Oracle | News, how-tos, features, reviews, and videos

Windows security holes

Microsoft and Symantec push to combat key, code-signed malware

An alarming growth in malware signed with fraudulently obtained keys and code-signing certificates in order to trick users to download harmful code is prompting Microsoft and Symantec to push for tighter controls in the way the...

Java exploits seen as huge menace so far this year

Java was the most targeted development platform for exploit attacks during the first half of the year, and attacks have increasingly shifted to zero-day vulnerabilities, according to F-Secure's new threat report. "Of the top...

New Java feature aims to manage multiple version problems

Admins now can link apps to a specific version of programming language

Time to Bridge the Gap between Identity and Security

Lots of security vendors play in the identity space. IBM is a leader in both areas while McAfee, RSA Security, and Symantec have acquired identity technologies over the past few years. These vendors present a compelling vision of...

Cybercriminals add new exploit for patched Java vulnerability to their arsenal

Newly released exploit for Java vulnerability patched in June was added to the Styx exploit toolkit, researcher said

security warning malware

Unusual file-infecting malware steals FTP credentials

About 70 percent of computers infected with this threat are in the US, according to antivirus firm Trend Micro

EMC Adds Aveksa to its Enterprise Security Portfolio

With the 4th now behind us, EMC announced its acquisition of Aveksa, an Identity and Access Management (IAM) vendor focused on identity governance. As acquisitions go, this one was on the small side so much of the security world...


Oracle fixes 40 security issues with Java update, turns on certificate revocation checking

Some of the fixed vulnerabilities also affect sever deployments of Java

Oracle to ship 40 security fixes for Java SE

Oracle has pledged to improve Java's security features in the wake of high-profile vulnerabilities

FDA tells medical device makers to focus on cybersecurity

The agency's new recommendations follow reports of vulnerabilities in some medical devices, the FDA says

Oracle's Java security improvements don't quite satisfy

Changes welcomed, but one expert said he'd like to see sandbox technology in Java like that used in Adobe Reader and Google Chrome

Oracle reveals plans for Java security improvements

The company will make changes that suggest it's listening to feedback from the security research community

Software vendors should respond to actively attacked vulnerabilities within seven days, Google says

Vendors should issue fixes or at least mitigation advice for zero-day flaws within a seven-day time frame, Google security engineers say

FAQ on global supply-chain security standard to prevent IT tampering, counterfeiting

Whether you're buying or selling hardware and software, or acting as systems integrator, the new supply-chain security standard put forward by the Open Group in April could end up having a huge impact on you. Here are a few...

Oracle renumbers Java patch updates, confuses users even more

New numbering scheme necessary to take into account increase in zero-day patches

7 steps to securing Java

Java, the popular OS-independent platform and programming language, runs on just about every kind of electronic device imaginable, including computers, cell phones, printers, TVs, DVDs, home security systems, automated teller...

Recently patched Java flaw already targeted in mass attacks, researchers say

Researchers advise users to upgrade to Java 7 Update 21 as soon as possible if they haven't already

Serious flaw present in latest Java Runtime Environment for desktops and servers, researchers say

Researchers from Security Explorations claim to have found a new sandbox bypass vulnerability in the Java 7 Reflection API component

Java 7 Update 21 to fix bugs, change applet warning messages

The new update will fix 42 security issues, 39 of which are remotely exploitable

Most Java-enabled browsers vulnerable to widespread Java exploits, Websense says

Only 5 percent of actively used browser installations have the most up-to-date version of the Java plug-in, the vendor's data shows

Load More
You Might Also Like