Sunday, April 24, 2022

Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more  —  A failure to sanity check signatures for division-by-zero flaws makes forgeries easy.  —  Organizations using newer versions …



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How internet censorship tech maker Sandvine, a vendor to repressive regimes like Egypt, nearly collapsed before US restrictions forced new ownership and a pivot (Ryan Gallagher/Bloomberg)

Ryan Gallagher / Bloomberg : How internet censorship tech maker Sandvine, a vendor to repressive regimes like Egypt, nearly collapsed bef...