASP plug-in.

Google Highlights Android Nougat Security

Google this week blogged about security enhancements in Android 7.0 Nougat on the same day the first security bulletin was issued for the brand-new mobile OS.

Mobile Developers: Biometrics Best Authentication Option

A new mobile development survey shows biometric authentication is seen as the best option to improve app security and privacy, despite alternatives with "more novelty."

Security Study: Developer 'Rush To Release' Increases App Risk

The explosive growth of mobile apps and the shift to cloud computing are increasing security risks at the application level, a problem that organizations can overcome by hiring skilled developers and lessening the "rush to release," according to a new report.

Oracle's Quarterly CPU Fixes Record Number of Vulnerabilities

Oracle's latest Critical Patch Update, issued this week, fixed a record 276 vulnerabilities in a range of the company's products, including 13 in Java SE, some of which received high-severity scores.

Security Patch in IBM's Java Is Broken, Researchers Charge

A three-year-old security vulnerability in IBM's implementation of Java, which was thought to be fixed, is actually broken, researchers at Security Explorations disclosed last week.

Previously Patched Java SE Flaw Still Exploitable, Security Researchers Say

A Java SE flaw Oracle reported as patched in 2013 can be easily bypassed today, security researchers have found.

New Tools Released for Built-in Mobile App Security, Rapid Visual Development

New mobile app development products were released this week to bake in security at the code level for native apps and to rapidly build projects visually, with the help of a new free design/prototyping tool.

Cloudera Points Hadoop to Cybersecurity

Cloudera, a commercial vendor of Apache Hadoop-based software for Big Data analytics, has teamed up with other companies to tackle cybersecurity with the technology.

Adwind RAT Is Back, Used To Attack 400K Systems

An infamous Remote Access Trojan, a piece of Java-based malware that gives attackers a backdoor into Windows, Linux, Mac OS X and Android devices, has re-emerged -- after apparently being shut down last year -- now as a commercial "malware-as-a-service" platform.

Oracle Issues Out-of-Cycle Security Patch for Java on Windows

Oracle has issued an out-of-cycle security patch to fix a vulnerability that can be exploited when installing Java on Windows. The vulnerability, which earned a CVSS Base Score score of 7.6, affects Java SE 6, 7 and 8.

8 Critical Java Security Holes Fixed by Quarterly Patch

Oracle's latest Critical Patch Update includes fixes for eight Java security holes, three of which were rated critical, earning Common Vulnerability Scoring Standard scores of 10.0.

Oracle Settles with FTC over Deceptive Java Security

Oracle has agreed to overhaul its Java security update process to settle Federal Trade Commission charges that the company deceived consumers by not informing them that the updates left older, still vulnerable versions of Java running on their computers.

PHP 7 Arrives (Along with Scathing Security Report)

PHP 7 has finally arrived. It's the first major number version of the popular Web scripting language since 2004, and it was released just before a new software security report branded PHP as among the most insecure of programming languages.

Well Known Vulnerability Still Putting Java Apps and Servers at Risk

It was first reported by security researchers nine months ago, but a vulnerability in the popular Apache Commons library continues to put thousands of Java applications and servers at risk of a remote code execution attack.

IBM Secures Hadoop in Analytics Cloud

IBM has added end-to-end data protection to IBM Cloud Infrastructure for Analytics, its cloud-based offering designed to ease the significant investment burden required for implementing homegrown, on-premises Big Data solutions.

Oracle's Quarterly Security Patch Includes 25 Java SE Fixes

Oracle recently issued the last of its Critical Patch Updates for the year, featuring fixes for 154 new security vulnerabilities in virtually all Oracle products, including 25 new security fixes for Java SE.

Research Firm Ranks DIY App Coding Tools

A research firm has turned its attention to low-code (or no-code), do-it-yourself tools that are seeing increasing use in the enterprise in the face of a mobile development skills shortage.

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.