Latest Java zero-day exploit renews calls to disable it
Oracle contributes to the problem by not working more closely with the security industry on Java defenses, one security expert said
Oracle contributes to the problem by not working more closely with the security industry on Java defenses, one security expert said
When Adobe last week issued an <a href="https://www.adobe.com/support/security/advisories/apsa11-04.html">advisory</a> about a dangerous <a href="http://www.networkworld.com/news/2011/120611-hackers-exploit-adobe-reader-zero-day-253810.html">zero-day attack</a> based on an unpatched Adobe Reader vulnerability that was being exploited in the wild to try and seize control of both PCs and Macs, it credited Lockheed Martin for sounding the alarm about it.
Zero-day exploits are nerve-racking for IT professionals but are far less dangerous than unpatched older vulnerabilities for which fixes are available, Microsoft says.
Identity thieves are offering a person's credit-card number, date of birth and other sensitive information for as little as US$14 over the internet, says a new report on online threats released this week.
A bug hunter who had promised to disclose one zero-day bug in Oracle databases every day for a whole week in December has abruptly canceled his plans to do so.