Security Now!

2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp.
When is Chrome not Chromium?
A major DuckDuckGo milestone.
Project Zero in the wild.
First Patch Tuesday of...

SolarWinds smoking gun, Signal influx of WhatsApp users, male chastity cage.
Firefox and Chromium updates address remote system take over bugs.
Tenable researchers reported a critical Chromium...

SolarWinds' Orion software, swatting goes IoT, PHP Zend Framework vulnerability.
Chrome struggles with A/V pre-scan file locking.
Zyxel security products protected by a single redundant...

Ransomware Task Force, Chrome 87, Firefox caches, preserving Flash video.
Chrome 87 backs away from Insecure Form Warnings.
Firefox to begin partitioning its caches.
Browsers say no to Kazakhstan...

Leo Laporte walks through some of the highlights of the show and most impactful stories of 2020. Stories include:
Clearview AI face scanning.
The "EARN IT" act.
Zoom security issues.
Why contact...

Chrome throttling ads, Google outage, 2020 Pwnie Awards, JavaScript's 25th birthday.
Chrome's heavy ad intervention.
Adrozek.
Ransomware: "Double Extortion."
A 0-click wormable vulnerability in...

Google Play Core Library, iOS zero-click radio proximity exploit, Apple M1 chip.
Ransomware news regarding Foxconn, Egregor, and K12 Inc.
The Apple iPhone zero-click radio proximity...

Generic smart doorbells, Tesla Model X key fobs, critical Drupal flaw, Spotify.
Chrome Omnibox becomes more Omni.
Chrome's open tabs search.
Ransomware news involving Delaware County, Canon, US...

Ongoing WordPress attack, RCS gets End-to-end encryption.
Chrome moves to release 87.
Explicit Publication of Privacy Practices.
Firefox 83 gets HTTPS-only Mode.
Mozilla seeks consultation on...

Malicious Android apps, ransomware-as-a-service.
Where do most malicious Android apps come from?
SAD DNS is a revival of the classic DNS cache poisoning attack
How many Ransomware-as-a-Service...

SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.
Let's Encrypt's cross-signed root expires next year
Chrome updates on Windows, macOS, Linux, and Android to remove 0-day...

Google One VPN, WordPress update fail, Windows 7 0-Day.
A new 0-day in Win7 through Win10
A public service reminder from Microsoft
Google One adding an Android VPN
Vulnonym: Stop the Naming...

Chrome 0-Day, Edge for Linux, WordPress Loginizer.
Top 25 Vulnerabilities
Critical 0-day in Chrome
Chrome 86 is now blocking slippery notifications
Site Isolation coming soon to...

Zoom end-to-end encryption, Windows 10 god mode, Manifest v3.
Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would begin
How to enable...

Carnival Cruise hack, ZeroLogon, Five Eyes vs Encryption.
Chrome gets 86'd!
Carnival Cruise Line Hack
The largest company you've never heard of gets hit by ransomware hackers
No connection logs?...

Android Security, Windows 7 Security, Microsoft Defender.Google to get even more proactive about Android securityWhy are people sticking with Windows 7?And Google funds a JavaScript research...

Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup.What could possibly go wrong: Amazon/Ring's autonomous flying home security webcamEvil ransomware gang deposited $1 million of...

iOS 14 & Android 11 security features, DuckDuckGo gets big.The most important iOS 14 privacy & security featuresAll of Android 11's new privacy & security featuresDuckDuckGo usage growth goes...

Chrome vs abusive ads, patch Tuesday palooza.BlindSide and BLURtoothChrome gets tough on abusive adsThe last hurrah for IE & Flash exploitsChromium Edge on Win10: Forcing the issueEdge enables "Ask...

Isolate your IoT devices, Threema goes open-source.IoT Isolation StrategiesDoH coming to Chrome for AndroidBye Bye Drive-By DownloadsThreema goes Open-SourceWordPress File Manage 0-day...