DiscoverSecurity Now (Video)
Security Now (Video)
Claim Ownership

Security Now (Video)

Author: TWiT

Subscribed: 2,368Played: 45,492
Share

Description

Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
247 Episodes
Reverse
Apple proposes 45-day maximum certificate life. SEC fines four companies for downplaying their SolarWinds attack severity. Google adds 5 new features to Messenger including inappropriate content. Does AI-driven local device-side filtering resolve the encryption dilemma forever? The very nice looking "Session" messenger leaves Australia for Switzerland. Another quick look at the question of the EU's software liability moves. Fake North Korean employees WERE found to install backdoor malware. How to speed up an SSD without using SpinRite. Using ChatGPT to review and suggest improvements in code. And Internet governance has been trying to move the Internet to IPv6 for the past 25 years, but the Internet just doesn't want to go. Why not? And will it ever? Show Notes - https://www.grc.com/sn/SN-998-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT e-e.com/twit threatlocker.com for Security Now 1password.com/securitynow
Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit
uBlock Origin to the rescue National Public Data files for bankruptcy Will the .IO top level domain be disappearing? Patch Tuesday Firefox under attack Miscellany Sci-Fi The Sequence uBlock Origin Eero Routers Pep Link Router BIMI (up Scotty) Show Notes - https://www.grc.com/sn/SN-996-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: 1password.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW
Facebook's parent Meta not hashing passwords A New, forthcoming PayPal default opts their users into merchant data sharing DDoS breaks another record Speaking of these ASUS routers Do you know who you're hiring? Vitamin D The CUPS vulnerablility Routers for normal people uBlock Origin & Manifest V3 Show Notes: https://www.grc.com/sn/SN-995-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit Melissa.com/twit threatlocker.com for Security Now flashpoint.io
The Linux remote code execution flaw The CRUCIAL importance of Domain Control Security Roskomnadzor strikes a discordant note VLC gets a security update Tor and Tails Merge Telegram changes its long-standing "zero cooperation" policy Enshittification Bobiverse book 5 Windows 10 notifications Experian woes Nuevomailer SpinRite Peter F. Hamilton Recall's Re-Rollout Show Notes - https://www.grc.com/sn/SN-994-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit joindeleteme.com/twit promo code TWIT threatlocker.com for Security Now
The case of the exploding pagers and walkie-talkies "Ford seeks patent for tech that listens to driver conversations to serve ads" Another large chunk of personal data exposed Passkeys takes a big step forward: Now supported by Chrome A nascent 9.9 Linux Unauthenticated RCE? Freezing Credit Credit Bureaus Drobo 5N SN email labeled as spam Public Wi-fi saftey SN for Certs Windows Defender Kaspersky exits the U.S. Show Notes - https://www.grc.com/sn/SN-993-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: INFO.ACILEARNING.COM/TWIT code SN100 canary.tools/twit - use code: TWIT bigid.com/securitynow e-e.com/twit
Windows Endpoint Security Ecosystem Summit Aging storage media does NOT last forever How Navy chiefs conspired to get themselves illegal warship Wi-Fi adam:ONE named the #1 best Secure Access Service Edge (SASE) solution AI Talk Password Manager Injection Attacks Show Notes - https://www.grc.com/sn/SN-992-Notes.pdf Hosts: Steve Gibson and Mikah Sargent Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT 1password.com/securitynow vanta.com/SECURITYNOW
Offer to uninstall Recall was a bug, not a feature YubiKeys can be cloned Miscellany Is WhatsApp secure? Telegram vs Signal French elevators Freezing your credit The Quiet Canine Unix time Bobiverse book 5 Exodus: The Achemedes Engine Watching SpinRite RAMBO Show Notes - https://www.grc.com/sn/SN-991-Notes.pdf Hosts: Steve Gibson and Mikah Sargent Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: flashpoint.io bigid.com/securitynow Melissa.com/twit bitwarden.com/twit
