Defender thinks Chrome is malware, Plex Media Servers in DDoS attacks.

• Picture of the Week.
• Google has been busy with Chrome.
• Google Chrome Heap Buffer Overflow Vulnerability Exploited.
• A unique use of Chrome's "sync" feature for command & control and data exfiltration.
• Defender thinks Chrome is Malware.
• More Critical WordPress Plug-in Problems.
• Plex Media servers SSDP protocol being used in DDoS attacks.
• Three more NEW vulnerabilities discovered in SolarWinds' software.
• Closing the Loop.
• SpinRite: "Discovering System's Mass Storage Devices..."
• SCADA Scandal: Hacker's attempts to adjust chemicals in Oldsmar water supply.

We invite you to read our show notes at https://www.grc.com/sn/SN-805-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• udacity.com/twit coupon code TWiT
• Gabi.com/SECURITYNOW
• WWT.COM/TWIT