18.5 C
London
Saturday, September 23, 2017
Home Tags Hypertext Transfer Protocol (HTTP)

Tag: Hypertext Transfer Protocol (HTTP)

Java EE 8mdash;formally, Java Platform Enterprise Edition version 8mdash;is now available.

The release represents the first phase in Oraclersquo;s two-phase plan to embrace modern computing paradigms, particularly cloud deployments, in enterprise Java.Where to download the Java EE 8 JDK Oracle has posted the Java EE 8 JDK and documentation fornbsp;downloadnbsp;by developers.[ Java SE 9 is also here: Whatrsquo;s new in the stndard Java Platform and JDK. | What is Kotlin? The Java alternative explained. | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]Approved by the Java Community Process just a month ago, Java EE 8rsquo;s chief focus is support for HTML5 and the HTTP/2 standard, as well as enhanced simplification and managed bean integration and improved infrastructure for applications in the cloud. Java EE is built atop Java Platform, Standard Edition (Java SE), which was also upgraded today with the release ofnbsp;Java SE 9 and its JDK 9.To read this article in full or to leave a comment, please click here
A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service...
A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to gain elevated privileges. The vu...
Optionsbleed is especially threatening for people in shared hosting environments.
A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them.

They were in OLE2 format and contained no macros, exploits or any other active content.
A collection of Bluetooth implementation vulnerabilities known asBlueBornehas been released.

These vulnerabilities collectively affect Windows,iOS,and Linux-kernel-based operating systems including Android and Tizen,and may in worst case allow an unauthenticated attacker to perform commands on the device.
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.

For devices utilizing this environment encryption mode,U-Boot's use of a zero initialization vector and improper handling of an error condition may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data.
8-char password limits? HTTP-YES HSBC has been faulted for redirecting business customers to a website that is not obviously secure.…

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear.
It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure.
Google began sending out notices to site owners this month who haven't yet migrated from HTTP to HTTPS warning them that in October their sites will be marked "NOT SECURE."
Akeo Consulting Rufus fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code on a vulnerable system.
Move over, IoT.

Attackers are abusing a new widely used platform to knock out sites.