The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations - outdated software, bad code, abandoned digital properties, or user errors - that contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.
In a recent poll, half of the senior IT professionals polled said their Java applications are vulnerable (32%) or very vulnerable (17%) to attacks.
Oracle's Quarterly Critical Patch Update (CPU) is never a minor event.
University of Sussex student Simon Bell has reverse-engineered the Android Simplocker (Simplelocker) ransomware, and has created a Java program that can be converted into an Android app to decrypt the files encrypted by the malware.
Polish security start-up Security Explorations has publicly released technical details and Proof-of-Concept code for 30 security vulnerabilities they found in Oracle Java Cloud Service, which allows customers to deploy their Java applications on WebLogic server clusters.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.