Security Now!

Adobe Flash Player Updater is (still) desperately trying to update
Veracrypt password security
Firefox moves to 120 with a bunch of very nice new features
Do-Not-Track is back on track...

Privacy and Funding Challenges Facing Signal Messaging App
Loss of Advertisers for Twitter After Controversial Tweet by Elon Musk
Ransomware Group Files SEC Complaint Against Breached Company...

Privacy Badger blocks trackers on news sites and prevents browser exposure to unwanted domains like TikTok and Datadog.
No major updates on EU's controversial Article 45 in eIDAS 2.0. Industry...

Microsoft announced storing their Azure keys in an HSM after previously losing control of a private signing key
A quartet of new 0-day vulnerabilities in Exchange Server that Microsoft declined to...

What caused last week's connection interruption? Router was rebooting intermittently, but why?
David Redekop of AdamNetworks explained their enterprise network security solution aims to only allow...

How fake drives continue to be sold on Amazon despite negative reviews
Microsoft is discontinuing support for the VBScript language
The 30-year old NTLM authentication protocol will eventually be...

ValiDrive release follow-up
Passkeys exportability and phishing risk
Passkeys for device verification like SSH keys
Possibility of hobby browsers vs. production browsers
Availability of...

Steve announces the release of his new freeware utility ValiDrive for detecting fake drive capacities.
23andMe claims a recent data breach exposed customer info due to credential stuffing attacks....

Exim email server ignored ZDI's responsible disclosure of critical remote code execution flaws for over a year, putting millions of servers at risk.
Malicious ads are appearing in Bing Chat...

Apple has quietly removed support for Postscript in macOS Ventura over security concerns with the outdated interpreter language.
China has formally accused the NSA of hacking and maintaining...

Last week's news about evidence of LastPass vault decryption targeting cryptocurrency keys, and the UK's backing down on its encryption monitoring legislation.
How hardware security modules (HSMs)...

UK government appears to back down on demands to break encryption in Online Safety Bill
Microsoft reveals how China-based hackers acquired secret key used to breach Outlook accounts
Multiple...

Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives.
There has been another...

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations.
WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more...

OpenSUSE goes private.
Android to get satellite comms.
SanDisk and Western Digital in hot water.
You're asking for it: YouTube children's privacy.
Whoopsie! 8Base.
Where the money is.
The...

Picture of the Week.
Security Now!'s 18th birthday!
Closing the Loop.
Firefox Multi-Account Containers.
A question about Full Disk Encryption on SSD's.
Should I run SpinRite before I back up...

Picture of the Week.
NASA "shouted" at Voyager.
Another view of Microsoft.
What about this Chinese attack?
AI meets Keyboard Acoustic Side-Channel attacks.
Closing the Loop.
Revisiting Global...

Picture of the Week.
Satellite Turla: APT Command and Control in the Sky.
OS 17 to further crack down on device fingerprinting.
Android to start warning of "unknown trackers".
The 7th branch of...

Picture of the Week.
R.I.P. Kevin Mitnick.
Apple says: "Thanks, but we'd rather leave."
Web Environment Integrity.
Web Analytics under the spotlight.
More progress on the IoT security front....

Picture of the Week.
Kaspersky on Microsoft's Patch Tuesday.
As the worm turns: WormGPT.
Microsoft revokes 100+ malicious drivers.
MOVEit Update.
Does Dun & Bradstreet know you?
No Threads...