James breaks down a few news stories from the previous week.  The following stories were discussed, including some brief points.

• $1 million bounty for iOS 9 hack http://www.wired.com/2015/09/spy-agency-contractor-puts-1m-bounty-iphone-hack/
  
  • Zerodium announced 1 million dollar bounty for hack that can take over an iOS device remotely, via web page, vulnerable app or text message
  • Terms of offer demand that bug not be reported to Apple or publicly disclosed
  • Not uncommon for iOS bugs to fetch big money
• Rare malware outbreak hits some Apple apps http://www.usatoday.com/story/tech/2015/09/21/apple-china-hack-app-store-malware--xcode-ghost/72572190/
  • Some developers used fake versions of XCode to create applications
  • Designed to steal user passwords
  • Reportedly little danger to US iphone users unless using Chinese social media apps.
  • Important to use software from trusted sources.
• Comcast to Pay $33 million over Privacy Breach http://www.huffingtonpost.com/entry/comcast-to-pay-over-privacy-breach_55fb30d7e4b0fde8b0cd9fe4
  • 75,000 names, phone numbers and addresses published
  • People paid $1.50 / month more for privacy
  • Each customer will get $100
  • Some law enforcement, judges and domestic violence abuse victims will get more due to facing increased safety concerns.

Follow us on Twitter (@developsec).  If you want to be alerted when new items are available you can subscribe on our website at https://www.developsec.com

Send us a text

For more info go to https://www.developsec.com or follow us on X (@developsec).

The DevelopSec podcast is brought to you by Jardine Software Inc.