Critical Java Vulnerabilities Update: Apple OS X Patched

Last week, I posted an alert about some highly critical flaws in Oracle Java; especially one in particular (CVE-2012-4681), which attackers have aggressively exploited in the wild. If an attacker can lure you to a web page or link containing malicious Java content, he can exploit these flaws to execute code on your computer, potentially gaining complete control of it. Oracle released an out-of-cycle update last week to fix this vulnerability, and two others.

Oracle’s Out-of-Cycle Java Update Closes Two Serious Zero Day Holes

Java is a programming language (first implemented by Sun Microsystems) used most often to enhance web pages. Most operating systems today implement a Java interpreter to recognize and process Java code from websites and other sources. Oracle’s Sun Java Runtime Environment (JRE) is one of the most popular Java interpreters currently used.

WatchGuard Security Week in Review: Episode 30

I’ve posted today’s weekly security news summary video a bit late, due to some work travel that got in the way of production, but better late than never right? If you’re interested in the biggest information security stories from the week, you’re at the right place.

Crisis Malware Specifically Targets Virtual Machines

In a WatchGuard Security Week in Review video from about three weeks ago, I highlighted a new cross-platform malware variant called Crisis, which could infect both Windows and Mac computers by using a Java vulnerability that affected both platforms. The cross-platform nature of this malware alone made it pretty unique and interesting.

WatchGuard Security Week in Review: Post Vacation Edition

If you follow my weekly security recap vlog, you probably noticed I didn’t post a WatchGuard Security Week in Review video last week. Instead, I was soaking up some rays on the beach. Ok… I was on a Washington state beach so there weren’t many “rays” involved — but at least there was sand.