You are a SPECIAL Librarian! You are a Military Librarian!

Categorized | Links, Web/Tech

Cyber Security Tips Newsletter: Java Exploits

The NYS Office of Information Technology Services, Enterprise Information Security Office (NYS ITS EISO) is pleased to provide you with the Cyber Security Tips Newsletter. The monthly newsletter, developed by the Multi-State Information Sharing and Analysis Center (MS-ISAC), provides helpful cyber security tips. The newsletter is available on the ITS EISO website. Please visit http://www.dhses.ny.gov/ocs/awareness-training-events/news/ for more information.

Monthly Security Tips
NEWSLETTER

August 2013
Volume 8, Issue 8
Java Exploits

What is Java?

Java is a computer language that allows programmers and application developers to write software that can run on many different operating systems. Numerous applications and websites require end-users to have Java installed. Websites incorporate Java applets (small applications) to enhance the usability and functionality of a website. In general, when a user visits one of these websites, depending on their browser’s security settings, they may have no idea the Java applet is automatically running.

End-users typically have “Java Runtime Environment” (JRE) installed on their computer. In many instances, this software was pre-installed on their computer. More recently, this practice is becoming less common. If JRE is not installed on your computer, and you visit a website that requires JRE, generally, you will be prompted to install JRE.

What are the Risks with Java?

Java is designed to work on almost any computer. Java has been prone to numerous reports of vulnerabilities. According to the SecureList IT Threat Evolution Report released by Kaspersky Lab in May 2013, “The most widespread vulnerabilities are found in Java and [the vulnerabilities] were detected on 45% of all computers.” [[1] http://www.securelist.com/en/analysis/204792292/IT_Threat_Evolution_Q1_20131]

Attacks are based, at least in part, on older versions of Java. When a newer version of Java is released and installed on a machine, the older version may not automatically be uninstalled. This was intended to provide an easy way to roll back to an older version in case of compatibility issues. Attacks can be used by hackers to leverage and to exploit the vulnerabilities that exist in those versions. This makes Java’s weaknesses an attractive target for hackers and cyber criminals.

How Can I Mitigate Java Exploits?

* Enable the automatic update feature, which will ensure you receive important security updates when they are released. Visit: http://www.java.com/en/download/help/java_update.xml for instructions on turning on the auto-update feature.

* Set the Java security level to “High” or “Very High.” The most recent versions of Java have the ability to manage when and how untrusted Java applications/applets will run. You can set the security level from within the Java Control Panel so that you are notified before any untrusted Java applications run. Visit: http://www.java.com/en/download/help/jcp_security.xml for instructions on setting the Java security level.

* Clear the Java cache periodically. This forces the browser to load the latest versions of web pages and programs. For more information visit: http://www.java.com/en/download/help/plugin_cache.xml

* Do not allow applications from unknown publishers to run.

* Remove older, unneeded Java versions. If a certain version of Java is needed, determine what Java release level is needed and remove all prior versions. For more information visit: http://www.java.com/en/download/faq/remove_olderversions.xml

For More Information:

For additional information, please visit:

What is Java?
https://en.wikipedia.org/wiki/Java_(programming_language)

Java Security Resources
http://www.java.com/en/security/

Uninstalling Java on Windows
http://www.java.com/en/download/uninstall.jsp

Uninstalling Java on Mac
https://www.java.com/en/download/help/mac_uninstall_java.xml

Disabling Your Browser’s Java Plugin
https://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

Brought to you by the MS-ISAC and Stop.Think.Connect.

Comments are closed.

Translate:

DMIL on Facebook

Military Libraries Division of the Special Libraries Association shared The Library of Congress's video. ... See MoreSee Less

Sat February 25th  ·  

View on Facebook

Military Libraries Division of the Special Libraries Association shared British Museum's photo. ... See MoreSee Less

Sat February 25th  ·  

View on Facebook

Military Libraries Division of the Special Libraries Association shared The British Library's post. ... See MoreSee Less

Sat February 25th  ·  

View on Facebook

"Ike and Dutch: Mentor, Protégé, and Common Sense by Dr. Gene Kopelson" presentation at the U.S. Army Heritage and Education Center

https://youtu.be/9jZSI6bF7d0

Published on Feb 24, 2017

As Ronald Reagan traveled across the United States campaigning for the highest office in the land, the Governor of California possessed an ace in his hand unmatched by his opponents: the ear and advice of former president Dwight D. Eisenhower. Reagan was in constant contact with Ike, following his advice at every turn and going so far as to base his entire 1966 campaign on his mentor’s own successful run years before. Eisenhower’s astute view of internal Washington politics, foreign affairs, military matters, and the swirling pool of primary rivals, provided his protégé the fuel he needed to learn, and eventually win, the war of words. In his latest book, Reagan’s 1968 Dress Rehearsal: Ike, RFK, and Reagan’s Emergence as a World Statesman, Dr. Gene Kopelson outlines the story of Reagan’s first presidential bid with an in-depth look behind the scenes. On Wednesday, February 15, 2017 at the U.S. Army Heritage and Education Center in Carlisle, Pennsylvania, Dr. Kopelson gave a lecture titled, “Ike and Dutch: Mentor, Protégé, and Common Sense,” to delve deeper into the relationship between Reagan and his mentor and how it not only shaped Reagan’s future campaigns, but his presidency, as well.

In his lecture at the USAHEC, Dr. Kopelson uses never-before-tapped audio clips, interviews with the original 1968 campaign staff, Eisenhower’s personal diary, and material straight from personal correspondence to show how Eisenhower influenced Reagan’s politics and eventually, his far-reaching presidential policies. From Reagan’s hawkish views on Vietnam to his perspective on the Arab-Israeli situation, his groundbreaking steps with Gorbachev and the Soviets to nuclear defense, Eisenhower and Reagan had a close and personal relationship which changed America’s future.

Lecture Date: February 15, 2017

Length: 52 Minutes
... See MoreSee Less

Fri February 24th  ·  

View on Facebook

Follow Us On:

Categories

Blog Archives