InfoSec / Cyber Security Newsthehackernews.comResearcher Demonstrates 4 New Variants of HTTP Request Smuggling AttackCase Study: How Incident Response Companies Choose IR ToolsApple Touch ID Flaw Could Have Let Attackers Hijack iCloud AccountsUS Government Warns of a New Strain of Chinese 'Taidoor' Virus17-Year-Old 'Mastermind', 2 Others Behind the Biggest Twitter Hack ArrestedEU sanctions hackers from China, Russia, North Korea who're wanted by the FBIsciencedaily.comConsumers don't fully trust smart home technologiesSharing a secret...the quantum wayRandomness theory could hold key to internet securityRecognizing fake images using frequency analysis'Knock codes' for smartphone security are easily predictedPower of DNA to store information gets an upgradewired.comChinese Hackers Have Pillaged Taiwan's Semiconductor IndustryThe Quest to Liberate $300,000 of Bitcoin From an Old Zip FileHow the US Can Prevent the Next 'Cyber 9/11'The Feds Want These Teams to Hack a Satellite—From HomeThe Subtle Tricks Shopping Sites Use to Make You Spend MoreDutch Hackers Found a Simple Way to Mess With Traffic Lightszerodayinitiative.comAnnouncing Pwn2Own Tokyo 2020 – Live from Toronto!Chaining 5 Bugs for Code Execution on the Rockwell FactoryTalk View SE HMI at Pwn2Own MiamiAbusing Java Remote Protocols in IBM WebSphereThe July 2020 Security Update ReviewCVE-2020-1300: Remote Code Execution Through Microsoft Windows CAB FilesCVE-2020-7454: Killing Two Birds with One Bug in libaliasbleepingcomputer.comIntel leak: 20GB of source code and internal docs, backdoors mentionedNearly 50% of all smartphones affected by Qualcomm Snapdragon bugsKrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chipsCanon confirms ransomware attack in internal memoUnpatched bug in Windows print spooler lets malware run as adminHackers abuse lookalike domains and favicons for credit card theftitpro.co.ukWhat is a DDoS attack?What is shadow IT?Best antivirus for Windows 10What is strong customer authentication (SCA) under PSD2?What is a Trojan?What is an MSSP?reddit.com/r/securityAnnouncement: r/security is now closed down and will be re-launched soon. Please use r/cybersecurity for all cybersecurity topics.Detailed audit of Voatz' voting app confirms security flawsOngoing DDoS attacks against ISPs?Cyber threats abusing COVID-19 collected to a database to spread awareness.Security In 5: Episode 706 - Tools, Tips and Tricks - Kaspersky Security Cloud FreeFirefox to remove support for the FTP protocolreddit.com/r/netsecThe /r/netsec Monthly Discussion Thread - August 2020/r/netsec's Q3 2020 Information Security Hiring ThreadSmear phishing: how to scam an Android userMassive 20GB Intel Data Breach Floods the Internet, Mentions BackdoorsWeb Cache Entanglement: Novel Pathways to PoisoningReversing Lyft's ride history API to analyze 6 years worth of ridesreddit.com/r/websecData Loss Prevention ToolMobile Application SecurityWeb Cache Deception at HacktivityCon2020, HackerOneWapiti – free web-application vulnerability scannerBuilding my website to break it...Expensifyreddit.com/r/InfoSecNewsHackers can abuse Microsoft Teams updater to deliver malicious payloads20 GB Intel leaksPorn Clip Disrupts Virtual Court Hearing for Alleged Twitter HackerHacker leaks passwords for 900+ Pulse Secure VPN enterprise serversUberEats data leaked on the dark webExclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine productkrebsonsecurity.comHacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment ClaimsPorn Clip Disrupts Virtual Court Hearing for Alleged Twitter HackerRobocall Legal Advocate Leaks Customer DataThree Charged in July 15 Twitter CompromiseIs Your Chip Card Secure? Much Depends on Where You BankHere’s Why Credit Card Fraud is Still a Thingdarkreading.comNew Windows Print Spooler Zero-Day Flaws Harken Back to StuxnetPlatform Security: Intel Pushes to Reduce Supply Chain AttacksCounting for Good: Hardware Counters Un-mask Malware2019 Breach Leads to $80 Million Fine for Capital OneA Real-World Tool for Organizing, Integrating Your Other ToolsFour Rules and Three Tools to Protect Against Fake SaaS Appsthreatpost.comCanon Admits Ransomware Attack in Employee Note, ReportBlack Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping HackHigh-Severity Cisco DoS Flaw Plagues Small-Business SwitchesBlack Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office MacrosBlack Hat 2020: Using Botnets to Manipulate Energy Markets for Big ProfitsU.