Author: Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
Uncategorized

More quotes of me about the Java zero-day exploit

“Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon see even more bugs and vulnerabilities related to this quick fix.”   http://www.linuxinsider.com/story/77079.html http://www.technewsworld.com/story/77079.html http://www.torontotelegraph.com/index.php/sid/211938962/scat/ebc9d7769bc0759e http://www.ecommercetimes.com/story/security/77079.html http://www.macworld.com/article/2025137/security-agency-recommends-disabling-java-due-to-exploit.html http://www.csoonline.com/article/726380/us-cert-disable-java-in-browsers-because-of-exploit http://www.cio.com/article/726307/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.computerworld.com/s/article/9235615/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.businesswire.com/news/home/20130114005440/en/Avira-Security-Software-Detects-Java-7-Exploits http://www.latinospost.com/articles/9642/20130115/java-flaw-patch-now-available-download-experts.htm     OMG.. my blog posts start to sound […]

General

Pharma spam using LinkedIn again

We wrote a couple of times already about spams pretending to come from LinkedIn which advertise online pharmacy websites. There is a new spam campaign which changed a bit the way the messages are presented to the users. Now the emails pretend to come from “LinkedIn Co. Technical Support”, “LinkedIn Co. Administration” and from “LinkedIn Reminders”. […]

General

Yet a new Java zero-day exploit?

We don’t know yet if this is a bad joke intended to discredit Oracle and Java, but the media is buzzing about a possible new undetected exploit in Java. This was started by a post of the security researcher Brian Krebs who observed a thread in a known online crime forum where somebody was selling […]

quoted

Quoted in Oracle Journal about the Java zero day exploit

Source: http://oracle.sys-con.com/node/2510668 Avira Security Software Detects Java 7 Exploits   “Whenever a vulnerability like this is discovered – especially when it is in a widely distributed software like Java – the bad guys are quick to write exploits that take advantage of the flaw,” said Sorin Mustaca, IT security expert at Avira. “While Oracle ultimately needs […]

(isc)2 CSSLP

The PC is dead, long live the PC

If you have read news lately, you couldn’t have missed hearing how well the tablets, smart phones and smart TVs are selling, and how badly the PC market (excluding laptops) is doing. Many so called “futurists” have predicted the passing of the PC era. But is it really gone? Is the Personal Computer really dead, […]

General

How to enable two-factor authentication for Facebook

Facebook has introduced some time ago two-factor authentication for Login. This means that if someone or  something tries to login using your account, there will be two steps needed: authentication using username and password (something that you know) and a mobile phone (something that you have).   Step 1 Set up the two-step authentication   […]

News quoted Security

Articles about Java zero-day exploit

http://www.technewsworld.com/story/77079.html Oracle rushed out a patch for a Java flaw that was so serious the U.S. government advised users to uninstall the software. The fix might have come too quickly, however. “Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon […]

General

How to disable the Java web plug-in in all browsers

We have written about Java and its regular vulnerabilities, two (here and here) of which were zero-day vulnerabilities. Java is a very strong tool because it is cross platform and if a vulnerability is being found on one platform, it can easily be found on all others. If used used properly, Java can provide an […]

General

Oracle has fixed the Java zero-day exploit

After the huge media impact that followed up the full disclosure of the vulnerability in Java 7 Update 10, many national and international organizations have started to recommend to their readers to uninstall Java (Germany’s BSI, US-Cert). Oracle couldn’t just stand and see how their market share is disappearing and has started over the weekend […]