Late yesterday afternoon Apple released new versions of iOS and macOS Sierra that close significant code execution vulnerabilities the operating systems share. In addition to these major releases, Cupertino also released a set of significant patches for Safari, iCloud for Windows, and watchOS. Users are being encouraged to update quickly.
Check Point's disclosure, to Google, that a new HummingBad variant, HummingWhale (so called because it's a bigger deal), was infesting the Google Play Store has prompted a purge of compromised apps from that store. HummingWhale essentially serves a fake referrer scam. It represents an advance in stealth over its predecessors.
Since there's proverbially no honor among thieves, thieves are themselves on guard against their own kind. A new service has appeared in the hacker souk that aims to enable criminals to gauge the reliability of their co-conspirators: Ripper dot cc, which Motherboard characterizes as "the Yelp for cybercrime." Hoods are invited to share information on rippers, that is, criminals who fail to deliver the goods they promise.
The UK's GCHQ is looking for a new director, as Robert Hannigan tenders his resignation.
In industry news, Yahoo! says that it will delay Verizon's planned acquisition of Yahoo!'s core assets until the second quarter of 2017. The future of the deal, says Yahoo! still "looks bright." The SEC has undertaken fresh investigations of Yahoo!'s two major breaches. Elsewhere, IBM is buying Agile 3 Solutions for an undisclosed sum. Landesk and Heat Software, having merged, become Ivanti, and Microsoft Ventures backs Illusive Networks.