Podcasts about chrome zero day

In this episode, I cover the latest Chrome Zero Day, the upcoming retirement of VBScript, an update on the recent Google AI Overview story and much more! Reference Links: https://www.rorymon.com/blog/8th-chrome-zero-day-vbscript-retirement-plan-controversial-ai-interview/

In today's episode, we discuss the exploitation of a new zero-day vulnerability (CVE-2024-4761) in Google Chrome, prompting emergency fixes from Google. Users are advised to update to Chrome version 124.0.6367.207/.208 to mitigate potential threats (https://thehackernews.com/2024/05/new-chrome-zero-day-vulnerability-cve.html). Additionally, Apple has backported a patch to iOS 16 branch to fix CVE-2024-23296 and introduced a new Bluetooth tracker alert feature in iOS 17 to warn users about unknown Bluetooth trackers (https://www.helpnetsecurity.com/2024/05/14/ios-bluetooth-tracker-alert/). The impact of return-to-office mandates at tech giants like Apple, Microsoft, and SpaceX on employee retention, particularly among senior talent, is also discussed, shedding light on the potential negative effects of such policies (https://arstechnica.com/information-technology/2024/05/rto-mandates-led-to-pronounced-exodus-of-senior-workers-at-top-tech-firms/). 00:00 The Great Tech Exodus: Navigating Return to Office Mandates 00:55 Deep Dive into Return to Office Policies and Their Impact 04:54 Exploring Apple's Cybersecurity Enhancements 07:15 Navigating the Threat Landscape: Google Chrome's Zero Day Vulnerability Search Phrases: Apple, Cyber threats, iOS patches, Bluetooth tracker alert, Cybersecurity measures, CVE-2024-23296, MarketplaceKit vulnerability, Return-to-office mandates, Senior-level employees, Remote work, Workforce management, Employee morale, Attrition may15 Return to office mandates at major tech companies like apple, Microsoft, and space X. Have led to a significant Exodus of senior level employees. How can these tech companies manage their workforce effectively while avoiding the negative impact of return to office mandates? On employee morale and attrition. . In Apple's most recent update they've added. A Bluetooth tracker alert. To alert the user, if an unexpected Bluetooth tracker is in their proximity. How else is apple enhancing cybersecurity measures. For iOS users. And finally an emergency fix has been rolled out by Google to address the new zero day vulnerability in Google Chrome. Which is being actively exploited in the wild posing, a serious threat to compromised hosts. How can users protect themselves from the zero day vulnerability in Google Chrome? You're listening to the daily decrypt. All right. Let's talk about return to office or RTO. If you work in tech. Specifically cybersecurity. You've probably been impacted by this since the Dawn of COVID. Or at least know somebody who's been impacted by this. I personally work on a team of developers who were all hired remotely. With no expectation set that they'll have to return to the office and. They're all pretty peeved because now they're having to return to the office and we're losing good talent. And the team's morale is just a little lower. Because it's one thing to be hired with the expectation of moving to an office, which is actually how I was hired. And I did move closer to an office. But it's another thing. To be hired with the expectation of never having to, and then having to. So a recent study conducted by researchers from the university of Chicago and the university of Michigan revealed that returned to office mandates at tech giants, like apple, Microsoft, and SpaceX have led to a significant Exodus of senior level employees. And this study did pose a thought that I had never really considered as to why senior level. Employees would be leaving specifically ones in management. And that's because they prefer not to manage teams that are inherently unhappy about policies at their. Company. So if their whole team is upset about returning to office, That's going to directly impact their job satisfaction because there's nothing they can do. They can't change company policy. They can just. Make sure their leaders are aware that their teams are upset and hope that they changed their mind on returned to office. Which. Hasn't really happened yet. So this study analyzed resume data from people, data labs matching 260 million resumes to company data. Highlighting the negative effects of return to office mandates on employee retention and. Senior talent. Following Apple's implementation of a hybrid return to office approach. The percentage of senior level employees decreased by five percentage points. While Microsoft experienced a similar decline. And even worse, the space X requires full-time office presence. And they saw a substantial 15% drop in senior level employees. So I don't have to explain. What it means to lose 15% of your senior employees. Um, but I can elaborate that it's probably not the 15% you want to lose because the ones you lose are the ones that are good enough to get jobs elsewhere. So there's gotta be some sort of balance. There's gotta be some sort of give and take, um, Remote work. Works for some people and it doesn't work for others. Like there is no hard and fast way. To improve productivity amongst your team members. But senior executives don't like that. They like black and white. They like policy. So how can we find a middle ground? I understand that. Working close to your peers can build comradery. Enhance collaboration. All of that stuff, but the more I study of leadership, I think it's because it's actually easier