Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

This Week in Security

DZone's Guide to

This Week in Security

Announcements, patches, updates and vulnerabilities in the news this week.

· Security Zone
Free Resource

Address your unique security needs at every stage of the software development life cycle. Brought to you in partnership with Synopsys.

UK Telecoms Provider TalkTalk Hacked

They state that the credit card information stolen is incomplete and should not enable the hackers to make financial transactions. 

Read their press release here:

https://help2.talktalk.co.uk/oct22incident

Apple Updates Released

Apple has release updates and patches for the following software this week:

  • OS X Server 5.0.15

  • Xcode 7.1

  • Mac EFI Security Update 2015-002

  • iTunes 12.3.1

  • OS X El Capitan 10.11.1 and Security Update 2015-007

  • Safari 9.0.1

  • watchOS 2.0.1

  • iOS 9.1

Read the details here:

https://support.apple.com/en-us/HT201222

Apple is removing from the AppStore apps that are collecting users personal data without their consent with the Youmi API.

SMS Stealing Library Used in Many Android Apps

Applications that use the Chinese Taomike API have been stealing SMS messages, users only downloading from Google Play Store are not affected.

Read more about it here:

http://researchcenter.paloaltonetworks.com/2015/10/chinese-taomike-monetization-library-steals-sms-messages/

DMARC

Google have declared they will implement a strict Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy in GMAIL

To read more about the announcement and the DMARC standard:

https://dmarc.org/2015/10/global-mailbox-providers-deploying-dmarc-to-protect-users/

Oracle Patch

Oracle released a patch for 154 vulnerabilities on Tuesday, 24 of which were related to Java SE

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Find out how Synopsys can help you build security and quality into your SDLC and supply chain. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.

Topics:
security vulnerabilities ,patch ,security

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}