Mac users who ignore the warning signs can be bitten by the Adwind RAT

The cross-platform remote access trojan (RAT) Adwind drops a payload onto Mac computers only after users overlook a series of potential red flags.

David Bisson reports.

Hackers turn their back on exploiting Java, to focus on Flash flaws

The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.

How to update Java – or uninstall it completely!

Protect your computer better by keeping Java updated, or eradicate it completely.

Yasin Soliman explains.

Plugins – yes, they’re handy but they also increase the surface of attack

Whichever web browser you are using, you should know that using any plugin runs the risk of putting your system – and your data – in increased peril.

Yasin Soliman reports.

Java-based trojan has infected close to 450,000 victims since 2013

Security researchers have spotted an “unusual” cross-platform Java-based remote access trojan (RAT) that is believed to have infected 443,000 victims between 2013 and 2016.

David Bisson reports.

Oracle ordered to admit it deceived users over Java security updates for years

You would probably like to imagine that if you have been religiously installing Java security updates over the years that you’ve been doing your bit to reduce the opportunities for hackers to exploit the software on your computers.

Well, it’s not quite as simple as that.

Read more on the Hot for Security blog.

Imagine being reincarnated as the guy in charge of Oracle security…

As patches for 154 vulnerabilities are announced, consider for a second how it must suck to be Eric Maurice – the guy in charge of software security assurance at Oracle.

Hopefully you’ve either updated Java, or removed it from your computer

Oracle issued a Godzilla-sized Critical Patch Update on Tuesday, fixing a stonking 193 new security vulnerabilities in its software.

And with at least one new Java vulnerability being actively exploited in the wild, it’s time you did something about it.

A new Java zero-day vulnerability is being exploited in the wild

Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.

Read more in my article on the Lumension Optimal Security blog.

Oracle has just given you another reason not to install Java on your Mac

I think it’s great that Oracle is showing its contempt for Java users in this way. The company’s transparency should be applauded.

Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

Security researchers have discovered a criminal campaign exploiting the YouTube platform, where some of the site’s most popular videos have had malicious adverts displayed alongside them.

Flashback, the biggest Mac malware attack of all time. Is it still a threat?

Should we still be fearful of Flashback and why might educational establishments be particularly troubled by the notorious Mac malware?

Read more in my article on the Intego Mac Security blog.

Critical patches for Java released – Patch now or put it out of its misery

Oracle’s latest security update is said to fix 20 vulnerabilities in Java, all of which can be exploited by remote hackers bent on breaking into and compromising your computer. You should be asking yourself if you need Java at all…

Learn more in my article on the Intego Mac Security blog.

Java on XP? Is it still supported, and what should you do about it?

Hold your horses… Java may not be quite as dead as you thought on Windows XP.

But maybe it should be…

Game of Thrones cancelled? Beware bogus Java update

If you’re a fan of “Game of Thrones”, you probably want to be wary of messages that claim the hit TV series has been cancelled.

They could all be a lure to trick you into downloading a malicious Java update.

YouTube ads spread banking malware

Security researchers at Bromium have discovered that hackers were spreading malware onto computers while unsuspecting users were watching YouTube videos.

The drive-by-download attack was distributed via adverts shown on the YouTube website, and used an exploit kit to infect Windows PCs with a version of the Caphaw banking Trojan.