📢 All Major Web Browsers—Chrome, Firefox, Edge, IE and Safari—Today Announced Their Plans to Remove Support for TLS 1.0 and TLS 1.1 Encryption Protocol

https://thehackernews.com/2018/10/web-browser-tls-support.html

*New* #iPhone Lock Screen Bypass Bug Lets Anyone Access Your Private Photos and Send Them to Another Device

https://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html

Works On the Latest Apple iOS 12.0.1 Version

Google will charge Android phone makers to pre-install its apps on devices sold in Europe

Following EU’s antitrust cases against Google, the company introduces new paid licenses for manufacturers who don't want to pre-install Google apps (that generate revenue for Google).

Google has made its point very bold and clear. Europe can’t selectively pre-install some of the Google apps to enjoy billion dollar services for free and fine Google with $5 BILLION.

From now on, either pre-install all Google apps for free, or install selective apps with paid licences, or simply don’t use any app, not even the Play Store.

https://thehackernews.com/2018/10/google-android-european-commission.html

⚡Ridiculously "Simple to Exploit" LibSSH Authentication Bypass Flaw (CVE-2018-10933) Allows Attackers to Take Over Vulnerable Servers Without Requiring Passwords

https://thehackernews.com/2018/10/libssh-ssh-protocol-library.html

🤔HINT → Just Tell the Server You Have Successfully Logged-In, It Will Trust You!

(Tumblr patches a critical vulnerability)[https://thehackernews.com/2018/10/tumblr-account-hacking.html] in the "Recommended Blogs" feature on its desktop version of the website that could have allowed hacker to steal users’ account information, including emails and passwords (hashed and salted)

Several critical vulnerabilities found in #Amazon FreeRTOS #IoT operating system, which also affect its variants: OpenRTOS and SafeRTOS

https://thehackernews.com/2018/10/amazon-freertos-iot-os.html

Reported flaws could allow remote attackers to execute malicious code, leak information or crash targeted devices

Signal Secure Messaging App Introduces A New Feature Called "Sealed Sender" That Encrypts 🔒Sender's Identity Along with the Message ✉️

https://thehackernews.com/2018/10/signal-secure-messaging-metadata.html …

Signal Aims to Further Reduce the Metadata Information That's Still Accessible to the Company.

Microsoft Windows 10 Built-in Defender Antivirus Becomes First #Antivirus to Have the Ability to Run Inside a Secure Sandbox

https://thehackernews.com/2018/10/windows-defender-antivirus-sandbox.html …

Here's How You Can Turn It ON.

IBM to Acquire "Red Hat" Open-Source Software Company for $34 Billion

https://thehackernews.com/2018/10/ibm-redhat-tech-acquisition.html …

One of the Largest Tech-Deals that Could Reshape the Future of Cloud Computing

Who says hacking is difficult! 🤣 It's fun.

*NEW* — *NEW* — iPhone Passcode Bypass Discovered Just Hours After Apple Releases the Latest iOS 12.1

This easy-to-perform technique exploits the new Group FaceTime feature and works without Siri or VoiceOver.

https://thehackernews.com/2018/10/iphone-ios-passcode-bypass.html

Popular WooCommerce WordPress Plugin Patches A Critical File-Deletion Vulnerability That Could Allow Shop Managers to Reset Administrator Password and Take Complete Control Over the Site

https://thehackernews.com/2018/11/woocommerce-wordpress-hacking.html

Multiple Vulnerabilities Discovered in Popular Samsung and Crucial's Self-Encrypting SSDs Let Attackers Bypass Hardware Encryption and Decrypt Data

Read More: https://thehackernews.com/2018/11/self-encrypting-ssd-hacking.html

Researchers Discover Another Hyper-Threading Vulnerability in Intel CPUs

New PortSmash (CVE-2018-5407) Side-Channel Attack Could Allow Malicious Processes to Steal Sensitive and Protected Data

Read More: https://thehackernews.com/2018/11/portsmash-intel-vulnerability.html

BleedingBit — Two New Critical #Bluetooth Chip RCE Vulnerabilities (CVE-2018-16986 and CVE-2018-7080) Expose Millions of BLE-Enabled Enterprise Networking Devices to Remote Attacks

https://thehackernews.com/2018/11/bluetooth-chip-hacking.html

Unpatched Oracle's VirtualBox Zero-Day Vulnerability and Exploit Details Released Online:

Read ➣ https://thehackernews.com/2018/11/virtualbox-zero-day-exploit.html

New VirtualBox Exploit Could Allow Attackers to Escape Virtual Machines and Compromise Host Operating System.

Hackers compromised popular Web Traffic Analytics service "StatCounter" to steal Bitcoins from Gate[.]io cryptocurrency exchange users
. Malicious code bundled with the widely-used StatCounter analytics script gets injected into 700,000 websites, but targeted only cryptocurrency sites and their users.

https://thehackernews.com/2018/11/statcounter-cryptocurrency-cyberattack.html

New Android "In-app Updates" API Lets Developers Push Updates Within Their Apps Which Users Can Install While Using Them

https://thehackernews.com/2018/11/android-in-app-updates-api.html

Popular drone maker DJI left its website and mobile apps users vulnerable for 6 months that could have allowed hackers to hijack Drone account and access sensitive data—including flight records, drone's location, live video feed and photos.

https://thehackernews.com/2018/11/dji-drone-hack_8.html

23-Year-Old "DerpTroll" Hacker Pleads Guilty to #DDoS Attacks Against Sony, EA and Steam Gaming Companies
.
He Could Face Maximum Penalty of 10 Years in Prison and Fine of $250,000

https://thehackernews.com/2018/11/gaming-server-ddos-attack.html