SecHub

Microsoft to disable TLS 1.0 and TLS 1.1 support in Edge and Internet Explorer (zdnet.com)

TLS 1.0 and 1.1 deprecation in Edge and IE scheduled for the first half of 2020.

A week in security (October 8 – 14) (malwarebytes.com)

A roundup of the security news from October 8–14 including breaches, phishing attacks, and hacking tools.

NotPetya Linked to Industroyer Attack on Ukraine Energy Grid (threatpost.com)

Evidence shows that three of the most destructive incidents seen in modern cyber-history are the work of one APT.

Octopus Trojan exploits Telegram ban fears to snag diplomatic targets across Asia (zdnet.com)

A fresh attack wave is launching Octopus at diplomatic organizations across the region.

Sony working on a fix for bug that's crashing PlayStation 4 consoles (zdnet.com)

Bug crashes and freezes PlayStation 4 consoles. The only way to recover is by performing a factory reset for the entire console.

Facebook Offers Details on ‘View As’ Breach, Revises Numbers (threatpost.com)

Facebook's VP of product management was able to discuss more specifics about how the breach itself occurred.

How DNA Databases Violate Everyone's Privacy (schneier.com)

If you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public. Research paper: "Identity inference of genomic data using long-range familial searches." Abstract: Consumer genomics databases have reached the scale of millions of...

Facebook opens up about data breach details (nakedsecurity.sophos.com)

Two weeks after Facebook's first serious data breach, and the social network has shared what it has figured out so far.

Apple VoiceOver iOS vulnerability permits hacker access to user photos (zdnet.com)

The bug can be exploited to gain access to photos stored on a user's device.

3 Out of 4 Employees Pose a Security Risk (darkreading.com)

New MediaPRO study also finds that management performed worse than entry- and mid-level employees in how to handle a suspected phishing email.