SN 769: Zoom’s E2EE Design
Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website firstThe state of drive-by malvertising downloadsGoogle will be bad listing notification abusing sitesWho else is doing the eBay-like ThreatMetrix port scanning?Facebook...
SN 768: Contact Tracing Apps R.I.P.
Contact tracing apps are not going to work.Why contact tracing apps are never going to workUnc0ver: There's a new iOS jailbreak in town, and as jailbreaks go, it looks VERY nice!Firefox 77 picks up a nifty new security trickNew...
SN 767: WiFi 6
WiFI 6, Apple vs. FBI, face masks.Last Tuesday's Windows patch Tuesday was the not the biggest ever, but it was the 3rd largest in Microsoft's history, weighing in with a whopping 111 CVE-tracked bug fixes, 16 of which were...
SN 766: ThunderSpy
Thunderbolt security flaw, Zoom buys Keybase. Why the ThunderSpy Thunderbolt security flaw is such a big dealZoom purchases Keybase to fix encryptionFirefox 76 released with new featuresBut Firefox 76 broke Amazon's Assistant!Hallelujah!! Edge moves to silence those annoying notification...
SN 765: An Authoritarian Internet?
China wants to rebuild the Internet.China's proposal to rebuild the internet is an authoritarian nightmareBruce Schneier on COVID-19 Contact Tracing AppsPolitical Correctness hits cybersecurityDHS's CISA says no to 3rd-party DoH"POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies...
SN 764: RPKI
Apple/Google Contact Tracing, Best VPNs to protect you.Apple/Google Contact Tracing UpdateiOS 0-Day Alert! Update Apple MailBest VPNs to protect you from the Five EyesTypoSquatting attacksVitamin D linked to COVID-19 mortalityResource Public Key InfrastructureHow BGP can break the InternetWe invite...
SN 763: The COVID Effect
Zoom Fixes Security, EARN IT is Evil, Tor in TroubleZoom gets big-name help with security fixesGoogle updates Chrome to v81.0.4044.113 to squash a critical flawFTP in Chrome lives another day! Google "undepreciates" FTP.Windows Patch Tuesday for April 2020 fixes...
SN 762: Virus Contact Tracking
Apple+Google Covid Tracker is Secure and RIP John Conway, Creator of The Game of LifeApple & Google Virus Contact Tracing: secure and effectiveZoom gets another Zoom-bombing mitigation... and a Class-Action LawsuitMeanwhile, Zoom has enlisted the aid of Alex StamosZoom...
SN 761: Zoom Go Boom
Zoom is a security nightmare - from zoombombing to encryption issues, Steve Gibson runs down Zoom's security concerns. Plus, Jitsi is a great alternative!Mozilla just patched a pair of CRITICAL 0-daysEight security bugs eliminated from Chrome last weekSafari gets...
SN 760: Folding Proteins
iOS VPN bug, Coronavirus Folding@HomeVPN bug in iOS 13.4Folding@Home - how to donate your unused CPU cycles to help provide answers to COVID-19.RDP and VPN use skyrocketingTo 'www' or not to 'www'Firefox 76 to finally stop assuming "HTTP"Google again...
SN 759: TRRespass
This week's stories:Two new un-patched 0-days affecting billions of Windows users - here is the fix!Mozilla reversed itself on TLS v1.0 and 1.1 deprecation... due to the coronavirusA micropatch for Win7 and Server 2008Chrome's release schedule has been impacted...
SN 758: The SMBGhost Fiasco
This Week's Stories: Does Steve have coronavirus? Maybe? He got very sick over the weekend and is still coughing, but he couldn't get tested. Mayhem ensues after last week's Patch Tuesday List of free technology services during coronavirus, from...
SN 757: The Fuzzy Bench
This Week's Stories Microsoft, Google, LogMeIn & Cisco offer limited-time free use of telecommuting Tools Hack the Pentagon! The Android security dilemma AMD processors get some unwelcome but necessary side-channel attack scrutiny Intel also has some serious new trouble...
SN 756: Kr00k
This Week's Stories Lets Encrypt hits 1 BILLION certs Pakistan passes Internet censorship law Clearview AI breach: clients and searches stolen Swiss government submits criminal complaint over CIA Crypto spying scandal Ghostcat - (Apache) Tomcat Users: Update NOW! Revisiting...
SN 755: Apple’s Cert Surprise
This Week's Security News: More Windows 10 lost profile pain A micropatch for the jscript.dll problem Coming in the next Feature Release (Win10 2004): optional device driver updates A new attack on 4G LTE and 5G Starting today: DoH...
FTC Slams Children’s App Developer for COPPA Violations
Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.
Business Services Provider Conduent Hit by Ransomware
Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators.
Formed in 2017 as a divestiture from Xerox and headquartered in New Jersey, the company offers digital platforms...
Cisco security advisories address 47 flaws, three critical
Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software.
Among the most series flaws is a...
Electrolux, Others Conned Out of Big Money by BEC Scammer
Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet
Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…
