November 23, 2020
Niles Nerd

WTH Security News November 23, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

How the U.S. Military Buys Location Data from Ordinary Apps. The trouble with free apps. The app makers must make revenue somewhere and selling data is lucrative.

Windows 10: Microsoft reveals Pluton security chip – ‘Expect Patch Tuesday-type updates’. Microsoft promises Pluton will make it easier to keep system firmware up to date, for example, in cases when TPM firmware for separate security processors is required.

Firefox 83 introduces HTTPS-Only Mode. This is an interesting development as we’re shifting more and more of our traffic in transit to be encrypted. This will have the desired impact of shifting website owners to move to https.

More than 245,000 Windows systems still remain vulnerable to BlueKeep RDP bug. If there’s any assurance that cybercrime will continue to grow in the foreseeable future, it is that we are not patching.

New tool automates phishing attacks that bypass 2FA. SMS-based 2FA now offers less security value than ever. Time to switch to better 2FA everywhere you can. On the other hand, if you’re in White or Allow-listing mode on adam:ONE, that’s a complimentary protection layer.

Did you know?

There’s a graphical command-line historical ping command called gping. On macOS just “brew install gping” after you’ve installed Homebrew from You’re welcome.

For a video version of this news checkout