Watch Out, SysAdmins!

Someone planned an RCE backdoor in Webmin (versions 1.882 through 1.921)—a popular open source, web-based cPanel type utility for Linux/Unix servers—that remained hidden for over a year, allowing unauthenticated remote attackers to execute arbitrary commands with root privileges on affected servers

https://thehackernews.com/2019/08/webmin-vulnerability-hacking.html

⚡ Fully working jailbreak released for the latest iOS 12.4 — thanks to Apple who "accidentally unpatches" an old vulnerability (CVE-2019-8605) that it patched previously in iOS 12.3.

Details ➤ https://thehackernews.com/2019/08/ios-iphone-jailbreak.html

It works on updated iPhone, iPad and iPod touch devices.

👨‍🔧 Off-Facebook Activity

Facebook releases a new privacy tool that lets its users view & simply dissociate their Facebook identity from the data 3rd-party websites & apps share with the company through online tracking tools.

Read details ➤ https://thehackernews.com/2019/08/clear-off-facebook-activity.html

Google and Mozilla finally today blocked the Kazakhstan’s government-issued root CA certificate in Chrome and Firefox web browsers to prevent the government from intercepting HTTPS connections and spying on its citizens' online activities.

https://thehackernews.com/2019/08/kazakhstan-root-certificate.html

🔥 Privacy Sandbox

Google announces a new initiative to develop a set of open standards that fundamentally enhances privacy on the web, while continuing to support a free, open and democratic Internet through targeted online advertisements.

https://thehackernews.com/2019/08/google-privacy-sandbox-ads.html

Hostinger—Popular Web Hosting Provider— Suffers Data Breach; Resets Password For 14 Million Customers

Read ➤ https://thehackernews.com/2019/08/web-hosting-hostinger-breach.html

Binance, one of the world's largest cryptocurrency exchanges, confirms the "blackmailing hacker" obtained some of its users’ KYC data from a 3rd-party vendor.

Details ➤ https://thehackernews.com/2019/08/binance-kyc-data-leak_26.html

🤷 Like it or not...

Apple just patched an unpatched Jailbreak flaw that it patched previously but accidentally unpatched lately—Did I confuse you?

Details ➤ https://thehackernews.com/2019/08/apple-ios-iphone-jailbreak.html

Just update your iPhone, iPad, or iPod touch devices to the latest iOS 12.4.1 immediately.

WARNING 😱 — CamScanner Goes Rogue! Remove this app immediately from your smartphones.

Hidden malware found in the highly popular—CamScanner—Android app that has more than 100 million users.

https://thehackernews.com/2019/08/android-camscanner-malware.html

Google has also removed it from its Play Store.

Bravo 👏

French Police—in collaboration with Avast researchers—took control over widely-spread "RETADUP" botnet network and remotely removed the malware from more than 850,000 infected computers worldwide.

More details ➤ https://thehackernews.com/2019/08/retadup-botnet-malware.html

Magecart Hackers Compromise 80 More e-Commerce Websites to Steal Online Shoppers' Credit Card Information

Read ➤ https://thehackernews.com/2019/08/magecart-hacking-credit-card.html

Apple changes the way it will handle Siri recordings following #privacy concerns that involved 3rd-party contractors listening to users’ voice interactions without their knowledge or consent.

Read details ➤ https://thehackernews.com/2019/08/apple-siri-recording-privacy.html

NO, it hasn't ended the program entirely.

Woman accused of “Capital One” data breach has also been charged for hacking another 30 companies and using their servers to mine cryptocurrency.

https://thehackernews.com/2019/08/paige-thompson-capital-one.html

If convicted, she could face up to 25 years in prison.

📢 Google just made 2 major announcements for its Bug Bounty Programs:

1.) Google will now reward anyone who reports data abuse issues in Android apps, OAuth projects, and #Chrome extensions.

2.) Google Play Store vulnerability reward program now includes all popular Android apps with over 100 million installations.

Details ➤ https://thehackernews.com/2019/08/google-data-abuse-bug-bounty.html

⚡Beware iPhone Users!

Google uncovers how just visiting some sites remotely HACKED thousands of iPhones 'indiscriminately' to install spyware.

Read ➤ https://thehackernews.com/2019/08/hacking-iphone-ios-exploits.html

With 5 iOS exploit chains, this campaign used a total of 14 vulnerabilities for at least 2 years.

This week in ironic news:

Ransomware malware hits DDS Safe, an online data backup service that hundreds of dental practice offices across the United States are using to safeguard patients’ medical records and other information from ransomware attacks.

https://thehackernews.com/2019/08/dds-safe-dental-ransomware-attack.html

ZAO—Chinese AI-Based #Deepfake Face Swapping App—Sparks Privacy Concerns After Going Crazily 🔥 Viral Over This Weekend

Details ➤ https://thehackernews.com/2019/09/face-swapping-deepfake-zao.html

USBAnywhere — Newly Discovered BMC Vulnerabilities Exposed Thousands of Supermicro Servers to Remote USB-Attacks

Details ➤ https://thehackernews.com/2019/09/hacking-bmc-server.html

XKCD Gets Hacked

The forum site of XKCD — one of the most popular webcomics platforms known for its geeky tech humor and science-laden comic strips — has suffered a databreach exposing account details of over 562,000 users.

Read: https://thehackernews.com/2019/09/xkcd-forum-hacked.html

Price for Android “zero-day exploit” suddenly jumps up to $2.5 million–higher than ever and also more than a similar full-chain, zero-click exploit for iOS with persistence.

https://thehackernews.com/2019/09/android-full-chain-zero-day-exploit.html

🤔 High demand or is hacking Android phones somehow getting tougher?

Starting with the latest Firefox 69 released yesterday, #Firefox will now automatically block third-party tracking cookies and #cryptocurrency mining scripts by default for all users.

Details: https://thehackernews.com/2019/09/firefox-tracking-cookies-cryptominers.html