TheServerSide

How to create secure Java software: A talk with Black Duck's Tim Mackey

Community driven content discussing all aspects of software development from DevOps to design patterns. Given the fact that the interview is being pilfered for quotes in various articles on creating ...
The Daily Dot

Java exploits sell for $5,000 on the Internet’s seedy black market

As we wrote on Tuesday, at least one of two major security vulnerabilities in Java—which is installed on an estimated 850 million PCs worldwide—was not all fixed by Oracle’s subsequent update. Now, ...
Network World

BlackHole exploit targets Java bug through browser-based attacks

A powerful new exploit has been identified in the wild that could turn PCs running outdated versions of Java into bots for spam or DDoS attacks, or even loot them for sensitive information. As ...
ZDNet

Java zero day skyrockets BlackHole exploit success rates

On the back of news that not one, but two, zero-day vulnerabilities have been found in the current version of Oracle's Java Runtime Environment, many predicted that it was just a matter of time before ...
TheServerSide

How to remove plain text passwords for a secure Java code base

One of the most common problems identified by static code analysis tools is the presence of plain text passwords written directly into configuration files. It's ...