home thehackernews.com Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours5 Cybersecurity Tools Every Business Needs to KnowTor Browser for Android — First Official App Released On Play StoreHacking and Cyber Security Certification Training Bundle 2019 (10 Courses)Google Stored G Suite Users' Passwords in Plain-Text for 14 YearsPoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online sciencedaily.com Crime fighting just got easier as burglars reveal allFearful customers sensitive to size and scope of a data breach while angry customers are notNew all-fiber device simplifies free-space based quantum key distributionObstacles to overcome before operating fleets of drones becomes realityDesign flaws create security vulnerabilities for 'smart home' internet-of-things devicesNew technique uses power anomalies to ID malware in embedded systems wired.com The Danger in Assange’s Charges, a Memory Experiment, and More NewsThe Julian Assange Espionage Act Charges Target Press FreedomFacial Recognition Has Already Reached Its Breaking PointGoogle Has Stored Some Passwords in Plaintext Since 2005Political Parties Still Have Cybersecurity Hygiene ProblemsWe Are Tenants on Our Own Devices securityfocus.com Vuln: Siemens SIMATIC Products ICSA-19-134-08 Multiple Security VulnerabilitiesVuln: Intel Microarchitectural Data Sampling Multiple Local Information Disclosure VulnerabilitiesVuln: curl/libcURL CVE-2019-5436 Heap Buffer Overflow VulnerabilityVuln: QEMU CVE-2019-12247 Integer Overflow VulnerabilityBugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security updateBugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security update bleepingcomputer.com Upgraded JasperLoader Malware Adds Anti-Analysis MechanismsTwo More Windows 10 Zero-Day PoC Exploits Released, Brings Total to 4Microsoft Releases Windows 10 Version 1903 Security BaselineCarders Prefer Audio Skimmers over Less Efficient Flash SkimmersMicrosoft Defender ATP is Now Publicly Available for MacsGoogle Under GDPR Probe After Ad Exchange Privacy Complaint itpro.co.uk IoT cyber attacks cost UK economy £1bn each yearSecurity researcher auctions off Windows 10 zero-day exploitsBaltimore ransomware attack cripples public servicesCitrix Synergy 2019: Citrix clings to silver linings following data breach disasterFormer US defence chief calls for public and private sector cyber taskforceG Suite passwords stored in plain text for 14 years reddit.com/r/security Why a Windows flaw patched nine days ago is still spooking the InternetSecurity Leader Interview: Adam Surak on approaching security at AlgoliaESET Internet Security + Comodo Internet SecurityHow do I track a connection being made to China from a cell phone and tablet?Favorite Security Podcasts? reddit.com/r/netsec BadWPAD wpad.software case and DNS threat huntingIs there a technical term for these "light codes"? I looked around on Wikipedia and could find any mention, seems like an interesting stego techniqueAbusing jQuery for CSS powered timing attacks | BlogWhy Reverse Tabnabbing Matters (an Example on Reddit)Fun With Custom URI Schemes, featuring another Origin RCE reddit.com/r/websec How to Increase Web Application Security With WAF?Help with securing a WordPress site on AWS's EC2 + LEMP (Ubuntu, Nginx, MySQL & PHP-FPM)How I was able to bypass the application firewall then bypass web cache layer to get hold of AWS credentials via SSRF in one of the biggest stock broker company?Client-Side - The Security Blindspot of your WebsiteEFF: Guide to Choosing a Messenger. Step-by-step guides and detailed information on secure messaging apps for Android, iOS, Windows, Mac and Linux. reddit.com/r/InfoSecNews Playing Cat and Mouse: Three Techniques Abused to Avoid DetectionSandboxEscaper disclosed 3 Microsoft zero-day flaws in 24 hoursEmsisoft released a free Decrypter for the GetCrypt ransomwareLegal Threats Make Powerful Phishing LuresG Suite users’ passwords stored in plain-text for more than 14 years krebsonsecurity.com Legal Threats Make Powerful Phishing LuresAccount Hijacking Forum OGusers HackedFeds Target $100M ‘GozNym’ Cybercrime NetworkA Tough Week for IP Address ScammersMicrosoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003Nine Charged in Alleged SIM Swapping Ring darkreading.com Mobile Exploit Fingerprints Devices with Sensor