Security Now (Audio) TWiT TV

Malicious Android apps, ransomware-as-a-service.

Where do most malicious Android apps come from?
SAD DNS is a revival of the classic DNS cache poisoning attack
How many Ransomware-as-a-Service (RaaS) operations are there?
Ragnar Locker ransomware gang takes out a Facebook ad
Two more new 0-days revealed in Chrome
Last Tuesday, Microsoft fixed 112 known vulnerabilities in Microsoft products
We invite you to read our show notes at https://www.grc.com/sn/SN-793-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
canary.tools/twit - use code: TWIT
extrahop.com/SECURITYNOW
WWT.COM/TWIT

SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.

Let's Encrypt's cross-signed root expires next year
Chrome updates on Windows, macOS, Linux, and Android to remove 0-day vulnerability
Mattel, Compel, Capcom, and Campari fall to ransomware attacks
iOS 14.2 fixes three 0-day vulnerabilities
Introducing the Tianfu Cup: China's version of the Pwn2Own hacker competition
November's Patch Tuesday
The Great Encryption Dilemma hits Europe
Ring Doorbells to be tapped in a trial by local Police
WordPress plugins are a hot mess for security
SlipStream NAT Firewall Bypass
We invite you to read our show notes at https://www.grc.com/sn/SN-792-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
Melissa.com/twit
itpro.tv/securitynow promo code SN30
Wasabi.com offer code SECURITYNOW

Google One VPN, WordPress update fail, Windows 7 0-Day.

A new 0-day in Win7 through Win10
A public service reminder from Microsoft
Google One adding an Android VPN
Vulnonym: Stop the Naming Madness!
WordPress fumbles an important update
Chrome's Root Program
We invite you to read our show notes at https://www.grc.com/sn/SN-791-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
WWT.COM/TWIT
expressvpn.com/securitynow
LastPass.com/twit

Chrome 0-Day, Edge for Linux, WordPress Loginizer.

Top 25 Vulnerabilities
Critical 0-day in Chrome
Chrome 86 is now blocking slippery notifications
Site Isolation coming soon to Firefox
Microsoft's Chredge for Linux
WordPress Loginizer vulnerability
We invite you to read our show notes at https://www.grc.com/sn/SN-790-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
try.eset.com/twit
manscaped.com/twit
barracuda.com/petsmart

Zoom end-to-end encryption, Windows 10 god mode, Manifest v3.

Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would begin
How to enable Windows 10 "God Mode"
Edge to be updated with browser extensions "Manifest v3"
Last Tuesday Microsoft issued fixes for 87 security vulnerabilities - so, yeah, it was a slow month...
Your SonicWall Network Security Appliance (NSA) MUST be patched now!
Microsoft's two out-of-cycle patches
Anatomy of a Ryuk Attack
We invite you to read our show notes at https://www.grc.com/sn/SN-789-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
privacy.com/securitynow
WWT.COM/TWIT
extrahop.com/SECURITYNOW

Carnival Cruise hack, ZeroLogon, Five Eyes vs Encryption.

Chrome gets 86'd!
Carnival Cruise Line Hack
The largest company you've never heard of gets hit by ransomware hackers
No connection logs? In France, you go to jail!
Hacking the Apple
ZeroLogon, the FBI, DHS and our forthcoming election security
The revenge of DNT, as GPC, now enhanced with legislation
The Anti-E2EE drumbeat beats yet again
We invite you to read our show notes at https://www.grc.com/sn/SN-788-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
itpro.tv/securitynow promo code SN30
canary.tools/twit - use code: TWIT
Wasabi.com offer code SECURITYNOW