Wednesday, May 12, 2021
Security Now

SN 818: News From the Darkside – Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary

Picture of the week. TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers" Huh Google? Tor's Exit Nodes. 21 Nails in Exim's coffin. Project Hail Mary: A Novel. Closing the loop. SpinRite update. News from the Darkside. We invite you to read our show notes at...
Security Now

SN 818: News From the Darkside – Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary

Picture of the week. TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers" Huh Google? Tor's Exit Nodes. 21 Nails in Exim's coffin. Project Hail Mary: A Novel. Closing the loop. SpinRite update. News from the Darkside. We invite you to read our show notes at...
Security Now

SN 817: The Ransomware Task Force – Scripps Health, REvil Hacks Quanta Computer, Emotet Botnet, QNAP

Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware...
Security Now

SN 816: The Mystery of AS8003 – Remembering Dan Kaminski, Project Zero, Unethical Security Research

Remembering Dan Kaminski. Week before last was Patch Tuesday. Google's Project Zero responds to today's patch latency reality. Baking security into IoT UNethical security research. CloudFlare refuses to knuckle under to Patent Trolls. Closing The Loop. The Mystery of AS8003. We invite you to read our show...
Security Now

SN 815: Homogeneity Attacks – Is FLoC All That Bad?, Humble Bundle For Programmers, Chrome 90

Club TWiT details. Picture of the Week. The Vivaldi Project's take on FLoC. Chrome continues to be THE high-value target. We're at Chrome v90. Exchange Server Web Shells removed, with DOJ Permission. WordPress joins the "FLoC No!" chorus. It's Humble Bundle Book Time. Closing the Loop. A quick...
Security Now

SN 814: PwnIt And OwnIt – Why Port 10080 is Blocked, FLoC Rollout, PHP GIT Hack Revisited, CISCO Router Problems

Picture of the week. The Slips keep Streaming. Are You FLoC'ed? The PHP GIT Hack, revisited. CISCO abandons old routers having problems. Failure to Patch. PwnIt And OwnIt. We invite you to read our show notes at https://www.grc.com/sn/SN-814-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or...
Security Now

SN 813: A Spy in Our Pocket – Ubiquity Coverup, Facebook Data Dump, Malicious Call of Duty Cheats

Ubiquity coverup, Facebook data dump, malicious Call of Duty cheats. The Ubiquiti Coverup. Facebook's 533,313,128 Million User Whoopsie! Don't mess with our water! Android moves to limit inter-app visibility. Beware malicious "Call of Duty: Warzone" cheats. QNAP — Just Say No! Listener Feedback. A Spy in...
Security Now

SN 812: GIT Me Some PHP – Spectre Returns to Linux, API Security, OpenSSL Flaws, SolarWinds

Spectre returns to Linux, API Security, OpenSSL flaws, SolarWinds. Picture of the week. ProxyLogon Update. Spectre returns to Linux. OpenSSL fixes several high-severity flaws. SolarWinds keeps finding new critical problems within its own code. Cloudflare's recent moves. A focus on API Security. SpinRite update. The curious case...
Security Now

SN 811: What the FLoC? – Automatic Fix for Exchange Server Flaw, Firefox 87 Features, MyBB Patch

Automatic fix for Exchange Server flaw, Firefox 87 features, MyBB patch. Dave's Garage on YouTube. The latest update on the ProxyLogon fiasco is from Microsoft. Black Kingdom Ransomware. Firefox will be adopting a new privacy-enhancing Referrer Policy. This Week in Remote Code Execution...
Security Now

SN 810: ProxyLogon – New Chrome 0-Day, Patch Tuesday Redux, Spectre Comes to Chrome

New Chrome 0-Day, Patch Tuesday Redux, Spectre Comes to Chrome. Chrome closes another 0-day. This v89 of Chrome also lost some weight. Spectre comes to Chrome! Prime+Probe: A new browser tracking side-channel. Patch Tuesday Redux. BSODs when attempting to print. Free code signing for the...
Security Now

SN 809: Hafnium – Dependency Confusion, Intel Side Channel Attacks, Crispy Subtitles From Lay's

Dependency confusion, Intel Side Channel Attacks, Crispy Subtitles from Lay's. Picture of the week. 47 fixes in Chrome 89.0.4389.72. Crispy Subtitles from Lay's. Google funds Linux kernel security developers. WinAmp gets a huge update! "Intel Side Channel Attacks on the CPU On-Chip Ring Interconnect...
Security Now

SN 808: CNAME Collusion – Seven Exchange 0-Days, Firefox Enhanced Tracking Protection, SolarWinds Password

Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password. Chrome to default to trying HTTPS first when not specified. Firefox's "Enhanced Tracking Protection" just neutered 3rd-party cookies! As easy as "SolarWinds123". Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10. VMware's vCenter...
Security Now

SN 807: Dependency Confusion – SHAREit's Security Update, Solorigate, Brave's "Private Window With Tor"

SHAREit's security update, Solorigate, Brave's "Private Window with Tor". SHAREit Follow-up This Week in Web Browser Tracking Brave's "Private Window with Tor" was not so private Tracking with eMail Beacons Microsoft's final "Solorigate" update "Good App goes Bad for Profit" SpinRite: RS shows VERY obvious...
Security Now

SN 806: C.O.M.B. – Florida Water Supply Hack Update, Major Patch Tuesday, Android SHAREit Vulnerability

Florida water supply hack update, Major patch Tuesday, Android SHAREit vulnerability. Pic of the week. New info in the Oldsmar, Florida water supply attack. Major Patch Tuesday update. Adobe released critical updates to three versions each of its Acrobat and Reader. Android SHAREit. The...
Security Now

SN 805: SCADA Scandal – Defender Thinks Chrome is Malware, Plex Media Servers in DDoS Attacks

Defender thinks Chrome is malware, Plex Media Servers in DDoS attacks. Picture of the Week. Google has been busy with Chrome. Google Chrome Heap Buffer Overflow Vulnerability Exploited. A unique use of Chrome's "sync" feature for command & control and data exfiltration. Defender...
The Register

Blessed are the cryptographers, labelling them criminal enablers is just foolish

Preserving privacy is hard. I know because when I tried, I quickly learned not to play with weapons Column  Nearly a decade ago I decided to try my hand as a cryptographer. It went about as well as you...
The Hacker News

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data ransom demands are not met. "The...
Security Affairs

NSA and ODNI analyze potential risks to 5G networks

U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering. The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office...
The Hacker News

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager,...
The Register

Beijing twirls ban-hammer at 84 more apps it says need to stop slurping excess data

Online lending apps and more given fifteen days to ‘rectify’ behaviour China’s Central Cyberspace Affairs Commission has named 84 apps it says breach local privacy laws and given their developers 15 days to “rectify” their code.…