80 matches found
Apple update removes Java plugin from OS X browsers
Apple has discontinued its own Java plugin, issuing an 'update' that removes it from MacOS and encourages users to instead download Oracle's version of the software. Its another step by Apple towards making OS X safer on the web. Mac users may have noticed that Java-based websites are displaying ...
CVE-2012-1751
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive...
Design/Logic Flaw
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive...
CVE-2012-1751
CVE-2012-1751 affects Oracle Database Server Core RDBMS (11.1.0.7, 11.2.0.2, 11.2.0.3). The vulnerability is triggered by SQL injection when renaming a flashback-enabled table (flashback archive) via specially crafted table name, allowing remote authenticated attackers to elevate privileges and p...
CVE-2012-1751
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive...
New Zero-Day Vulnerability Found in Java 5, 6 and 7; 1.1 Billion Desktops Affected
Just when you thought it was safe to go back to using Java, security researchers have found another gaping hole that could impact potentially more than 1.1 billion desktops running the Oracle-owned platform. A critical vulnerability in all of the latest versions of Java SE software was discovered...
Apple Fixes Flaws, Updates Java 6 for OS X
Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a...
Anonymous Leaks Apple UDIDs Following Alleged Hack of FBI
UPDATE–The Antisec arm of hacktivist group Anonymous published one million unique device identifier numbers, or UDIDs, for Apple devices, including iPhones and iPads, on Monday night. The group alleges the slew of information was swiped from a laptop belonging to the FBI earlier this year. In a...
Apple : 0 | Flashback trojan : 1 , Apple admits malware defeat
Apple : 0 | Flashback trojan : 1 , Apple admits malware defeat Apple has quietly removed a statement from its website that the Mac operating system isn't susceptible to viruses. Apple released a patch to a Java vulnerability that lead to the infection of roughly 600,000 Macs with the Flashback...
Apple Patches Quicktime, Fixes 17 Vulnerabilities
Apple continued its recent parade of patches by releasing an update for Quicktime yesterday, fixing 17 different security vulnerabilities, several which could lead to remote code execution. The update, Quicktime 7.7.2, addresses critical issues in Quicktime for Windows 7, Vista and Windows XP SP2...
Apple Update Provides Flashback Defense for Leopard Users
Apple finally pushed out a patch yesterday for users of its older operating system, 10.5 Leopard, protecting them from the much-discussed Flashback Trojan. While Apple issued patches last month for its Lion and Snow Leopard products, yesterday’s Flashback Removal Security Update identifies and...
IBM Rational Rhapsody BBFlashBack.Recorder.dll Multiple Code Execution (CVE-2011-1388)
Multiple code execution vulnerabilities have been reported in the BB FlashBack FBRecorder ActiveX control, a component of IBM Rational Rhapsody. The vulnerabilities are due to improper input validation within several methods. A remote attacker could exploit these vulnerabilities by enticing the...
New Exploit Kit RedKit Discovered in Wild
A new exploit kit hit the scene recently, and according to Arseny Levin of Spiderlabs, the RedKit exploit kit contains an API that generates new host-site URLs every hour. The authors of the kit haven’t named it, so Levin and Spiderlabs simply chose to call it RedKit in reference to its color...
Flashback Creators May Be Raking in $10K a Day
Unprotected users visiting a page hosting the much-discussed Flashback Trojan could be earning some serious cash for the malware’s creators, according to new research from Symantec. In a post to the company’s Security Response blog, Symantec notes the Flashback Trojan could be earning up to $10,0...
New Flashback Variant Using Twitter as Backup C&C Channel
The latest version of the Flashback malware that’s infecting Macs has a new command-and-control infrastructure that used Twitter as a fallback mechanism in case the normal C&C system isn’t available. This is not the first time a botnet has used Twitter for some form of command and control, but it...
Flashback/SabPub
2012 The Mac malware scene shifted into high gear in 2012 with the emergence of the Flashback trojan and the revelation that its authors had control of a massive botnet containing well over a half-million machines. Flashback and SabPub, which exploited the same Java vulnerabilities, are the first...
New Flashback malware variant found in the wild
New Flashback malware variant found in the wild A new Flashback Trojan has been discovered that infects Macs without prompting the user for a password. If you haven't updated Java on your Mac, or disabled it entirely, you could be a victim. The new variant dubbed Flashback.S is actively being...
New Java Malware Exploits Both Windows And Mac Users
Symantec has discovered a new form of Java malware that infects both Apple and Windows machines, according to research posted on the company’s Security Response blog. The entry, penned by researcher Takashi Katsuki, describes a strain of Java Applet malware that either drops a Python-based malwar...
Analysis: Flashback Spread Via Social Engineering, Then Java Exploits
Kaspersky Lab‘s latest analysis of the Mac OS X Flashback botnet reveals that the botnet’s malware was spread via drive-by downloads on hacked WordPress web sites. From September 2011 until February 2012, the Flashback creators distributed the trojan through compromised WordPress sites that...
Conflicting Reports On Receding Flashback Levels
The number of Macs infected with the Flashback malware continue to decline but it’s not entirely clear to what degree. Initial numbers estimated that there were about 600,000 infected computers in total yet those numbers dropped last week to 237,000 and now, according to research by Symantec...