Over a million developers have joined DZone.

This Week in Security

Announcements, patches, updates and vulnerabilities in the news this week.

· Security Zone

Discover how to protect your applications from known and unknown vulnerabilities.

UK Telecoms Provider TalkTalk Hacked

They state that the credit card information stolen is incomplete and should not enable the hackers to make financial transactions. 

Read their press release here:

https://help2.talktalk.co.uk/oct22incident

Apple Updates Released

Apple has release updates and patches for the following software this week:

  • OS X Server 5.0.15

  • Xcode 7.1

  • Mac EFI Security Update 2015-002

  • iTunes 12.3.1

  • OS X El Capitan 10.11.1 and Security Update 2015-007

  • Safari 9.0.1

  • watchOS 2.0.1

  • iOS 9.1

Read the details here:

https://support.apple.com/en-us/HT201222

Apple is removing from the AppStore apps that are collecting users personal data without their consent with the Youmi API.

SMS Stealing Library Used in Many Android Apps

Applications that use the Chinese Taomike API have been stealing SMS messages, users only downloading from Google Play Store are not affected.

Read more about it here:

http://researchcenter.paloaltonetworks.com/2015/10/chinese-taomike-monetization-library-steals-sms-messages/

DMARC

Google have declared they will implement a strict Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy in GMAIL

To read more about the announcement and the DMARC standard:

https://dmarc.org/2015/10/global-mailbox-providers-deploying-dmarc-to-protect-users/

Oracle Patch

Oracle released a patch for 154 vulnerabilities on Tuesday, 24 of which were related to Java SE

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Find out how Waratek’s award-winning virtualization platform can improve your web application security, development and operations without false positives, code changes or slowing your application.

Topics:
security vulnerabilities ,patch ,security

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}