Loading…

Security Now (Audio) podcast

Security Now (Audio)

·

  TWiT  

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

 

#10

SN 915: Flying Trojan Horses - Exynos 0-days, TikTok Tick Tock, 90-day TLS cert life, CHESS is safe!

---Picture of the Week. ---Multiple Exploitable Samsung 0-Days. ---A good idea for NPM. ---The TikTok Tick Tock. ---Google pushes for 90-day TLS certificate life. ---CHESS is safe. ---CISA has begun scanning! ---Flying Trojan Horses. Show Notes: [https://www.grc.com/sn/SN-915-Notes.pdf] (https://www.grc.com/sn/SN-915-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [drata.com/twit] (http://drata.com/twit) --- [GO.ACILEARNING.COM/TWIT] (http://GO.ACILEARNING.COM/TWIT) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) ... Read more

22 Mar 2023

2 HR 02 MINS

2:02:07

22 Mar 2023


#9

SN 914: Sony Sues Quad9 - Polynonce attack, Germany Huawei ban, Plex Media Server defect, Andor revi...

---Picture of the Week. ---Another Malicious Chrome Extension. ---Germany to join the Huawei & ZTE ban. ---Putting "phishing" into perspective. ---The Polynonce attack. ---Plex's RCE now in CISA's KEV. ---Sci-Fi: Andor. ---Sony Sues Quad9. Show Notes: [https://www.grc.com/sn/SN-914-Notes.pdf] (https://www.grc.com/sn/SN-914-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [fortra.com] (http://fortra.com) --- [bitwarden.com/twit] (http://bitwarden.com/twit) --- [plextrac.com/twit] (https://plextrac.com/twit) ... Read more

15 Mar 2023

2 HR 08 MINS

2:08:55

15 Mar 2023


#8

SN 913: A Fowl Incident - DDoS'ing Fosstodon, Strategic Objective 3.3, CISA's Covert Red-Team

---Picture of the Week. ---DDoS'ing Fosstodon. ---DDoS for Hire takedowns. ---TikTok Insanity. ---Illegal Warrantless Surveillance. ---Strategic Objective 3.3. ---GitHub Secret Scanning. ---CISA's Covert Red-Team. ---What's left? ---What's old is new again. ---TCG TPM vulnerabilities. ---WordPress "All In One SEO". ---Russia fines Wikipedia. ---A Fowl Incident. Show Notes:  [https://www.grc.com/sn/SN-913-Notes.pdf] (https://www.grc.com/sn/SN-913-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) --- [drata.com/twit] (http://drata.com/twit) --- [kolide.com/securitynow] (https://kolide.com/securitynow) ... Read more

08 Mar 2023

1 HR 48 MINS

1:48:28

08 Mar 2023


#7

SN 912: The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug b...

---Picture of the Week. ---Windows 11? ... anyone? ---As Plain as Ever. ---Edge's new built-in VPN? ---LastPass Incident Update. ---Signal says NO to the UK. ---More PyPI troubles. ---The QNAP bug bounty program. ---SpinRite. ---The NSA @ Home. Show Notes:  [https://www.grc.com/sn/SN-912-Notes.pdf] (https://www.grc.com/sn/SN-912-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsor: --- [kolide.com/securitynow] (https://kolide.com/securitynow) ... Read more

01 Mar 2023

1 HR 44 MINS

1:44:02

01 Mar 2023


#6

SN 911: A Clever Regurgitator - GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified

GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified ---Picture of the Week. ---GoneDaddy. ---Section 230. ---No Blue, No SMS-based 2FA. ---Bitwarden gets Argon. ---"Meta Verified". ---Emsisoft Fake Code Signing. ---Attacks breaking records. ---More Mirai. ---NPM malware. ---Patch Tuesday. ---Samsung announces "Message Guard". ---The Hyundai & Kia mess. ---A Clever Regurgitator. Show Notes [https://www.grc.com/sn/sn-911-notes.pdf] (https://www.grc.com/sn/sn-911-notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [drata.com/twit] (http://drata.com/twit) --- [GO.ACILEARNING.COM/TWIT] (HTTP://GO.ACILEARNING.COM/TWIT) ... Read more

