Jan 20, 2019 Application Security This Week for January 20 A 773 million record file of usernames and passwords discovered https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/#comment-4289914828 Google releases a tool to help with TLS certificate management https://www.theregister.co.uk/2019/01/09/certs_resh_security/ Really cool attack discovered using zero width spaces https://www.theregister.co.uk/2019/01/09/certs_resh_security/ DNS Hijacking on the rise https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html Late addition: Watch your password control logic, please! Welp this is pretty dumb. My current password on @USPS is old and crappy, so I'm trying to change it. But since my old password doesn't meet their latest requirements, I'm not allowed to change it to something better. pic.twitter.com/SvucO6dt0u — Anthony Citrano (@acitrano) January 18, 2019 That's the news, folks.