JAVA JRE 60 |
2009-03-25 | David Goldsmith | Java Runtime Environment 6.0 Update 13 Released |
JAVA |
2024-03-28/a> | Xavier Mertens | From JavaScript to AsyncRAT |
2024-02-28/a> | Johannes Ullrich | Exploit Attempts for Unknown Password Reset Vulnerability |
2024-02-21/a> | Jan Kopriva | Phishing pages hosted on archive.org |
2023-11-17/a> | Jan Kopriva | Phishing page with trivial anti-analysis features |
2023-05-20/a> | Xavier Mertens | Phishing Kit Collecting Victim's IP Address |
2022-06-16/a> | Xavier Mertens | Houdini is Back Delivered Through a JavaScript Dropper |
2022-06-01/a> | Jan Kopriva | HTML phishing attachments - now with anti-analysis features |
2022-03-31/a> | Johannes Ullrich | Spring Vulnerability Update - Exploitation Attempts CVE-2022-22965 |
2022-03-30/a> | Johannes Ullrich | Possible new Java Spring Framework Vulnerability (Updated: not a Spring problem) |
2022-03-30/a> | Johannes Ullrich | Java Springtime Confusion: What Vulnerability are We Talking About |
2022-01-18/a> | Jan Kopriva | Phishing e-mail with...an advertisement? |
2021-11-18/a> | Xavier Mertens | JavaScript Downloader Delivers Agent Tesla Trojan |
2021-10-21/a> | Brad Duncan | "Stolen Images Evidence" campaign pushes Sliver-based malware |
2021-10-09/a> | Guy Bruneau | Scanning for Previous Oracle WebLogic Vulnerabilities |
2021-05-22/a> | Xavier Mertens | "Serverless" Phishing Campaign |
2021-05-18/a> | Xavier Mertens | From RunDLL32 to JavaScript then PowerShell |
2021-04-28/a> | Xavier Mertens | Deeper Analyzis of my Last Malicious PowerPoint Add-On |
2021-01-22/a> | Xavier Mertens | Another File Extension to Block in your MTA: .jnlp |
2020-11-13/a> | Xavier Mertens | Old Worm But New Obfuscation Technique |
2020-07-24/a> | Xavier Mertens | Compromized Desktop Applications by Web Technologies |
2020-07-08/a> | Xavier Mertens | If You Want Something Done Right, You Have To Do It Yourself... Malware Too! |
2020-06-11/a> | Xavier Mertens | Anti-Debugging JavaScript Techniques |
2020-03-27/a> | Xavier Mertens | Malicious JavaScript Dropping Payload in the Registry |
2019-08-09/a> | Xavier Mertens | 100% JavaScript Phishing Page |
2019-06-10/a> | Xavier Mertens | Interesting JavaScript Obfuscation Example |
2019-02-07/a> | Xavier Mertens | Phishing Kit with JavaScript Keylogger |
2018-07-13/a> | Xavier Mertens | Cryptominer Delivered Though Compromized JavaScript File |
2018-06-18/a> | Xavier Mertens | Malicious JavaScript Targeting Mobile Browsers |
2017-11-03/a> | Xavier Mertens | Simple Analysis of an Obfuscated JAR File |
2017-06-22/a> | Xavier Mertens | Obfuscating without XOR |
2017-03-24/a> | Xavier Mertens | Nicely Obfuscated JavaScript Sample |
2017-03-04/a> | Xavier Mertens | How your pictures may affect your website reputation |
2017-02-12/a> | Xavier Mertens | Analysis of a Suspicious Piece of JavaScript |
2016-08-28/a> | Guy Bruneau | Spam with Obfuscated Javascript |
2016-06-18/a> | Rob VandenBrink | Controlling JavaScript Malware Before it Runs |
2016-02-20/a> | Didier Stevens | Locky: JavaScript Deobfuscation |
2016-02-07/a> | Xavier Mertens | More Malicious JavaScript Obfuscation |
2016-01-15/a> | Xavier Mertens | JavaScript Deobfuscation Tool |
