Skip to content

Tech Round-up for 7/19/13

by on July 19, 2013

Here are some of the technology stories that caught our eye today:

Security researchers with Security Explorations claim to have discovered a flaw in Java’s Reflection API that can allow hackers to run arbitrary cast operations between different Java data types. Security Explorations’ proof-of-concept code works in Java SE 7 Update 25 and earlier. The firm also said that the exploit has roots going back to the late 1990s.

Cisco Systems released security patches for a number of products. Flaws were found in the Unified Communications Manager enterprise telephony system that could allow a hacker to control the system’s Unified CM server. The company is investigating if its other phone products are affected by the flaws. Patches were also released for flaws in various Cisco IPS products.

Attackers are hacking into servers by hiding backdoors in the header information of image files, according to Sucuri, a security research firm. The images are often legitimate files, but an attacker can modify an image already on the server to inject the code in the image’s EXIF headers. The code could allow an attacker to remotely execute commands and scripts on the server with elevated privileges.

Comments are closed.

%d bloggers like this: