all InfoSec news
Java Serialisation – the gift that keeps on taking (Part 3)
July 2, 2022, 5:45 a.m. | Steve Poole
Security Boulevard securityboulevard.com
In the previous post we examine particular Java Serialisation characteristics and design points that had a few unexpected consequences. In this post we'll explore more around exploiting serialisation datastreams. How it's possible to compromise systems silently and in different ways: from changing data, running arbitrary code or even crashing systems.
The post Java Serialisation – the gift that keeps on taking (Part 3) appeared first on Security Boulevard.
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Intermediate Security Engineer, (Incident Response, Trust & Safety)
@ GitLab | Remote, US
Journeyman Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Project Manager II - Compliance
@ Critical Path Institute | Tucson, AZ, USA
Junior System Engineer (m/w/d) Cyber Security 1
@ Deutsche Telekom | Leipzig, Deutschland