Security Now (Video‪)‬ TWiT TV

SHAREit's security update, Solorigate, Brave's "Private Window with Tor".

SHAREit Follow-up
This Week in Web Browser Tracking
Brave's "Private Window with Tor" was not so private
Tracking with eMail Beacons
Microsoft's final "Solorigate" update
"Good App goes Bad for Profit"
SpinRite: RS shows VERY obvious improvement after one pass of SR 6
Dependency Confusion
We invite you to read our show notes at https://www.grc.com/sn/SN-807-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
Melissa.com/twit
barracuda.com/securitynow
expressvpn.com/securitynow

Florida water supply hack update, Major patch Tuesday, Android SHAREit vulnerability.

Pic of the week.
New info in the Oldsmar, Florida water supply attack.
Major Patch Tuesday update.
Adobe released critical updates to three versions each of its Acrobat and Reader.
Android SHAREit.
The Rise of The Web Shells.
This week's WordPress Mess: Responsive Menu plugin.
SpinRite drive discovery video.
What is C.O.M.B.?
We invite you to read our show notes at https://www.grc.com/sn/SN-806-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
canary.tools/twit - use code: TWIT
business.eset.com/twit

Defender thinks Chrome is malware, Plex Media Servers in DDoS attacks.

Picture of the Week.
Google has been busy with Chrome.
Google Chrome Heap Buffer Overflow Vulnerability Exploited.
A unique use of Chrome's "sync" feature for command & control and data exfiltration.
Defender thinks Chrome is Malware.
More Critical WordPress Plug-in Problems.
Plex Media servers SSDP protocol being used in DDoS attacks.
Three more NEW vulnerabilities discovered in SolarWinds' software.
Closing the Loop.
SpinRite: "Discovering System's Mass Storage Devices..."
SCADA Scandal: Hacker's attempts to adjust chemicals in Oldsmar water supply.
We invite you to read our show notes at https://www.grc.com/sn/SN-805-Notes.pdf



Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
udacity.com/twit coupon code TWiT
Gabi.com/SECURITYNOW
WWT.COM/TWIT

SUDO was pseudo secure, BigNox supply-chain attack, iMessage in a sandbox.

Picture of the Week.
Chrome rescinding another CA's root cert.
An urgent update to the recently released GnuPG.
An interesting supply-chain attack "BigNox".
Apple quietly put iMessage in a sandbox in iOS 14.
For the past 10 years, "SUDO" was only pseudo secure.
SpinRite: February 1st Progress Report.
NAT Slipstreaming 2.0.
We invite you to read our show notes at https://www.grc.com/sn/SN-804-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
barracuda.com/securitynow
itpro.tv/securitynow promo code SN30
extrahop.com/SECURITYNOW

Browser password managers, Adobe Flash repercussions, SolarWinds.

Chrome and Edge have beefed-up their built-in password managers.
The random repercussions associated with the end of Adobe Flash.
A new trend emerging with post-ransomware DDOS attacks.
SolarWinds attack details continue to emerge.
Malwarebytes was also attacked.
It seems that wherever we look, we find problems.
The Expanse is GOOD sci-fi.
Comparative Smartphone Security: Which mobile OS is better?
We invite you to read our show notes at https://www.grc.com/sn/SN-803-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
udacity.com/twit coupon code TWiT
privacy.com/securitynow

2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp.

When is Chrome not Chromium?
A major DuckDuckGo milestone.
Project Zero in the wild.
First Patch Tuesday of 2021.
ZeroLogon Drop Dead.
NSA warns against outsourcing DoH services.
A Side-Channel in Titan.
The "PayPal Football"
WhatsApp's decision to bring its data into Facebook.
We invite you to read our show notes at https://www.grc.com/sn/SN-802-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
business.eset.com/twit
expressvpn.com/securitynow
canary.tools/twit - use code: TWIT