Oracle issues emergency Java update to patch vulnerabilities

In response to discovering that hackers were actively exploiting two vulnerabilities in Java running in Web browsers, Oracle has released an emergency patch that it says should deal with the problem.

"These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password," Oracle wrote in a security alert today. "For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and … Read more

More Java-based malware plagues the cross-platform runtime

Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtime's attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run.

Once installed, the McRAT malware will attempt to contact command and control servers and copy itself into dll files in Windows systems.

This malware is specifically Windows-based; however, a second one outlined by Intego, is a Minecraft password-stealing … Read more

Scientists link rats to real-world 'Matrix' via the Internet

There is officially a Wachowski Brothers-style "Matrix" for rodents.

Scientists in North Carolina and Brazil have connected the brains of two rats using "brain-to-brain interfaces" that can connect directly or via the Internet. These allow the rodents to share sensory information, collaborate on tasks to earn rewards, and fight back against the shadowy and cyber-apocalyptic forces that have enslaved them.

There's actually no evidence of the latter, but I'd still suggest researchers watch out for any rats that start displaying a propensity for martial arts.… Read more

Is new malware Jacksbot just starting to rear its head?

In the past month a new multiplatform malware package called Jacksbot has been discovered, and while it was initially deemed a minimal threat, it might not stay that way for some Mac, Windows, and Linux users.

Jacksbot is in part a Java-based remote access Trojan (RAT) that appears to be built by a hacking group for the purpose of causing all-too-common malicious activity, including stealing passwords, forcing URLs to load (likely for click fraud), deleting and corrupting files, taking screenshots, logging keystrokes, and otherwise getting personal information.

Java is an attractive platform for criminals to use because being cross-platform means … Read more

NYU loses lab mice, years of medical research to Sandy

In the aftermath of superstorm Sandy, researchers are discovering the damage the done to one of New York University's research facilities and mourning the loss of lab animals and of scientific data that could take years to rebuild.

After the New York Daily News reported on Tuesday that flooding and power loss claimed the lives of thousands of lab mice as well as wiping out enzymes, antibodies, and DNA used in cancer and other research, the NYU Langone Medical Center confirmed in a statement released yesterday that its Smilow building was "adversely impacted" by the speed and severity of the flood surge.… Read more

Rat snowboarding for distance

Rat on a Snowboard is primarily a distance/survival game where you play as (you guessed it) a rat on a snowboard. In this game you're not trying to pull off big tricks; instead, you're simply trying to get as far as you can while avoiding obstacles.

You have a couple of control systems to choose from. The default layout lets you simply touch the screen to both jump and spin (to gain altitude and points while in the air). But we preferred switching to two buttons, one each for jumping and spinning, to feel like we were … Read more

Sophos tackles new BlackHole RAT malware variant for OS X

Back in February of this year a malware utility called BlackHole, or MusMinim by security company Sophos, was found for OS X. BlackHole is a backdoor server program RAT (Remote Access Tool) that runs on an infected system and allows a remote user to interact with the system by sending shutdown commands, displaying screen messages, opening URLs, and requesting usernames and passwords. In essence it is similar to a remote desktop utility, but is not distributed for productive purposes.

Unlike more recent malware attempts on OS X that try to keep hidden and steal information automatically, the BlackHole malware is … Read more

Buzz Out Loud 1525: Patent catfights and the hot rod plow (Podcast)

Google and Microsoft continue their highly public patent-related catfight, which is either raising awareness of the issue of overbroad software patents or just turning into an embarrassing public battle that's making us all uncomfortable. Also, facial recognition is a trap, and security researchers are rushing to unveil the real Shady Rat. Plus: Computer Love!

Subscribe:  iTunes (MP3)iTunes (320x180)iTunes (640x360)RSS (MP3)RSS (320x180)RSS (640x360)Read more

Buzz Out Loud 1523: Global cyber cold war imminent? (Podcast)

On today's show, security researchers report that Anonymous and LulzSec are, if anything, just distracting us with their antics while the true threat is a years-long cyberwarfare campaign that's stolen everything from private intellectual property to high-level government secrets. So, that'll probably lead to some reasoned and logical cyber-security discussions, no? No. Also, is the Amazon App Store screwing developers, and are you finally getting what you pay for, broadband-wise?

Subscribe:  iTunes (MP3)iTunes (320x180)iTunes (640x360)RSS (MP3)RSS (320x180)RSS (640x360)Read more

Operation: Shady RAT

AT&T will release three new BlackBerry phones running the new BlackBerry OS 7, AOL launches it own daily iPad-only magazine called Editions, and McAfee in a report in Vanity Fair reveals a new major hacking attack called "Operation: Shady RAT" that has been targeting government and private industry.

Links from Wednesday's episode of Loaded:

Operation: Shady RAT AT&T releases 3 new BlackBerrys Android users see rise in malware AOL releases 'Editions' iPad app Skype for iPad Twitter for iPad gets HTML5 Subscribe:  iTunes (MP3)iTunes (320x180)iTunes (HD)RSS (MP3) |&… Read more