Security Now!

SN 795: DNS Consolidation - Generic Smart Doorbells, Tesla Model X Key Fobs, Critical Drupal Flaw, Spotify

Dodany: 2 grudnia 2020

Generic smart doorbells, Tesla Model X key fobs, critical Drupal flaw, Spotify.
Chrome Omnibox becomes more Omni.
Chrome's open tabs search.
Ransomware news involving Delaware County, Canon, US...

SN 794: Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption

Dodany: 25 listopada 2020

Ongoing WordPress attack, RCS gets End-to-end encryption.
Chrome moves to release 87.
Explicit Publication of Privacy Practices.
Firefox 83 gets HTTPS-only Mode.
Mozilla seeks consultation on...

SN 793: SAD DNS - Malicious Android Apps, Ransomware-as-a-Service

Dodany: 18 listopada 2020

Malicious Android apps, ransomware-as-a-service.
Where do most malicious Android apps come from?
SAD DNS is a revival of the classic DNS cache poisoning attack
How many Ransomware-as-a-Service...

SN 792: NAT Firewall Bypass - SlipStream NAT Firewall Bypass, MS Police Use Ring Doorbell Cams

Dodany: 11 listopada 2020

SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.
Let's Encrypt's cross-signed root expires next year
Chrome updates on Windows, macOS, Linux, and Android to remove 0-day...

SN 791: Google's Root Program - Google One VPN, WordPress Update Fail, Windows 7 0-Day

Dodany: 4 listopada 2020

Google One VPN, WordPress update fail, Windows 7 0-Day.
A new 0-day in Win7 through Win10
A public service reminder from Microsoft
Google One adding an Android VPN
Vulnonym: Stop the Naming...

SN 790: Top 25 Vulnerabilities - Chrome 0-Day, Edge for Linux, WordPress Loginizer

Dodany: 28 października 2020

Chrome 0-Day, Edge for Linux, WordPress Loginizer.
Top 25 Vulnerabilities
Critical 0-day in Chrome
Chrome 86 is now blocking slippery notifications
Site Isolation coming soon to...

SN 789: Anatomy of a Ryuk Attack - Zoom End-to-End Encryption, Windows 10 God Mode, Manifest v3

Dodany: 21 października 2020

Zoom end-to-end encryption, Windows 10 god mode, Manifest v3.
Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would begin
How to enable...

SN 788: Well Known URI's - Carnival Cruise Hack, ZeroLogon, Five Eyes vs Encryption

Dodany: 14 października 2020

Carnival Cruise hack, ZeroLogon, Five Eyes vs Encryption.
Chrome gets 86'd!
Carnival Cruise Line Hack
The largest company you've never heard of gets hit by ransomware hackers
No connection logs?...

SN 787: Why Win7 Lives On - Android Security, Windows 7 Security, Microsoft Defender

Dodany: 7 października 2020

Android Security, Windows 7 Security, Microsoft Defender.Google to get even more proactive about Android securityWhy are people sticking with Windows 7?And Google funds a JavaScript research...

SN 786: ZeroLogon++ - Amazon Flying Security Cam, ZeroLogon on GitHub, Ransomware Roundup

Dodany: 30 września 2020

Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup.What could possibly go wrong: Amazon/Ring's autonomous flying home security webcamEvil ransomware gang deposited $1 million of...

SN 785: Formal Verification - iOS 14 & Android 11 Security Features, DuckDuckGo Gets Big

Dodany: 23 września 2020

iOS 14 & Android 11 security features, DuckDuckGo gets big.The most important iOS 14 privacy & security featuresAll of Android 11's new privacy & security featuresDuckDuckGo usage growth goes...

SN 784: BlindSide & BLURtooth - Chrome vs Abusive Ads, Patch Tuesday Palooza

Dodany: 16 września 2020

Chrome vs abusive ads, patch Tuesday palooza.BlindSide and BLURtoothChrome gets tough on abusive adsThe last hurrah for IE & Flash exploitsChromium Edge on Win10: Forcing the issueEdge enables "Ask...

SN 783: IoT Isolation Strategies - Isolate Your IoT Devices, Threema Goes Open-Source

Dodany: 9 września 2020

Isolate your IoT devices, Threema goes open-source.IoT Isolation StrategiesDoH coming to Chrome for AndroidBye Bye Drive-By DownloadsThreema goes Open-SourceWordPress File Manage 0-day...

SN 782: I Know What You Did Last Summer - Russian Tries to Hack Tesla, Web Browser History Research

Dodany: 2 września 2020

Russian tries to hack Tesla, web browser history research.Chrome 85 security featuresRussian Attempts to Cyber Attack TeslaMore EMV Standard monetary transaction method problemsWatch this video on...

SN 781: SpiKey - Ransomware Hits Jack Daniel's, Iranian Script-Kiddies, How Ransomware Happens

Dodany: 26 sierpnia 2020

Ransomware hits Jack Daniel's, Iranian Script-Kiddies, how ransomware happens.SpiKey: using the sound of a key to determine its shapeWhat do The University of Utah, Jack Daniel's Whiskey, and...

SN 780: Microsoft's 0-Day Folly - Microsoft Acts Badly, Canon Ransomware, Mozilla Tries to Pivot

Dodany: 19 sierpnia 2020

Microsoft acts badly, Canon ransomware, Mozilla tries to pivot.When Microsoft doesn't act responsibly: Parts 1 and 2Snap Your Dragon / "Achilles: Small Chip, Big Peril"3rd largest Patch Tuesday...

SN 779: Geneva - Great Firewall Of China, Black Hat/DEFCON 2020, Have I Been Pwned

Dodany: 12 sierpnia 2020

Great Firewall Of China, Black Hat/DEFCON 2020, Have I Been Pwned. It's Patch Tuesday!News from Black Hat / DEFCON 2020Generalizing Speculative Execution VulnerabilitiesCanon hit by the Maze...

SN 778: BootHole - Twitter Hackers Arrested, Garmin Hackers Get Ransom

Dodany: 5 sierpnia 2020

Twitter hackers arrested, Garmin hackers get ransom.Vitamin D fights death by CovidFirefox is now at v79Twitter hackers arrestedGarmin hackers rewardedTor and Dr. KrawetzDropping 0DaysBlocking Tor...

SN 777: rwxrwxrwx - Garmin Outage, Twitter Hack Update, GnuTLS

Dodany: 29 lipca 2020

F5 Networks "Big-IP" devices in Big-TroubleTwitter bitcoin hack updateGnuTLS vs OpenSSLThe Garmin outage then and nowCisco's latest troubleSurprising SpinRite resultsWe invite you to read our show...

SN 776: A Tale of Two Counterfeits - Twitter Hack, Cloudflare Outage, Zoom's Vanity URL Flaw

Dodany: 22 lipca 2020

Here's how Twitter was hacked. How can we prevent the next Twitter hack?Cloudflare outage takes out huge swath of American internet, including Down Detector. All internet got sent to Atlanta.Zoom's...