1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Oracle slams door on Russian cyberspies who hacked Nato PCs through Java

Discussion in 'Network World' started by RSS, Oct 21, 2015.

  1. RSS

    RSS New Member Member

    Oracle has fixed a vulnerability in Java that a Russian cyberespionage group used to launch stealthy attacks earlier this year.

    At the same time, Oracle fixed 153 other security flaws in Java and a wide range of its other products, it said Tuesday.

    The Java vulnerability can be used to bypass the user confirmation requirement before a Web-based Java application is executed by the Java browser plug-in. This type of protection mechanism is commonly referred to as click-to-play.

    The flaw was reported to Oracle by security researchers from Trend Micro, who first spotted the vulnerability in July in attacks launched by a Russian hacker group dubbed Pawn Storm that commonly targets military and governmental institutions from NATO member countries.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page