SN 794: Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption

Ongoing WordPress attack, RCS gets End-to-end encryption.

• Chrome moves to release 87.
• Explicit Publication of Privacy Practices.
• Firefox 83 gets HTTPS-only Mode.
• Mozilla seeks consultation on implementing DNS-over-HTTPS.
• The comical announcement strategy of the Egregor Ransomware.
• Large-scale attacks targeting Epsilon Framework Themes in WordPress.
• Cybercrime gang installs hidden e-commerce stores on WordPress sites.
• 245,000 Windows systems still vulnerable to BlueKeep RDP bug.
• Google's Rich Communication Services is getting E2EE via Signal.
• Cicada, a Chinese state-sponsored advanced persistent threat group.

We invite you to read our show notes at https://www.grc.com/sn/SN-794-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• manscaped.com/twit
• extrahop.com/SECURITYNOW
• barracuda.com/securitynow