Over a million developers have joined DZone.

This Week in Security

DZone's Guide to

This Week in Security

Announcements, patches, updates and vulnerabilities in the news this week.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

UK Telecoms Provider TalkTalk Hacked

They state that the credit card information stolen is incomplete and should not enable the hackers to make financial transactions. 

Read their press release here:


Apple Updates Released

Apple has release updates and patches for the following software this week:

  • OS X Server 5.0.15

  • Xcode 7.1

  • Mac EFI Security Update 2015-002

  • iTunes 12.3.1

  • OS X El Capitan 10.11.1 and Security Update 2015-007

  • Safari 9.0.1

  • watchOS 2.0.1

  • iOS 9.1

Read the details here:


Apple is removing from the AppStore apps that are collecting users personal data without their consent with the Youmi API.

SMS Stealing Library Used in Many Android Apps

Applications that use the Chinese Taomike API have been stealing SMS messages, users only downloading from Google Play Store are not affected.

Read more about it here:



Google have declared they will implement a strict Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy in GMAIL

To read more about the announcement and the DMARC standard:


Oracle Patch

Oracle released a patch for 154 vulnerabilities on Tuesday, 24 of which were related to Java SE


Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

security vulnerabilities ,patch ,security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}