homethehackernews.comTwo Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud SchemeUpdate Google Chrome Browser to Patch New Critical Security FlawsIT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador’s HistorySmominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last MonthThe Definitive RFP Templates for EDR/EPP and APT ProtectionWarning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versionssciencedaily.comDecoding how kids get into hacking'Poor man's qubit' can solve quantum problems without going quantumCell-mostly internet users place privacy burden on themselvesSpreading light over quantum computersNew tools to minimize risks in shared, augmented-reality environmentsRouter guest networks lack adequate security, experts saywired.comGoogle Tightens Its Voice Assistant Rules Amid Privacy BacklashEdward Snowden in His Own Words: Why I Became a Whistle-BlowerThe iOS 13 Privacy and Security Features You Should KnowWeWork's Wi-Fi Is Woefully InsecureExtreme-Risk Laws Reduce Gun ViolenceA Simple Way to Make It Harder for Mobile Ads to Track Yousecurityfocus.comVuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure VulnerabilityVuln: Qualcomm Components CVE-2019-2307 Integer Underflow VulnerabilityVuln: LibreOffice Remote Code Execution and Unauthorized Access VulnerabilitiesVuln: KDE KAuth CVE-2017-8422 Local Privilege Escalation VulnerabilityBugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security updateBugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security updatebleepingcomputer.comMalicious Android Apps Evade Google Play Protect via Remote CommandsMicrosoft Edge's Collection Feature Helps You Stay OrganizedMicrosoft Edge to Let You Block Potentially Unwanted ProgramsJira Server and Service Desk Fix Critical Security BugsMicrosoft Marks Two Windows 10 1903 Issues as ResolvedThe Week in Ransomware - September 20th 2019 - Fairly Quietitpro.co.ukNHS staff issued with fresh cyber security guidanceFacebook purges tens of thousands of apps as part of Cambridge Analytica probePatch management vs vulnerability managementWhat is cyber warfare?Universities a 'huge target' for nation-state attackers, warns NCSCModern cyber security bears great resemblance to the Titanic disaster, says Stena CISOreddit.com/r/securityBest “Security for the Less Tech/Security Savvy” resourcesr/security and r/cybersecurity: What's the difference, and what should they be?Think twice before using facial-recognition technology or fingerprint scanningSnap Detailed Facebook’s Aggressive Tactics in ‘Project Voldemort’ DossierHow Edward Snowden Would Use A SmartphoneGoogle Will Listen to Your Conversations Again, But Ask Firstreddit.com/r/netsecThe /r/netsec Monthly Discussion Thread - September 2019/r/netsec's Q3 2019 Information Security Hiring ThreadCVE-2019-1082 Windows Local Privileges Escalation. Little Writeup How i found lpe vulnerability.GitHub - secrary/Andromeda: Andromeda - Interactive Reverse Engineering Tool for Android ApplicationsServer-Side Request Forgery Vulnerable Lab - A lab to play around SSRF vulnerable codesWordPress Editor to Administrator Privilege Escalationreddit.com/r/websecParameter Pollution in Share ButtonAwesome Free WAF for NGINX with API and Personal CabinetInstead of enriching Google, try making a market for click workHow do you approach to a target without any user input taken?RCE through open PHP-FPM portsreddit.com/r/InfoSecNewsCritical flaws affect Jira Service Desk and Jira Service Desk Data CenterThinkful forces a password reset for all users after a data breachFrench application of international rules to cyberwarfarePrivilege Escalation flaw found in Forcepoint VPN Client for WindowsTortoiseShell Group targets IT Providers in supply chain attacksIran denies successful cyber attacks hit infrastructures of its oil sectorkrebsonsecurity.comBefore He Spammed You, this Sly Prince Stalked Your MailboxMan Who Hired Deadly Swatting Gets 15 MonthsNY Payroll Company Vanishes With $35 MillionPatch Tuesday, September 2019 EditionSecret Service Investigates Breach at U.S. Govt IT Contractor‘Satori’ IoT Botnet Operator Pleads Guiltydarkreading.comHow