Posts tagged "hack"

Windows users advised to disable Java

A critical vulnerability in Java 7 for Windows can let attackers inject malicious codes via crafted websites on the computer.

A recent security hole in all Java 7 versions or the Java Runtime Environment 1.7x were affected. The so-called zero-day exploit is already in active use. When accessing some websites, attackers can install malicious code which run executable applications on third-party computers.

Experts advise users to disable the Java plugin in their browsers immediately.

The exploit can be utilized with all browsers. Also, the Java plug-in in Google’s Chrome browser is also affected, contrary to initial reports. A patch from Oracle is still pending, a next official update is set for the 16th of October.

Older versions of Java are not affected by the vulnerability, reported Deepend Research. However, experts suggest against downgrading, since Java 6 has still many open vulnerabilities.

Stolen Passwords from LinkedIn Surfaced on the Web

Not even a days passed after the attack when it was found out that passwords were stolen from the online professional network LinkedIn. The company announced in a blog entry that affected users would be informed by e-mail, and that their old passwords have been disabled.

According to media reports, nearly 6.5 million passwords turned up on a Russian website. These were reportedly “hashed” – that is, obscured by an algorithm. There is no real encryption, so that they can be recovered with little effort.

LinkedIn operators had to justify themselves after experts discovered that the network’s smart phone app uploaded user information on an unsafe server. “This will not happen again in future,” announced LinkedIn.

The online network that is used primarily for business contact has a total of more than 150 million members.