InfoSec / Cyber Security Newsthehackernews.comFacebook Will Limit Your WhatsApp Features For Not Accepting Privacy PolicyTop 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild4 Major Privacy and Security Updates From Google You Should Know About6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOSNew TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS ServersNew Stealthy Rootkit Infiltrated Networks of High-Profile Organizationsbleepingcomputer.comThe Week in Ransomware - May 7th 2021 - Attacking healthcareMicrosoft: Business email compromise attack targeted dozens of orgsBulletproof hosting admins plead guilty to running cybercrime safe havenMicrosoft pauses development of Windows 10X, its Chrome OS competitorFoxit Reader bug lets attackers run malicious code via PDFsRussian state hackers switch targets after US joint advisorieswired.comMicrosoft Will Soon Kill Flash on Windows 10 for GoodISPs Funded 8.5 Million Fake Comments Opposing Net NeutralityTwitter's Tip Jar Privacy Fiasco Was Entirely AvoidableHow a Former Netflix Exec Built a Brazen Bribery SchemeThey Told Their Therapists Everything. Hackers Leaked It AllDon’t Buy Into Facebook’s Ad-Tracking Pressure on iOS 14.5zerodayinitiative.comCVE-2021-26900: Privilege Escalation Via a Use After Free Vulnerability In win32kParallels Desktop RDPMC Hypercall Interface and VulnerabilitiesCVE-2021-20226: A Reference-Counting Bug in the Linux Kernel io_uring SubsystemThe April 2021 Security Update ReviewPwn2Own 2021 - Schedule and Live ResultsCVE-2021-25646: Getting Code Execution on Apache Druiditpro.co.ukBest free malware removal tools 2021COVID vaccine passports will fail unless government wins public trust, ICO warnsDell patches vulnerability affecting hundreds of computer models worldwideAcuant acquires identity verification provider Hello SodaX-Force threat intelligence indexTens of thousands of Pennsylvanians health data exposed following data breachkrebsonsecurity.comInvestment Scammer John Davies Reinvents Himself?Malicious Office 365 Apps Are the Ultimate InsidersThe Wages of Password Re-use: Your Money or Your LifeTask Force Seeks to Disrupt Ransomware PaymentsExperian API Exposed Credit Scores of Most AmericansExperian’s Credit Freeze Security is Still a Jokereddit.com/r/cybersecurityMentorship MondayCyberattack Forces a Shutdown of a Top U.S. Pipeline Operator - Colonial Pipeline, said it had shut down its 5,500 miles of pipeline, which takes refined gasoline and jet fuel along the East Coast.Im a security engineer. I am interviewing for an entry level role and here is what they asked me:Adaptive MFA: Integrating Security and User ExperienceIs cyber security only good for protection software?Emotet Malware Taken Down By Global Law Enforcement Effort, Cleanup Patch Pushed to 1.6 Million Infected Devicesreddit.com/r/netsec/r/netsec's Q2 2021 Information Security Hiring ThreadData Only Attack: Neutralizing EtwTi ProviderBypassing EDR real-time injection detection logicversionshaker: find a remote website's version based on its public js/css resources from gitDomain hijacking vulnerability in Route 53/GandiThe Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0reddit.com/r/websecDoes CSRF attacks really work?Researching how organizations help developers tackle application securityFully automate your bug bounty with Nuclei and a sprinkle of bash[CVE-2021-28379] Abusing file uploads to get an SSH backdoorAround 200 attacks per minute while testing a HoneyPotDoes your WAF have False Positive?reddit.com/r/InfoSecNews19 petabytes of data exposed across 29,000+ unprotected databasesPossible attacks on the TCP/IP protocol stack and countermeasuresThe Fortnite Trial Is Exposing Details About the Biggest iPhone Hack on RecordConnecting the Bots – Hancitor fuels Cuba Ransomware OperationsFBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR ActivityDefending Against Web Scraping Attacksembracethered.comGoogle's FLoC - Privacy Red Teaming OpportunitiesSpoofing credential dialogs on macOS, Linux and WindowsBroken NFT standardsHong Kong InfoSec Summit 2021 Talk - The adversary will come to your house!An alternative perspective on the death of manual red teamingCybersecurity Attacks - Red Team Strategies Kindle Edition for freedarkreading.comHow North Korean APT Kimsuky Is Evolving Its TacticsMost Organizations Feel More Vulnerable to Breaches Amid PandemicFBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR ActivityThe Edge Pro Quote: Password EmpowermentDefending Against Web Scraping Attacks11 Reasons Why You Sorta Love Passwordsthreatpost.comiPhone Hack Allegedly Used to Spy on China’s Uyghurs80% of Net Neutrality Comments to