November 9, 2020
David Redekop

This Week In Nerd News – November 9, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

YouTube video

Apple patches iOS against 3 actively exploited 0-days found by Google.

Probably the most important/urgent upgrade ever. Don’t wait for 14.2 upgrade, do it now.

Project Zero has reported 7 actively exploited zerodays in the past two weeks.

 

Read More: Apple patches iOS against 3 actively exploited 0-days found by Google

U.S. Feds Seized Nearly $1 Billion in Bitcoin from Wallet Linked to Silk Road.

Speculation kicked off after someone moved the huge sum on Tuesday, and now we know who it was: the U.S. government.

Speculation kicked off after someone moved the huge sum on Tuesday, and now we know who it was: the U.S. government.

 

Read More: U.S. Feds Seized Nearly $1 Billion in Bitcoin from Wallet Linked to Silk Road

Maze, a notorious ransomware group, says it’s shutting down.

One of the most active and notorious data-stealing ransomware groups, Maze, says it is “officially closed.”

One of the most active and notorious data-stealing ransomware groups, Maze, says it is “officially closed.”

 

Read More: Maze, a notorious ransomware group, says it’s shutting down

 

Google patches second Chrome zero-day in two weeks.

Google has released a security update for its Chrome web browser that patches ten security bugs, including one zero-day vulnerability that is currently actively exploited in the wild.

Google Chrome 86.0.4240.183 available for download. Patches 10 security bugs, including an actively-exploited zero-day.

 

Read More: Google patches second Chrome zero-day in two weeks 

 

Chrome Root Program.

As Steve Gibson shares it, this was not an announcement that was met with universal enthusiasm, but from Google’s point of view, it is the right path for Google. Here’s their justification:

Resource: Chrome Root Program Policy, Version 1.2

 

Did you know?

The Software Engineering Institute is proposing a new approach to naming CVEs: Vulnonym. Twitter account @vulnonym is trying it out.

Need an IT professional? Request service today.