Google announces to shutdown #Google+ 4 month earlier than its actual scheduled after the company discovered a new API flaw that exposed personal information of 52.5 million users

https://thehackernews.com/2018/12/google-plus-hacking.html

Google+ will now die on April 2019 instead of August 2019.

phpMyAdmin Releases Critical Software Update to Address Several Security Vulnerabilities — Patch Your Websites Now!

https://thehackernews.com/2018/12/phpmyadmin-security-update.html

—Local file inclusion (CVE-2018-19968)
—Cross-Site Request Forgery/XSRF (CVE-2018-19969)
—Cross-site scripting (CVE-2018-19970)

A new variant of infamous Shamoon malware is targeting Oil and Gas sector in the Middle East and Europe

https://thehackernews.com/2018/12/shamoon-malware-attack.html

Microsoft releases an EMERGENCY security update to patch a remote code execution vulnerability (CVE-2018-8653) in Internet Explorer that is currently being exploited in the wild



https://thehackernews.com/2018/12/internet-explorer-zero-day.html



Affected Versions — Internet Explorer 9, 10, 11 on Windows 7, 8.1, 10 Server 2008, 2012, 2016 and 2019.

Hacker Discloses New Unpatched Windows #ZeroDay Exploit On Twitter

PoC Exploit and Demo Video→ https://thehackernews.com/2018/12/windows-zero-day-exploit.html

The flaw resides in "MsiAdvertiseProduct" function and could allow low-privileged #Windows users to read content of any file on the system.

U.S. Department of Justice today indicted 2 Chinese government sponsored hackers over decade-long global #hacking campaign

https://thehackernews.com/2018/12/chinese-hacker-wanted-by-fbi.html

Defendants are members of #APT10 hacking group who stole trade secrets from tech companies and government agencies around the world

Google partially patches a privacy issue in Chrome app for Android that was originally disclosed 3-years ago

https://thehackernews.com/2019/01/google-chrome-android-privacy.html

The bug reveals device hardware model and firmware version, allowing remote attackers to identify if you're running an outdated/flawed OS.

Deal of the Week: Get 10 Popular CyberSecurity eBooks To Learn Advanced Ethical Hacking @ 96% Discount

https://thehackernews.com/2019/01/cybersecurity-hacking-books.html

20-Year-Old Student, "Who Acted Alone," Arrested For Carrying Out Germany's Biggest Data Leak

https://thehackernews.com/2019/01/germany-data-leak-arrested.html …

He admits to #hacking and leaking personal data of thousands of German politicians, journalists and other public figures.

IMPORTANT — Search your Wi-Fi routers logs for "f8:e0:79:af:57:eb" MAC Address

https://thehackernews.com/2019/01/german-dhl-parcel-bomb-blackmailer.html …

German #Police seek help in gathering related info that could lead to the phone used by DHL blackmailer who parceled out #bombs at different addresses in Brandenburg & Berlin.

Turns out that it was Kaspersky Labs who tipped off the FBI & helped the agency catch alleged #NSA leaker Harold T. Martin III

https://thehackernews.com/2019/01/shadow-brokers-nsa-kaspersky.html …

Martin contacted Kaspersky researchers just 30 min before TheShadowBrokers began leaking classified NSA #hacking tools online

Google Public DNS Service Now Supports DNS-over-TLS Security Feature

https://thehackernews.com/2019/01/google-dns-over-tls-security.html

It not just helps in hiding your web-browsing history from ISPs and eavesdroppers, but also prevents DNS spoofing attacks.

Over 202 Million Chinese Job Seekers' Scrapped Personal Details Exposed On the Internet

https://thehackernews.com/2019/01/mongodb-chinese-database.html …

Thanks to Another Unprotected MongoDB Instance [854 GB]

New Systemd Security Flaws Affect Most Linux Distributions — Patches are on the Way!

https://thehackernews.com/2019/01/linux-systemd-exploit.html …

CVE-2018-16864 (privilege escalation)
CVE-2018-16865 (privilege escalation)
CVE-2018-16866 (Information leak)

Cybercriminals found using Zero-Width Space characters in Phishing emails to bypass Microsoft Office 365 Safe Links and Advanced Threat Protection

https://thehackernews.com/2019/01/phishing-zero-width-spaces.html

PyLocky #Ransomware Decryption Tool Released—Unlock Your Files For Free

https://thehackernews.com/2019/01/pylocky-free-ransomware-decryption.html

Limitation: The tool requires captured PCAP file of the initial network traffic b/w the infected machine and C&C server to extract the password

Attacking Hospital Networks With DDoS Landed This Anonymous Hacktivist in Jail for Over 10 Years

https://thehackernews.com/2019/01/ddos-attack-anonymous-hacker.html

...And Fined $443,000

Ukrainian Police BUSTED Two Separate Gangs of Cyber Criminals

https://thehackernews.com/2019/01/ukrainian-cybercriminals.html

• 4 Hackers, aged 26-30 years, for hacking Ukrainians and stealing 5 million Hryvnia

• 2 Hackers, aged 21-22 years, for disrupting Ukrainian sites with DDoS attacks

Unprotected "Oklahoma Securities Commission" Server Exposes a Massive 3 TB of Government Database Containing Millions of Sensitive Files Related to Years of #FBI Investigations

https://thehackernews.com/2019/01/oklahoma-fbi-data-leak.html

#MageCart Hackers Compromised a French #Advertising Service to Indirectly Inject its 'Credit Card Stealing Code' into 100's of e-Commerce Sites

https://thehackernews.com/2019/01/magecart-hacking-credit-cards.html

Hacking Fortnite Accounts—Security researchers reported multiple flaw in Epic Games site that could have allowed remote hackers to steal users' authentication tokens and takeover accounts just by tricking them into clicking a link

https://thehackernews.com/2019/01/fortnite-account-hacked.html