SN 808: CNAME Collusion - Seven Exchange 0-Days, Firefox Enhanced Tracking Protection, SolarWinds Password - a podcast by TWiT

from 2021-03-02T19:00

:: ::

Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password.

Chrome to default to trying HTTPS first when not specified.

Firefox's "Enhanced Tracking Protection" just neutered 3rd-party cookies!

As easy as "SolarWinds123".

Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10.

VMware's vCenter troubles.

SpinRite update.

Microsoft issues emergency patches for 4 exploited 0-days in Exchange.

CNAME Collusion.

We invite you to read our show notes at https://www.grc.com/sn/SN-808-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

privacy.com/securitynow

Melissa.com/twit

itpro.tv/securitynow promo code SN30

Further episodes of Security Now (Audio)

Further podcasts by TWiT

Website of TWiT