to lead when your employees can see you. It. Is really hard to lead through a computer screen and that's a lot of work and maybe senior executives don't want to put in the work to figure out ways. To connect with their employees. Through a computer screen. So they're just going to make them come into work. Hey, spoiler alert. That's not a good reason. Do the work connect with your employees?. Also included in this study. Is the contrary, right? That. Hybrid work model can actually enhance mental health and employee morale, which makes sense. I've been working remote for three years now. And I'm about at the point where I'd like to go into the office every once in a while and see my teammates. Um, but being forced to do anything just is a bad move. And it doesn't feel good, even if I really wanted to go into the office. If I was being forced to go in on Monday, Wednesday to Thursday, whatever. I wouldn't like it. So if you're a senior leader out there and you have. A platform to stand on. I highly encourage you to talk to your employees and figure out what works for them and why, and maybe you can. Have some exceptions. And be a little looser with your standards there. Apple has back ported the patch for CVE 20 24, 23. 29 6 to the iOS 16 branch enhancing security against potential brute force attacks. So this vulnerability is called the RTK. Kit zero-day vulnerability. And it's been patched in multiple apple products, but it's backporting to iOS 16.7 0.8 and iPad iOS 16 point 78. For added protection, which essentially means that a patch that was developed for this new iOS. Has been also applied to a previous generation of operating systems for your tablets and phones. So, for example, if your iPad doesn't quite support iOS 17, you can still get this security feature. So it must be pretty bad. If you, if that does apply to you. You're probably pretty hesitant about installing updates because you're on the end of life of your device. It might not be able to handle the next update and you want to keep using it. But I highly encourage you to go download this update and install it. Because this is a pretty serious security risk. There's also been a bug in marketplace kit that has been fixed by apple, which can prevent maliciously crafted webpages from distributing scripts to track iOS users on other sites. And the coolest security feature that was just released by apple. In iOS 17 is a feature that alerts users, when an unknown Bluetooth tracker is detected, moving with them. This will enhance privacy insecurity. Um, now as someone who has been stocked, it is very scary. It sounds kind of mundane when you hear about it, but, you know, it's. It really haunts you a lot and it makes you look at your privacy a lot differently. And this is particularly. Prevalent. Amongst women like. Bluetooth trackers slipped into their purses at bars. So that. They're suitors we'll know exactly where they live, where they're moving and we'll allow them to stock their prey. It's just very scary. And there's no way of knowing if that's happened to you until you go through your purse and. With the amount of purses that women can have. It's not a frequent occurrence to go through them. So this is a great feature. Um, Highly encourage you to download this patch and enable that feature regardless of your lifestyle or situation. It's just good to know if someone's trying to track you, it can happen to anybody. And finally Google has released emergency patches to address a new zero day vulnerability CVE 20 24 4 7 6 1. In the Chrome web browser being actively exploited in the wild. The vulnerability affects the VA JavaScript and WebAssembly engine posing a risk of out of bounds, right attacks that could lead to data, corruption, crashes, or arbitrary code execution on compromised systems. There is an exploit for this, that exists in the wild, which means. Anyone who's taking the security plus can use this. Which is why Google took such swift action. But further details about the specific attacks that leverage this vulnerability and exploited have not been disclosed. In order to prevent further exploitation from threat actors, but, you know, A crafty threat actor can go find it. Mutter, putter. Loaded up Metis boy, whatever. Get it going. So this latest zero day disclosure follows closely on the heels of Google patching CVE 20 24 4 6 7 1 8 use after free vulnerability in the visuals component, that was also actively exploited. In 2024 alone, Google has addressed a total of six zero day vulnerabilities with three of them showcased at the Ponca own hacking contest in March. To safeguard against potential threats. Users are strongly advised to update to the most recent version of Chrome. As soon as possible. So if you're getting that relaunch to update. Button in the top. Right. Which I have seen. On about everyone's browser at work. Go ahead and press that update button. You know, your tabs are gonna save. They're gonna relaunch. It'll take about a second, just press it and get into the habit of pressing it whenever you see it. Users of other chromium based browsers, like edge brave opera and Vivaldi should also apply the necessary patches. When they become available to enhance their cybersecurity posture. This has been the Daily Decrypt. If you found your key to unlocking the digital domain, show your support with a rating on Spotify or Apple Podcasts. It truly helps us stand at the frontier of cyber news. Don't forget to connect on Instagram or catch our episodes on YouTube. Until next time, keep your data safe and your curiosity alive.

