44 episodes
Security Now (Audio) Security Now
-
- Technology
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
-
Flying Trojan Horses - Exynos 0-days, TikTok Tick Tock, 90-day TLS cert life, CHESS is safe!
Picture of the Week.
Multiple Exploitable Samsung 0-Days.
A good idea for NPM.
The TikTok Tick Tock.
Google pushes for 90-day TLS certificate life.
CHESS is safe.
CISA has begun scanning!
Flying Trojan Horses.
Show Notes: https://www.grc.com/sn/SN-915-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
drata.com/twit
GO.ACILEARNING.COM/TWIT
expressvpn.com/securitynow -
Sony Sues Quad9 - Polynonce attack, Germany Huawei ban, Plex Media Server defect, Andor review
Picture of the Week.
Another Malicious Chrome Extension.
Germany to join the Huawei & ZTE ban.
Putting "phishing" into perspective.
The Polynonce attack.
Plex's RCE now in CISA's KEV.
Sci-Fi: Andor.
Sony Sues Quad9.
Show Notes: https://www.grc.com/sn/SN-914-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
fortra.com
bitwarden.com/twit
plextrac.com/twit -
A Fowl Incident - DDoS'ing Fosstodon, Strategic Objective 3.3, CISA's Covert Red-Team
Picture of the Week.
DDoS'ing Fosstodon.
DDoS for Hire takedowns.
TikTok Insanity.
Illegal Warrantless Surveillance.
Strategic Objective 3.3.
GitHub Secret Scanning.
CISA's Covert Red-Team.
What's left?
What's old is new again.
TCG TPM vulnerabilities.
WordPress "All In One SEO".
Russia fines Wikipedia.
A Fowl Incident.
Show Notes: https://www.grc.com/sn/SN-913-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
drata.com/twit
kolide.com/securitynow -
The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Picture of the Week.
Windows 11? ... anyone?
As Plain as Ever.
Edge's new built-in VPN?
LastPass Incident Update.
Signal says NO to the UK.
More PyPI troubles.
The QNAP bug bounty program.
SpinRite.
The NSA @ Home.
Show Notes: https://www.grc.com/sn/SN-912-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsor:
kolide.com/securitynow -
A Clever Regurgitator - GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified
GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified
Picture of the Week.
GoneDaddy.
Section 230.
No Blue, No SMS-based 2FA.
Bitwarden gets Argon.
"Meta Verified".
Emsisoft Fake Code Signing.
Attacks breaking records.
More Mirai.
NPM malware.
Patch Tuesday.
Samsung announces "Message Guard".
The Hyundai & Kia mess.
A Clever Regurgitator.
Show Notes https://www.grc.com/sn/sn-911-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
drata.com/twit
GO.ACILEARNING.COM/TWIT -
Ascon - Malicious ChatGPT Use, Google Security Key Giveaway, OTPAuth
Picture of the Week
ESXiArgs follow-up
ChatGPT's Malicious Use
Google Security Key Giveaway
Brave goes HTTPS-by-default
1Password Makes Another Passkeys Move
Russian Patriotic Hackers
Amazon to FINALLY Secure Its AWS S3 Instances
More Anti-Chinese Camera Removals
Microsoft to embed Adobe Acrobat PDF reader into Edge
Password Exhaustion
One Time Passowrd OTPAuth
Password Exhaustion
Ascon
Show Notes https://www.grc.com/sn/sn-910-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bitwarden.com/twit
plextrac.com/twit
fortra.com