114 episodes
Security Now (Audio) Security Now
-
- Technology
-
-
5.0 • 3 Ratings
-
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
-
CrowdStruck - Crowdstrike, Cellebrite, More Entrust
Cellebrite unlocks Trump's would-be assassin's phone.
Cisco reported on a CVSS of 10.0
Entrust drops the other shoe
Google gives up on removing 3rd-party cookies
Miscellany
Snowflake and data warehouse applications
CDK auto dealership outage
Polyfill.io and resource hashes
MITM
Blocking Copilot
Blocking incoming connections via IP
CrowdStruck
Show Notes - https://www.grc.com/sn/SN-984-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
panoptica.app
canary.tools/twit - use code: TWIT
vanta.com/SECURITYNOW
bigid.com/securitynow -
A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack
Using Content Delivery Networks Safely
The CDK Global Ransomware Attack
The IRS and Entrust
Polyfill.io fallout
Microsoft's Behavior
A Snowflake's Chance
Show Notes - https://www.grc.com/sn/SN-983-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
vanta.com/SECURITYNOW
panoptica.app
lookout.com
joindeleteme.com/twit promo code TWIT -
The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks
Entrust Responds
Other major Certificate Authorities respond
Passkey Redaction Attacks
Syncing passkeys
Port Knocking
Fail2Ban
The Polyfill.io Attack
Show Notes - https://www.grc.com/sn/SN-982-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
lookout.com
vanta.com/SECURITYNOW
bitwarden.com/twit
panoptica.app -
The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust
The regreSSHion Bug
50BTC moved
Voyager 1 Update
Email @ GRC
SyncThing
DNS queries
Recall
The End of Entrust Trust
Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bigid.com/securitynow
joindeleteme.com/twit promo code TWIT
panoptica.app
lookout.com -
The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
Expected follow-up on CVE-2024-30078
From Russia with Love
An EU privacy agency complains about Google's Privacy Sandbox?
Email @ GRC
Security Now SPAM?
Orange Tsai needs help!
Recall and 3rd Party Leakage
Errata
The Mixed Blessing of a Crappy PRNG
Show Notes - https://www.grc.com/sn/SN-980-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
joindeleteme.com/twit promo code TWIT
1password.com/securitynow
mylio.com/twit
canary.tools/twit - use code: TWIT -
The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute
CVE-2024-30078
"Recall" has been recalled
Matthew Green on Apple's Private Cloud Compute
A WGET flaw with a CVSS of 10.0?
Thou shall not Resolve!
Email @ GRC
Downloading email with MailStore Home
IT at The New York Times
ReMarkable
The Angle of the Dangle
Show Notes - https://www.grc.com/sn/SN-979-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bitwarden.com/twit
1bigthink.com
kolide.com/securitynow
GO.ACILEARNING.COM/TWIT - code TWIT100