Claim OwnershipSecurity Now (Audio)
Subscribed: 38,026Played: 627,323
Subscribe
© This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
Description
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
268 Episodes
Reverse
2
Cellebrite unlocks Trump's would-be assassin's phone.
Cisco reported on a CVSS of 10.0
Entrust drops the other shoe
Google gives up on removing 3rd-party cookies
Miscellany
Snowflake and data warehouse applications
CDK auto dealership outage
Polyfill.io and resource hashes
MITM
Blocking Copilot
Blocking incoming connections via IP
CrowdStruck
Show Notes - https://www.grc.com/sn/SN-984-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
panoptica.app
canary.tools/twit - use code: TWIT
vanta.com/SECURITYNOW
bigid.com/securitynow
Using Content Delivery Networks Safely
The CDK Global Ransomware Attack
The IRS and Entrust
Polyfill.io fallout
Microsoft's Behavior
A Snowflake's Chance
Show Notes - https://www.grc.com/sn/SN-983-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
vanta.com/SECURITYNOW
panoptica.app
lookout.com
joindeleteme.com/twit promo code TWIT
Entrust Responds
Other major Certificate Authorities respond
Passkey Redaction Attacks
Syncing passkeys
Port Knocking
Fail2Ban
The Polyfill.io Attack
Show Notes - https://www.grc.com/sn/SN-982-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
lookout.com
vanta.com/SECURITYNOW
bitwarden.com/twit
panoptica.app
The regreSSHion Bug
50BTC moved
Voyager 1 Update
Email @ GRC
SyncThing
DNS queries
Recall
The End of Entrust Trust
Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bigid.com/securitynow
joindeleteme.com/twit promo code TWIT
panoptica.app
lookout.com
Expected follow-up on CVE-2024-30078
From Russia with Love
An EU privacy agency complains about Google's Privacy Sandbox?
Email @ GRC
Security Now SPAM?
Orange Tsai needs help!
Recall and 3rd Party Leakage
Errata
The Mixed Blessing of a Crappy PRNG
Show Notes - https://www.grc.com/sn/SN-980-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
joindeleteme.com/twit promo code TWIT
1password.com/securitynow
mylio.com/twit
canary.tools/twit - use code: TWIT
CVE-2024-30078
"Recall" has been recalled
Matthew Green on Apple's Private Cloud Compute
A WGET flaw with a CVSS of 10.0?
Thou shall not Resolve!
Email @ GRC
Downloading email with MailStore Home
IT at The New York Times
ReMarkable
The Angle of the Dangle
Show Notes - https://www.grc.com/sn/SN-979-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bitwarden.com/twit
1bigthink.com
kolide.com/securitynow
GO.ACILEARNING.COM/TWIT - code TWIT100
MS on Recall changes
Thanks for the "Memory"
New York Times (and Wordle) leak
Apple's own password manager app
DJI drones on the defensive
SlashData reveals some interesting developer statistics
Are we going to turn programming over to AIs?
The Linux Kernel Project goes CVE crazy
Email @ GRC
Pizza in 2024
Microsoft Recall at work
Google Domains to Squarespace DNS migration
T2F2-NFC-Dual keys
The rise and fall of code.microsoft.com
Show Notes - https://www.grc.com/sn/SN-978-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
mylio.com/twit
joindeleteme.com/twit promo code TWIT
1bigthink.com
kolide.com/securitynow
"Tornado Notes"
Email @ GRC
Have I Been Pwned?
A new "supply chain" attack vector
Another CA in the DogHouse
ICQ to shutter its service
Steve reviews "Déjà vu"
Hide my email
Security in Windows
SpinRite update
A Large Language Model in Every Pot
Show Notes - https://www.grc.com/sn/SN-977-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
GO.ACILEARNING.COM/TWIT - code TWIT100
kolide.com/securitynow
zscaler.com/zerotrustAI
Melissa.com/twit
The bigger problem with AI Overview
https://udm14.com/ -and- https://tenbluelinks.org/
The horses have left the barn
VPNs and Firewalls
Email @ GRC
Extension to fix Google search
Passwords and SPAM
Fixing motherboard components
Vertical tabs in Firefox
FritzBox routers
Too many PINs
More Google search fixes
Testing Windows XP
The 50 Gigabyte Privacy Bomb
Show Notes - https://www.grc.com/sn/SN-976-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT
bitwarden.com/twit
1bigthink.com
When you're the biggest target...
