Featured

Free podcast player

Limited Time Offer

 

Loading…

Security Now (Audio) podcast

Security Now (Audio)

·

  TWiT  

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

 

#10

SN 876: Microsoft's Patchy Patches - 3rd Party Authenticators, MS-DFSNM, Safari Regression, Firefox ...

---Picture of the Week. ---Double Decryption (Last week's key-strength puzzler). ---3rd Party Authenticators. ---Firefox: Total Cookie Protection. ---We keep breaking DDoS attack records. ---MS-DFSNM. ---An Apple Safari regression. ---One Million WordPress sites force-updated. ---High-Severity RCE in Fastjson Library. ---Miscellany. ---Closing The Loop. ---Microsoft's Patchy Patches. We invite you to read our show notes at  [https://www.grc.com/sn/SN-876-Notes.pdf] (https://www.grc.com/sn/SN-876-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [privacy.com/securitynow] (http://privacy.com/securitynow) --- [newrelic.com/securitynow] (http://newrelic.com/securitynow) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) ... Read more

22 Jun 2022

2 HR 14 MINS

2:14:05

22 Jun 2022


#9

SN 875: The PACMAN Attack - WebAuthn, Passkeys at WWDC, Free Kali Linux Pen Test Course, Proof of Si...

---Picture of the Week. ---Apple's Passkeys presentation at WWDC 2022. ---WebAuthn. ---FREE Penetration Testing course with Kali Linux. ---Proof of Simulation. ---A valid use for facial recognition: The Smart Pet Door! ---Closing The Loop. ---The PACMAN Attack. We invite you to read our show notes at  [https://www.grc.com/sn/SN-875-Notes.pdf] (https://www.grc.com/sn/SN-875-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [plextrac.com/twit] (https://plextrac.com/twit/?utm_source=twit&utm_medium=podcast&utm_campaign=securitynow) --- [NetFoundry.io/TWIT] (http://NetFoundry.io/TWIT) --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) ... Read more

15 Jun 2022

2 HR 00 MINS

2:00:09

15 Jun 2022


#8

SN 874: Passkeys, Take 2 - ServiceNSW Responds, Follina, Windows Search URL, UNISOC Chip Vulnerabili...

---Picture of the Week. ---ServiceNSW Responds. ---ExpressVPN pulls the plug in India. ---And speaking of pulling the plug. ---"Follina" under active exploitation. ---And a Windows Search URL schema can be abused, too. ---"Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones". ---Ransomware sanctions are causing trouble. ---Conti spotted compromising motherboard firmware. ---Errata. ---Closing the Loop. ---Passkeys, Take 2. We invite you to read our show notes at  [https://www.grc.com/sn/SN-874-Notes.pdf] (https://www.grc.com/sn/SN-874-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [itpro.tv/securitynow promo code SN30] (http://itpro.tv/securitynow) --- [cloud.jumpcloud.com/securitynow] (http://cloud.jumpcloud.com/securitynow) --- [bitwarden.com/twit] (http://bitwarden.com/twit) ... Read more

08 Jun 2022

1 HR 47 MINS

1:47:36

08 Jun 2022


#7

SN 873: DuckDuckGone? - Digital Driver's License, MS Office 0-day, GhostTouch, Vodafone TrustPiD

---Picture of the Week. ---New South Wales DDL — Digital Driver's License. ---The latest Microsoft Office 0-day remote code execution vulnerability. ---GhostTouch. ---Vodafone's new TrustPiD. ---Closing the Loop. ---DuckDuckGone? We invite you to read our show notes at  [https://www.grc.com/sn/SN-873-Notes.pdf] (https://www.grc.com/sn/SN-873-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [Melissa.com/twit] (http://Melissa.com/twit) --- [zentrysecurity.com/twit] (http://zentrysecurity.com/twit) --- [kolide.com/securitynow] (https://l.kolide.co/3OaS4Jm) ... Read more

01 Jun 2022

2 HR 04 MINS

2:04:53

01 Jun 2022


#6

SN 872: Dis-CONTI-nued: The End of Conti? - Clearview AI in Ukraine, Vancouver Pwn2Own, Voyager 1

---Picture of the Week. ---Emergency mid-cycle update for Active Directory. ---Clearview AI -vs- {Illinois, Australia, Canada and the United Kingdom}. ---Clearview AI in Ukraine. ---Pwn2Own Vancouver 2022. ---The DoJ takes a welcome step back. ---Sometimes, unlocking can be too convenient. ---Closing The Loop. ---Dis-CONTI-nued: The End of Conti? We invite you to read our show notes at  [https://www.grc.com/sn/SN-872-Notes.pdf] (https://www.grc.com/sn/SN-872-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) --- [plextrac.com/twit] (https://plextrac.com/twit/?utm_source=twit&utm_medium=podcast&utm_campaign=securitynow) --- [NetFoundry.io/TWIT] (http://NetFoundry.io/TWIT) ... Read more

25 May 2022

1 HR 58 MINS

1:58:33

25 May 2022


#5

SN 871: The New EU Surveillance State - Eventful Patch Tuesday, Open Source Maintenance Crew, BIG-IP...

