Featured

Free podcast player

Limited Time Offer

 

Loading…

Security Now (Audio) podcast

Security Now (Audio)

·

  TWiT  

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

 

#10

SN 899: Freebie Bots & Evil Cameras - iSpoofer no more, Boa server vulnerability, CISA on Mastodon

---Picture of the Week. ---iSpoof you no more. ---Here come the Freebie Bots! ---Anatomy of the real-time Cryptocurrency heist. ---Lookin' for something to do? ---Boa server vulnerability. ---The dilemma of closed-source Chinese networking products. ---The Cyber Defense Index. ---Malicious Docker Hub images. ---Since we've been tracking 0-days for a while. ---CISA on Mastodon. ---Miscellany. ---Closing The Loop. ---SpinRite. Show Notes [https://www.grc.com/sn/SN-899-Notes.pdf] (http://Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes	https://www.grc.com/sn/SN-899-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [kolide.com/securitynow] (https://l.kolide.co/3OaS4Jm) --- [plextrac.com/twit] (https://plextrac.com/twit) --- [nordlayer.com/twit] (http://nordlayer.com/twit) ... Read more

Yesterday

1 HR 59 MINS

1:59:21

Yesterday


#9

SN 898: Wi-Peep - FBI purchased Pegasus, Passkey support directory, Quantum decryption deadline, Fir...

---Picture of the Week. ---Firefox v107 was released last Tuesday. ---Google settles for a cool $391.5 million. ---Red Hat Signing its ZIP file Packages. ---The FBI purchased Pegasus for "research and development purposes". ---Greece bought Predator for €7 million. ---A passkeys support directory. ---Quantum decryption deadline. ---Attorneys General ask the FTC for online privacy regulation. ---Closing The Loop. ---SpinRite. ---Wi-Peep. Show Notes [https://www.grc.com/sn/SN-898-Notes.pdf] (https://www.grc.com/sn/SN-898-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [tanium.com/twit] (https://www.tanium.com/?utm_source=twit&utm_medium=podcast&utm_campaign=7017V0000012pAo&utm_content=brand) --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) --- [Secureworks.com/twit] (http://Secureworks.com/twit) ... Read more

23 Nov 2022

2 HR 15 MINS

2:15:55

23 Nov 2022


#8

SN 897: Memory-Safe Languages - Shennina Framework, Shufflecake, The Helm, LightSpeed vulnerabilitie...

---Picture of the Week. ---Patch Tuesday review. ---Shennina Framework - Automating Host Exploitation with AI. ---GitHub's welcome new feature. ---Three LightSpeed vulnerabilities. ---Shufflecake: Plausible deniability encrypted Linux volumes. ---Australia has decided to get proactive! ---Apple's iOS 16.1.1 everyone file sharing time-limits to 10 minutes in China. ---A couple of Decentralized Finance notes because I can't help myself. ---"The Helm" was unable to survive COVID-19. ---Elon meets Twitter. ---Closing The Loop. ---SpinRite. ---Memory-Safe Languages. Show Notes - [https://www.grc.com/sn/SN-897-Notes.pdf] (https://www.grc.com/sn/SN-897-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [bitwarden.com/twit] (http://bitwarden.com/twit) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) --- [grammarly.com/tone] (http://grammarly.com/tone) ... Read more

16 Nov 2022

1 HR 50 MINS

1:50:47

16 Nov 2022


#7

SN 896: Something for Everyone - Dropbox breach, cyber bank heists, Russia goes Linux, OpenSSL flaw ...

---Picture of the Week. ---A minor Dropbox breach. ---OpenSSL follow-up. ---FTC sued and settled with a repeated offender. ---$1.2 billion in reported ransomware payments during 2021. ---Akamai's Q3 Threat Report. ---Initial Access Brokerages. ---How do today's bank heists work? ---De-Fi De-struction De-jour. ---Russia moves to Linux. ---We're The Red Cross. Don't attack us, please! ---Where there's a will, there's a way. ---From China with Love. ---The UK's NCSC scan plan. ---Miscellany. ---Closing The Loop. ---SpinRite. We invite you to read our show notes at [https://www.grc.com/sn/SN-896-Notes.pdf] (https://www.grc.com/sn/SN-896-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) --- [drata.com/twit] (http://drata.com/twit) ... Read more

09 Nov 2022

1 HR 54 MINS

1:54:58

09 Nov 2022


#6

SN 895: After 20 years in GCHQ - Stranger Strings, PayPal passkeys, new TCP/IP RCE in Windows

---Picture of the Week. ---Windows driver blocklist to be updated next Tuesday. ---More Microsoft shenanigans. ---An upcoming OpenSSL CRITICAL vulnerability update -- get ready! ---A new TCP/IP RCE in Windows. ---A study of malicious CVE proof of concept exploits in GitHub. ---"Stranger Strings" : An exploitable flaw in SQLite. ---PayPal to add support for Passkeys. ---A browser exploitation tutorial! ---Kathleen Booth: July 9th, 1922 – September 29, 2022. ---Closing The Loop. ---SpinRite. ---After 20 years in GCHQ. We invite you to read our show notes at [https://www.grc.com/sn/SN-895-Notes.pdf] (https://www.grc.com/sn/SN-895-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [nordlayer.com/twit] (http://nordlayer.com/twit) --- [kolide.com/securitynow] (https://l.kolide.co/3OaS4Jm) --- [itpro.tv/securitynow] (http://itpro.tv/securitynow) ... Read more

02 Nov 2022

2 HR 01 MINS

2:01:55

02 Nov 2022


#5

SN 894: Data Breach Responsibility - Firefox 106, KataOS and Sparrow, banking malware, CVSS 9.8 upda...

