Chester talks to Paul Ducklin in Sophos Security Chet Chat Episode 101.
Spend an enjoyable quarter-hour as our duo take on a range of security issues with their usual mixture of insight, expertise, scepticism, advice and occasional outright puzzlement.
"Unless it is absolutely necessary to run Java in web browsers, disable it", DHS-sponsored CERT team says
Can you really justify having Java installed on your main web browser any more? Even if you have installed the latest security patch?
It's time to rip Java out of your browser for better security... unless you have a really good reason not to.
After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.
In the past 24 hours, many popular exploit kits have been found to be targeting what appears to be a new zero-day vulnerability in Java. Read this article for advice on how to fend off these attacks.
Last week Oracle released Java 7 update 10 to the world without fixing a single vulnerability. That doesn't mean there aren't serious security improvements though. New settings could make Java users much safer from here forward.
Mac malware has been found on a website related to the Dalai Lama, capable of allowing hackers to steal files and spy on keystrokes.
A new round of spams proclaims you have been charged for a large purchase from Apple.
All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.
Are some of the different variants of Blackhole exploit kit that SophosLabs are seeing actually new versions of this popular Exploit kit? Or simply copycats created by other groups?
Oracle patches Java, then Apple issues its own updates. You can never be quite sure how long that's going to take.
This month, it all happened pretty quickly - and Apple took the opportunity to kick Java out of your browser at the same time...
As someone looking after IT for your company, how do you react to reports of vulnerabilites like those seen recently in Java and Internet Explorer?
The same team of Polish researchers who discovered a critical security hole in Oracle’s Java software say that they uncovered another such hole, which could be used to bypass the secure application “sandbox” on most recent versions of Java.
Hackers claim to have stolen a database of 12,367,232 Apple device IDs, and personal information such as full names, cellphone numbers, addresses and zipcodes belonging to iPhone and iPad users.
And where do they claim they stole this information? From an FBI laptop... via a Java vulnerability.
Online scammers are using a recent email from Microsoft Corp. as bait in a widespread phishing campaign that exploits vulnerabilities in Oracle’s Java software to install malicious programs on vulnerable systems.
Java brings with it some significant risks, yet for many people, it's "just there on my computer."
In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.
Oracle has released an emergency update fixing four vulnerabilities affecting both Java 6 and Java 7 users.