Yet ANOTHER Java zero-day claimed - but this time youre laughing, right?
"Irrepressible cybercrime investigator and reporter Brian Krebs has written about yet another Java zero-day exploit. This one, it seems, targets an exploitable vulnerability even in Oracles most recent release, Version 7 Update 11, also known as 7u11. Details of the exploit are sketchy, because the underworld is playing this one very close to its chest...."
http://nakedsecurity.sophos.com/2013/01/17/yet-another-java-zero-day-claimed-but-this-time-youre-laughing-right/
"A pair of researchers best known for poking holes in industrial control systems (ICS) products found that medical devices suffer similar security woes after they were able to easily hack into a Philips x-ray machine. Terry McCorkle and Billy Rios, both of Cylance, here today demonstrated how a rudimentary fuzzer they wrote basically gave them privileged user status on the XPER x-ray machine. The machine has inherently weak remote authentication...."
http://www.darkreading.com/vulnerability-management/167901026/security/attacks-breaches/240146474/security-researchers-expose-x-ray-machine-bug.html?
Novell schließt gefährliche Lücke in eDirectory-Server