In this episode of The 2 Minute Drill, Drex covers the latest updates on the Ascension cyber attack, including the involvement of the Black Basta ransomware group and the challenges faced in recovery. He also explains the importance of updating your Google Chrome browser to protect against a new zero day vulnerability. Lastly, Drex recaps key discussions from the RSA Conference, highlighting insights on AI and cybersecurity from industry leaders and experts. Stay informed and stay secure with these quick updates!Contributions & Community:Become part of the conversation and help shape future episodes by contributing stories and insights. Visit thisweekhealth.com/news and click on "Become a Contributor."Stay Connected:Don't miss out on our upcoming episodes focused on hacking healthcare. Follow our podcast, like and share this post to spread the word, and join the new 229 cyber and risk community for more in-depth discussions and resources.Stay Informed, Stay Secure:Visit thisweekhealth.com/security for more information and resources to bolster your cybersecurity knowledge and defenses.Remember, Stay a little paranoid.

On this week's episode of the podcast I cover multiple vulnerabilities, one of which is under active exploitations, I get into some recent AI news and much more! Reference Links: https://www.rorymon.com/blog/2-new-netscaler-vulnerabilities-new-chrome-zero-day-incognito-mode-controversy/

The Chrome browser just got another update with security patches for serious vulnerabilities. A new Bluetooth vulnerability has been discovered that could allow hackers to listen in on your personal audio. And how much personal information are you actually transmitting when you share your contact info using Apple's Name Drop feature? Show Notes: Google Chrome emergency update fixes 6th zero-day exploited in 2023 New BLUFFS attack lets attackers hijack Bluetooth connections North Korean hackers combine malware to attack macOS (KandyKorn) Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks A Word of Caution on MacOS Updates Brit borough council apologizes for telling website users to disable HTTPS Plex users rage over Discover Together privacy concerns Police Departments and News Sites Spreading Misinformation About How iOS 17 NameDrop Feature Works AirTags are the new go-to tool for cops after spike in car thefts Don't buy these tech products on Black Friday or Cyber Monday How to Install macOS Sonoma on Unsupported Macs, for Security Improvements Intego's Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Intego's Cyber Monday deal has been extended through Sunday, December 3, 2023. Intego Mac Podcast listeners can use this link (https://offer.intego.com/PodcastMACAV_jr0w0yuu3) to get up to 65% off Intego software, our best deal of the year! Don't miss your last chance to save big this holiday season.

Hey, it's 5:05 on Friday, June 9th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwon in Sydney, Australia, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri. Let's get to it.Breaking news: Microsoft Compromised! OneDrive Services Targeted

Hey,it's 5:05. Glad to have you with us on Monday, April 17th, 2023 fromthe Sourced Podcast Network in Camp Hill, Pennsylvania. This is yourhost, Bob Bannon. Stories in today's episode come from Edwin Kwan inSydney, Australia. Kadi Grigg in Alexandria, Virginia. Katy Craig inSan Diego, California, and Marcel Brown in St. Louis, Missouri. Pokeson vacation. I have the controls. Let's get to it.Google Chrome Security Update for Zero-Day Vulnerability

Chrome Zero-Day, Splunk, Realtek Exploit, Iran targets Israel & China Cybersecurity News CyberHub Podcast August 17th, 2022 Today's Headlines and the latest #cybernews from the desk of the #CISO: New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild Quarterly Security Patches Released for Splunk Enterprise Exploit out for critical Realtek flaw affecting many networking devices Iranian Group Targeting Israeli Shipping and Other Key Sectors Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers Story Links: https://thehackernews.com/2022/08/new-google-chrome-zero-day.html https://www.securityweek.com/quarterly-security-patches-released-splunk-enterprise https://www.bleepingcomputer.com/news/security/exploit-out-for-critical-realtek-flaw-affecting-many-networking-devices/ https://www.securityweek.com/iranian-group-targeting-israeli-shipping-and-other-key-sectors https://thehackernews.com/2022/08/researchers-link-multi-year-mass.html “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine The Practitioner Brief is sponsored by: Your BRAND here - Contact us for opportunities today! ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble: https://rumble.com/c/c-1353861 s Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel! #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

On this week's episode I cover a recent preview update that can break printing for some customers, a new Chrome Zero Day exploit has been sold and much more! Reference Links: https://www.rorymon.com/blog/episode-240-august-patch-may-break-printing-new-chrome-zero-day-significant-avd-growth/

On this week's episode I cover a few InfoSec stories like attacks on T-Mobile and Coca Cola, I also cover some new Windows Admin Center and AVD features, changes to Zoom for those using the free basic tier plan and much more! Reference Links:

