Over a million developers have joined DZone.

This Week in Security: Anonymous, Apple, Chrome, Java, Petya, Samba

Apple and Oracle Patches, PNG Trojans, IoT vulnerabilities, infrastructure attacks, and more.

· Performance Zone

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.

Apple

Apple have patched their operating systems for a cryptography vulnerability that would allow decryption of communications in the messages app.

Read more here

Java

Oracle have advised that people should upgrade their JVM because of a flaw in Java when running within a browser. The flaw can be exploited via the network without the need for authentication. A user would have to visit a site that deliberately tries to exploit this flaw, which could cause unavailability, integrity issues or even confidentiality breaches. This is not an issue that affects server deployments.

Read more here

Trojan virus hidden in PNG files from Brazil

Kaspersky have discovered a PNG being used to conceal and deploy a trojan virus. This is not the first of its kind but seems is becoming more prolific. It uses a technique called RunPE which uses the function that loads the PNG into memory because it also is responsible for decryption and execution.

Read more here

Petya Ransomware

A new ransomware has popped up which now encrypts the entire contents of you hard disk by encrypting the master file table.

Read more here

Surveillance Cameras

A remote code execution vulnerability has been found in the firmware of surveillance cameras of 70 different vendors.

Read more here

Google Chrome Vulnerability Fixes

Google have fixed a number of vulnerabilities that include an out-of-bounds read in the V8 JavaScript engine, a buffer overflow in libANGLE, use-after-free in Navigation, use-after-free in Extensions as well as a series of other smaller issues.

Read more here

Anonymous

Anonymous targets ISIS after the Brussels attacks, shutting down their sites and stealing their bitcoins. They are also targeting presidential candidates Donald Trump and Ted Cruz because they do not approve of their ideals.

Read more here

Water Treatment Plant Hacked

A water treatment plant has been hacked and the chemical treatment settings were altered in the drinking water treatment process. The incident was described in Verizon’s Data Breach Digest although the exact location where this occurred was not disclosed.

Read more here

Windows and Samba

A critical floor in the SMB protocol being called BadLock has been discovered although very little is currently known, the details will be disclosed on 12th of April and a patch will also be made available in April.

Read more here

Learn tips and best practices for optimizing your capacity management strategy with the Market Guide for Capacity Management, brought to you in partnership with BMC.

Topics:
apple ,chrome ,java ,samba ,anonymous

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}