Tuesday, January 31, 2023
Security Now

SN 907: Credential Reuse – iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev

Picture of the Week. PayPal Credential Stuffing. iOS 16.3 : Cloud encryption for all. InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware". CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT. "Meta" fined for the third time. Bitwarden acquires "Passwordless.dev"....
Security Now

SN 906: The Rule of Two – Norton Lifelock Data Breach, Chromium and Rust, LastPass

Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf...
Security Now

SN 905: 1 – LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly

Picture of the Week. LastPass Aftermath. LastPass Vault De-Obfuscator. What more do we know this week regarding LastPass? The most alarming discovery by listeners. Understanding the scale of GPU-enhanced password cracking. On the true strength of passwords. Feedback...
Security Now

SN 904: Leaving LastPass – How LastPass failed, Steve's next password manager, how to protect yourself

Picture of the Week. SpinRite. Leaving LastPass. Is there reason for concern? Well known password cracker Jeremi Gosney's LastPass rant. Steve shares his plan regarding LastPass. What is Steve's next password manager? What should LastPass users do to...
Security Now

SN 903: Security Now Best of 2022 – The best moments from throughout the year

Anatomy of a Log4j Exploit. Will Russia Disconnect? FCC Says Kaspersky Labs is a National Security Threat. Lenovo UEFI Firmware Troubles. That ""Passkeys"" Thing. Dis-CONTI-nued: The End of Conti? Steve's Take on the LastPass Breach. Hosts: Steve Gibson...
Security Now

SN 902: A Generic WAF Bypass – Pwn2Own Toronto, URSNIF malware, Vivaldi Mastodon support, Bye Bye SHA-1

Picture of the Week. A malware operation known as URSNIF. Pwn2Own Toronto 2022. Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities. Patch Tuesday. Another Uber breach? Elon Botches 'Bot Blockage. Vivaldi integrates Mastodon in its...
Security Now

SN 901: Apple Encrypts the Cloud – Chrome Passkeys, Telegram malware, SYNC.com outage, Rackspace lawsuits

Picture of the Week. Chrome does Passkeys. SYNC.COM suffered its first outage. Medibank reboot. Totally fake cryptocurrency trading platforms. Malware on Telegram. Texas gets in on the TikTok banning. The LastPass class action lawsuit. Rackspace had a big...
Security Now

SN 900: LastPass Again – South Dakota bans TikTok, Anker Eufy Camera debacle, Mozilla yanks trusted root

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok....
Security Now

SN 899: Freebie Bots & Evil Cameras – iSpoofer no more, Boa server vulnerability, CISA on Mastodon

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index....
Security Now

SN 898: Wi-Peep – FBI purchased Pegasus, Passkey support directory, Quantum decryption deadline, Firefox 107

Picture of the Week. Firefox v107 was released last Tuesday. Google settles for a cool $391.5 million. Red Hat Signing its ZIP file Packages. The FBI purchased Pegasus for "research and development purposes". Greece bought Predator for €7...
Security Now

SN 897: Memory-Safe Languages – Shennina Framework, Shufflecake, The Helm, LightSpeed vulnerabilities

Picture of the Week. Patch Tuesday review. Shennina Framework - Automating Host Exploitation with AI. GitHub's welcome new feature. Three LightSpeed vulnerabilities. Shufflecake: Plausible deniability encrypted Linux volumes. Australia has decided to get proactive! Apple's iOS 16.1.1 everyone...
Security Now

SN 896: Something for Everyone – Dropbox breach, cyber bank heists, Russia goes Linux, OpenSSL flaw update

Picture of the Week. A minor Dropbox breach. OpenSSL follow-up. FTC sued and settled with a repeated offender. $1.2 billion in reported ransomware payments during 2021. Akamai's Q3 Threat Report. Initial Access Brokerages. How do today's bank heists...
Security Now

SN 895: After 20 years in GCHQ – Stranger Strings, PayPal passkeys, new TCP/IP RCE in Windows

Picture of the Week. Windows driver blocklist to be updated next Tuesday. More Microsoft shenanigans. An upcoming OpenSSL CRITICAL vulnerability update -- get ready! A new TCP/IP RCE in Windows. A study of malicious CVE proof of concept...
Security Now

SN 894: Data Breach Responsibility – Firefo 106, KataOS and Sparrow, banking malware, CVSS 9.8 updateQ

Picture of the Week. Firefox 106 is out. Google's Open Source IoT KataOS and Sparrow. This Week in CryptoCurrency Craziness. New Windows 0-day bypasses executable security checks. Apple's 9th 0-day of the year bites the dust. The evolutionary...
Security Now

SN 893: Password Change Automation – Windows Update RSS, malicious kernal drivers, Signal SMS/MMS, ZimaBoard

Picture of the Week. Microsoft "Won't Fix". Malicious Kernel Drivers. Microsoft has finally added an RSS feed for Windows Updates! Passkeys Dev. Largest DDoS attack. Signal will be dropping its SMS/MMS support. Brute-force protection for Windows local...

GitHub says hackers cloned code-signing certificates in breached repository

Enlarge GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place...
Security Affairs

QNAP addresses a critical flaw impacting its NAS devices

Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices. QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that...
The Register

Chromebook SH1MMER exploit promises admin jailbreak

Schools' laptops are out if this one gets around, but beware bricking Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.…

MusicLM: Google AI generates music in various genres at 24 kHz

Enlarge / An AI-generated image of an exploding ball of music. (credit: Ars Technica) On Thursday, researchers from Google announced a new generative AI model called MusicLM that can create...

Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine

The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.