10 episodes

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Security Now (Audio) TWiT TV

    • Tech News
    • 5.0 • 1 Rating

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

    Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption

    Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption

    Ongoing WordPress attack, RCS gets End-to-end encryption.

    Chrome moves to release 87.
    Explicit Publication of Privacy Practices.
    Firefox 83 gets HTTPS-only Mode.
    Mozilla seeks consultation on implementing DNS-over-HTTPS.
    The comical announcement strategy of the Egregor Ransomware.
    Large-scale attacks targeting Epsilon Framework Themes in WordPress.
    Cybercrime gang installs hidden e-commerce stores on WordPress sites.
    245,000 Windows systems still vulnerable to BlueKeep RDP bug.
    Google's Rich Communication Services is getting E2EE via Signal.
    Cicada, a Chinese state-sponsored advanced persistent threat group.
    We invite you to read our show notes at https://www.grc.com/sn/SN-794-Notes.pdf

    Hosts: Steve Gibson and Jason Howell

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    manscaped.com/twit
    extrahop.com/SECURITYNOW
    barracuda.com/securitynow

    • 1 hr 44 min
    SAD DNS - Malicious Android Apps, Ransomware-as-a-Service

    SAD DNS - Malicious Android Apps, Ransomware-as-a-Service

    Malicious Android apps, ransomware-as-a-service.

    Where do most malicious Android apps come from?
    SAD DNS is a revival of the classic DNS cache poisoning attack
    How many Ransomware-as-a-Service (RaaS) operations are there?
    Ragnar Locker ransomware gang takes out a Facebook ad
    Two more new 0-days revealed in Chrome
    Last Tuesday, Microsoft fixed 112 known vulnerabilities in Microsoft products
    We invite you to read our show notes at https://www.grc.com/sn/SN-793-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    canary.tools/twit - use code: TWIT
    extrahop.com/SECURITYNOW
    WWT.COM/TWIT

    • 1 hr 59 min
    NAT Firewall Bypass - SlipStream NAT Firewall Bypass, MS Police Use Ring Doorbell Cams

    NAT Firewall Bypass - SlipStream NAT Firewall Bypass, MS Police Use Ring Doorbell Cams

    SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.

    Let's Encrypt's cross-signed root expires next year
    Chrome updates on Windows, macOS, Linux, and Android to remove 0-day vulnerability
    Mattel, Compel, Capcom, and Campari fall to ransomware attacks
    iOS 14.2 fixes three 0-day vulnerabilities
    Introducing the Tianfu Cup: China's version of the Pwn2Own hacker competition
    November's Patch Tuesday
    The Great Encryption Dilemma hits Europe
    Ring Doorbells to be tapped in a trial by local Police
    WordPress plugins are a hot mess for security
    SlipStream NAT Firewall Bypass
    We invite you to read our show notes at https://www.grc.com/sn/SN-792-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    Melissa.com/twit
    itpro.tv/securitynow promo code SN30
    Wasabi.com offer code SECURITYNOW

    • 1 hr 54 min
    Google's Root Program - Google One VPN, WordPress Update Fail, Windows 7 0-Day

    Google's Root Program - Google One VPN, WordPress Update Fail, Windows 7 0-Day

    Google One VPN, WordPress update fail, Windows 7 0-Day.

    A new 0-day in Win7 through Win10
    A public service reminder from Microsoft
    Google One adding an Android VPN
    Vulnonym: Stop the Naming Madness!
    WordPress fumbles an important update
    Chrome's Root Program
    We invite you to read our show notes at https://www.grc.com/sn/SN-791-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    WWT.COM/TWIT
    expressvpn.com/securitynow
    LastPass.com/twit

    • 1 hr 45 min
    Top 25 Vulnerabilities - Chrome 0-Day, Edge for Linux, WordPress Loginizer

    Top 25 Vulnerabilities - Chrome 0-Day, Edge for Linux, WordPress Loginizer

    Chrome 0-Day, Edge for Linux, WordPress Loginizer.

    Top 25 Vulnerabilities
    Critical 0-day in Chrome
    Chrome 86 is now blocking slippery notifications
    Site Isolation coming soon to Firefox
    Microsoft's Chredge for Linux
    WordPress Loginizer vulnerability
    We invite you to read our show notes at https://www.grc.com/sn/SN-790-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    try.eset.com/twit
    manscaped.com/twit
    barracuda.com/petsmart

    • 1 hr 43 min
    Anatomy of a Ryuk Attack - Zoom End-to-End Encryption, Windows 10 God Mode, Manifest v3

    Anatomy of a Ryuk Attack - Zoom End-to-End Encryption, Windows 10 God Mode, Manifest v3

    Zoom end-to-end encryption, Windows 10 god mode, Manifest v3.

    Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would begin
    How to enable Windows 10 "God Mode"
    Edge to be updated with browser extensions "Manifest v3"
    Last Tuesday Microsoft issued fixes for 87 security vulnerabilities - so, yeah, it was a slow month...
    Your SonicWall Network Security Appliance (NSA) MUST be patched now!
    Microsoft's two out-of-cycle patches
    Anatomy of a Ryuk Attack
    We invite you to read our show notes at https://www.grc.com/sn/SN-789-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    privacy.com/securitynow
    WWT.COM/TWIT
    extrahop.com/SECURITYNOW

    • 1 hr 51 min

Customer Reviews

5.0 out of 5
1 Rating

1 Rating

Top Podcasts In Tech News

Listeners Also Subscribed To

More by TWiT TV