Searching for Search
How long will a Windows XP machine survive unprotected on the Internet?
Free Laundry
VPNs and Firewalls
Netgate SG1100
Ad Industry vs. Google Privacy Sandbox
Bitwarden and passkeys
Token2 passkey dongle
312 Scientists & Researchers Respond
Show Notes - https://www.grc.com/sn/SN-975-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
1bigthink.com
business.eset.com/twit
mylio.com/twit
Picture of the Week.
Most to least common 4-digit pins.
Enhanced LORAN.
Passkeys.
Microsoft's Head in the Clouds.
Show Notes - https://www.grc.com/sn/SN-974-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
1bigthink.com
zscaler.com/zerotrustAI
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT
The vulnerability of GPS
Is the sky falling on all VPN systems?
Multi-user Passkeys, YubiKeys?
The iCloud Keychain
The UK and Google's Topics
Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Melissa.com/twit
kolide.com/securitynow
lookout.com
bitwarden.com/twit
GCHQ: No more default passwords for consumer IoT devices!
What happened with Chrome and 3rd-party cookies?
Race conditions and multi-threading
GM "accidentally" enrolled millions into "OnStar Smart Driver +" program
Steve recommends Ryk Brown's "Frontiers Saga"
SpinRite update
Passkeys: A Shattered Dream?
Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
business.eset.com/twit
vanta.com/SECURITYNOW
1bigthink.com
lookout.com
What do you call "Stuxnet on steroids"??
Voyager 1 update
Android 15 to quarantine apps
Thunderbird & Microsoft Exchange
China bans Western encrypted messaging apps
Gentoo says "no" to AI
Cars collecting diving data
Freezing your credit
Investopedia
Computer Science Abstractions
Lazy People vs. Secure Systems
Actalis issues free S/MIME certificates
PIN Encryption
DRAM and GhostRace
AT&T Phishing Scam
Race Conditions and Multi-core processors
An Alternative to the Current Credit System
SpinRite Updates
Chat (out of) Control
Show Notes - https://www.grc.com/sn/SN-971-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
lookout.com
kolide.com/securitynow
zscaler.com/zerotrustAI
An update on the AT&T data breach
340,000 social security numbers leaked
Cookie Notice Compliance
The GDPR does enforce some transparency
Physical router buttons
Wifi enabled button pressers
Netsecfish disclosure of Dlink NAS vulnerability
Chrome bloat
SpinRite update
GhostRace
Show Notes - https://www.grc.com/sn/SN-970-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
kolide.com/securitynow
bitwarden.com/twit
vanta.com/SECURITYNOW
1bigthink.com
Out-of-support DLink NAS devices contain hard coded backdoor credentials
Privnote is not so "Priv"
Crowdfense is willing to pay millions
Engineers Pinpoint Cause of Voyager 1 Issue, Are Working on Solution
SpinRite Update
Minimum Viable Secure Product
Show Notes - https://www.grc.com/sn/SN-969-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
zscaler.com/zerotrustAI
business.eset.com/twit
lookout.com
joindeleteme.com/twit promo code TWIT
A near-Universal (Local) Linux Elevation of Privilege vulnerability
TechCrunch informed AT&T of a 5 year old data breach
Signal to get very useful cloud backups
Telegram to allow restricted incoming
HP exits Russia ahead of schedule
Advertisers are heavier users of Ad Blockers than average Americans!
The Google Incognito Mode Lawsuit
Canonical fights malicious Ubuntu store apps
Spinrite update
A Cautionary Tale
Show Notes - https://www.grc.com/sn/SN-968-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
1bigthink.com
kolide.com/securitynow
Melissa.com/twit
vanta.com/SECURITYNOW
Apple vs U.S. DOJ
G.M.'s Unbelievably Horrible Driver Data Sharing Ends
Super Sushi Samurai
Apple has effectively abandoned HomeKit Secure Routers
The forthcoming ".INTERNAL" TLD
The United Nations vs AI.
