Security Now with Steve Gibson and Leo Laporte

Mar 2nd 2021

Security Now 808

CNAME Collusion

Seven Exchange 0-Days, Firefox Enhanced Tracking Protection, SolarWinds Password

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Category: Help & How To

Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password.

  • Chrome to default to trying HTTPS first when not specified.
  • Firefox's “Enhanced Tracking Protection” just neutered 3rd-party cookies!
  • As easy as “SolarWinds123”.
  • Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10.
  • VMware's vCenter troubles.
  • SpinRite update.
  • Microsoft issues emergency patches for 4 exploited 0-days in Exchange.
  • CNAME Collusion.

We invite you to read our show notes at

Download or subscribe to this show at

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site:, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.