Sunday, April 24, 2022

Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more  —  A failure to sanity check signatures for division-by-zero flaws makes forgeries easy.  —  Organizations using newer versions …



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Dream, co-founded by ex-NSO Group CEO Shalev Hulio with a focus on protecting critical infrastructure, raised $260M at a $3B valuation, up from $1B in 2025 (Galit Altstein/Bloomberg)

Galit Altstein / Bloomberg : Dream, co-founded by ex-NSO Group CEO Shalev Hulio with a focus on protecting critical infrastructure, raise...