Threat Post

Java’s Losing Security Legacy

Java’s code-signing requirements have proven to be a bust, security researchers say, and now even longtime developers are losing faith in the programming language. Why would a software company require ...
Threat Post

Oracle Patches 42 Java Flaws, Adds New Code-Signing Restrictions and Warnings

The latest Java update released Tuesday includes new prompts warning users of potentially malicious applets, in addition to patches for 42 vulnerabilities, all but three of which are remotely ...
LinkedIn

Java code signing validation criteria...

Most likely this is not new, but I never saw it published anywhere... moreover, can't find or get any Oracle / Java official statement on this regard... I am sure that many companies uses the ...
LinkedIn

Java Security: APIs and Libraries

In the previous article we explored JDK built in security mechanisms which includes a secure class loading and verification system that ensures the execution of only legitimate Java code. But Java's ...
Security Boulevard

How to Configure KeyLocker for JarSigner using the DigiCert KSP Library?

Digitally signing Java applications improves authenticity, integrity, and trust. DigiCert KeyLocker allows you to sign .jar files securely using keys stored in DigiCert’s cloud-based Hardware Security ...