Calibration DataGoogle's Origin & the Danger of Link SharingMicrosoft Opens Defender ATP for Mac to Public PreviewRussian Nation-State Hacking Unit's Tools Get More FancyIncident Response: 3 Easy Traps & How to Avoid ThemAlphabet's Chronicle Explores Code-Signing Abuse in the Wild threatpost.com Goodbye Passwords: Hello Identity ManagementShade Ransomware Expands to U.S. TargetsCalibration Attack Drills Down on iPhone, Pixel UsersSandboxEscaper Drops Three More Windows Exploits, IE Zero-DaySoaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, MalwareWannaCry-Infested Laptop Starts at $1.13M in Art Auction welivesecurity.com Fake cryptocurrency apps crop up on Google Play as bitcoin price risesPatch now! Why the BlueKeep vulnerability is a big dealA journey to Zebrocy landCybersecurity training and awareness: helpful resources for educatorsWhat the ban on facial recognition tech will – and will not – doWeek in security with Tony Anscombe scmagazine.com HCL employee, customer files found open to publicNCIS Cyber: USAF investigating USN for planting email tracking malwareGreat White North bombarded with malicious email campaigns, reportWindows 10 zero-day vulnerability released, Microsoft in the darkIn a first, Moody’s downgrades Equifax’s rating outlook due to cyberattack helpnetsecurity.com If you haven’t yet patched the BlueKeep RDP vulnerability, do so nowMicrosoft wants to improve routing securityHow to write an effective data breach notification?Data privacy: A hot-button issue for Americans one year after GDPRCybercriminals continue to evolve the sophistication of their attack methods trendmicro.com Keep Your Smart Home Safe: Here’s What You Can Do Today to Secure Your ProductsCelebrating the Next Generation of Technology InnovatorsThis Week in Security News: Unsecured Servers and Vulnerable ProcessorsWhy You Should Pick a Leader for Your Enterprise Email SecurityThis Week in Security News: Skimming Attacks and Ransomware securityweek.com Siemens Teams With Chronicle on Cybersecurity Solutions for Energy IndustryNATO Warns Russia of 'Full Range' of Responses to CyberattackBest Practices for Securely Moving Workloads Into the CloudComodo Issued Most Certificates for Signed Malware on VirusTotalAuthorities Take Down Cryptocurrency Mixing Service Bestmixer.io siliconrepublic.com SurveyMonkey locates European data centre in Dublin10 amazing start-ups from Vancouver to watchThousands of TalkTalk customer bank details found onlineGoogle stored user passwords in plaintext for 14 yearsCyber Ireland cluster to make Ireland a global cybersecurity powerhouse nakedsecurity.sophos.com Google stored some passwords in plaintext for 14 yearsTor Browser for Android 8.5 offers mobile users privacy boostMozilla fixes bugs, improves privacy in latest Firefox releaseThe city of Baltimore is being held hostage by ransomwareInstagram data from 49 million accounts found lying around online securityintelligence.com Uncover Modern Identity and Access Management (IAM) Challenges With Enterprise Design ThinkingIn Light of Ever-Increasing Cybersecurity Risks, Boards Must Deepen Their Oversight and EngagementThe Cybersecurity Industry’s Third-Party Risk Management Problem Is Rooted in VisibilityHere’s Why More Security Solutions Doesn’t Equal Better SecurityHow Cyber-Secure Are Business Travelers? New Report Says Not Very securityboulevard.com Infocyte Launches First Agentless Cloud Workload Protection PlatformNolaCon 2019, Aaron Ringo’s ‘My Making Of A Metasploit Module’Using NIST 800-30 To Implement The NIST Cybersecurity FrameworkThe Need for Speed: Key Takeaways from the FS-ISAC Annual SummitThe Role of Finance in Securing the SME grahamcluley.com Smashing Security #129: Too Long; Didn’t ListenFingerprinting iPhones with the built-in gyroscopeGoogle stored business customers’ passwords in plaintext on its servers… for 14 yearsData on millions of Instagram accounts spills onto the internetMining cryptocurrency at work lands Australian civil servant in court cyberdefensemagazine.com BREAKING NEWS: WikiLeaks Founder Julian Assange Charged in 18-Count Superseding IndictmentG Suite users’ passwords stored in plain-text for more than 14 yearsAre your emails safe?4 Areas with a Growing Cyber Risk of Digital ExtortionSome of the world’s biggest crimes go unnoticed, until it’s too late