2015-11-09/a> | John Bambenek | ICYMI: Widespread Unserialize Vulnerability in Java |
2015-08-07/a> | Tony Carothers | Critical Firefox Update Today |
2014-12-06/a> | Rick Wanner | Google App Engine Java Security Sandbox bypasses |
2014-08-29/a> | Johannes Ullrich | False Positive or Not? Difficult to Analyze Javascript |
2014-07-15/a> | Daniel Wesemann | Oracle Java: 20 new vulnerabilities patched |
2014-07-13/a> | Tony Carothers | Oracle July 2014 Update Pre-Notification |
2014-07-05/a> | Guy Bruneau | Java Support ends for Windows XP |
2014-07-02/a> | Johannes Ullrich | Simple Javascript Extortion Scheme Advertised via Bing |
2013-12-23/a> | Rob VandenBrink | How-To's for the Holidays - Java Whitelisting using AD Group Policy |
2013-10-28/a> | Daniel Wesemann | Exploit cocktail (Struts, Java, Windows) going after 3-month old vulnerabilities |
2013-10-15/a> | Rob VandenBrink | Java Quarterly Updates |
2013-09-10/a> | Swa Frantzen | More Black Tuesday workload |
2013-08-07/a> | Johannes Ullrich | Firefox 23 and Mixed Active Content |
2013-04-23/a> | Russ McRee | Microsoft's Security Intelligence Report (SIRv14) released |
2013-04-19/a> | Russ McRee | Java 8 release schedule delayed for renewed focus on security |
2013-04-16/a> | Rob VandenBrink | Java 7 Update 21 is available - Watch for Behaviour Changes ! |
2013-03-07/a> | Guy Bruneau | Apple Blocking Java Web plug-in |
2013-03-05/a> | Richard Porter | Java j6u43 update #YAJU http://www.oracle.com/technetwork/java/javase/6u43-relnotes-1915290.html |
2013-03-04/a> | Richard Porter | Java 7u17 update #YAJU http://www.oracle.com/technetwork/java/javase/7u17-relnotes-1915289.html |
2013-03-01/a> | Jim Clausing | And the Java 0-days just keep on coming |
2013-02-26/a> | Rob VandenBrink | All I need Java for is .... |
2013-02-20/a> | Johannes Ullrich | Update Palooza |
2013-02-19/a> | Johannes Ullrich | Oracle Updates Java (Java 7 Update 15, Java 6 update 41) |
2013-02-08/a> | Kevin Shortt | Is it Spam or Is it Malware? |
2013-02-01/a> | Jim Clausing | Oracle quitely releases Java 7u13 early |
2013-01-19/a> | Guy Bruneau | Java 7 Update 11 Still has a Flaw |
2013-01-15/a> | Rob VandenBrink | When Disabling IE6 (or Java, or whatever) is not an Option... |
2013-01-13/a> | Stephen Hall | Java 0-Day patched as Java 7 U 11 released |
2013-01-12/a> | Stephen Hall | Java 0-day impact to Java 6 (and beyond?) |
2013-01-10/a> | Johannes Ullrich | Java is still exploitable and is likely going to remain so. |
2012-11-01/a> | Daniel Wesemann | Patched your Java yet? |
2012-10-18/a> | Rob VandenBrink | Another Java update! Java SE 1.6.0_37 Available ==> http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html |
2012-10-17/a> | Rob VandenBrink | Time to update - Java version 7 update 9 (JRE 7u9, JDK 7u9) is out! Release notes here - http://www.oracle.com/technetwork/java/javase/7u9-relnotes-1863279.html |
2012-09-01/a> | Russ McRee | Blackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish |
2012-08-31/a> | Russ McRee | Not so fast: Java 7 Update 7 critical vulnerability discovered in less than 24 hours |
2012-08-27/a> | Kevin Liston | Quick Bits about Today's Java 0-Day |
2012-08-05/a> | Daniel Wesemann | Phishing for Payroll with unpatched Java |
