all InfoSec news
Java Serialisation - the gift that keeps on taking (Part 3)
July 2, 2022, 5:45 a.m. | spoole@sonatype.com (Steve Poole)
Sonatype Blog blog.sonatype.com
In the previous post we examine particular Java Serialisation characteristics and design points that had a few unexpected consequences. In this post we'll explore more around exploiting serialisation datastreams. How it's possible to compromise systems silently and in different ways: from changing data, running arbitrary code or even crashing systems.
More from blog.sonatype.com / Sonatype Blog
Sonatype Lifecycle best practices: InnerSource
3 days, 6 hours ago |
blog.sonatype.com
A guide for open source software (OSS) security
1 week, 1 day ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom