SecHub

Google is tracking your location, even when the setting is turned off (nakedsecurity.sophos.com)

Shock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.

The sextortionists are back, this time with your phone number as “proof” (nakedsecurity.sophos.com)

Last month the crooks were throwing old passwords into their scams to make you sit up and take notice. Now it's phone numbers.

Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files (threatpost.com)

Researchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.

Former Microsoft engineer sent behind bars for role in ransomware extortion scheme (zdnet.com)

The engineer was neck-deep in laundering proceeds from Reveton ransomware victims.

Black Hat USA 2018: ransomware is still the star (malwarebytes.com)

A recap of the Malwarebytes' team experience at the Black Hat conference in Las Vegas, including top trends, topics, and interesting discussions.

Patch Tuesday, August 2018 Edition (krebsonsecurity.com)

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two "zero-day" flaws that attackers were already exploiting before Microsoft issued patches to fix them.

Under the hoodie: why money, power, and ego drive hackers to cybercrime (malwarebytes.com)

We know what cybercriminals do. We know how they do it. Now we ask: why? This in-depth profile examines what makes hackers turn to cybercrime, and what could change their minds.

ThreatList: Financial-Themed Phishing Hooks Targets in Q2 (threatpost.com)

In addition to traditional phishing, fraudulent cryptocurrency offers pose a rising trend.

Are your Android apps listening to you? (nakedsecurity.sophos.com)

This simple setup will help you discover if your apps are listening in on you.

Adobe fixes critical code execution flaws in latest patch update (zdnet.com)

Two vulnerabilities in Acrobat and Reader are considered critical.