Mashable: Google sued over tracking locations even when ‘Location History’ is off

Mashable: Google sued over tracking locations even when ‘Location History’ is off. “Last week, a bombshell AP investigation found that Google was still tracking iPhone and Android device users, even if they turned off the ‘Location History’ setting. Now, the first lawsuit has been filed against the search engine giant over this issue, according to documents posted by Ars Technica.”

Ubergizmo: Glitch Accidentally Exposes Twitch Private Messages

Ubergizmo: Glitch Accidentally Exposes Twitch Private Messages. “Back in May earlier this year, Twitch decided to ultimately kill off one of their features in the form of Messages. However the company also gave its users the option of downloading an archive of all their private messages should they decide to keep it for whatever reasons. Unfortunately a glitch with the system seems to have exposed the private messages of some users.”

The Register: Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed

The Register: Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed . “Microsoft and Adobe have teamed up to deliver more than 70 patches with this month’s Patch Tuesday batch released today. Microsoft contributed the bulk of the fixes emitted this month, kicking out updates for 60 CVE-listed vulnerabilities in its products. These should be installed as soon as you’re able to test and deploy them.”

ThreatBrief: Vulnerability Disclosures in 2018 So Far Outpacing Previous Years’

ThreatBrief: Vulnerability Disclosures in 2018 So Far Outpacing Previous Years’. “Between January 1 and June 30 of this year, a total of 10,644 vulnerabilities were published compared to 9,690 in the same period in 2017. The trend so far this year suggests that the total number of disclosed vulnerabilities in 2018 will comfortably exceed the 20,832 vulnerabilities that Risk Based Security published during 2017 — which itself represented a 31% increase over 2016.”

Oracle: Run, don’t walk, to patch this critical Database takeover bug (The Register)

The Register: Oracle: Run, don’t walk, to patch this critical Database takeover bug. “Oracle is advising customers to update their database software following the discovery and disclosure of a critical remote code execution vulnerability. The flaw, dubbed CVE-2018-3110 was given a CVSS base score of 9.9 (out of 10) and Oracle warns that successful exploit of the bug ‘can result in complete compromise of the Oracle Database and shell access to the underlying server.'”

CNET: Instagram users’ accounts reportedly being hijacked in spreading hack

CNET: Instagram users’ accounts reportedly being hijacked in spreading hack. “Increasing numbers of people are reportedly experiencing the same Instagram hack, which logs them out and changes their personal details. Hundreds of people have reported being hacked since the beginning of August, according to Mashable, which highlighted similarities between the attacks.”