This Week in Security - Week 4, 2016

DZone 's Guide to

This Week in Security - Week 4, 2016

Here are the latest security happenings for the week, including Facebook vulnerability, Lenovo SHAREit, HSBC service attacks, and more fun security news!

· Performance Zone ·
Free Resource


A UK-based security consultant disclosed details this week of a vulnerability he was paid 7,500 USD for discovering in July 2015 which was fixed within 6 hours afterwards. It involved the uploading of a payload embedded in an image file that could grant access to a user's Facebook account.

Read more about it here


Lenovo fixes hard coded password in its SHAREit software, not sure which is more frightening, the fact it was hard coded or the incredibly low complexity of the password “12345678”.

Read more about it here


HSBC suffered another distributed denial of service attack this week. The bank stated that it was successfully defended but if users were affected then service was successfully denied. The statement leaves me a little perplexed.

Read more about the HSBC attack here


PayPal patches remote code execution vulnerability caused by Java deserialization flaw. It was discovered in December and fixed soon afterwards.

Read more about this on the register

Open SSL

OpenSSL have released a fix to a high severity bug that allowed hackers to obtain the key used to secure communications over HTTPS.

Read the OpenSSL advisory here


Mozilla has released Firefox 44 which fixes 11 security vulnerabilities predominantly related to memory access.

Read more about the release here

ddos, facebook, firefox, lenovo, openssl, password strength

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}