SN 808: CNAME Collusion - Seven Exchange 0-Days, Firefox Enhanced Tracking Protection, SolarWinds Password
Manage episode 286386050 series 142174
Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password.
- Chrome to default to trying HTTPS first when not specified.
- Firefox's "Enhanced Tracking Protection" just neutered 3rd-party cookies!
- As easy as "SolarWinds123".
- Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10.
- VMware's vCenter troubles.
- SpinRite update.
- Microsoft issues emergency patches for 4 exploited 0-days in Exchange.
- CNAME Collusion.
We invite you to read our show notes at https://www.grc.com/sn/SN-808-Notes.pdf
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.