---Picture of the Week. ---An "eventful" Patch Tuesday. ---Patch Tuesday. ---Apple patched a 0-day. ---Google's "Open Source Maintenance Crew". ---Conti suggests overthrowing the new Costa Rican government. ---Policing the Google Play Store. ---The situation has grown more dire for F5 systems' BIG-IP boxes. ---Errata. ---Closing The Loop. ---SpinRite. ---The New EU Surveillance State. We invite you to read our show notes at  [https://www.grc.com/sn/SN-871-Notes.pdf] (https://www.grc.com/sn/SN-871-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) --- [cloud.jumpcloud.com/securitynow] (http://cloud.jumpcloud.com/securitynow) ... Read more

18 May 2022

1 HR 54 MINS

1:54:53

18 May 2022


#4

SN 870: That "Passkeys" Thing - White House and Quantum Computers, Android 0-day, Ransomware snapsho...

---Picture of the Week.  ---Google updates Android to patch an actively exploited vulnerability.  ---Connecticut's recently passed data privacy bill became law last Wednesday.  ---Ransomware victim snapshot.  ---US State Department offering $10 million reward for information about Conti members.  ---The worst threat the US faces...  ---The White House and Quantum Computers.  ---The ongoing threat from predictable DNS queries.  ---F5 Networks Remote RCE warning and exploitation.  ---Closing The Loop.  ---Sci-Fi.  ---That "Passkeys" Thing. We invite you to read our show notes at [https://www.grc.com/sn/SN-870-Notes.pdf] (https://www.grc.com/sn/SN-870-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [zentrysecurity.com/twit] (http://zentrysecurity.com/twit) --- [kolide.com/securitynow] (https://l.kolide.co/3OaS4Jm) --- [privacy.com/securitynow] (http://privacy.com/securitynow) ... Read more

11 May 2022

2 HR 04 MINS

2:04:58

11 May 2022


#3

SN 869: Global Privacy Control - DoD DIB-VDP, OpenSSF's Package Analysis Project, Connecticut Privac...

---Picture of the Week. ---DoD DIB-VDP Pilot Overview. ---The OpenSSF and the Package Analysis project. ---Connecticut moves toward state privacy protections. ---Closing The Loop. ---Global Privacy Control. We invite you to read our show notes at  [https://www.grc.com/sn/SN-869-Notes.pdf] (https://www.grc.com/sn/SN-869-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [plextrac.com/twit] (https://plextrac.com/twit/?utm_source=twit&utm_medium=podcast&utm_campaign=securitynow) --- [bitwarden.com/twit] (http://bitwarden.com/twit) --- [itpro.tv/securitynow promo code SN30] (http://itpro.tv/securitynow) ... Read more

04 May 2022

1 HR 48 MINS

1:48:15

04 May 2022


#2

SN 868: The 0-Day Explosion - Lenovo EUFI Firmware, Everscale Blockchain Wallet, Major Java Update

---Picture of the Week. ---CISA's Known Exploited Vulnerabilities Catalog. ---Lenovo UEFI Firmware Troubles. ---Everscale Blockchain Wallet. ---Java 15, 16, 17, and 18 received MUST UPDATES last week. ---Closing The Loop. ---Sci-Fi. ---SpinRite. ---The 0-Day Explosion. We invite you to read our show notes at  [https://www.grc.com/sn/SN-868-Notes.pdf] (https://www.grc.com/sn/SN-868-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [NetFoundry.io/TWIT] (http://NetFoundry.io/TWIT) --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) --- [grammarly.com/twit] (http://grammarly.com/twit) ... Read more

27 Apr 2022

1 HR 59 MINS

1:59:28

27 Apr 2022


#1

SN 867: A Critical Windows RPC RCE - Another Chrome 0-day, MS Patch-Fest, US Nuclear Systems Unhacka...

---Picture of the Week. ---Chrome's 3rd 0-day of 2022. ---Patch Tuesday Redux. ---WordPress once again... ---Apache Struts Framework needs a critical update. ---Are America's nuclear systems so old they're un-hackable? ---Closing The Loop. ---SpinRite. ---A Critical Windows RPC RCE. We invite you to read our show notes at  [https://www.grc.com/sn/SN-867-Notes.pdf] (https://www.grc.com/sn/SN-867-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [cloud.jumpcloud.com/securitynow] (http://cloud.jumpcloud.com/securitynow) --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) --- [zentrysecurity.com/twit] (http://zentrysecurity.com/twit) ... Read more

20 Apr 2022

1 HR 53 MINS

1:53:49

20 Apr 2022