all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Java Serialisation - the gift that keeps on taking (Part 3)

Add to bookmarks
July 2, 2022, 5:45 a.m. | spoole@sonatype.com (Steve Poole)

Sonatype Blog blog.sonatype.com




In the previous post we  examine particular Java Serialisation characteristics and design points that had a few unexpected consequences.  In this post we'll explore more around exploiting serialisation datastreams.  How it's possible to compromise systems silently and in different ways: from changing data, running arbitrary code or even crashing systems.  

cybersecurity deserialization java serialization

Visit resource

More from blog.sonatype.com / Sonatype Blog

The new Sonatype Learn: Self-service educational materials where and when you need them 2 days, 5 hours ago | blog.sonatype.com
courses devops educational industry +15
The new Sonatype Learn: Self-service educational materials where and when you need them 2 days, 10 hours ago | blog.sonatype.com
courses devops educational industry +15
Enhance security with Sonatype Lifecycle and ServiceNow Application Vulnerability Response (AVR) integration 2 days, 12 hours ago | blog.sonatype.com
application application vulnerability integration integrations +14
Enhance security with Sonatype Lifecycle and ServiceNow Application Vulnerability Response (AVR) integration 2 days, 13 hours ago | blog.sonatype.com
application application vulnerability integration integrations +14
Sonatype Lifecycle best practices: InnerSource 3 days, 6 hours ago | blog.sonatype.com
best practices code code quality collaboration +9
Take control of your InnerSource components with InnerSource Insight 4 days, 8 hours ago | blog.sonatype.com
components control developers easier +11
A guide for open source software (OSS) security 1 week, 1 day ago | blog.sonatype.com
critical devzone evaluation guide +17
Sonatype Lifecycle best practices: Reference policies, backup and restore 1 week, 4 days ago | blog.sonatype.com
backup backup and restore best practices can +26
Sonatype Lifecycle best practices: Reference policies, backup and restore 1 week, 4 days ago | blog.sonatype.com
backup backup and restore best practices can +24

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com