Security News


Facebook Launches Java APIs for Encrypted SD Storage

Dubbed "Conceal," the APIs are designed to encrypt large files on disk, initially for Android smartphones.

Adobe Patches Zero-Day Flash Vulnerability

Adobe on Tuesday released a security update for Adobe Flash Player 12.0.0.43 and earlier for a Flash flaw being actively used in the wild.

Oracle Cloud World: Ellison Talks Up Security and Future Cloud Plans

Oracle CEO Larry Ellison made a last-minute appearance at the company's Cloud World event in San Francisco this week, adding some C-level cheerleading to the daylong showcase of Oracle products.

Study: Java- and Android-Based Attacks Increased in 2013

According to Cisco's Annual Security Report, Java flaws accounted for 91 percent of all Web-based attacks last year.

Oracle's Quarterly Patch Fixes 36 Java Security Flaws

On Tuesday Oracle issued a Critical Patch Update for 144 vulnerabilities in their products, including 36 fixes for Java Standard Edition 7 (Java SE 7).

CSA Crafting Enterprise Cloud Security Framework

The Cloud Security Alliance (CSA) Wednesday launched an initiative that would aid enterprises in using cloud computing services to protect infrastructures.

Oracle Adds Java to Quarterly Updates, Defends Security Improvements

Oracle execs say recent moves like this prove the company is much more serious about Java security, but several security analysts still see flaws.

Cloud Security Alliance's Call for Gov. Surveillance Transparency

A recent roundtable discussion hosted by the CSA discussed how both customers and providers are calling for more insight on federal data collecting programs like PRISM.

Survey: Enterprise Mobile Dev Slowed by C-Level Concerns

Information technology executives are dragging their feet because of concerns about cost, complexity and security, a recent survey finds.

Cloudera Releases Hadoop Security Module

Apache Hadoop developers working with SQL query engines can now rely on a new security tool from Cloudera Inc. that reportedly provides the granularity to secure data access from most SQL and business intelligence (BI) tools and scenarios.

Survey: Security Not a Top Priority for Many Software Developers

According to a new study by comScore, more than 40 percent of software developers globally say that security isn't a top priority for them, and a similar percentage don't use a secure application program process.

Java Remote Access Tool Used In PRISM Phishing Attack Targeting Gov't Workers

An attack campaign focused on government agencies is employing phishing e-mails to deliver a malicious payload containing a Java Remote Access Tool (RAT) called jRAT.

Study: Bad Enterprise Patch Management Results in 'Frightening' Java Vulnerabilities

Most browser Java installations continue to be unpatched or outdated, leaving the majority of users vulnerable to exploit code already in use in the wild.

Oracle: Renewed Security Focus Will Delay Java 8

"As a consequence of this renewed focus on security the Java 8 schedule, with a GA release in early September, is no longer achievable," the company said in a blog post made today.

Oracle Releases Massive Patch for 43 Java Vulnerabilities

Oracle made available for download a critical security update for its Web-based Java programming language on Tuesday.

RSA Keynote: Big Data Will Become 'Big Intelligence'

Big Data will transform the security industry as it morphs into "Big Intelligence."

Oracle Updating Recent Java Fix

Oracle announced that the out-of-band patch released earlier in the month to fix 50 vulnerabilities in Java will be updated with a number of addendums that did not make it to the unscheduled release.

Oracle Releases 'Critical' Java Patch Ahead of Schedule

Oracle today released Update 13 for Java 7 and Update 39 for Java 6.

Oracle Issues Security Fixes for MySQL, Other Database Products

Database developers were put on watch this week as Oracle issued a Critical Patch Update targeting 86 security vulnerabilities, including 18 for its MySQL database products.

CSA Releases Mobile Device Guidance

An assessment and threat report on the state of mobile computing was recently released by the Cloud Security Alliance (CSA).