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddlingreddit.com/r/pwnedHeard about this website where you can check if your password is leaked. This is what it said for my mail. Am i screwed? What does it mean?Canon hit by Maze Ransomware attack, 10TB data allegedly stolenHacker leaks passwords for 900+ enterprise VPN serversInternal code from 50 high-profile firms, like Microsoft, leaked online - Business InsiderAlcohol delivery service Drizly confirms data breach – TechCrunchwelivesecurity.comNSA shares advice on how to limit location trackingFBI warns of surge in online shopping scamsHow much is your personal data worth on the dark web?Week in security with Tony AnscombeTwitter breach: Staff tricked by ‘phone spear phishing’10 billion records exposed in unsecured databases, study saysscmagazine.comNew index shows proactive cybersecurity measures outpaced reactive in Q2What security functions should small medical providers outsource?Lesson learned: Failure to patch led to password leak of 900 VPN enterprise servers‘We want to have more protection’: Arrested pen testers push for Good Samaritan lawTrade minister hack led to trade secrets leak before U.K. electionhelpnetsecurity.comState Department offers $10 million for info on hackers targeting U.S. electionsTeamViewer flaw could be exploited to crack users’ passwordHow can security leaders maximize security budgets during a time of budget cuts?Misconfigured cloud storage services are commonplace in 93% of deployments25% of IT workers don’t enforce security policiestrendmicro.comThis Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three YearsESG Findings on Trend Micro Cloud-Powered XDR Drives Monumental Business ValueRansomware is Still a Blight on BusinessThis Week in Security News: Trend Micro Research Uncovers the Business Infrastructure of Cybercrime and Apple Launches Security Device Research ProgramCleaner One Pro Speeds Up Your Mac: Part 2securityweek.comUS Senate Votes to Ban TikTok on Government PhonesTwitter Moves to Reduce Reach of 'State-affiliated' MediaThe Integration Imperative for Security VendorsU.S. Government Launches Cyber Career Path ToolSilverfort Raises $30 Million to Expand Agentless Authentication Platformsiliconrepublic.com€420m TikTok data centre to create ‘hundreds of new jobs’ in IrelandCyberattacks rising at an ‘alarming’ rate, according to InterpolWhich jobs will thrive in a post-pandemic world?Celebrity Twitter hack caused by ‘phone spear phishing attack’Smarttech247 CTO: ‘The attack surface is continuously expanding’nakedsecurity.sophos.comPorn blast disrupts bail hearing of alleged Twitter hackerGandCrab ransomware hacker arrested in BelarusMonday review – our recent stories revisitedTwitter hack – three suspects charged in the USTravel company CWT avoids ransomware derailment by paying $4.5m blackmail demandcsoonline.comWhat the use of open banking means for identity networks15 signs you've been hacked -- and how to fight backWhat is a dictionary attack? And how you can easily stop them8 steps to protecting login credentialsCIO Think Tank: Setting the multi-cloud agenda9 container security tools, and why you need themkitploit.comTaowu - A CobaltStrike ToolkitUEFI_RETool - A Tool For UEFI Firmware Reverse EngineeringNetenum - A Tool To Passively Discover Active Hosts On A NetworkDLInjector-GUI - DLL Injector Graphical User InterfaceXeca - PowerShell Payload Generatorsecurityboulevard.comSecurity BSides Athens 2020 – Talk 05 – Tasos Chatziefstratiou’s ‘Visualize Windows Events Using Python3 & Neo4j’The NSA on the Risks of Exposing Location DataChrome Web Store FAIL: 300+ More Scam Browser ExtensionsMaking Infosec Jobs Easier: Threat HuntingXKCD ‘Exposure Notification’grahamcluley.comA scam letter! Warn your vulnerable loved ones to be on their guardPrioritize alerts and jump-start your investigations with Recorded Future’s free browser extension. Sign up now.Porn-wielding Zoom bombers disrupt Twitter hack court hearingSmashing Security podcast #190: Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognitionTwitter says a “phone spear phishing” attack helped hackers – what’s that?