2012-06-25/a> | Guy Bruneau | Using JSDetox to Analyze and Deobfuscate Javascript |
2012-06-12/a> | Swa Frantzen | Java 7u5 and 6u33 released |
2012-05-22/a> | Johannes Ullrich | nmap 6 released |
2012-04-25/a> | Daniel Wesemann | Blacole's obfuscated JavaScript |
2012-04-12/a> | Guy Bruneau | Apple Java Updates for Mac OS X |
2012-04-06/a> | Johannes Ullrich | Another OS X Java Patch |
2012-03-25/a> | Daniel Wesemann | evilcode.class |
2012-02-16/a> | Tony Carothers | Java Update for February |
2012-01-22/a> | Johannes Ullrich | Javascript DDoS Tool Analysis |
2012-01-03/a> | Bojan Zdrnja | The tale of obfuscated JavaScript continues |
2011-12-12/a> | Daniel Wesemann | Java 6u30 released |
2011-12-10/a> | Daniel Wesemann | Unwanted Presents |
2011-12-07/a> | Lenny Zeltser | V8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation |
2011-10-22/a> | Guy Bruneau | Oracle Java SE Critical Patch Update |
2011-09-05/a> | Raul Siles | Java 7 Officially Released |
2011-08-19/a> | Kevin Shortt | Java SE 6 Update 27 released. No security updates, many bug fixes ==> http://www.oracle.com/technetwork/java/javase/6u27-relnotes-444147.html |
2011-07-28/a> | Guy Bruneau | Java 7.0 released. Get it here - http://blogs.oracle.com/javase/entry/java_7_has_released |
2011-06-28/a> | Johannes Ullrich | Update: Java update for OS X fixes security issues http://support.apple.com/kb/HT1222 |
2011-06-07/a> | Johannes Ullrich | Oracle Releases Java Version 1.6.0.26 http://java.com/en/download/manual.jsp |
2011-06-06/a> | Manuel Humberto Santander Pelaez | Phishing: Same goal, same techniques and people still falling for such scams |
2011-06-03/a> | Guy Bruneau | Oracle Java SE Critical Patch Update Pre-Release Announcement - June 2011 |
2011-05-01/a> | Deborah Hale | Java 6.25 Is Now Available |
2011-04-23/a> | Manuel Humberto Santander Pelaez | Image search can lead to malware download |
2011-03-09/a> | Jim Clausing | Apple updates Java |
2011-02-15/a> | Jason Lam | Oracle Java 6 Update 24 |
2011-02-09/a> | Mark Hofman | Java Floating point issue (CVE-2010-4476) |
2011-02-04/a> | Daniel Wesemann | Oh, just click "yes" |
2010-12-29/a> | Daniel Wesemann | Beware of strange web sites bearing gifts ... |
2010-12-24/a> | Daniel Wesemann | A question of class |
2010-12-08/a> | Rob VandenBrink | Java 6, Update 23 is out => http://java.sun.com/javase/6/webnotes/ReleaseNotes.html , http://www.oracle.com/technetwork/java/javase/6u23releasenotes-191058.html , http://www.oracle.com/technetwork/java/javase/2col/6u23bugfixes-191074.html |
2010-12-02/a> | Kevin Johnson | Robert Hansen and our happiness |
2010-11-11/a> | Daniel Wesemann | Java Exploits |
2010-07-18/a> | Manuel Humberto Santander Pelaez | New metasploit GUI written in Java |
2010-07-04/a> | Manuel Humberto Santander Pelaez | Malware inside PDF Files |
2010-05-23/a> | Manuel Humberto Santander Pelaez | Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability |
2010-04-10/a> | Andre Ludwig | New bug/exploit for javaws |
2010-04-02/a> | Guy Bruneau | Oracle Java SE and Java for Business Critical Patch Update Advisory |
2010-03-05/a> | Kyle Haugsness | Javascript obfuscators used in the wild |