Network Logging Mitigates Legal RiskSecurity 101'Playing Around' with Code Keeps Security, DevOps Skills Sharp7 Ways VPNs Can Turn from Ally to ThreatHP Purchases Security Startup BromiumRansomware Strikes 49 School Districts & Colleges in 2019threatpost.comGoogle Assistant Audio Privacy Controls Updated After Outcry200K Sign Petition Against Equifax Data Breach SettlementFacebook Removed Tens of Thousands of Apps Post-Cambridge AnalyticaForcepoint VPN Client is Vulnerable to Privilege Escalation AttacksNews Wrap: Emotet’s Return, U.S. Vs. Snowden, Physical Pen Testers ArrestedMattress Company Leaks Data Records of 387K Customerswelivesecurity.comWeek in security with Tony AnscombeUniversities warned to brace for cyberattacksRemote access flaws found in popular routers, NAS devicesNearly all of Ecuador’s citizens caught up in data leakWeek in security with Tony AnscombeA vulnerability in Instagram exposes personal information of usersscmagazine.comPatrick Craven – Center for Cyber Safety and EducationJack Jones – FAIR InstituteJames Plouffe – MobileIronAnil Lamba – EXL Service, Inc.Joseph Kiniry – Galois, Free & Fairhelpnetsecurity.comWhat security and privacy enhancements has iOS 13 brought?IT vs OT: Challenges and opportunities – podcastHow data breaches forced Amazon to update S3 bucket securityDisclosing vulnerabilities to improve software security is good for everyoneHow SMBs can bring their security testing on par with larger enterprisestrendmicro.comWhy Should CISOs Care About XDR?This Week in Security News: Magecart Attacks and Is Your Smart TV Spying on You?Beyond The Standard CISO Cloud Security GuideThere She Breaches! Watch Out For Your Identity Data!This Week in Security News: IoT Devices Are a Target in Cybercriminal Undergroundsecurityweek.comUse Case-Centric Threat Intelligence Requires a Considered ApproachWyoming Hospital's Services Disrupted by RansomwareFlaw Gives Hackers Remote Access to Files Stored on D-Link DNS-320 DevicesDigital Threats Multiply Ahead of 2020 US ElectionsGoogle Awards $40,000 for Chrome Sandbox Escape Vulnerabilitiessiliconrepublic.com60pc of IT teams say it will be ‘impossible’ to maintain IoT networksThinkful confirms data breach days after it was acquired for $80mSkout’s cybersecurity solution with Portlaoise HQ raises $25mNemty ransomware uses ‘overkill’ encryption to hack infected systemsMore than 50 new roles at Kilkenny Security Risk Advisors hubnakedsecurity.sophos.comGoogle pulls more fake adblockers from Chrome Web StoreInvestors accuse FedEx of lying, stock dumping after NotPetya attackCould EarEcho change the way we authenticate our phones?Two charged with tech-support scamming the elderly for $10mWannaCry – and why it never went awaysecurityintelligence.comiOS 13 at Work, Part 1: Enabling Single Sign-On (SSO) and Distributing Custom AppsWhat Is Unified Threat Management? A Pragmatic Approach to Information SecurityHow to Take Control of Your Privileged AccountsNight Vision: Navigating the Darknet for Improved Threat IntelligenceSpeak Up! How a Graduate Security Architect Learned to Challenge the Status Quosecurityboulevard.comWho IsErIk: A Resurface of an Advanced Persistent Adware?Bitglass Security Spotlight: 419 Million Facebook Users ExposedBig brands don’t guarantee big security: how to bolster your information security in the cloudRecent Spike in Ransomware Incidents Potentially Linked to Payouts from Insurance FirmsNEW TECH: How ‘cryptographic splitting’ bakes-in security at a ‘protect-the-data-itself’ levelgrahamcluley.com15,000 private webcams left open to snooping, no password requiredSmashing Security #146: Password secrets and baking browniesCookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrencyHow to get away with hacking a US satelliteMedical images and details of 24.3 million patients left exposed on the internetcyberdefensemagazine.comCyber Security the Major Issue of 2019Astaroth Trojan leverages Facebook and YouTube to avoid detectionThe Dawn of the DDoS of Things (DoT)Anti-Abortion Ads Plague Women-Online Privacy Lies in PerilThe US Treasury placed sanctions on North Korea linked APT Groups