Sunday, April 24, 2022

Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more  —  A failure to sanity check signatures for division-by-zero flaws makes forgeries easy.  —  Organizations using newer versions …



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

An investigation details how Chinese cybercrime groups are turning phished payment card data into new Apple or Google wallets for online and in-store use (Brian Krebs/Krebs on Security)

Brian Krebs / Krebs on Security : An investigation details how Chinese cybercrime groups are turning phished payment card data into new A...