Security Now!

SN 835: TPM v1.2 vs 2.0 - BlueTooth Troubles, Internet Anonymity, Apple CSAM, Light Chaser

Dodany: 8 września 2021

Picture of the Week.
The Razor mouse & keyboard.
The wishful phrase "Internet Anonymity" is an oxymoron.
And speaking of Apple's client-side image matching...
BlueTooth has new troubles.

SN 834: Life: Hanging by a PIN - Credit Freeze vs. Credit Lock, SSD Bait & Switch, ProxyToken, Windows 11

Dodany: 1 września 2021

Picture of the Week.
Credit Freeze vs Credit Lock.
T-Mobile hacker speaks!
Where will Windows 11 run?
Tailscale Open Source?
SSD Bait & Switch.
Life: Hanging by a PIN.

SN 833: Microsoft's Reasoned Neglect - T-Mobile's Major Data Leak, Razer Mouse Hack, Overlay Networks

Dodany: 25 sierpnia 2021

Picture of the week.
Firefox soon to be blocking mixed-content downloads by default.
The news from T-Mobile is all bad.
Introducing ProxyLogon's kissing cousin, ProxyShell.
The Razer mouse hack.

SN 832: Microsoft's Culpable Negligence - Firefox Update, Magniber, Merger of Avast and NortonLifeLock

Dodany: 18 sierpnia 2021

Picture of the week.
Firefox Update.
Facebook finally adds end-to-end encryption to Messenger.
Exploitation of PrintNightmare has begun.
And "Magniber" Ransomware Uses PrintNightmare.

SN 831: Apple's CSAM Mistake - Flawed Random Number Generator, Super Duper Secure Mode, TCP Stack Error

Dodany: 11 sierpnia 2021

Picture of the week.
"You're Doing IoT RNG"
The Pulse Secure VPN remains in trouble.
And Cisco, too...
Flaws found in another popular embedded TCP/IP library.
Microsoft Edge gets "Super Duper...

SN 830: The BlackMatter Interview - Bad News for Firefox, DarkSide Returns, Tailscale, Google to Assume HTTPS

Dodany: 4 sierpnia 2021

Picture of the Week.
Mozilla's Firefox Monthly Active Users (MAU) slowly but steadily drops.
Google to finally assume HTTPS.
The evolution of "Initial Access Brokers".
DarkSide Returns.

SN 829: SeriousSAM & PetitPotam - Kaseya Universal Decryptor, Window's Process Hacker, Chrome 92

Dodany: 28 lipca 2021

Picture of the Week.
Faster and more efficient phishing detection in Chrome 92.
A Universal Decryptor for all Kaseya victims.
The printer driver used by millions of HP, Samsung and Xerox Printers...

SN 828: REvil Vanishes! - Chrome Zero-Day Vulnerability, iOS WiFi SSID Bug, Patch Tuesday Review

Dodany: 21 lipca 2021

Picture of the week
Browser NewsThe attacks on Google Chrome continue.
Firefox special-cases anti-tracking for "Login With" functions.

Security NewsiOS WiFi SSID bug
We still can't awaken from the...

SN 827: REvil's Clever Crypto - Microsoft Fails to Patch PrintNightmare & Sodinokibi Malware's Crypto Design

Dodany: 14 lipca 2021

Picture of the Week
The "PrintNightmare Continues"
Kaseya - Not nearly as bad as it could have been
Ransomwhere site
Microsoft Office Users: There's a new malware-protection bypass

SN 826: The Kaseya Saga - Microsoft PrintNightmare, WD's MyCloud OS3 Troubles, SpinRite in a BMW

Dodany: 7 lipca 2021

Picture of the Week.
"PrintNightmare" is NOT CVE-2021-1675.
The Authentication Dilemma.
Western Digital steps up.
WD's MyCloud OS3 Troubles.
Miscellany & Closing The Loop.
The Kaysea...

SN 825: Halfway Through 2021 - Google's FLoC, $600M Ransomware Attack, Where Will Windows 11 Run?

Dodany: 30 czerwca 2021

Picture of the week
Google's FLoC has landed with a hard thud and is now-delayed
The high cost of Ireland's recovery from the Conti ransomware attack
Who is responsible for damage and data loss...

SN 824: Avaddon Ransonomics - Chrome 0-Day, Big Spinrite Update, iOS Wi-Fi Bug, Economics of Ransomware

Dodany: 23 czerwca 2021

Picture of the Week.
Another day, another Chrome 0-day.
Ransomware perpetrators are increasingly purchasing access.
A weird bug in iOS Wi-Fi.
An Early Preview of Windows 11.
The Security Now!...

SN 823: TLS Confusion Attacks - TikTok Privacy, iOS 14.5 Tracking Permission, Industry-Wide Patch Tuesday

Dodany: 16 czerwca 2021

Picture of the week.
Being #1 is a mixed blessing.
Industry wide patch Tuesday.
TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data.
iOS 14.5 requires apps to obtain explicit...

SN 822: Extrinsic Password Managers - Great CyberSecurity Awakening of 2021, NAT vs IPv6, Tavis Ormandy

Dodany: 9 czerwca 2021

Picture of the week.
The Great CyberSecurity Awakening of 2021.
Firefox will soon auto-update on Windows even when it's not running.
Edge takes its own approach to HTTPS switching.
Three new...

SN 821: Epsilon Red - Chrome 91, Emsisoft's Ransomware Decryption Tool, Revisiting Amazon Sidewalk

Dodany: 2 czerwca 2021

Photo of the Week.
Chrome advances to 91.
Emsisoft has created their own ransomware decryption tool.
Stepping off the Sidewalk.
Just another phishing attack.
The Great Encryption Struggle.

SN 820: The Dark Escrow - Firefox Fission, Doom CAPTCHA, Conti and CNA Financial Ransomware

Dodany: 26 maja 2021

Picture of the Week.
Firefox finally achieves sustained "Fission".
Conti ransomware.
CNA Financial pays up big.
When they say IoT do they mean us?
"Mean Time to Inventory"
The "Doom" CAPTCHA.

SN 819: The WiFi Frag Attacks - DarkSide Follow-Up, DarkTracer, Patch Tuesday, The Frontiers Saga

Dodany: 19 maja 2021

Picture of the week.
DarkSide Follow-Up.
Follow The Money.
Toshiba Attacked by DarkSide.
Ransomware topics off-limits here.
"DarkTracer: DarkWeb Criminal Intelligence"
Please Leak our Stolen...

SN 818: News From the Darkside - Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary

Dodany: 12 maja 2021

Picture of the week.
TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers"
Huh Google?
Tor's Exit Nodes.
21 Nails in Exim's coffin.
Project Hail Mary: A Novel.
Closing the...

SN 817: The Ransomware Task Force - Scripps Health, REvil Hacks Quanta Computer, Emotet Botnet, QNAP

Dodany: 5 maja 2021

Picture of the Week.
REvil hacks Apple supplier Quanta Computer.
World-famous Scripps Health taken down.
The Big Emotet Botnet Takedown.
Emotet's 4,324,770 eMail addresses.
Have I Been Pwned...

SN 816: The Mystery of AS8003 - Remembering Dan Kaminski, Project Zero, Unethical Security Research

Dodany: 28 kwietnia 2021

Remembering Dan Kaminski.
Week before last was Patch Tuesday.
Google's Project Zero responds to today's patch latency reality.
Baking security into IoT
UNethical security research.