Dark Reading

Java Security 'Fix' Is Disguised Malware Attack

Beware any Java security update that you don't download directly from Oracle's website. The malware may be encountered when visiting websites that have been compromised with a crimeware toolkit and ...
CRN

5 Significant Java Security Improvements That Foil Attacks

Oracle has been under pressure to address gaping security vulnerabilities and configuration weaknesses in its Java Runtime Environment, which has become the most widely exploited software platform on ...
ZDNet

GitHub security alerts now support Java and .NET projects

Code hosting service GitHub has updated its platform this week, and among the many developer-centric changes, the company also rolled out three new security features for project owners. The most ...
Threat Post

Mixed Reviews on Oracle’s Java Security Update

Oracle announced enhancements to Java security around signed applets and certificate validation, but experts such as HD Moore want to see more work done to beef up the Java sandbox. Oracle is working ...
TheServerSide

How JSR-375 simplifies and standardizes Java EE security

When leafing through the pages of the recently ratified JSR-375, the new Java EE Security API, it's amusing how quickly the reading of the spec turns into an exercise of uttering to yourself, ...
adtmag.com

Older Versions Threaten Java Security; Experts Weigh In

Bit9 released a report last week underscoring the ongoing security risk to the enterprise posed by outdated versions of Java still up and running on company machines -- versions of the platform with ...