And the top pawned passwords are...

https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere

Quoting:
"Today, in collaboration with Troy Hunt, we're releasing a file containing the top 100,000 passwords from his Have I Been Pwned data set. If you see a password that you use in this list you should change it immediately. This blog explains why you should do this, and answers some common questions about password blacklists.

(If you just want to download the file, you can do so here: PwnedPasswordTop100k.txt)."

Security: Infected DNA?

Well, sort of. It's DNA who tries to exploit a known security flaw in DNA processing software:
https://www.theverge.com/2017/8/11/16130568/scientists-infiltrate-computer-malware-code-dna

VPNs that do no encrypt data?

Yes!
You can see the report on Android (free and not free) VPNs here:
https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf
And an article summarizing it here:
https://www.techgig.com/tech-news/editors-pick/Avoid-these-10-insecure-VPN-apps-on-Android-88546?mailer_id=2888&utm_source=TG_batch&utm_medium=email&utm_campaign=digest_news_2017-01-26&etoken=cGZzaWx2YUBnbWFpbC5jb20=&activity_name=MjIwNzcw&dt=&auto_login=lKaUjJKbhWOnk7@@OkG6EkpNlR0eASYJcXXFUV1dlR0eASYJWWHhWV15YWFxy&src_type=autoLogin

Open source, IoT and... bad uses (Minecraft servers)

Open source, IoT and... bad uses (Minecraft servers):
http://www.bbc.com/news/technology-38678466


raft

Industrial security report (2016)

Interesting report on industrial security:
https://securelist.com/analysis/publications/75343/industrial-cybersecurity-threat-landscape/


PS. Kudos to JMM for pointing this out.

Linkedin sucks?

Well I'm having less and less doubts these days. Received the email and still... Digesting it:
http://m.techgig.com/tech-news/editors-pick/parm=44277?mailer_id=2646&utm_source=Mailer&utm_medium=TG_batch&utm_campaign=digest_news_2016-05-27&etoken=cGZzaWx2YUBnbWFpbC5jb20=&activity_name=MTMwOTA2&template_type=3&dt=&auto_login=lKaUjJKbhWOnk7@@OkG6EkpNlR0eASYJcXXFUV1dlR0eASYJWWHNZWV1cWVt0&src_type=autoLogin

How do Security Experts Behave?

How do Security Experts Behave? You'll never know. After the Ashley Madison’s web site attack, this article seems to give us a few basic reminders and security warnings:

Seven things security experts do to keep safe online | Guardian:
http://www.theguardian.com/technology/2015/jul/27/security-experts-keep-safe-online-password-manager-seven-things 

Worried about privacy?

Worried about privacy? If you're not then you should. It's not about what we share about ourselves (which we can control), it's about what anyone (or any governmental agency) could want to discover with more or less right to do so.

PC Mag is doing some reviews on products for the worried ones. One interesting can be found here.

LIST: Web Services Security Resources

The top 5 google search links returned me very interesting results that are must reads for anyone working with SOA/Web Services - either developing and deploying or testing. Some are from people I know very well (not the NSA ones). 

1. https://www.nsa.gov/ia/_files/factsheets/soa_security_vulnerabilities_web.pdf (NSA classification for vulnerabilities)
2. http://www2.informatik.uni-freiburg.de/~accorsi/papers/igi-chapter.pdf (model based security)
3. https://eden.dei.uc.pt/~mvieira/dsn_ws.pdf
4. http://www.infosectoday.com/Articles/webservices.pdf
5. https://www.blackhat.com/presentations/bh-europe-07/Bhalla-Kazerooni/Whitepaper/bh-eu-07-bhalla-WP.pdf

PS: Not in any particular order.