New Java Vulnerability Used in Targeted Attacks


Πηγή & πλήρες άρθρο στο cisco blog.

 

Security researchers discovered a Java vulnerability (documented in IntelliShield alert 26751) that attackers are using to install malicious software on a victim’s systems. No software updates are available that correct the vulnerability. The attacks are currently limited in nature. There have been few reports of attacks that rely on the vulnerability. Now that Metasploitdeveloped a functional exploit, continued attacks that leverage this vulnerability increase in likelihood as time goes on. US-CERT has issued a related vulnerability note. Administrators can monitor this and other ongoing activity at the Cisco Security Intelligence Operations portal.

2 thoughts on “New Java Vulnerability Used in Targeted Attacks

  1. Λάμπρο, φαίνεται η Oracle να ήξερε: http://www.theregister.co.uk/2012/08/30/oracle_knew_about_flaws/

    Έχω ακούσει κατά καιρούς σε συζητήσεις με άτομα του χώρου ότι τώρα τελευταία πυκνά συχνά ακούγονται προβλήματα και θέματα ασφαλείας για τη Java. Για αρκετά χρόνια ήταν η αγαπημένη μου γλώσσα. Από τότε που τα πήρε όλα η Oracle όμως έχω αρχίσει και προβληματίζομαι.. για να δούμε.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s