Kontynuujemy specjalną edycję naszego podcastu w nowej formule codziennych raportów. Od poniedziałku do piątku relacjonujemy dla Was najważniejsze wydarzenia z zakresu działań podejmowanych w cyberprzestrzeni. W dzisiejszym odcinku wystąpili Mirosław Maj i Kamil Gapiński. Dzisiejsze tematy: Podatności w Palo Alto umozliwiają zdalne wyłączenie urządzeń Słabości systemowe produktów Siemens Popularny market z NFT posiadał błąd umożliwiający More

This week on the 5th Episode of the MilCyberSync Podcast, news covering NATO cyber attacks, new Cyber Chief, North Korea APT, Chrome Zero Day and more.

Chrome Zero-Day, CISA Must Patch Grows, Okta, China and North Korea   Cybersecurity News CyberHub Podcast March 28th, 2022   Today's Headlines and the latest #cybernews from the desk of the #CISO: Google Issues Emergency Fix for Chrome Zero-Day North Korean hackers target employees of news outlets, software vendors and more through Chrome vulnerability CISA Adds 66 Vulnerabilities to 'Must Patch' List Okta: "We made a mistake" delaying the Lapsus$ hack disclosure 'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks Ending DoJ's China Initiative was ‘misguided and dangerous,' 8 senators say   Story Links: https://www.securityweek.com/google-issues-emergency-fix-chrome-zero-day https://therecord.media/north-korean-hackers-target-employees-of-news-outlets-software-vendors-and-more-through-chrome-vulnerability/ https://www.securityweek.com/cisa-adds-66-vulnerabilities-must-patch-list https://www.bleepingcomputer.com/news/security/okta-we-made-a-mistake-delaying-the-lapsus-hack-disclosure/ https://thehackernews.com/2022/03/purple-fox-hackers-spotted-using-new.html https://therecord.media/ending-dojs-china-initiative-was-misguided-and-dangerous-8-senators-say/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble:  https://rumble.com/c/c-1353861 Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.   Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!   #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

Chrome zero-day bug, getting started with Zero Trust, AI-powered CRM with Salesforce, and more. North Korean hackers exploit Chrome zero-day weeks before patch Pandemic leaves firms scrambling for cybersecurity specialists FBI: Dear USA, If you're not protecting against ransomware, you're kidding yourself.  Security teams struggle to get started with Zero Trust Salesforce VP of Digital Engagement & Omni Product Management Gautam Vasudev talks AI-powered CRM workflows. Hosts: Louis Maresca, Curt Franklin, and Oliver Rist Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com linode.com/twiet canary.tools/twit - use code: TWIT

Chrome zero-day bug, getting started with Zero Trust, AI-powered CRM with Salesforce, and more. North Korean hackers exploit Chrome zero-day weeks before patch Pandemic leaves firms scrambling for cybersecurity specialists FBI: Dear USA, If you're not protecting against ransomware, you're kidding yourself.  Security teams struggle to get started with Zero Trust Salesforce VP of Digital Engagement & Omni Product Management Gautam Vasudev talks AI-powered CRM workflows. Hosts: Louis Maresca, Curt Franklin, and Oliver Rist Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com linode.com/twiet canary.tools/twit - use code: TWIT

Chrome zero-day bug, getting started with Zero Trust, AI-powered CRM with Salesforce, and more. North Korean hackers exploit Chrome zero-day weeks before patch Pandemic leaves firms scrambling for cybersecurity specialists FBI: Dear USA, If you're not protecting against ransomware, you're kidding yourself.  Security teams struggle to get started with Zero Trust Salesforce VP of Digital Engagement & Omni Product Management Gautam Vasudev talks AI-powered CRM workflows. Hosts: Louis Maresca, Curt Franklin, and Oliver Rist Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com linode.com/twiet canary.tools/twit - use code: TWIT

Chrome zero-day bug, getting started with Zero Trust, AI-powered CRM with Salesforce, and more. North Korean hackers exploit Chrome zero-day weeks before patch Pandemic leaves firms scrambling for cybersecurity specialists FBI: Dear USA, If you're not protecting against ransomware, you're kidding yourself.  Security teams struggle to get started with Zero Trust Salesforce VP of Digital Engagement & Omni Product Management Gautam Vasudev talks AI-powered CRM workflows. Hosts: Louis Maresca, Curt Franklin, and Oliver Rist Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com linode.com/twiet canary.tools/twit - use code: TWIT

