[zANTI] The Power of Backtrack on your Android

Android Network Toolkit also known as zANTI is the most comprehensive and refined pentest tool for android by Zimperium. Zimperium is founded by white hat hacker Itzhack ‘Zuk’ Avraham and also have Kevin Mitnick on there team! They also had recently held the Pentester’s WorldCup. zAnti still come...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries...

Malware attack on Apple employees by hackers who targeted Facebook

The same ring of hackers that are responsible for hacking into at least 40 companies including Facebook and Twitter are reportedly also infected the computers of some Apple employees, the company acknowledged Tuesday. The purpose of hack considered an effort to steal company secrets, research and...

OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the...

[SE-2012-01] 'Fix' for Issue 32 exploited by new Java 0-day code

Hello All, We were notified today of ongoing attacks with the use of a new Java vulnerability affecting latest version 7 Update 10 of the software 12. Due to the unpatched status of Issue 50 3 and some inquiries received regarding whether the attack code found exploited this bug, we had a quick...

Incomplete Java Patch Paved Way for Latest Zero Day Mess

The exploit targeting the latest zero-day vulnerability in the Java platform is dropping ransomware, and has been found in another exploit kit. Security experts, including U.S.-CERT last night, advise users and IT managers to disable Java on endpoints and browsers. Meanwhile, Polish security...

CVE-2012-4820

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600,...

CVE-2012-4820

CVE-2012-4820 affects IBM Java Runtime used in IBM WebSphere Real Time and other IBM products. The issue arises when code runs under a security manager, allowing remote attackers to escalate privileges by abusing insecure use of java.lang.reflect.Method invoke(). Affected IBM JREs include release...

New Mac Malware 'Dockster' Found on Dalai Lama site

A new trojan horse app called Dockster is targeting Mac users by exploiting a known Java vulnerability CVE-2012-0507. The trojan is apparently being delivered through a website gyalwarinpoche.com dedicated to the Dalai Lama and once installed can collect user keystrokes and other personal...

New Mac Malware 'Dockster' Found on Dalai Lama site

A new trojan horse app called Dockster is targeting Mac users by exploiting a known Java vulnerability CVE-2012-0507. The trojan is apparently being delivered through a website gyalwarinpoche.com dedicated to the Dalai Lama and once installed can collect user keystrokes and other personal...

Dockster Mac Malware Targets Dalai Lama Website Through Flashback Vulnerability

Mac malware targeting Tibetan supporters is being served on a website connected to the Dalai Lama. The Dockster Trojan, discovered by researchers at F-Secure, exploits the same Java vulnerability as the virulent Flashback Trojan that hit more than 600,000 OS X users earlier this year. F-Secure...

Chrome Zero-Day Presentation Gives Way to Mandatory Military Service

The saga of the latest zero-day vulnerability and exploit for the Google Chrome browser took another mysterious turn over the weekend. The 19-year-old Georgian security researcher who found the vulnerability in the browser was called up for compulsory military duty in his country and was unable t...

JDK: unspecified vulnerability (2D)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.238 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

Latest Java vulnerability exploitation leads to ransomware

Imagine someone getting access to your computer, encrypting all your family photos and other priceless files, and then demanding a ransom for their safe return. That is what ransomware is all about. Symantec's latest research report suggests police-themed ransomware could be a replacement to the...

[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03538957 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03538957 Version: 1 HPSBUX02825...

Researcher Develops Patch for Java Zero-Day, Puts Pressure on Oracle to Deliver its Fix

A security researcher has submitted to Oracle a patch he said took him 30 minutes to produce that would repair a zero-day vulnerability currently exposed in Java SE. He hopes his actions will spur Oracle to issue an out-of-band patch for the sandbox-escape vulnerability, rather than wait for the...

OpenJDK: Executors state handling issues (Concurrency, 7189103)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency...

CVE-2012-5089

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

Billions of Windows Users Affects with Java Vulnerability

Researchers at Security Explorations disclosed a new vulnerability in Java that could provide an attacker with control of a victim's computer. The researchers have confirmed that Java SE 5 – Update 22, Java SE 6 – Update 35, and Java SE 7 Update 7 running on fully patched Windows 7 32-bit operati...

#Antisec Hackers hack FBI laptop and leak 12 Million Apple Device Records

The hacker group AntiSec released a file of a million and one UDIDs unique device identifiers which it claims to have hacked it off an FBI computer via a Java vulnerability. UDIDs are unique IDs for iPhone, iPad and iPod Touch devices. They said they obtained the file in March by hacking into the...