
37 episodes

Security Now (Audio) Security Now
-
- Technology
-
-
4.6 • 1.8K Ratings
-
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
-
Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacked
Android to start blocking old and unsafe apps.
Microsoft to block Internet sourced Excel add-ins.
An example of saying "no" even when it may hurt.
Hacked Wormhole funds on the move.
Kevin Rose Hacked.
Facebook will be moving more users into E2EE.
iOS 6.3 and FIDO.
Scan thy Citizenry.
The Hive ransomware organization takedown.
Errata.
Closing the Loop.
SpinRite.
Data Operand Independent Timing.
Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Melissa.com/twit
kolide.com/securitynow -
Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev
Picture of the Week.
PayPal Credential Stuffing.
iOS 16.3 : Cloud encryption for all.
InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".
CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT.
"Meta" fined for the third time.
Bitwarden acquires "Passwordless.dev".
Closing the Loop.
SpinRite.
Credential Reuse.
Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
GO.ACILEARNING.COM/TWIT
expressvpn.com/securitynow
drata.com/twit -
The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass
Picture of the Week
About Password Iterations
EBC or CB
Norton Lifelock Troubles
Chrome Follows Microsoft and Firefox
Chromium is Beginning to Rust
BYOVD and Windows Defender Failures
Closing the Loop (feedback)
The Rule of Two
Show notes: https://www.grc.com/sn/sn-906-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
plextrac.com/twit
bitwarden.com/twit
barracuda.com/securitynow -
1 - LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly
Picture of the Week.
LastPass Aftermath.
LastPass Vault De-Obfuscator.
What more do we know this week regarding LastPass?
The most alarming discovery by listeners.
Understanding the scale of GPU-enhanced password cracking.
On the true strength of passwords.
Feedback from listeners regarding LastPass.
Show Notes https://www.grc.com/sn/SN-905-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
tanium.com/twit
drata.com/twit -
Leaving LastPass - How LastPass failed, Steve's next password manager, how to protect yourself
Picture of the Week.
SpinRite.
Leaving LastPass.
Is there reason for concern?
Well known password cracker Jeremi Gosney's LastPass rant.
Steve shares his plan regarding LastPass.
What is Steve's next password manager?
What should LastPass users do to protect themselves?
Show Notes https://www.grc.com/sn/SN-904-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
fortra.com
canary.tools/twit - use code: TWIT -
Security Now Best of 2022 - The best moments from throughout the year
Anatomy of a Log4j Exploit.
Will Russia Disconnect?
FCC Says Kaspersky Labs is a National Security Threat.
Lenovo UEFI Firmware Troubles.
That "Passkeys" Thing.
Dis-CONTI-nued: The End of Conti?
Steve's Take on the LastPass Breach.
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
expressvpn.com/securitynow
kolide.com/securitynow
Customer Reviews
Great podcast
I make sure I pause any other podcast and listen to Steve. Great wealth of knowledge and simple to understand. Thank you and keep up the great work.
Truly significant material
I have been listening to Security Now for probably a decade. Steve Gibson and Leo Laporte in Security Now represent more than a weekly news update, and more than clear technical instruction and advice which of course are also present. Steve Gibson and Leo Laporte have created an historically important body of work that represents ethics, value, best practice, and dare I say philosophy which are of vital importance. If someone had recently come to earth, they could be forgiven for thinking that all humans are merely thoughtless cowboy coders creating endless spaghetti western code without higher level conscious awareness of reality. Even universities are infamously poor at teaching how to code responsibly in the real world. But Steve Gibson and Leo Laporte are living proof that many people are both caring and intelligent and working hard to do things in the right way for present and future generations. Words cannot convey the depth of my gratitude.
Getting less technical with every show
This used to be a great podcast; very informative and educational about computer security. Increasing time is spent with the hosts opining on topics outside computer security and quite frankly outside their expertise. Stay in your lane!