SN 829: SeriousSAM & PetitPotam – Kaseya Universal Decryptor, Window's Process Hacker, Chrome 92
Picture of the Week.
Faster and more efficient phishing detection in Chrome 92.
A Universal Decryptor for all Kaseya victims.
The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable.
Windows' Process Hacker.
"GoLang" gains supply chain security features at...
SN 828: REvil Vanishes! – Chrome Zero-Day Vulnerability, iOS WiFi SSID Bug, Patch Tuesday Review
Picture of the week
Browser NewsThe attacks on Google Chrome continue.
Firefox special-cases anti-tracking for "Login With" functions.
Security NewsiOS WiFi SSID bug
We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature!
Patch Tuesday Review
Update Acrobat and Reader
Rolling your own...
SN 827: REvil's Clever Crypto – Microsoft Fails to Patch PrintNightmare & Sodinokibi Malware's Crypto Design
Picture of the Week
The "PrintNightmare Continues"
Kaseya - Not nearly as bad as it could have been
Ransomwhere site
Microsoft Office Users: There's a new malware-protection bypass
Ransomware negotiators are now in high demand
Microsoft seemingly enforces the new Windows 11 Start menu
Stay tuned...
SN 826: The Kaseya Saga – Microsoft PrintNightmare, WD's MyCloud OS3 Troubles, SpinRite in a BMW
Picture of the Week.
"PrintNightmare" is NOT CVE-2021-1675.
The Authentication Dilemma.
Western Digital steps up.
WD's MyCloud OS3 Troubles.
SpinRite.
Miscellany & Closing The Loop.
The Kaysea Saga.
We invite you to read our show notes at https://www.grc.com/sn/SN-826-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe...
SN 825: Halfway Through 2021 – Google's FLoC, $600M Ransomware Attack, Where Will Windows 11 Run?
Picture of the week
Google's FLoC has landed with a hard thud and is now-delayed
The high cost of Ireland's recovery from the Conti ransomware attack
Who is responsible for damage and data loss following the remote wiping of many Western Digital...
SN 824: Avaddon Ransonomics – Chrome 0-Day, Big Spinrite Update, iOS Wi-Fi Bug, Economics of Ransomware
Picture of the Week.
Another day, another Chrome 0-day.
Ransomware perpetrators are increasingly purchasing access.
A weird bug in iOS Wi-Fi.
An Early Preview of Windows 11.
The Security Now! Podcast has found a new purpose...
SpinRite.
Avaddon Ransonomics.
We invite you to read our show notes...
SN 823: TLS Confusion Attacks – TikTok Privacy, iOS 14.5 Tracking Permission, Industry-Wide Patch Tuesday
Picture of the week.
Being #1 is a mixed blessing.
Industry wide patch Tuesday.
TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data.
iOS 14.5 requires apps to obtain explicit tracking permission.
The ANOM sting operation.
"Windows 10" — the last Windows ever?
Project...
SN 822: Extrinsic Password Managers – Great CyberSecurity Awakening of 2021, NAT vs IPv6, Tavis Ormandy
Picture of the week.
The Great CyberSecurity Awakening of 2021.
Firefox will soon auto-update on Windows even when it's not running.
Edge takes its own approach to HTTPS switching.
Three new ransomware victims.
We believe we know how Colonial Pipeline was breached.
The FBI strikes...
SN 821: Epsilon Red – Chrome 91, Emsisoft's Ransomware Decryption Tool, Revisiting Amazon Sidewalk
Photo of the Week.
Chrome advances to 91.
Emsisoft has created their own ransomware decryption tool.
Stepping off the Sidewalk.
Just another phishing attack.
The Great Encryption Struggle.
Hail Mary.
Epsilon Red.
We invite you to read our show notes at https://www.grc.com/sn/SN-821-Notes.pdf
Hosts: Steve Gibson and Leo...
SN 820: The Dark Escrow – Firefox Fission, Doom CAPTCHA, Conti and CNA Financial Ransomware
Picture of the Week.
Firefox finally achieves sustained "Fission".
Conti ransomware.
CNA Financial pays up big.
When they say IoT do they mean us?
"Mean Time to Inventory"
The "Doom" CAPTCHA.
The "Helios" screensaver.
Closing the Loop.
The Dark Escrow.
We invite you to read our show notes at...
SN 819: The WiFi Frag Attacks – DarkSide Follow-Up, DarkTracer, Patch Tuesday, The Frontiers Saga
Picture of the week.
DarkSide Follow-Up.
Follow The Money.
Toshiba Attacked by DarkSide.
Ransomware topics off-limits here.
"DarkTracer: DarkWeb Criminal Intelligence"
Please Leak our Stolen Data!
Patch Tuesday Review.
A review of the first book of "The Frontiers Saga"
60 Minutes/UAP: Unidentified Aerial Phenomena.
Closing the Loop.
The WiFi Frag...
SN 818: News From the Darkside – Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary
Picture of the week.
TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers"
Huh Google?
Tor's Exit Nodes.
21 Nails in Exim's coffin.
Project Hail Mary: A Novel.
Closing the loop.
SpinRite update.
News from the Darkside.
We invite you to read our show notes at...
SN 817: The Ransomware Task Force – Scripps Health, REvil Hacks Quanta Computer, Emotet Botnet, QNAP
Picture of the Week.
REvil hacks Apple supplier Quanta Computer.
World-famous Scripps Health taken down.
The Big Emotet Botnet Takedown.
Emotet's 4,324,770 eMail addresses.
Have I Been Pwned domain-wide notifications.
QNAP.
Gravity NNTP Newsreader updated to v3.0.11.0
Just a bit more about Dan Kaminsky.
Closing the Loop.
The Ransomware...
SN 816: The Mystery of AS8003 – Remembering Dan Kaminsky, Project Zero, Unethical Security Research
Remembering Dan Kaminsky.
Week before last was Patch Tuesday.
Google's Project Zero responds to today's patch latency reality.
Baking security into IoT
UNethical security research.
CloudFlare refuses to knuckle under to Patent Trolls.
Closing The Loop.
The Mystery of AS8003.
We invite you to read our show...
SN 815: Homogeneity Attacks – Is FLoC All That Bad?, Humble Bundle For Programmers, Chrome 90
Club TWiT details.
Picture of the Week.
The Vivaldi Project's take on FLoC.
Chrome continues to be THE high-value target.
We're at Chrome v90.
Exchange Server Web Shells removed, with DOJ Permission.
WordPress joins the "FLoC No!" chorus.
It's Humble Bundle Book Time.
Closing the Loop.
A quick...
Beef up security in Firefox with Fission
Jack Wallen shows you how to enable Fission. Firefox developers understand web browser security is at a premium, so they've rolled out a site isolation feature.
Cybersecurity professionals: Positive reinforcement works wonders with users
The blame game is not working; experts suggest using positive reinforcement to improve employee attitude and performance.
Google Patches High-Risk Android Security Flaws
Google this week pushed out a security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks.
The latest Android update provides documentation on 33 security bugs, some serious...
Awful transaction and timing: AT&T finally ditches DirecTV
Enlarge (credit: Getty Images | Ronald Martinez)
AT&T has completed its spinoff of DirecTV after six years of mismanagement in which nearly 10 million customers ditched the company's pay-TV services.
AT&T bought DirecTV for $49 billion ($67 billion including...
Mismanagement Driving Cybersecurity Skills Gap: Research
“To some extent, this data supports the theory that the cybersecurity skills shortage is related to mismanagement rather than a dearth of qualified candidates or advanced skills.”
read more
