This Week in Security: OpenSSL, Apple, XBot

DZone 's Guide to

This Week in Security: OpenSSL, Apple, XBot

If you do just one thing after reading this: you MUST make sure that SSLv2 is disabled AND avoid connections with other servers that accept SSLv2.

· Performance Zone ·
Free Resource


Open SSL released two new bug-fix released on the 1st of March. The vulnerability is related to servers that are supporting SSLv2. The vulnerability is being called DROWN Decrypting RSA with Obsolete and Weakened eNcryption. To protect against this, your servers should not support SSLv2 and should avoid connections to other servers running SSLv2 as this too may leave them open to attack.

Read more here and here

Apple and FBI

Apple is asking the court to back down regarding the FBI request to unlock the San Bernardino Shooters phone. This is a very hot topic right now because it would not only impact a single device if backdoors were to be implemented as these one way or another may get into the wrong hands and be used as a means to steal users data. 

Read more here

Apple TV

Apple have release a number of security fixes for both the 3rd and 4th generation models of the Apple TV on Thursday.

Read more here

XBot Trojan

XBot trojan is targeting Android users via false play store banking screens to perform Phishing.

Read more here

The Dark Web

Is somebody plotting something quite sinister, the dark web reportedly suddenly increased in size by 50%, but half of that growth has since fallen away. Begs the question just what is going on?

Read more here


Mouse jacking of unencrypted wireless mouse communications have been reported. All the more reason to use a wired gaming mouse.

Read more here

Cyber Security Forecast 2016

StormShield have published their Cyber Security Forecast for 2016.  It talks about ransomware, industrial automation being more open, connected objects being particularly susceptible to security attacks and more.

Read more here

apple, apple tv, dark web, fbi, mouse, openssl, security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}