2010-01-13/a> | Guy Bruneau | Sun Java JRE 6 Update 18 Released |
2009-12-05/a> | Guy Bruneau | Java JRE Buffer and Integer Overflow |
2009-09-08/a> | Guy Bruneau | Bug Fixes in Sun SDK 5 and Java SE 6 |
2009-08-04/a> | donald smith | Java Security Update |
2009-07-15/a> | Bojan Zdrnja | Make sure you update that Java |
2009-07-01/a> | Bojan Zdrnja | Mobile phone trojans |
2009-06-10/a> | Swa Frantzen | Java 6 update 14 released |
2009-05-22/a> | Mark Hofman | Patching and Apple - Java issue |
2009-05-04/a> | Tom Liston | Adobe Reader/Acrobat Critical Vulnerability |
2009-04-07/a> | Bojan Zdrnja | Advanced JavaScript obfuscation (or why signature scanning is a failure) |
2009-04-02/a> | Bojan Zdrnja | JavaScript insertion and log deletion attack tools |
2009-03-25/a> | David Goldsmith | Java Runtime Environment 6.0 Update 13 Released |
2009-02-25/a> | Andre Ludwig | Adobe Acrobat pdf 0-day exploit, No JavaScript needed! |
2009-02-10/a> | Swa Frantzen | Java up to date ? |
2008-07-14/a> | Daniel Wesemann | Obfuscated JavaScript Redux |
2008-07-09/a> | Johannes Ullrich | Java Update |
2008-06-30/a> | Marcus Sachs | More SQL Injection with Fast Flux hosting |
2008-05-20/a> | Raul Siles | List of malicious domains inserted through SQL injection |
2008-05-20/a> | Raul Siles | Java 6 Update 6 has been released |
2008-04-06/a> | Daniel Wesemann | Advanced obfuscated JavaScript analysis |
2008-04-03/a> | Bojan Zdrnja | Mixed (VBScript and JavaScript) obfuscation |
JRE |
2020-07-08/a> | Xavier Mertens | If You Want Something Done Right, You Have To Do It Yourself... Malware Too! |
2012-03-09/a> | Guy Bruneau | VMware New and Updated Advisories |
2011-10-18/a> | Rob VandenBrink | Java SE 6 Update 29 - http://www.oracle.com/technetwork/java/javase/6u29-relnotes-507960.html . Of particular interest is the Blocklist feature (introduced in 6u14) - http://www.oracle.com/technetwork/java/javase/6u14-137039.html#blocklist-jar-6u14 |
2010-01-30/a> | Stephen Hall | New and updated VMWare advisories |
2010-01-13/a> | Guy Bruneau | Sun Java JRE 6 Update 18 Released |
2009-12-05/a> | Guy Bruneau | Java JRE Buffer and Integer Overflow |
2009-03-25/a> | David Goldsmith | Java Runtime Environment 6.0 Update 13 Released |
60 |
2023-02-22/a> | Johannes Ullrich | Internet Wide Scan Fingerprinting Confluence Servers |
2022-06-27/a> | Johannes Ullrich | Encrypted Client Hello: Anybody Using it Yet? |
2021-11-20/a> | Guy Bruneau | Hikvision Security Cameras Potentially Exposed to Remote Code Execution |
2021-06-11/a> | Xavier Mertens | Sonicwall SRA 4600 Targeted By an Old Vulnerability |
2020-01-16/a> | Bojan Zdrnja | Summing up CVE-2020-0601, or the Let?s Decrypt vulnerability |
2020-01-15/a> | Johannes Ullrich | CVE-2020-0601 Followup |
2019-11-19/a> | Johannes Ullrich | Cheap Chinese JAWS of DVR Exploitability on Port 60001 |
2016-01-31/a> | Guy Bruneau | OpenSSL 1.0.2 Advisory and Update |
2014-04-08/a> | Guy Bruneau | OpenSSL CVE-2014-0160 Fixed |
2010-01-09/a> | G. N. White | What's Up With All The Port Scanning Using TCP/6000 As A Source Port? |
2009-03-25/a> | David Goldsmith | Java Runtime Environment 6.0 Update 13 Released |
2006-11-20/a> | Joel Esler | MS06-070 Remote Exploit |