Security Now

SN 786: ZeroLogon++ - Amazon Flying Security Cam, ZeroLogon on GitHub, Ransomware Roundup

Security Now - Tue, 09/29/2020 - 9:00pm

Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup.

  • What could possibly go wrong: Amazon/Ring's autonomous flying home security webcam
  • Evil ransomware gang deposited $1 million of bitcoin in a hacker recruitment drive
  • Over this past weekend, Universal Health Services was hit by a huge Ryuk ransomware
  • One week ago, there were three ZeroLogon exploits on GitHub. Today there are more than fit on the first page of search results
  • Security Fixes in Chrome's v85.0.4183.121 Release
  • The VPN you choose DOES make a difference.
  • A "Ransomware Goldrush"

We invite you to read our show notes at https://www.grc.com/sn/SN-786-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 785: Formal Verification - iOS 14 & Android 11 Security Features, DuckDuckGo Gets Big

Security Now - Tue, 09/22/2020 - 11:53pm

iOS 14 & Android 11 security features, DuckDuckGo gets big.

  • The most important iOS 14 privacy & security features
  • All of Android 11's new privacy & security features
  • DuckDuckGo usage growth goes exponential
  • LAN attack bug fixed in Firefox 79 for Android
  • Goodbye Forever Firefox Send and Notes... Oh, how we loved ye
  • Microsoft's catastrophic Zerologon vulnerability
  • Why we're headed toward formal verification of security protocols

We invite you to read our show notes at https://www.grc.com/sn/SN-785-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 784: BlindSide & BLURtooth - Chrome vs Abusive Ads, Patch Tuesday Palooza

Security Now - Tue, 09/15/2020 - 8:00pm

Chrome vs abusive ads, patch Tuesday palooza.

  • BlindSide and BLURtooth
  • Chrome gets tough on abusive ads
  • The last hurrah for IE & Flash exploits
  • Chromium Edge on Win10: Forcing the issue
  • Edge enables "Ask me..." for each download
  • Patch Tuesday Palooza!
  • Excessive SSD Defragging also fixed
  • The WordPress File Manager flaw... two weeks downstream
  • Zoom... now with 2FA
  • New Raccoon attack

We invite you to read our show notes at https://www.grc.com/sn/SN-784-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 783: IoT Isolation Strategies - Isolate Your IoT Devices, Threema Goes Open-Source

Security Now - Tue, 09/08/2020 - 10:54pm

Isolate your IoT devices, Threema goes open-source.

  • IoT Isolation Strategies
  • DoH coming to Chrome for Android
  • Bye Bye Drive-By Downloads
  • Threema goes Open-Source
  • WordPress File Manage 0-day flaw
  • Facebook's new VDP — Vulnerability Disclosure Policy
  • Facebook's new "WhatsApp Security Advisories" page
  • The Tor Project Membership Program
  • Intel's latest microcode patches

We invite you to read our show notes at https://www.grc.com/sn/SN-783-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now