The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations - outdated software, bad code, abandoned digital properties, or user errors - that contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.
In a recent poll, half of the senior IT professionals polled said their Java applications are vulnerable (32%) or very vulnerable (17%) to attacks.
Oracle's Quarterly Critical Patch Update (CPU) is never a minor event.
University of Sussex student Simon Bell has reverse-engineered the Android Simplocker (Simplelocker) ransomware, and has created a Java program that can be converted into an Android app to decrypt the files encrypted by the malware.
Polish security start-up Security Explorations has publicly released technical details and Proof-of-Concept code for 30 security vulnerabilities they found in Oracle Java Cloud Service, which allows customers to deploy their Java applications on WebLogic server clusters.