home thehackernews.com Hacker Ordered to Pay Back Nearly £1 Million to Phishing VictimsGoogle Proposes 'Privacy Sandbox' to Develop Privacy-Focused AdsGoogle, Mozilla, Apple Block Kazakhstan's Root CA Certificate to Prevent SpyingRussian Hacking Group Targeting Banks Worldwide With Evolving TacticsUse This Privacy Tool to View and Clear Your 'Off-Facebook Activity' DataiOS 12.4 jailbreak released after Apple 'accidentally un-patches' an old flaw sciencedaily.com New tools to minimize risks in shared, augmented-reality environmentsRouter guest networks lack adequate security, experts sayAttackers could be listening to what you typeApp allows inspectors to find gas pump skimmers fasterTech companies not doing enough to protect users from phishing scamsHackers could use connected cars to gridlock whole cities wired.com The Consumer Bureau's Reckless Plan for Debt CollectionWhat Is Cyberwar? The Complete WIRED GuideThe Fight Against Robocalls Gets Powerful New AlliesThe Android 10 Privacy and Security Upgrades You Should Know AboutShh! No Hacking the Census in the LibraryFirefox and Chrome Fight Back Against Kazakhstan's Spying securityfocus.com Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure VulnerabilityVuln: Qualcomm Components CVE-2019-2307 Integer Underflow VulnerabilityVuln: LibreOffice Remote Code Execution and Unauthorized Access VulnerabilitiesVuln: KDE KAuth CVE-2017-8422 Local Privilege Escalation VulnerabilityBugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security updateBugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security update bleepingcomputer.com IRS Warns Taxpayers of New Scam Campaign Distributing MalwareWindows 10 KB4505903 Update Breaks Bluetooth Speakers ConnectivityMastercard Reports Data Breach to German and Belgian DPAsInstagram Phishing Emails Use Fake Login Warning BaitsEmotet Botnet Is Back, Servers Active Across the WorldGoogle Chrome to Warn If Logins Are Found in a Data Breach itpro.co.uk Kaspersky extends Office 365 protections to OneDriveNCSC warns organisations to ditch Python 2 before it hits end of lifeTech giants assemble to tackle cloud and data securityHacked Texas government agencies face $2.5 million ransomWhat is an MSSP?Are smart cities a disaster waiting to happen? reddit.com/r/security Best “Security for the Less Tech/Security Savvy” resourcesr/security and r/cybersecurity: What's the difference, and what should they be?Employees connect nuclear plant to the internet so they can mine cryptocurrencyValve tweaks bug bounty program after 'mistakenly' turning away researchersThieves caught on cam using keyless hack to steal £90,000 Tesla in 30 seconds.Exclusive: 'Ready to stomp on it': Documents reveal staggering power of tech giant lobbying reddit.com/r/netsec The /r/netsec Monthly Discussion Thread - August 2019/r/netsec's Q3 2019 Information Security Hiring ThreadTool to search exploitable binaries/exe on windows and linuxRACE - Minimal Rights and ACE for Active Directory DominanceHere We Go Again: A DEF CON 2019 RetrospectiveThe Many Possibilities of CVE-2019-8646 reddit.com/r/websec Instead of enriching Google, try making a market for click workHow do you approach to a target without any user input taken?RCE through open PHP-FPM portsNemesida WAF Free for Nginx (Virtual Appliance for KVM/VMware/VirtualBox with Debian 10, Nginx 1.16 and Nemesida WAF Free, 1.3 GB)Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS) | Imperva reddit.com/r/InfoSecNews Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrencyA new variant of Asruex Trojan exploits very old Office, Adobe flawsHackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installsCisco warns of the availability of public exploit code for critical flaws in Cisco Small Business switchesBreach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit CardsTexas attackers demand $2.5 million to allow towns to access encrypted data krebsonsecurity.com Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit CardsForced Password Reset? Check Your AssumptionsThe Rise of “Bulletproof” Residential NetworksMeet Bluetana, the Scourge of Pump SkimmersPatch Tuesday, August 2019 EditionSEC Investigating Data Leak at First American Financial Corp. darkreading.com Ransomware