22 Feb 2023

1 HR 51 MINS

1:51:36

22 Feb 2023


#5

SN 910: Ascon - Malicious ChatGPT Use, Google Security Key Giveaway, OTPAuth

---Picture of the Week ---ESXiArgs follow-up ---ChatGPT's Malicious Use ---Google Security Key Giveaway ---Brave goes HTTPS-by-default ---1Password Makes Another Passkeys Move ---Russian Patriotic Hackers ---Amazon to FINALLY Secure Its AWS S3 Instances ---More Anti-Chinese Camera Removals ---Microsoft to embed Adobe Acrobat PDF reader into Edge ---Password Exhaustion ---One Time Passowrd OTPAuth ---Password Exhaustion ---Ascon Show Notes [https://www.grc.com/sn/sn-910-notes.pdf] (https://www.grc.com/sn/sn-910-notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [bitwarden.com/twit] (http://bitwarden.com/twit) --- [plextrac.com/twit] (https://plextrac.com/twit) --- [fortra.com] (http://fortra.com) ... Read more

15 Feb 2023

2 HR 00 MINS

2:00:52

15 Feb 2023


#4

SN 909: How ESXi Fell - EU Internet Surveillance, QNAP returns, .DEV is always HTTPS

---Picture of the Week. ---The European Union's Internet Surveillance Proposal. ---30,000 patient records online? ---.DEV is always HTTPS! ---Google changes Chrome's release strategy. ---Russia shoots the messenger. ---A fool and his Crypto... ---QNAP is back. ---CVSS severity discrepancy. ---Closing the Loop. ---How ESXi Fell. Show Notes: [https://www.grc.com/sn/SN-909-Notes.pdf] (https://www.grc.com/sn/SN-909-Notes.pdf)   Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [drata.com/twit] (http://drata.com/twit) --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) --- [canary.tools/twit - use code: TWIT] (http://canary.tools/twit) ... Read more

08 Feb 2023

2 HR 13 MINS

2:13:05

08 Feb 2023


#3

SN 908: Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacke...

---Android to start blocking old and unsafe apps. ---Microsoft to block Internet sourced Excel add-ins. ---An example of saying "no" even when it may hurt. ---Hacked Wormhole funds on the move. ---Kevin Rose Hacked. ---Facebook will be moving more users into E2EE. ---iOS 6.3 and FIDO. ---Scan thy Citizenry. ---The Hive ransomware organization takedown. ---Errata. ---Closing the Loop. ---SpinRite. ---Data Operand Independent Timing. Show Notes: [https://www.grc.com/sn/SN-908-Notes.pdf] (https://www.grc.com/sn/SN-908-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [Melissa.com/twit] (http://Melissa.com/twit) --- [kolide.com/securitynow] (https://kolide.com/securitynow) ... Read more

01 Feb 2023

1 HR 44 MINS

1:44:48

01 Feb 2023


#2

SN 907: Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev

---Picture of the Week. ---PayPal Credential Stuffing. ---iOS 16.3 : Cloud encryption for all. ---InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware". ---CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT. ---"Meta" fined for the third time. ---Bitwarden acquires "Passwordless.dev". ---Closing the Loop. ---SpinRite. ---Credential Reuse. Show Notes: [https://www.grc.com/sn/SN-907-Notes.pdf] (https://www.grc.com/sn/SN-907-Notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [GO.ACILEARNING.COM/TWIT] (HTTP://GO.ACILEARNING.COM/TWIT) --- [expressvpn.com/securitynow] (http://expressvpn.com/securitynow) --- [drata.com/twit] (http://drata.com/twit) ... Read more

25 Jan 2023

1 HR 44 MINS

1:44:55

25 Jan 2023


#1

SN 906: The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass

---Picture of the Week ---About Password Iterations ---EBC or CB ---Norton Lifelock Troubles ---Chrome Follows Microsoft and Firefox ---Chromium is Beginning to Rust ---BYOVD and Windows Defender Failures ---Closing the Loop (feedback) ---The Rule of Two Show notes:  [https://www.grc.com/sn/sn-906-notes.pdf] (https://www.grc.com/sn/sn-906-notes.pdf) Hosts: [Steve Gibson] (https://twit.tv/people/steve-gibson) and [Leo Laporte] (https://twit.tv/people/leo-laporte) Download or subscribe to this show at [https://twit.tv/shows/security-now] (https://twit.tv/shows/security-now) . Get episodes ad-free with Club TWiT at [https://twit.tv/clubtwit] (https://twit.tv/clubtwit) You can submit a question to Security Now! at the [GRC Feedback Page] (https://www.grc.com/feedback.htm) . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: [grc.com] (https://www.grc.com/securitynow.htm) , also the home of the best disk maintenance and recovery utility ever written [Spinrite 6] (https://www.grc.com/sr/spinrite.htm) . Sponsors: --- [plextrac.com/twit] (https://plextrac.com/twit) --- [bitwarden.com/twit] (http://bitwarden.com/twit) --- [barracuda.com/securitynow] (http://barracuda.com/securitynow) ... Read more

18 Jan 2023

1 HR 54 MINS

1:54:29

18 Jan 2023