Security Now!

SN 802: Where the Plaintext Is - 2021's First Patch Tuesday, Titan Security Key Side-Channel Attack, WhatsApp

Hinzugefügt: 20. Januar 2021

2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp.
When is Chrome not Chromium?
A major DuckDuckGo milestone.
Project Zero in the wild.
First Patch Tuesday of...

SN 801: Out With The Old - SolarWinds Smoking Gun, Signal Influx of WhatsApp Users, Male Chastity Cage

Hinzugefügt: 13. Januar 2021

SolarWinds smoking gun, Signal influx of WhatsApp users, male chastity cage.
Firefox and Chromium updates address remote system take over bugs.
Tenable researchers reported a critical Chromium...

SN 800: SolarBlizzard - SolarWinds' Orion Software, Swatting Goes IoT, PHP Zend Framework Vulnerability

Hinzugefügt: 6. Januar 2021

SolarWinds' Orion software, swatting goes IoT, PHP Zend Framework vulnerability.
Chrome struggles with A/V pre-scan file locking.
Zyxel security products protected by a single redundant...

SN 799: Sunburst & Supernova - Ransomware Task Force, Chrome 87, Firefox Caches, Preserving Flash Video

Hinzugefügt: 30. Dezember 2020

Ransomware Task Force, Chrome 87, Firefox caches, preserving Flash video.
Chrome 87 backs away from Insecure Form Warnings.
Firefox to begin partitioning its caches.
Browsers say no to Kazakhstan...

SN 798: Best of 2020 - The Year's Best Stories on Security Now

Hinzugefügt: 22. Dezember 2020

Leo Laporte walks through some of the highlights of the show and most impactful stories of 2020. Stories include:
Clearview AI face scanning.
The "EARN IT" act.
Zoom security issues.
Why contact...

SN 797: SolarWinds - Chrome Throttling Ads, Google Outage, 2020 Pwnie Awards, JavaScript's 25th Birthday

Hinzugefügt: 16. Dezember 2020

Chrome throttling ads, Google outage, 2020 Pwnie Awards, JavaScript's 25th birthday.
Chrome's heavy ad intervention.
Adrozek.
Ransomware: "Double Extortion."
A 0-click wormable vulnerability in...

SN 796: Amazon Sidewalk - Google Play Core Library, iOS Zero-Click Radio Proximity Exploit, Apple M1 Chip

Hinzugefügt: 9. Dezember 2020

Google Play Core Library, iOS zero-click radio proximity exploit, Apple M1 chip.
Ransomware news regarding Foxconn, Egregor, and K12 Inc.
The Apple iPhone zero-click radio proximity...

SN 795: DNS Consolidation - Generic Smart Doorbells, Tesla Model X Key Fobs, Critical Drupal Flaw, Spotify

Hinzugefügt: 2. Dezember 2020

Generic smart doorbells, Tesla Model X key fobs, critical Drupal flaw, Spotify.
Chrome Omnibox becomes more Omni.
Chrome's open tabs search.
Ransomware news involving Delaware County, Canon, US...

SN 794: Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption

Hinzugefügt: 25. November 2020

Ongoing WordPress attack, RCS gets End-to-end encryption.
Chrome moves to release 87.
Explicit Publication of Privacy Practices.
Firefox 83 gets HTTPS-only Mode.
Mozilla seeks consultation on...

SN 793: SAD DNS - Malicious Android Apps, Ransomware-as-a-Service

Hinzugefügt: 18. November 2020

Malicious Android apps, ransomware-as-a-service.
Where do most malicious Android apps come from?
SAD DNS is a revival of the classic DNS cache poisoning attack
How many Ransomware-as-a-Service...

SN 792: NAT Firewall Bypass - SlipStream NAT Firewall Bypass, MS Police Use Ring Doorbell Cams

Hinzugefügt: 11. November 2020

SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.
Let's Encrypt's cross-signed root expires next year
Chrome updates on Windows, macOS, Linux, and Android to remove 0-day...

SN 791: Google's Root Program - Google One VPN, WordPress Update Fail, Windows 7 0-Day

Hinzugefügt: 4. November 2020

Google One VPN, WordPress update fail, Windows 7 0-Day.
A new 0-day in Win7 through Win10
A public service reminder from Microsoft
Google One adding an Android VPN
Vulnonym: Stop the Naming...

SN 790: Top 25 Vulnerabilities - Chrome 0-Day, Edge for Linux, WordPress Loginizer

Hinzugefügt: 28. Oktober 2020

Chrome 0-Day, Edge for Linux, WordPress Loginizer.
Top 25 Vulnerabilities
Critical 0-day in Chrome
Chrome 86 is now blocking slippery notifications
Site Isolation coming soon to...

SN 789: Anatomy of a Ryuk Attack - Zoom End-to-End Encryption, Windows 10 God Mode, Manifest v3

Hinzugefügt: 21. Oktober 2020

Zoom end-to-end encryption, Windows 10 god mode, Manifest v3.
Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would begin
How to enable...

SN 788: Well Known URI's - Carnival Cruise Hack, ZeroLogon, Five Eyes vs Encryption

Hinzugefügt: 14. Oktober 2020

Carnival Cruise hack, ZeroLogon, Five Eyes vs Encryption.
Chrome gets 86'd!
Carnival Cruise Line Hack
The largest company you've never heard of gets hit by ransomware hackers
No connection logs?...

SN 787: Why Win7 Lives On - Android Security, Windows 7 Security, Microsoft Defender

Hinzugefügt: 7. Oktober 2020

Android Security, Windows 7 Security, Microsoft Defender.Google to get even more proactive about Android securityWhy are people sticking with Windows 7?And Google funds a JavaScript research...

SN 786: ZeroLogon++ - Amazon Flying Security Cam, ZeroLogon on GitHub, Ransomware Roundup

Hinzugefügt: 30. September 2020

Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup.What could possibly go wrong: Amazon/Ring's autonomous flying home security webcamEvil ransomware gang deposited $1 million of...

SN 785: Formal Verification - iOS 14 & Android 11 Security Features, DuckDuckGo Gets Big

Hinzugefügt: 23. September 2020

iOS 14 & Android 11 security features, DuckDuckGo gets big.The most important iOS 14 privacy & security featuresAll of Android 11's new privacy & security featuresDuckDuckGo usage growth goes...

SN 784: BlindSide & BLURtooth - Chrome vs Abusive Ads, Patch Tuesday Palooza

Hinzugefügt: 16. September 2020

Chrome vs abusive ads, patch Tuesday palooza.BlindSide and BLURtoothChrome gets tough on abusive adsThe last hurrah for IE & Flash exploitsChromium Edge on Win10: Forcing the issueEdge enables "Ask...

SN 783: IoT Isolation Strategies - Isolate Your IoT Devices, Threema Goes Open-Source

Hinzugefügt: 9. September 2020

Isolate your IoT devices, Threema goes open-source.IoT Isolation StrategiesDoH coming to Chrome for AndroidBye Bye Drive-By DownloadsThreema goes Open-SourceWordPress File Manage 0-day...