InfoSec / Cyber Security Newsthehackernews.comNew Framework Released to Protect Machine Learning Systems From Adversarial AttacksNew Chrome 0-day Under Active Attacks – Update Your Browser NowPopular Mobile Browsers Found Vulnerable To Address Bar Spoofing AttacksWindows GravityRAT Malware Now Also Targets macOS and Android DevicesDownload Ultimate 'Security for Management' Presentation TemplateU.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattackssciencedaily.comIndividuals may legitimize hacking when angry with system or authorityMulti-state data storage leaving binary behindNew algorithm could unleash the power of quantum computersA question of realityA self-erasing chip for security and anti-counterfeit techHow do people prefer coronavirus contact tracing to be carried out?wired.comThe US Sanctions Russians for Potentially ‘Fatal’ MalwareHow 30 Lines of Code Blew Up a 27-Ton GeneratorHow Police Can Crack Locked Phones—and Extract InformationFacebook Promises Privacy Reform. Critics Aren't Convinced12 Cyber Threats That Could Wreak Havoc on the ElectionA Deepfake Porn Bot Is Being Used to Abuse Thousands of Womenzerodayinitiative.comDetailing Two VMware Workstation TOCTOU VulnerabilitiesThe October 2020 Security Update ReviewCVE-2019-0230: Apache Struts OGNL Remote Code ExecutionThe Anatomy of a Bug Door: Dissecting Two D-Link Router Authentication BypassesExploiting Other Remote Protocols in IBM WebSphereCVE-2020-9496: RCE in Apache OFBiz XMLRPC via Deserialization of Untrusted Datableepingcomputer.comYouTube-dl removed from GitHub after RIAA DMCA noticeHPE fixes maximum severity remote auth bypass bug in SSMC consoleThe Week in Ransomware - October 23rd 2020 - From Russia with LoveWastedLocker ransomware hits Boyne Resorts ski resort operatorMicrosoft adds protection for critical accounts in Office 365New RAT malware gets commands via Discord, has ransomware featureitpro.co.ukCisco finds an increase in security concerns due to remote workingBest MDM solutions 2020'Robin Hood' hackers donate stolen Bitcoin to charityMobile browser flaw exposes users to spoofing attacksLumen's digital portal simplifies the ordering of IT solutionsUS charges six Russians behind NotPetya and Olympics hacksreddit.com/r/cybersecuritySub UpdateMentorship Monday1.5 Years in, it's time to find a new jobUS Treasury Imposes Sanctions Against Russian Research Institute Over Triton Malware AttackCareer roadmap?Chrome “Forgets” To Delete User Data from Google And YouTubereddit.com/r/netsecThe /r/netsec Monthly Discussion Thread - October 2020/r/netsec's Q4 2020 Information Security Hiring ThreadPenetration Testing and Low-Cost Freelancing: The Story of How I Hired 7 Freelancers to Exploit this Weird VulnerabilityUsing a PIE binary as a Shared Library — My HCSC-2020 CTF Writeup of a hard Reverse Engineering challengeSamsung S20 - RCE via Samsung Galaxy Store AppAPNIC Community Honeynet Projectreddit.com/r/websecHow do SSL Certificates gets added initially to our Phone/PC?Is there such a thing as a javascript request destination allow-list? That could prevent a site from sending information to malicious servers through xss?Web cache attacks in the tangled web | APNIC BlogData Loss Prevention ToolMobile Application SecurityWeb Cache Deception at HacktivityCon2020, HackerOnereddit.com/r/InfoSecNewsFBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hackTaiwanese vendor QNAP issues advisory on Zerologon flawVMware fixes several flaws in its ESXi, Workstation, Fusion and NSX-TELI5: Why wasn't bytedance prosecuted for computer fraud when it circumvented google's protections against harvesting android Mac addresses?Sweden bans Huawei and ZTE from building its 5G infrastructureMachine Learning models for Computer Security tasks oftentimes use irrelevant artifacts to solve problems, study finds.krebsonsecurity.comThe Now-Defunct Firms Behind 8chan, QAnonQAnon/8Chan Sites Briefly Knocked OfflineBreach at Dickey’s BBQ Smokes 3M CardsMicrosoft Patch Tuesday, October 2020 EditionMicrosoft Uses Trademark Law to Disrupt Trickbot BotnetReport: U.S. Cyber Command Behind Trickbot Tricksdarkreading.comUS Treasury Sanctions Russian Institution Linked to Triton MalwareCybercriminals Could be Coming After Your CoffeeFlurry of Warnings Highlight Cyber Threats to US ElectionsCOVID-19: Latest Security News & CommentaryA Pause to Address 'Ethical Debt' of Facial RecognitionBotnet Infects Hundreds of Thousands of Websitesthreatpost.comU.S. Levies Sanctions Against Russian Research Institution