This Week's Stories Everyone can still upgrade to Windows 10 for free with this trick HP SSDs fail after 32768 hours The EU is not happy about a possible US encryption ban US government's formal permission to hack 110 nursing homes have been crippled by a ransomware attack Firefox is seriously pushing back on tracking signal leakage New problems with Windows DLLs The StrandHogg vulnerability We invite you to read our show notes at
Hosts:
Download or subscribe to this show at .
You can submit a question to Security Now! at the .
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: .
Sponsors:
SN 742: Pushing "DoH"
The future of the Linux kernel underneath the Android OS Inherent challenges presented by the nature of the Android ecosystem VNC users: Time to update! A welcome change to Twitter & SMS-based 2FA A "foregone conclusion" to law enforcement's strategy to force password divulgence Pre-announcement from Microsoft about DNS Details of the emerging DoH protocol We invite you to read our show notes at
Hosts:
Download or subscribe to this show at .
You can submit a question to Security Now! at the .
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: .
Sponsors:
SN 741: TPM-FAIL
November's Patch Tuesday is the antepenultimate free Windows 7 update CheckM8 & https://Checkra.in GitHub launches Security Lab to boost open-source security Warrantless searches of devices at US borders were just ruled unconstitutional Another WhatsApp bug lets hackers quietly install spyware on your device ZombieLoad v2 The ByteCode Alliance http://tpm.fail/ We invite you to read our show notes at
Hosts:
Download or subscribe to this show at .
You can submit a question to Security Now! at the .
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: .
Sponsors:
SN 740: Credential Delegation
CheckM8 & Checkra.in moves to first public beta The case of the misbehaving transducer BlueKeep and Microsoft BlueKeep and BSODs BlueKeep and Marcus Hutchins Mozilla on DoH -vs- COMCAST Yet another approach for solving the problem of certificate revocation within a more limited scope. We invite you to read our show notes at
Hosts:
Download or subscribe to this show at .
You can submit a question to Security Now! at the .
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: .
Sponsors:
SN 739: DOH and Bluekeep
October's Windows Patch Tuesday BROKE Windows' ability to connect to a significant number of the Internet's websites. Here's how to fix it. Chrome 78 disables Code Integrity Check to mitigate "Aw Snap!" crashes. "Chrome 78 patches a Chrome 0-day which had been discovered by Kaspersky being exploited in the wild." News from the Edge: the first Chromium-based Microsoft Edge Stable Release Candidate. Microarchitectural Data Sampling Vulnerabilities. Trouble for QNAP NAS devices exposed to the Internet. MSP's -- Managed Service Providers -- are a major vector for ransomware delivery. Five months after returning a rental car, man still has the remote control. Chinese-made drones in the US are being grounded. The DNS-over-HTTPS (DoH) controversy. BlueKeep-based attacks have finally started, and what we predicted on this podcast has finally happened. We invite you to read our show notes at
Hosts:
Download or subscribe to this show at .
You can submit a question to Security Now! at the .
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: .
Sponsors: