TheServerSide

Stay ahead of Java security issues like SQL and LDAP injections

If, like about 10 million other folks, you're a Java developer, you probably want to know how to keep Java code secure. Developers will always need to stay on top of tips and best practices to tackle ...
TheServerSide

Dependency Injection in Java EE 6 (Part 6)

This series of articles introduces Contexts and Dependency Injection for Java EE (CDI), a key part of the Java EE 6 platform. Standardized via JSR 299, CDI is the de-facto API for comprehensive ...
adtmag.com

Unpatched Java, Python Flaws Allow FTP Protocol Injection

Old vulnerabilities in both Java and Python that allow attackers to bypass firewalls and access local networks by injecting malicious commands inside FTP URLs resurfaced this week when two security ...
eWeek

HPE Warns of JNDI Java Injection Flaws

In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise. eSpeaks’ ...
Threat Post

Java, Python FTP Injection Attacks Bypass Firewalls

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Newly disclosed FTP injection ...
InfoWorld

Dependency Injection in Java 7

So apart from recovering from a long bout of the stomach flu, enjoying good food again at a “Come dine with me” night (our parents would be so proud) and planning a rush trip to Vegas I’ve managed to ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...