Hackers turn their back on exploiting Java, to focus on Flash flaws

The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.

How to update Java – or uninstall it completely!

Protect your computer better by keeping Java updated, or eradicate it completely.

Yasin Soliman explains.

Plugins – yes, they’re handy but they also increase the surface of attack

Whichever web browser you are using, you should know that using any plugin runs the risk of putting your system – and your data – in increased peril.

Yasin Soliman reports.

The upcoming death of the Java plugin has been announced. No flowers please

For twenty years people have been running Java in their browsers. And for much of that time, malicious hackers have been exploiting vulnerabilities in the plugin to infect computers.

Read more in my article on the Tripwire State of Security blog.

Oracle ordered to admit it deceived users over Java security updates for years

You would probably like to imagine that if you have been religiously installing Java security updates over the years that you’ve been doing your bit to reduce the opportunities for hackers to exploit the software on your computers.

Well, it’s not quite as simple as that.

Read more on the Hot for Security blog.

Imagine being reincarnated as the guy in charge of Oracle security…

As patches for 154 vulnerabilities are announced, consider for a second how it must suck to be Eric Maurice – the guy in charge of software security assurance at Oracle.

Hopefully you’ve either updated Java, or removed it from your computer

Oracle issued a Godzilla-sized Critical Patch Update on Tuesday, fixing a stonking 193 new security vulnerabilities in its software.

And with at least one new Java vulnerability being actively exploited in the wild, it’s time you did something about it.

A new Java zero-day vulnerability is being exploited in the wild

Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.

Read more in my article on the Lumension Optimal Security blog.

The US Navy wants to buy your zero-day vulnerabilities

One likes to assume that the US Navy is planning to use the exploits to test and harden its own systems, rather than potentially exploit the computer systems of others.

But in this day and age, who knows…

Oracle has just given you another reason not to install Java on your Mac

I think it’s great that Oracle is showing its contempt for Java users in this way. The company’s transparency should be applauded.

Critical patches for Java released – Patch now or put it out of its misery

Oracle’s latest security update is said to fix 20 vulnerabilities in Java, all of which can be exploited by remote hackers bent on breaking into and compromising your computer. You should be asking yourself if you need Java at all…

Learn more in my article on the Intego Mac Security blog.

Java on XP? Is it still supported, and what should you do about it?

Hold your horses… Java may not be quite as dead as you thought on Windows XP.

But maybe it should be…

Game of Thrones cancelled? Beware bogus Java update

If you’re a fan of “Game of Thrones”, you probably want to be wary of messages that claim the hit TV series has been cancelled.

They could all be a lure to trick you into downloading a malicious Java update.

CryptoDefense ransomware infects via Java drive-by exploit

Boffins at security firm Bromium have discovered that the CryptoDefense malware has been spread via boobytrapped webpages, in an attempt to make more money for its creators.

Once again, turning off Java could help protect you.

Isn’t it time Oracle gave us monthly security updates for Java?

For those of us concerned with securing systems and keeping computer data safe, Java has been a nightmare.

It’s time for Oracle to get serious about Java security updates.

Adobe Flash zero day exploit patched, after foreign policy websites compromised

Adobe Flash users are once again being told they need to update their software, after a new zero-day exploit was discovered.

The critical security flaw in in Adobe Flash Player was uncovered after hackers targeted visitors to a number of different foreign and economic policy websites dealing with matters of national security.