---Picture of the Week. ---Firefox 106 is out. ---Google's Open Source IoT KataOS and Sparrow. ---This Week in CryptoCurrency Craziness. ---New Windows 0-day bypasses executable security checks. ---Apple's 9th 0-day of the year bites the dust. ---The evolutionary demise of banking malware. ---VMWare's Critical CVSS 9.8 Update. ---Closing The Loop. ---Miscellany. ---Data Breach Responsibility. We invite you to read our show notes at [https://www.grc.com/sn/SN-894-Notes.pdf] (https://www.grc.com/sn/SN-894-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [drata.com/twit] (http://drata.com/twit) --- [Secureworks.com/twit] (http://Secureworks.com/twit) --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) ... Read more

26 Oct 2022

1 HR 57 MINS

1:57:41

26 Oct 2022


#4

SN 893: Password Change Automation - Windows Update RSS, malicious kernal drivers, Signal SMS/MMS, Z...

---Picture of the Week. ---Microsoft "Won't Fix". ---Malicious Kernel Drivers. ---Microsoft has finally added an RSS feed for Windows Updates! ---Passkeys [dot] Dev. ---Largest DDoS attack. ---Signal will be dropping its SMS/MMS support. ---Brute-force protection for Windows local admin accounts. ---Other than that... ---SpinRite. ---Closing The Loop. ---xchg rax, rax and "xorpd" ---ZimaBoard Goodness. ---Password Change Automation. We invite you to read our show notes at [https://www.grc.com/sn/SN-893-Notes.pdf] (https://www.grc.com/sn/SN-893-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [wwt.com/twit] (http://wwt.com/twit) --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) ... Read more

19 Oct 2022

2 HR 00 MINS

2:00:46

19 Oct 2022


#3

SN 892: Source Port Randomization - Targeted Malware, Uber CSO Guilty

---Picture of the Week. ---Breach of Customer Information ---Meta-targeted Malware ---Uber's Chief Security Officer Found Guilty ---More Cryptocurrency Chaos ---The UK to drop GDPR ---Summer Internship with the NSA ---Many Incident Responders are Stressed Out ---Microsoft's newest dual 0-day Exchange Fumbles ---SpinRite news ---ZimaBoard ---Closing the Loop ---Source Port Randomization We invite you to read our show notes at https://www.grc.com/sn/SN-892-Notes.pdf Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [Secureworks.com/twit] (http://Secureworks.com/twit) --- [newrelic.com/securitynow] (http://newrelic.com/securitynow) --- [bitwarden.com/twit] (http://bitwarden.com/twit) ... Read more

12 Oct 2022

2 HR 00 MINS

2:00:38

12 Oct 2022


#2

SN 891: Poisoning Akamai - Turnstile vs CAPTCHA, Microsoft Teams Under Attack

---Picture of the Week. (What Could Possibly Go Wrong) ---Microsoft Teams - Unecessarily Insecure ---Roskomnadzor blocks Soundcloud ---Microsoft Exchange Server Under Attack Again ---I'm (Still) Not a Robot! ---Google TAG History ---Closing the Loop ---Poisoning Akamai We invite you to read our show notes at  [https://www.grc.com/sn/SN-891-Notes.pdf] (https://www.grc.com/sn/SN-891-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [ziprecruiter.com/securitynow] (http://ziprecruiter.com/securitynow) --- [itpro.tv/securitynow] (http://itpro.tv/securitynow) --- [kolide.com/securitynow] (https://l.kolide.co/3OaS4Jm) ... Read more

05 Oct 2022

1 HR 58 MINS

1:58:05

05 Oct 2022


#1

SN 890: DarkNet Politics - EU and Google Analytics, Rockstar hacker busted, Mozilla says no fair

---Picture of the Week. ---Can't have it both ways. ---Denmark has become the fourth EU member to rule that the use of Google Analytics is illegal. ---Rockstar Games hacker is busted! ---Mozilla says: No fair! ---Vivaldi, Manifest V3, webRequest, and ad blockers. ---Sticky Chrome vulnerabilities. ---SMB authentication rate limiter now on by default in Windows Insider. ---US bill to secure FOSS software. ---Iran vs Albania. ---Closing The Loop. ---The Silver Ships. ---SpinRite. ---DarkNet Politics. We invite you to read our show notes at  [https://www.grc.com/sn/SN-890-Notes.pdf] (https://www.grc.com/sn/SN-890-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [grammarly.com/securitynow] (http://grammarly.com/securitynow) --- [Secureworks.com/twit] (http://Secureworks.com/twit) --- [drata.com/twit] (http://drata.com/twit) ... Read more

28 Sep 2022

1 HR 46 MINS

1:46:37

28 Sep 2022