Security Now!

Club TWiT details.
Picture of the Week.
The Vivaldi Project's take on FLoC.
Chrome continues to be THE high-value target.
We're at Chrome v90.
Exchange Server Web Shells removed, with DOJ...

Picture of the week.
The Slips keep Streaming.
Are You FLoC'ed?
The PHP GIT Hack, revisited.
CISCO abandons old routers having problems.
Failure to Patch.
PwnIt And OwnIt.
We invite you to read our...

Ubiquity coverup, Facebook data dump, malicious Call of Duty cheats.
The Ubiquiti Coverup.
Facebook's 533,313,128 Million User Whoopsie!
Don't mess with our water!
Android moves to limit inter-app...

Spectre returns to Linux, API Security, OpenSSL flaws, SolarWinds.
Picture of the week.
ProxyLogon Update.
Spectre returns to Linux.
OpenSSL fixes several high-severity flaws.
SolarWinds keeps...

Automatic fix for Exchange Server flaw, Firefox 87 features, MyBB patch.
Dave's Garage on YouTube.
The latest update on the ProxyLogon fiasco is from Microsoft.
Black Kingdom Ransomware.
Firefox...

New Chrome 0-Day, Patch Tuesday Redux, Spectre Comes to Chrome.
Chrome closes another 0-day.
This v89 of Chrome also lost some weight.
Spectre comes to Chrome!
Prime+Probe: A new browser tracking...

Dependency confusion, Intel Side Channel Attacks, Crispy Subtitles from Lay's.
Picture of the week.
47 fixes in Chrome 89.0.4389.72.
Crispy Subtitles from Lay's.
Google funds Linux kernel security...

Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password.
Chrome to default to trying HTTPS first when not specified.
Firefox's "Enhanced Tracking Protection" just neutered...

SHAREit's security update, Solorigate, Brave's "Private Window with Tor".
SHAREit Follow-up
This Week in Web Browser Tracking
Brave's "Private Window with Tor" was not so private
Tracking with...

Florida water supply hack update, Major patch Tuesday, Android SHAREit vulnerability.
Pic of the week.
New info in the Oldsmar, Florida water supply attack.
Major Patch Tuesday update.
Adobe...

Defender thinks Chrome is malware, Plex Media Servers in DDoS attacks.
Picture of the Week.
Google has been busy with Chrome.
Google Chrome Heap Buffer Overflow Vulnerability Exploited.
A unique...

SUDO was pseudo secure, BigNox supply-chain attack, iMessage in a sandbox.
Picture of the Week.
Chrome rescinding another CA's root cert.
An urgent update to the recently released GnuPG.
An...

Browser password managers, Adobe Flash repercussions, SolarWinds.
Chrome and Edge have beefed-up their built-in password managers.
The random repercussions associated with the end of Adobe...

2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp.
When is Chrome not Chromium?
A major DuckDuckGo milestone.
Project Zero in the wild.
First Patch Tuesday of...

SolarWinds smoking gun, Signal influx of WhatsApp users, male chastity cage.
Firefox and Chromium updates address remote system take over bugs.
Tenable researchers reported a critical Chromium...

SolarWinds' Orion software, swatting goes IoT, PHP Zend Framework vulnerability.
Chrome struggles with A/V pre-scan file locking.
Zyxel security products protected by a single redundant...

Ransomware Task Force, Chrome 87, Firefox caches, preserving Flash video.
Chrome 87 backs away from Insecure Form Warnings.
Firefox to begin partitioning its caches.
Browsers say no to Kazakhstan...

Leo Laporte walks through some of the highlights of the show and most impactful stories of 2020. Stories include:
Clearview AI face scanning.
The "EARN IT" act.
Zoom security issues.
Why contact...

Chrome throttling ads, Google outage, 2020 Pwnie Awards, JavaScript's 25th birthday.
Chrome's heavy ad intervention.
Adrozek.
Ransomware: "Double Extortion."
A 0-click wormable vulnerability in...

Google Play Core Library, iOS zero-click radio proximity exploit, Apple M1 chip.
Ransomware news regarding Foxconn, Egregor, and K12 Inc.
The Apple iPhone zero-click radio proximity...