Telegram puts End-to-End Privacy in the Crosshairs Free security logging is good for everyone CrowdStrike hemorrhaging customers Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors Yelp's Unhappy with Google Telegram as the hotbed for DDoSass – DDoS as a Service Chrome grows more difficult to exploit Cox Media Group's "Active Listening" has apparently not ended Cascading Bloom Filter follow-up Closing the Loop Is Telegram an encrypted app? Show Notes - https://www.grc.com/sn/SN-990-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow threatlocker.com for Security Now vanta.com/SECURITYNOW joindeleteme.com/twit promo code TWIT
CrowdStrike Exec's "Most Epic Fail" Award Hardware backdoors discovered in Chinese-made key cards Counterfeit CISCO networking gear SpinRite Errata NPD breach updates from listeners Looking back at old SN episodes Cascading Bloom Filters Show Notes - https://www.grc.com/sn/SN-989-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT 1password.com/securitynow e-e.com/twit INFO.ACILEARNING.COM/TWIT code SN100
Revocation Update GRC's next experiment Patch Tuesday "The Famous Computer Café" IsBootSecure GRC Email Working through WiFi Firewalls Transferring DNS OCSP attestation vs. TLS expiration Platform key expiration National Public Data Show Notes - https://www.grc.com/sn/SN-988-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit vanta.com/SECURITYNOW threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT
Sitting Ducks DNS attack A Bad RCE in another Microsoft server SinkClose The CLFS.SYS BSoD IsBootSecure Rethinking Revocation Show Notes - https://www.grc.com/sn/SN-987-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twit promo code TWIT bigid.com/securitynow vanta.com/SECURITYNOW 1password.com/securitynow
Platform Key Disclosure Firefox's 3rd-party Cookie mess The W3C Finally Weighs-in CrowdStrike Damages. GRC's Email How Revoking! Show Notes - https://www.grc.com/sn/SN-986-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bigid.com/securitynow vanta.com/SECURITYNOW
Crowdstrike post-mortem PiDP-11 What Crowdstrike is fixing Marcus Hutchins on who is to blame Entrust's Updated Info 3rd-Party Cookie Surprise Security training firm mistakenly hires a North Korean attacker Google and 3rd party cookies Google's influence The auto industry and data brokers DNS Benchmark on Mac Platform Key Disclosure Show Notes - https://www.grc.com/sn/SN-985-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com INFO.ACILEARNING.COM/TWIT code SN100 panoptica.app bitwarden.com/twit
Cellebrite unlocks Trump's would-be assassin's phone. Cisco reported on a CVSS of 10.0 Entrust drops the other shoe Google gives up on removing 3rd-party cookies Miscellany Snowflake and data warehouse applications CDK auto dealership outage Polyfill.io and resource hashes MITM Blocking Copilot Blocking incoming connections via IP CrowdStruck Show Notes - https://www.grc.com/sn/SN-984-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app canary.tools/twit - use code: TWIT vanta.com/SECURITYNOW bigid.com/securitynow
Using Content Delivery Networks Safely The CDK Global Ransomware Attack The IRS and Entrust Polyfill.io fallout Microsoft's Behavior A Snowflake's Chance Show Notes - https://www.grc.com/sn/SN-983-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: vanta.com/SECURITYNOW panoptica.app lookout.com joindeleteme.com/twit promo code TWIT
Entrust Responds Other major Certificate Authorities respond Passkey Redaction Attacks Syncing passkeys Port Knocking Fail2Ban The Polyfill.io Attack Show Notes - https://www.grc.com/sn/SN-982-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com vanta.com/SECURITYNOW bitwarden.com/twit panoptica.app
The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com
Expected follow-up on CVE-2024-30078 From Russia with Love An EU privacy agency complains about Google's Privacy Sandbox? Email @ GRC Security Now SPAM? Orange Tsai needs help! Recall and 3rd Party Leakage Errata The Mixed Blessing of a Crappy PRNG Show Notes - https://www.grc.com/sn/SN-980-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twit promo code TWIT 1password.com/securitynow mylio.com/twit canary.tools/twit - use code: TWIT
CVE-2024-30078 "Recall" has been recalled Matthew Green on Apple's Private Cloud Compute A WGET flaw with a CVSS of 10.0? Thou shall not Resolve! Email @ GRC Downloading email with MailStore Home IT at The New York Times ReMarkable The Angle of the Dangle Show Notes - https://www.grc.com/sn/SN-979-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit 1bigthink.com kolide.com/securitynow GO.ACILEARNING.COM/TWIT - code TWIT100
loading