FCC Were FudgedQualcomm Chip Bug Opens Android Fans to EavesdroppingCritical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate NetworksRyuk Ransomware Attack Sprung by Frugal StudentMassive DDoS Attack Disrupts Belgium Parliamentreddit.com/r/pwnedGeico data breach exposed customers' driver's license numbersCodecov.io: "Unauthorized access and alterations to our Bash Uploader since Jan 31, 2021, which enabled them to potentially export information stored in our users' continuous integration (CI) environments"Mobikwik (India) KYC data leaked$5.7 Million Crypto Stolen Due To A Security Breach at Cryptocurrency platform RollWorldwide Hack: Microsoft Exchange Server Zero-day Exploitswelivesecurity.comWeek in security with Tony AnscombePopular routers found vulnerable to hacker attacksFantastic passwords and where your children can find themDDoS attack knocks Belgian government websites offlineOusaban: Private photo collection hidden in a CABinetMicrosoft will soon remove Flash Player from Windows 10 devicesscmagazine.comSmall and medium businesses need their own federal cyber policy, say advocatesBeware the gold rush: The risk of a cyber investment surgeSecurity researchers applaud Google’s move towards multi-factor authenticationBuer malware rewritten in Rust language to curb detectionJumpstart your adoption of Zero Trust with these three stepshelpnetsecurity.comEntrust Production Analytics Solution optimizes card issuance operationsLogDNA Browser Logger empowers developers to more efficiently debug web applicationsThree Ivanti Wavelink applications now available on SAP StoreMariaDB updates MariaDB SkySQL cloud database, expands support for AWSIntermedia Unite offers enterprise-grade business phone features to Microsoft Teamstrendmicro.comThis Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical BugsThis Week in Security News: US Cyber Command Exposes New Russian Malware and REvil Ransomware Gang ‘Acquires’ KPOT MalwareThis Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. HospitalsTrend Micro HouseCall for Home Networks: Giving You a Free Hand in Home Network Securitysecurityweek.comCyberattack Forces Shutdown of Major U.S. PipelineUS-UK Gov Warning: SolarWinds Attackers Add Open-Source PenTest Tool to ArsenalUnder the Microscope: ISACA Survey on Cybersecurity Workforce, Resources and BudgetsCISA Analyzes FiveHands RansomwareAndroid App Developers Required by Google to Share More Info on Data Handlingsiliconrepublic.comDublin tech firm Anam acquired by Croatia’s Infobip7 top password tips to help keep you secureDarktrace shares surge 40pc in stock market debutAccenture to acquire French cybersecurity company OpenmindedIrish-founded start-up Inscribe raises $10.5mnakedsecurity.sophos.comS3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug [Podcast]Firefox for Android gets critical update to block cookie-stealing holeDell fixes exploitable holes in its own firmware update driver – patch now!Apple products hit by fourfecta of zero-day exploits – patch now!Naked Security Live – Beware ‘Flubot’: the home delivery scam with a differencecsoonline.comSecurity Recruiter DirectoryThe Microsoft Exchange Server hack: A timelineWhat is cryptojacking? How to prevent, detect, and recover from it8 cybersecurity startups to watchHow malicious Office files and abused Windows privileges enable ransomwareBrandPost: Closing the Cyber Skills Gap with Fortinet’s Training Advancement Agenda (TAA)kitploit.comRed-Detector - Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.ioWordPress-Brute-Force - Super Fast Login WordPress Brute ForceCANalyse - A Vehicle Network Analysis And Attack ToolJudge-Jury-and-Executable - A File System Forensics Analysis Scanner And Threat Hunting ToolPriv2Admin - Exploitation Paths Allowing You To (Mis)Use The Windows Privileges To Elevate Your Rights Within The OSsecurityboulevard.comSecurity News In Review: PyInstaller, Cloud Frameworks, and Scripps (Oh My)Integre la gestión del ciclo de vida de los certificados con la MDM empresarial y optimice la seguridad de su entorno móvilWPScan Intro: How to Scan for WordPress VulnerabilitiesWhat Cybersecurity Standards and Frameworks Should You Adopt Next?How Financial Organizations Can Manage Risk During Digital Transformationgrahamcluley.comInsurer AXA says it will no longer cover ransomware payments in FranceChinese smart TVs caught hoovering up data about devices on customers’ networksNSA offers advice: connecting OT to the rest of the net can lead to “indefensible levels of risk”Recorded Future’s free Cyber Daily brings the latest trending threat insights to your inboxSmashing Security podcast #226: Cryptocrazies and NFTs