DNS-Over-HTTPS, Bluekeep, US vs Chinese Drones
• October’s Windows Patch Tuesday BROKE Windows’ ability to connect to a significant number of the Internet’s websites. Here’s how to fix it.
• Chrome 78 disables Code Integrity Check to mitigate “Aw Snap!” crashes.
• “Chrome 78 patches a Chrome 0-day which had been discovered by Kaspersky being exploited in the wild.”
• News from the Edge: the first Chromium-based Microsoft Edge Stable Release Candidate.
• Microarchitectural Data Sampling Vulnerabilities.
• Trouble for QNAP NAS devices exposed to the Internet.
• MSP’s — Managed Service Providers — are a major vector for ransomware delivery.
• Five months after returning a rental car, man still has the remote control.
• Chinese-made drones in the US are being grounded.
• The DNS-over-HTTPS (DoH) controversy.
• BlueKeep-based attacks have finally started, and what we predicted on this podcast has finally happened.
We invite you to read our show notes at https://www.grc.com/sn/SN-739-Notes.pdf
Hosts: Steve Gibson, Jason Howell
Download or subscribe to this show at https://twit.tv/shows/security-now
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: https://grc.com/ also the home of the best disk maintenance and recovery utility ever written Spinrite 6.