Linked to Triton MalwareIoT Device Takeovers Surge 100 Percent in 2020Louisiana Calls Out National Guard to Fight Ransomware SurgeElection Security: Beyond Mail-In VotingGeorgia Election Data Hit in Ransomware AttackCOVID-19 Vaccine-Maker Hit with Cyberattack, Data Breachreddit.com/r/pwnedFinnish psychotherapy centre's database hacked, patient info held ransomMMO game Street Mobster leaking data of 1.9 million playersDickeys BBQ breach exposes 3 million payment cards; now for sale on the dark webBookseller Barnes & Noble hit by cyberattack that exposed customer data - likely ransomwareLondon Borough of Hackney suffers ‘serious’ cyberattack - likely ransomwarewelivesecurity.comWeek in security with Tony AnscombeSecuring medical devices: Can a hacker break your heart?Fraudsters crave loyalty points amid COVID‑19Google patches Chrome zero‑day under attackHow safe is your USB drive?Microsoft issues two emergency Windows patchesscmagazine.comThreat automation, decentralized architecture among emerging post-COVID cyber trendsFDA vulnerability grading system proves all risk not created equalMalicious SharePoint and OneDrive links are a phishing scammer’s dreamAttackers prey on Microsoft Teams accounts to steal credentialsFive ways security pros can lock down stay-at-home workershelpnetsecurity.com5 tips to reduce the risk of email impersonation attacksNew infosec products of the week: October 23, 2020Cybersecurity is failing due to ineffective technologyMachine identity related cyberattacks grew by 433% between 2018 and 201963 billion credential stuffing attacks hit retail, hospitality, travel industriestrendmicro.comThis Week in Security News: Watering Hole Campaign Operation Earth Kitsune Spying on Users’ Systems and Fancy Bear Imposters Are on a Hacking Extortion SpreeThis Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF HashThis Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud AttacksCyber Security Awareness: A Critical ChecklistThis Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageXsecurityweek.comMicrosoft, MITRE Release Adversarial Machine Learning Threat MatrixDigitalWare Launches Risk Detection and Quantification PlatformChrome 86 Starts Blocking Abusive Notification Permission RequestsDestructive Malware Spotted in Recent Attacks Launched by Iranian CyberspiesU.S. Says Russian Hackers Stole Data From Two Government Serverssiliconrepublic.comDoubts surround claim that Trump’s Twitter was hackedWorking in cybersecurity? Covid could be your time to shineCloud security start-up with Irish co-founder bags $20m fundingCyberattackers ‘won’t go easy’ just because firms are in a state of fluxFive Eyes, India and Japan call for backdoors in end-to-end encryptionnakedsecurity.sophos.comS3 Ep3: Cryptography, hacking and pwning Chrome [Podcast]Time for a mobile privacy reset?Chrome zero-day in the wild – patch now!Russian “government hackers” charged with cybercrimes by the USNaked Security Live – Ping of Death: are you at risk?csoonline.comBrandPost: The Emergence of the Hybrid Workspace and How to Secure ItThe biggest data breach fines, penalties and settlements so farThe 6 best password managersUS Treasury Department ban on ransomware payments puts victims in tough positionThe 4 pillars of Windows network security8 video chat apps compared: Which is best for security?kitploit.comAutoGadgetFS - USB Testing Made EasyNoSQLi - NoSql Injection CLI ToolGitDorker - A Tool To Scrape Secrets From GitHub Through Usage Of A Large Repository Of DorksOregami - IDA Plugins And Scripts For Analyzing Register Usage FrameNTLMRawUnHide - A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Formatsecurityboulevard.comGoogle’s Certificate Authority as a Service x AppViewX – a Future-fit Solution for the EnterpriseManage your Palo Alto Network NGFW Policies with App-ID, Content-ID, User-ID, and more with TufinCybercrime: It’s Not About How, But Why?Casos de uso de seguridad informática para mejorar la gestión de la fuerza de trabajo remotaGadsden County Public Schools Secures Google Workspace for Education with ManagedMethodsgrahamcluley.comFake Instagram follower services slapped with lawsuitDonald Trump’s Twitter password is “maga2020!”, and there’s no 2FA, claims hackerFort Bragg fails to keep a firm grip on its Twitter account, as it blames hacker for saucy tweetsOver one million WordPress sites receive forced update to security plugin after severe vulnerability discoveredSopra Steria hit by cyber attack. IT services group suspected of falling victim to ransomware