Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle's Java plugin and other plugins that use the old NPAPI (Netscape Plugin API).
Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab.
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations - outdated software, bad code, abandoned digital properties, or user errors - that contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.
In a recent poll, half of the senior IT professionals polled said their Java applications are vulnerable (32%) or very vulnerable (17%) to attacks.
Oracle's Quarterly Critical Patch Update (CPU) is never a minor event.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.