Java

Facebook security reveals zero-day Java attack

Facebook security reveals zero-day Java attack

It's never good when you have to make an official report to the public about a hacker attack your multi-billion dollar social network has had. That's what's happened this week as Facebook's Chief Security Officer Joe Sullivan lets it be known that several engineers on staff with Facebook had been the subject of a zero-day Java exploit. The good news is that no customer data was exposed (that's your stuff), the bad news is that Facebook wasn't the only company targeted by this attack.

Continue Reading

Apple says no to Java 7, blocks browser plug-in

Apple says no to Java 7, blocks browser plug-in

You've likely already heard of the Java security scandal, which was something Oracle looked to fix quickly with an update to the software. Even though Oracle says it has patched the issue, some entities disagree. The latest to add its name to the list of dissenters seems to be Apple, as it has decided to block the Java 7 browser plug-in, even after the update was delivered by Oracle.

Continue Reading

SlashGear Evening Wrap-Up: January 15, 2013

SlashGear Evening Wrap-Up: January 15, 2013

Welcome to Tuesday evening, everyone. The afternoon started off with something of a bang with Facebook's big event, during which the company revealed the service's new Graph Search and explained the difference between the new feature and traditional web search. It also announced that it was partnering with Bing for search results in Graph Search, while we used the latest installment of SlashGear 101 to give you all of the details about this new feature.

Continue Reading

Java tipped in Red October – may be Homeland Security’s hang-up

Java tipped in Red October – may be Homeland Security’s hang-up

Over the past several days, the US Department of Homeland Security has issued warnings against using Java due to newly discovered security weaknesses - today it's been tipped that the Red October cyberespionage attacks may have had their own Java iterations. The two have not been put together by the Israeli IT security firm Seculert, the group that today suggests Red October was implemented not just via email downloads and USB sticks, but through web-based Java exploits as well. Could that and Homeland Security's warning be timed both right here at this point in time together without any relation to one another?

Continue Reading

Homeland Security still warns against Java use despite fix

Homeland Security still warns against Java use despite fix

Well that didn't last very long: this morning Oracle released a fix for a Java vulnerability that had the government suggesting users turn off the software. As it turns out, The Department of Homeland Security is still saying that Java poses a risk, despite the fix. The Department said in an updated security note this afternoon that Java 7 Update 11 may not actually restrict access to privileged code.

Continue Reading

Java fix released after “do not use” warning

Java fix released after “do not use” warning

Oracle has quickly whipped up a fix for its much-maligned Java, after the US Department of Homeland Security recommended web users disable or remove the software to secure their internet use. Java 7 Update 11, released late on Sunday, changes the default security settings so that unsigned Java applets or Web Start applications prompt for permission to run first, as opposed to the potentially dangerous previous behavior where they could operate without permission.

Continue Reading

Turn off Java, they warn… Here’s how you do it

Turn off Java, they warn… Here’s how you do it

Security advice for web users last week from the US Department of Homeland Security recommended that Java should be disabled, lest a growing number of exploits leave your computer open to hacking. "Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered" the US-CERT warned, and argued that users should "consider disabling Java in web browsers until adequate updates are available." Read on past the cut for cross-browser details as to how to do that.

Continue Reading

Users advised to disable Java due to security weakness

Users advised to disable Java due to security weakness

Yesterday, the Department of Homeland Security issued a warning regarding Java, advising users to disable it in their web browsers. Following this was a Critical Patch Update Pre-Release Announcement from Oracle, which suggests that users temporarily disable it because of security issues. Says the advisement, Java leaves the computer open to attack.

Continue Reading

Apple removes Java from OS X browsers with Mac update

Apple removes Java from OS X browsers with Mac update

On Wednesday, Apple released a Mac update for Lion and Mountain Lion that strips all Mac browsers of the Java plugin, another move in the company's effort to distance itself from Oracle's Java software. Once the update is installed, users presented with Java content will see a placeholder that reads "Missing Plug-in." After which point, users can then download the plug-in directly if desired.

Continue Reading

1 2 3 4 5 6