java – PossibleThreat Articles

Security Sophos

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

April 28, 2022 0 Comments cih, Firewall, java, malware, Naked Security Podcast, oracle, Podcast, Privacy, Ransomware, ztna

Credit to Author: Paul Ducklin| Date: Thu, 28 Apr 2022 13:18:25 +0000

Latest episode – listen now!

Security Sophos

Critical cryptographic Java security blunder patched – update now!

April 20, 2022 0 Comments Cryptography, cve-2022-21449, digital signature, java, oracle, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 20 Apr 2022 16:43:05 +0000

Either know the private key and use it scrupulously in your digital signature calculation…. or just send a bunch of zeros instead.

QuickHeal Security

Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework

April 6, 2022 0 Comments #zeroday, advisory, cyberattack, java, rce, spring4shell, springshell, vulnerability

Credit to Author: Shiv Mohan| Date: Wed, 06 Apr 2022 12:53:22 +0000

A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell…

The post Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Security Sophos

“VMware Spring Cloud Function” Java bug gives instant remote code execution – update now!

April 1, 2022 0 Comments cve-2022-22963, java, log4she;;, spel, spring, spring cloud, spring expression resource, Uncategorized

Credit to Author: Paul Ducklin| Date: Wed, 30 Mar 2022 20:38:07 +0000

Easy unauthenticated remote code execution – PoC code already out

Security Sophos

“VMWare Spring Cloud” Java bug gives instant remote code execution – update now!

March 30, 2022 0 Comments cve-2022-22963, java, log4she;;, spel, spring, spring cloud, spring expression resource, Uncategorized

Credit to Author: Paul Ducklin| Date: Wed, 30 Mar 2022 16:38:07 +0000

Easy unauthenticated remote code execution – PoC code already out

Security Sophos

Tor browser fixes bug that allows JavaScript to run when disabled

March 17, 2020 0 Comments anonymity, browser privacy, firefox, java, JavaScript, noscript, Privacy, security threats, the onion router, Tor, tor browser, vulnerability, Web Browsers

Credit to Author: John E Dunn| Date: Tue, 17 Mar 2020 12:16:27 +0000

The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/es39u8LUhmk” height=”1″ width=”1″ alt=””/>

Security Sophos

Serious Security: The decade-ending “Y2K bug” that wasn’t

December 23, 2019 0 Comments Bug, code review, java, serious security, testing, vulnerability, y2k

Credit to Author: Paul Ducklin| Date: Mon, 23 Dec 2019 17:43:20 +0000

We explain why you really need to RTFM. Even if TFM is very long and complicated and you are very experienced.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/hCkMBFmx46A” height=”1″ width=”1″ alt=””/>

Security Sophos

Npm patches two serious bugs

December 16, 2019 0 Comments cve-2019-16775, cve-2019-16776, cve-2019-16777, java, JavaScript, javascript packages, npm, Patch, Patches, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Mon, 16 Dec 2019 10:57:26 +0000

JavaScript package users have been warned to update due to a bug that could enable an attacker to infect them with malicious applications.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Yb7pRyvF7Uo” height=”1″ width=”1″ alt=””/>