The rise of Java exploits
Posted on 19 October 2010.
Sifting through the data collected and analyzed in order to compile the latest Microsoft Security Intelligence Report, senior program manager Holly Stewart came to an interesting conclusion: Java exploits have become way more popular with hackers than the Adobe-related ones:

This enormous jump is, according to Stewart, due to the fact that three particular vulnerabilities are being constantly exploited. Brian Krebs offers his own explanation: Java exploits have been incorporated into a number of popular exploit packs (Eleonore, Crimepack, SEO Sploit Pack, Blackhole).

These vulnerabilities have been patched for a while, but the problem is that users fail to update Java on their system. "Java is ubiquitous, and, as was once true with browsers and document readers like Adobe Acrobat, people don't think to update it. On top of that, Java is a technology that runs in the background to make more visible components work. How do you know if you have Java installed or if it's running?" says Stewart.

Given that Oracle has recently issued a Java security update that patches nearly 30 vulnerabilities, this would be a good time for all users to update the program or check for its existence on their systems and then update it. And while they're at it, they could configure the built-in updater to check for new versions every week.


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Wed, Aug 27th