37 episodes

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Security Now (Audio‪)‬ Security Now

    • Technology
    • 4.6 • 1.8K Ratings

Listen on Apple Podcasts
Requires subscription and macOS 11.4 or higher

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Listen on Apple Podcasts
Requires subscription and macOS 11.4 or higher

    Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacked

    Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacked

    Android to start blocking old and unsafe apps.
    Microsoft to block Internet sourced Excel add-ins.
    An example of saying "no" even when it may hurt.
    Hacked Wormhole funds on the move.
    Kevin Rose Hacked.
    Facebook will be moving more users into E2EE.
    iOS 6.3 and FIDO.
    Scan thy Citizenry.
    The Hive ransomware organization takedown.
    Errata.
    Closing the Loop.
    SpinRite.
    Data Operand Independent Timing.
    Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    Melissa.com/twit
    kolide.com/securitynow

    • 1 hr 44 min
    Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev

    Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev

    Picture of the Week.
    PayPal Credential Stuffing.
    iOS 16.3 : Cloud encryption for all.
    InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".
    CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT.
    "Meta" fined for the third time.
    Bitwarden acquires "Passwordless.dev".
    Closing the Loop.
    SpinRite.
    Credential Reuse.
    Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    GO.ACILEARNING.COM/TWIT
    expressvpn.com/securitynow
    drata.com/twit

    • 1 hr 44 min
    The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass

    The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass

    Picture of the Week
    About Password Iterations
    EBC or CB
    Norton Lifelock Troubles
    Chrome Follows Microsoft and Firefox
    Chromium is Beginning to Rust
    BYOVD and Windows Defender Failures
    Closing the Loop (feedback)
    The Rule of Two
    Show notes: https://www.grc.com/sn/sn-906-notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    plextrac.com/twit
    bitwarden.com/twit
    barracuda.com/securitynow

    • 1 hr 54 min
    1 - LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly

    1 - LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly

    Picture of the Week.
    LastPass Aftermath.
    LastPass Vault De-Obfuscator.
    What more do we know this week regarding LastPass?
    The most alarming discovery by listeners.
    Understanding the scale of GPU-enhanced password cracking.
    On the true strength of passwords.
    Feedback from listeners regarding LastPass.
    Show Notes https://www.grc.com/sn/SN-905-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    tanium.com/twit
    drata.com/twit

    • 1 hr 51 min
    Leaving LastPass - How LastPass failed, Steve's next password manager, how to protect yourself

    Leaving LastPass - How LastPass failed, Steve's next password manager, how to protect yourself

    Picture of the Week.
    SpinRite.
    Leaving LastPass.
    Is there reason for concern?
    Well known password cracker Jeremi Gosney's LastPass rant.
    Steve shares his plan regarding LastPass.
    What is Steve's next password manager?
    What should LastPass users do to protect themselves?
    Show Notes https://www.grc.com/sn/SN-904-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    fortra.com
    canary.tools/twit - use code: TWIT

    • 2 hr 2 min
    Security Now Best of 2022 - The best moments from throughout the year

    Security Now Best of 2022 - The best moments from throughout the year

    Anatomy of a Log4j Exploit.
    Will Russia Disconnect?
    FCC Says Kaspersky Labs is a National Security Threat.
    Lenovo UEFI Firmware Troubles.
    That "Passkeys" Thing.
    Dis-CONTI-nued: The End of Conti?
    Steve's Take on the LastPass Breach.
    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:
    expressvpn.com/securitynow
    kolide.com/securitynow

    • 2 hr 20 min

Customer Reviews

4.6 out of 5
1.8K Ratings

1.8K Ratings

linux 66 ,

Great podcast

I make sure I pause any other podcast and listen to Steve. Great wealth of knowledge and simple to understand. Thank you and keep up the great work.

G G Ashbrook ,

Truly significant material

I have been listening to Security Now for probably a decade. Steve Gibson and Leo Laporte in Security Now represent more than a weekly news update, and more than clear technical instruction and advice which of course are also present. Steve Gibson and Leo Laporte have created an historically important body of work that represents ethics, value, best practice, and dare I say philosophy which are of vital importance. If someone had recently come to earth, they could be forgiven for thinking that all humans are merely thoughtless cowboy coders creating endless spaghetti western code without higher level conscious awareness of reality. Even universities are infamously poor at teaching how to code responsibly in the real world. But Steve Gibson and Leo Laporte are living proof that many people are both caring and intelligent and working hard to do things in the right way for present and future generations. Words cannot convey the depth of my gratitude.

MinaFeeder ,

Getting less technical with every show

This used to be a great podcast; very informative and educational about computer security. Increasing time is spent with the hosts opining on topics outside computer security and quite frankly outside their expertise. Stay in your lane!

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
The Cut & The Verge
The New York Times
NPR
The Wall Street Journal

You Might Also Like

TWiT
TWiT
TWiT
CyberWire, Inc.
Johannes B. Ullrich
TWiT

More by TWiT TV

TWiT
TWiT
TWiT
TWiT
TWiT
TWiT