Security Now (Video‪)‬ TWiT TV

Ubiquity coverup, Facebook data dump, malicious Call of Duty cheats.

The Ubiquiti Coverup.
Facebook's 533,313,128 Million User Whoopsie!
Don't mess with our water!
Android moves to limit inter-app visibility.
Beware malicious "Call of Duty: Warzone" cheats.
QNAP — Just Say No!
Listener Feedback.
A Spy in Our Pocket.
We invite you to read our show notes at https://www.grc.com/sn/SN-813-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
vee.am/securitynow
itpro.tv/securitynow promo code SN30
Bandwidth.com/SecurityNow

Spectre returns to Linux, API Security, OpenSSL flaws, SolarWinds.

Picture of the week.
ProxyLogon Update.
Spectre returns to Linux.
OpenSSL fixes several high-severity flaws.
SolarWinds keeps finding new critical problems within its own code.
Cloudflare's recent moves.
A focus on API Security.
SpinRite update.
The curious case of the PHP's Git Server Hack.
We invite you to read our show notes at https://www.grc.com/sn/SN-812-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
plextrac.com/twit
thehelm.com/securitynow

Automatic fix for Exchange Server flaw, Firefox 87 features, MyBB patch.

Dave's Garage on YouTube.
The latest update on the ProxyLogon fiasco is from Microsoft.
Black Kingdom Ransomware.
Firefox will be adopting a new privacy-enhancing Referrer Policy.
This Week in Remote Code Execution Disasters.
MyBB gets patched.
CAID is able.
What the FLoC? "Federated Learning of Cohorts"
We invite you to read our show notes at https://www.grc.com/sn/SN-811-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
expressvpn.com/securitynow
extrahop.com/SECURITYNOW
Melissa.com/twit

New Chrome 0-Day, Patch Tuesday Redux, Spectre Comes to Chrome.

Chrome closes another 0-day.
This v89 of Chrome also lost some weight.
Spectre comes to Chrome!
Prime+Probe: A new browser tracking side-channel.
Patch Tuesday Redux.
BSODs when attempting to print.
Free code signing for the Open Source community.
JPL's Perseverance Rover.
Feedback.
Spinrite.
ProxyLogon.
We invite you to read our show notes at https://www.grc.com/sn/SN-810-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
business.eset.com/train
udacity.com/twit coupon code TWiT
barracuda.com/securitynow

Dependency confusion, Intel Side Channel Attacks, Crispy Subtitles from Lay's.

Picture of the week.
47 fixes in Chrome 89.0.4389.72.
Crispy Subtitles from Lay's.
Google funds Linux kernel security developers.
WinAmp gets a huge update!
"Intel Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical"
Dependency Confusion!
Listener feedback.
Hafnium.
We invite you to read our show notes at https://www.grc.com/sn/SN-809-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
thehelm.com/securitynow
wwt.com/twit
canary.tools/twit - use code: TWIT

Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password.

Chrome to default to trying HTTPS first when not specified.
Firefox's "Enhanced Tracking Protection" just neutered 3rd-party cookies!
As easy as "SolarWinds123".
Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10.
VMware's vCenter troubles.
SpinRite update.
Microsoft issues emergency patches for 4 exploited 0-days in Exchange.
CNAME Collusion.
We invite you to read our show notes at https://www.grc.com/sn/SN-808-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
privacy.com/securitynow
Melissa.com/twit
itpro.tv/securitynow promo code SN30