Hackers turn their back on exploiting Java, to focus on Flash flaws

The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.

How to update Java – or uninstall it completely!

Protect your computer better by keeping Java updated, or eradicate it completely.

Yasin Soliman explains.

Plugins – yes, they’re handy but they also increase the surface of attack

Whichever web browser you are using, you should know that using any plugin runs the risk of putting your system – and your data – in increased peril.

Yasin Soliman reports.

The upcoming death of the Java plugin has been announced. No flowers please

For twenty years people have been running Java in their browsers. And for much of that time, malicious hackers have been exploiting vulnerabilities in the plugin to infect computers.

Read more in my article on the Tripwire State of Security blog.

Oracle ordered to admit it deceived users over Java security updates for years

You would probably like to imagine that if you have been religiously installing Java security updates over the years that you’ve been doing your bit to reduce the opportunities for hackers to exploit the software on your computers.

Well, it’s not quite as simple as that.

Read more on the Hot for Security blog.

Imagine being reincarnated as the guy in charge of Oracle security…

As patches for 154 vulnerabilities are announced, consider for a second how it must suck to be Eric Maurice – the guy in charge of software security assurance at Oracle.

Hopefully you’ve either updated Java, or removed it from your computer

Oracle issued a Godzilla-sized Critical Patch Update on Tuesday, fixing a stonking 193 new security vulnerabilities in its software.

And with at least one new Java vulnerability being actively exploited in the wild, it’s time you did something about it.

A new Java zero-day vulnerability is being exploited in the wild

Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.

Read more in my article on the Lumension Optimal Security blog.

Oracle has just given you another reason not to install Java on your Mac

I think it’s great that Oracle is showing its contempt for Java users in this way. The company’s transparency should be applauded.

Flashback, the biggest Mac malware attack of all time. Is it still a threat?

Should we still be fearful of Flashback and why might educational establishments be particularly troubled by the notorious Mac malware?

Read more in my article on the Intego Mac Security blog.

Critical patches for Java released – Patch now or put it out of its misery

Oracle’s latest security update is said to fix 20 vulnerabilities in Java, all of which can be exploited by remote hackers bent on breaking into and compromising your computer. You should be asking yourself if you need Java at all…

Learn more in my article on the Intego Mac Security blog.

Java on XP? Is it still supported, and what should you do about it?

Hold your horses… Java may not be quite as dead as you thought on Windows XP.

But maybe it should be…

Game of Thrones cancelled? Beware bogus Java update

If you’re a fan of “Game of Thrones”, you probably want to be wary of messages that claim the hit TV series has been cancelled.

They could all be a lure to trick you into downloading a malicious Java update.

CryptoDefense ransomware infects via Java drive-by exploit

Boffins at security firm Bromium have discovered that the CryptoDefense malware has been spread via boobytrapped webpages, in an attempt to make more money for its creators.

Once again, turning off Java could help protect you.

Isn’t it time Oracle gave us monthly security updates for Java?

For those of us concerned with securing systems and keeping computer data safe, Java has been a nightmare.

It’s time for Oracle to get serious about Java security updates.

YouTube ads spread banking malware

Security researchers at Bromium have discovered that hackers were spreading malware onto computers while unsuspecting users were watching YouTube videos.

The drive-by-download attack was distributed via adverts shown on the YouTube website, and used an exploit kit to infect Windows PCs with a version of the Caphaw banking Trojan.