Exploiting a Windows 10 PagedPool off-by-one overflow

https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/

j00ru has shared full source code of the exploit on GitHub

Singapore's largest healthcare group – SingHealth – suffers a massive data breach
.

Hackers stole personal information on 1.5 million patients (a quarter of the country's population) and outpatient dispensed medication data on some 160,000 patients.

https://thehackernews.com/2018/07/singapore-healthcare-breach.html

Microsoft revealed that Russian hackers also tried to hack three 2018 US midterm election candidates —by @Swati_THN

https://thehackernews.com/2018/07/russia-election-hacking.html …

(Fancy Bear, APT28, Strontium, Sofacy)

Data Transfer Project—An Open Source Data Portability Initiative by Google, Facebook, Microsoft, and Twitter—Lets You Easily, Securely and Directly Transfer Your Data From One Online Service to Another

https://thehackernews.com/2018/07/google-data-transfer-project.html

Egypt passes a new controversial law that allows government to monitor, block and prosecute citizens with more than 5000 followers on social media for sharing fake news

https://thehackernews.com/2018/07/social-media-fake-news-law.html

New Bluetooth Vulnerability (CVE-2018-5383)—Cryptographic implementation flaw in Firmware/Drivers affects devices from major vendors including Apple, Broadcom, Intel & Qualcomm. Attackers can intercept, decrypt, forge messages/traffic or inject malware.

https://thehackernews.com/2018/07/bluetooth-hack-vulnerability.html

It's happening! Starting today, Google Chrome will mark all HTTP websites as 'Not Secure'

https://thehackernews.com/2018/07/google-chrome-not-secure.html

If you have a website, you need an SSL — it's as simple as that!

Security Bypass Flaw (CVE-2018-14773) in Symfony Component Leaves #Drupal Websites Vulnerable — Patch Now

https://thehackernews.com/2018/08/symfony-drupal-hack.html

Same Vulnerability Also Affects Projects Built Using Zend Feed or Diactoros Libraries

MikroTik Routers Are Under Massive Attack — Hackers Infect Over 200,000 Routers to Inject Cryptocurrency Mining Scripts

https://thehackernews.com/2018/08/mikrotik-router-hacking.html …

Popular System Optimization Tool – #CCleaner – Introduces Active Monitoring Feature and User Data Collection With No Way to Opt-Out

https://thehackernews.com/2018/08/ccleaner-software-download.html

Reddit Got Hacked – Here's Everything You Need to Know

https://thehackernews.com/2018/08/hack-reddit-account.html …

Attacker Bypasses Two-Factor Authentication for Employees' Accounts and Stole Users’ Private Messages, Emails, and Hashed Passwords

Fortnite APK for Android will be available only on the company's website instead of Google Play Store
. The move raises security concerns over encouraging millions of users to install (via sideloading) a 3rd-party app outside of the official app store


https://thehackernews.com/2018/08/fortnite-android-apk-download.html

Computer Virus Attack Hits #iPhone Chip Supplier—Taiwan Semiconductor Manufacturing Company (TSMC), Forcing It to Shut Down Several Chip-Fabrication Factories.

TSMC Scrambles to Resume Production and Expects 250 Million Loss in Third Quarter Revenue.

https://thehackernews.com/2018/08/tsmc-iphone-computer-virus.html

Android P (Android 9.0) now stands for "Android Pie" — 5 best new features you should check out:

Google officially launches Android Pie for Pixel phones today; Here's how to download it now.

https://thehackernews.com/2018/08/android-9-pie.html

Facebook Releases "Fizz" — A New Open Source #TLS 1.3 Implementation Library Designed For High Performance and Security

https://thehackernews.com/2018/08/fizz-tls-ssl-library.html …

Facebook Also Uses Fizz to Secure Trillions of Connections Everyday

Apple Chip Maker TSMC Blames #WannaCry Ransomware Attack for Production Halt

https://thehackernews.com/2018/08/tsmc-wannacry-ransomware-attack.html

Hacker Leaked #Snapchat Source Code On GitHub

https://thehackernews.com/2018/08/snapchat-hack-source-code.html

—by @Swati_THN

New WhatsApp vulnerabilities could let malicious users modify private/group chats and spread fake news or misinformation. Check out the video demonstration to learn how the 3 "unpatched attacks" work!

https://thehackernews.com/2018/08/whatsapp-modify-chat-fake-news.html

Security researchers release open source—Social Mapper—facial recognition tool that tracks people across social media networks, including: Facebook, Instagram, Twitter, LinkedIn, Google+, VKontakte, Weibo & Douban.

https://thehackernews.com/2018/08/social-mapper-osint.html

Researchers Developed AI-Powered (Artificial Intelligence) Stealthy "DeepLocker" Malware to Demonstrate Future Threats

https://thehackernews.com/2018/08/artificial-intelligence-malware.html

Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers. Affected Android handsets are from Asus, ZTE, LG, Essential, Vivo, Sony, Nokia, Oppo, Sky, Leagoo, Plum, Orbic, MXQ, Doogee, Coolpad, and Alcatel.

https://thehackernews.com/2018/08/android-app-hack.html