Trains Its Sights on Cloud ProvidersQualys Launches Free App for IT Asset Discovery and InventoryIBM Announces Quantum Safe Encryption80 Charged in Massive BEC Operation BustVirtual World of Containers, VMs Creates New Security ChallengesVMware to Buy Carbon Black for $2.1B threatpost.com WordPress Plugins Exploited in Ongoing Attack, Researchers WarnNews Wrap: Linux Utility Backdoor, Steam Zero Day Disclosure DramaLenovo High-Severity Bug Found in Pre-Installed SoftwareGoogle Launches Open-Source Browser Extension for Ad TransparencyBuilding a Mobile Defense: 5 Key Questions to AskSpyware App on Google Play Gets Boot, Returns Days Later welivesecurity.com Week in security with Tony AnscombeCyberbullying: What schools and teachers can doFirst‑of‑its‑kind spyware sneaks into Google PlayEducation and privacy legislation at ChannelConRansomware wave hits 23 towns in TexasWeek in security with Tony Anscombe scmagazine.com Caught in a bad romance: Feds indict 80 alleged members of romance/BEC scam ringVMware to acquire Carbon BlackMass. General breach exposes private info on 9,900 in research programsSyrk ransomware comes disguised as Fortnite cheat tool to ambush gamersSubmit your SC Award nominations now! helpnetsecurity.com VMware acquires Carbon BlackQuantum computing: The new moonshot in the cyber space raceFacebook phishing surges, Microsoft still most impersonated brandShould you block newly registered domains? Researchers say yesNew infosec products of the week: August 23, 2019 trendmicro.com Trend Micro Named A Leader in 2019 Gartner Magic Quadrant for Endpoint Protection PlatformsThis Week in Security News: DevOps Implementation Concerns and Malware VariantsThe Sky Has Already Fallen (you just haven’t seen the alert yet)FAKE APPS!—courtesy of Agent SmithHow Do Threats Align With Detection And Solutions? securityweek.com Cyberattacks on Texas Cities Put Other Governments on GuardKubernetes Patches Recent HTTP/2 VulnerabilitiesUS Wants Woman Accused in Capital One Hack to Stay Locked UpAsruex Malware Exploits Old vulnerabilities to Infect PDF, Word DocsNew Tool From Cisco Hunts Flaws in Automotive Computers siliconrepublic.com How can companies get more efficient at patching vulnerabilities?Hack of Luscious anime porn site exposed identities and info of 1.2m usersHackers can work out your password by listening to your keystrokes as you typeThis malware scanning technique can leave you vulnerable to a cyberattackGoogle research says thousands are using passwords that have been hacked nakedsecurity.sophos.com Instagram phishing uses 2FA as a lure‘Privacy policy change’ hoax infects Instagram; it confirms it’s crudBumper Cisco patches fix four new ‘critical’ vulnerabilitiesQuick thinking by Portland Public Schools stops $2.9m BEC scamHumans may have been listening to you via your Xbox securityintelligence.com Can Fraud Detection Solutions Deliver the Authentication, Risk and Compliance Tools Banks and Insurers Need?4 Reasons to Consider a Security Marketing InternshipWhy Deepfake Audio Technology Is a Real Threat to Enterprise SecurityDigital Identity Trust Life Cycle: Implementing Your Fraud Protection SolutionSecuring the Industrial Internet of Things in the Utilities Sector securityboulevard.com Defending Against Hacking’s Long Game: It Ain’t Over Till It’s OverThe Top Cyber Security Trends in 2019 (and What to Expect in 2020)Cloud IAM Feature Active Directory® Integration for Mac®Agent Tesla: Evading EDR by Removing API HooksPowerful Case Management in the SOC: 4 Things You Need to Know grahamcluley.com YouTube joins Facebook and Twitter, disabling accounts targeting Hong Kong protestsBlock newly-registered domains to reduce security threats in your organisationSmashing Security #142: Mercedes secret sensors, smart cities, and ransomware runs riotYou really should listen to the award-winning “Smashing Security” podcastD’oh! Apple botches iOS update, leaves iPhones open to jailbreaking cyberdefensemagazine.com Don’t be an Easy Target5 Keys to Protecting your Company’s Online FinancesWhy Bio-metrics Is a Security Essential…And So Is Disabling It ASAPUnderstanding the Magnitude of Insider Threats: A Global EpidemicFlaw in New Facebook Design Allowed Removal of Profile Photos