InfoWorld

Java 23 highlights crypto performance and security

For javax.crypto, the CipherInputStream buffer size was increased from 512 bytes to 8,192 bytes. This can improve performance and is more consistent with buffer sizes for other APIs such as ...
Ars Technica

Major cryptography blunder in Java enables “psychic paper” forgeries

Organizations using newer versions of Oracle’s Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and ...
adtmag.com

Oracle Launches Jipher to Support Java Cryptography in FIPS 140-2 Regulated Environments

Oracle Corp on Tuesday announced the release of Oracle Jipher, a Java Cryptographic Service Provider designed to enable secure deployments of Java applications in U.S. government and enterprise ...
InfoWorld

Java 22 brings security enhancements

JDK 22 adds 10 new root CA certificates, a new asymmetric key interface, and a -XshowSettings option for displaying security settings. In a March 20 blog post on Oracle’s inside.java web page, Sean ...
Infosecurity-magazine.com

Bouncy Castle Bug Puts Bcrypt Passwords at Risk

A high impact vulnerability has been discovered in a popular Java cryptography library which could allow attackers to more easily brute force Bcrypt hashed passwords. CVE-2020-28052 is an ...
AppleInsider

Critical 'Log4J' Java flaw being used to deliver malware, crypto-miners

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a ...