Chrome Zero-Day, New Reporting Reqs & Russia Cyber Restraint Cybersecurity News CyberHub Podcast March 14th, 2022   Today's Headlines and the latest #cybernews from the desk of the #CISO: Hacked US Companies to Face New Reporting Requirements Google Attempts to Explain Surge in Chrome Zero-Day Exploitation Russia Issues Its Own TLS Certs Russian Cyber Restraint in Ukraine Puzzles Experts Hacktivists Stoke Pandemonium Amid Russia's War in Ukraine   Story Links: https://www.securityweek.com/hacked-us-companies-face-new-reporting-requirements https://www.securityweek.com/google-attempts-explain-surge-chrome-zero-day-exploitation https://threatpost.com/russia-issues-its-own-tls-certs/178891/ https://www.securityweek.com/russian-cyber-restraint-ukraine-puzzles-experts https://www.wired.com/story/hacktivists-pandemonium-russia-war-ukraine/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble:  https://rumble.com/c/c-1353861 Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.   Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!   #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

Ukraine in Hybrid Warfare, BlackByte & FBI, Chrome Zero-Day & More   Cybersecurity News CyberHub Podcast February 15th, 2022   Today's Headlines and the latest #cybernews from the desk of the #CISO: Ukraine says it's targeted by ‘massive wave of hybrid warfare' FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure Google Discovers Attack Exploiting Chrome Zero-Day Vulnerability Critical Security Flaws Reported in Moxa MXview Network Management Software Over 28,000 Vulnerabilities Disclosed in 2021: Report   Story Links: https://www.bleepingcomputer.com/news/security/ukraine-says-it-s-targeted-by-massive-wave-of-hybrid-warfare-/ https://www.securityweek.com/fbi-warns-blackbyte-ransomware-attacks-critical-infrastructure https://www.securityweek.com/google-discovers-attack-exploiting-chrome-zero-day-vulnerability https://thehackernews.com/2022/02/critical-security-flaws-reported-in.html https://www.securityweek.com/over-28000-vulnerabilities-disclosed-2021-report   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble:  https://rumble.com/c/c-1353861 Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.   #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

Back to business as usual with this episode, most of the news is Log4j related but I also talk about Patch Tuesday, a Chrome Zero Day, new AVD and Windows 365 features and more! Reference Links: https://www.rorymon.com/blog/episode-208-the-latest-updates-on-log4j/

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

On Security Now, Steve Gibson and Leo Laporte talk about the sudden and total disappearance of REvil, the group responsible for a series of high-profile ransomware attacks. For this story and more, check out Security Now: https://twit.tv/sn/828 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

On Security Now, Steve Gibson and Leo Laporte talk about the sudden and total disappearance of REvil, the group responsible for a series of high-profile ransomware attacks. For this story and more, check out Security Now: https://twit.tv/sn/828 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

On Security Now, Steve Gibson and Leo Laporte talk about the sudden and total disappearance of REvil, the group responsible for a series of high-profile ransomware attacks. For this story and more, check out Security Now: https://twit.tv/sn/828 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

On Security Now, Steve Gibson and Leo Laporte talk about the sudden and total disappearance of REvil, the group responsible for a series of high-profile ransomware attacks. For this story and more, check out Security Now: https://twit.tv/sn/828 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

Picture of the week Browser NewsThe attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security NewsiOS WiFi SSID bug We still can't awaken from the "PrintNightmare"It's not a bug, it's a feature! Patch Tuesday Review Update Acrobat and Reader Rolling your own Crypto Pegasus ErrataWindows Extended APIs REvil Vanishes We invite you to read our show notes at https://www.grc.com/sn/SN-828-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow expressvpn.com/securitynow plextrac.com/twit

What's up, everyone! In this episode Ryan, Shannon, and LeVon we will discuss the new Chrome Zero Day attack that was recently discovered and the new ransomware attack targeting virtual machines. In Topic 1 LeVon will break down the non-profit, The Last Mile and their new campaign, “Refactoring the Mass Incarceration System. In Topic 2 I will tell a tale of ransomware ransomers double dipping on their initial attacks. Last but certainly not least we'll end on our most important topic, “What have we been playing”? Please enjoy this jam packed show and leave us your questions, comments, and concerns via the Patreon, Instagram, FB page, new FB group, Twitter and email. Remember you can also leave us voice messages that we can listen to and answer on the show. Thanks! Articles: Chrome Zero Day Ransomware Gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks Refactoring the Mass Incarceration System Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/theothersideofthefirewall/support

We delve into Google's tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain. With Kimberly Truong, Doug Aamoth and Paul Ducklin Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity