Oracle has shipped an update for its Java software that fixes at least eight critical security holes. If you have an affirmative use for Java, please update to the latest version; if you’re not sure why you have Java installed, it’s high time to remove the program once and for all. According to Oracle’s release notes , seven of the eight vulnerabilities may be remotely exploitable without authentication — meaning they could be exploited over a network by malware or miscreants without the need for a username and password.
Original release date: January 25, 2016 The Internal Revenue Service (IRS) has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all computer drives and files, making sure that tax preparers’ security software updates automatically, and using robust security software that helps block malware and viruses
First the NSA, and now GCHQ.
Another week, another pile of patches. If you use Apple or Oracle products, it’s time to download the latest updates to keep your computers and servers safe. Watch today’s video for a quick summary of the affected products and issue, and check the link below to learn more
Mozilla got serious about security early this new year by banning potentially weak certificates created using the SHA-1 hashing function. Unfortunately, many security vendors still use SHA-1, so this browser update broke some things. If you’ve been affected by the Firefox changes, or are concerned with our products stance on SHA-1 certificates, watch today’s video.
For those of you in the pentesting world,atom, the principal developer of hashcat and oclHashcat has announced that they are going to be released to open source . In the release he reveals a number of good reasons why it makes sense to do this at this time, but the biggest one being to permit advancement in the bitslicedDES GPU kernels. Essentially in order to take full advantage of the bitsliced GPU capabilities requires recompilation of the kernel at run time, and this requires the source code to hashcat be available.
The U .S. Federal Trade Commission this past week announced it reached settlements with software giant Oracle and identity protection firm LifeLock over separate charges of allegedly deceiving users and customers about security. LifeLock agreed to pay $100 million for violating a 2010 promise to cease deceptive advertising practices