Telegram now blocked throughout Spain
Vancouver Pwn2Own 2024
China warns of incoming hacks
Annual Tax Season Phishing Deluge
SpinRite update
Authentication without a phone
Are Passkeys quantum safe?
GoFetch: The Unpatchable vulnerability in Apple chips
Show Notes - https://www.grc.com/sn/SN-967-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
zscaler.com/zerotrustAI
bitwarden.com/twit
canary.tools/twit - use code: TWIT
panoptica.app
kolide.com/securitynow
Voyager 1 update
The Web turned 35 and Dad is disappointed
Automakers sharing driving data with insurance companies
A flaw in Passkey thinking
Passkeys vs 2fa
Sharing accounts with Passkeys
Passkeys vs. Passwords/MFA
Workaround to sites that block anonymous email addresses
Open Bounty programs on HackerOne
Steve on Twitter
Ways to disclose bugs publicly
Security by obscurity
Something you have/know/are vs Passkeys
Passkeys vs TOTP
Inspecting Chrome extensions
Passkey transportability
Morris the Second
Show Notes - https://www.grc.com/sn/SN-966-Notes.pdf
Hosts: Steve Gibson and Mikah Sargent
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
zscaler.com/zerotrustAI
robinhood.com/boost
GO.ACILEARNING.COM/TWIT
joindeleteme.com/twit promo code TWIT
vanta.com/SECURITYNOW
VMware needs immediate patching
Midnight Blizzard still on the offensive
China is quietly "de-American'ing" their networks
Signal Version 7.0, now in beta
Meta, WhatsApp, and Messenger -meets- the EU's DMA
The Change Healthcare cyberattack
SpinRite update
Telegram's end-to-end encryption
KepassXC now supports passkeys
Login accelerators
Sites start rejecting @duck.com emails
Tool to detect chrome extensions change owners
Sortest SN title
Passkeys vs 2FA
Show Notes - https://www.grc.com/sn/SN-965-Notes.pdf
Hosts: Steve Gibson and Mikah Sargent
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
vanta.com/SECURITYNOW
joindeleteme.com/twit promo code TWIT
kolide.com/securitynow
business.eset.com/twit
Download from Google Play
Download from App Store
United States
Ok, ok, I get it Leo. You fixed it. I'll be back in the club soon. (Email server issues).
Take a look at this: https://damatajhiz.com/en/categories/288/ducted-split
I don't really like Micah much to begin with but his take on the web thing wow yikes. also Steve I'm very disappointed in you man. you're basically throwing your hands up and saying well to hell with it let the bad guys win. you're basically saying that we shouldn't even try. the internet is not free it's cost is our sovereignty our freedom and our future. if it continues the direction it's going it's going to do more damage to humanity than it will ever help. This is the worst take ever.
💚WATCH>>ᗪOᗯᑎᒪOᗩᗪ>>LINK👉https://co.fastmovies.org
✅WATCH>>ᗪOᗯᑎᒪOᗩᗪ>>👉https://co.fastmovies.org
🔴Really Amazing ️You Can Try This👉👉https://co.fastmovies.org
I really wish there were timestamps in the show notes.
LG gv 3f5mgk Hutt v5ggojlgvgvnngvrtfgvggggfflvgdrr4ftgtO texto copiado aparecerá automaticamente aquiFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixeFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aqui#COVID19 #COVID19PT os fragmentos de texto copiados para impedir que expirem após 1 hora bbhybninthglol vb gig b
Bester Security Podcast IMHO
I really love listening to your podcasts and I love how enthusiastic Steve gets over some news and his voice is really cute 😍 I just wish you guys would give a short definitions of some acronyms or techniques you're talking about, so I won't need to pause and Google, specially when the room is dark 😀
ms
Listen to this podcast, if you want to be entertained and updated on important Cybersecurity news
I love you Steve but PISS OFF on the vaccine proof. not happening. you didn't do voting did you ?
Seagate label: Koolhovenlaan is a street in the city of Tilburg, the Netherlands
I'm offended by the ignorance displayed in the thumbnail with the masq. now I'm wondering how ignorant the rest of the information is installing a petry dish in your airway is irresponsible and dangerous.
Evil M(a)IT attack
Tracking is ridiculous and turning off your phone or factory resetting it defeats efforts which are not needed. Deaths while under the treatment of respirators should not be counted as this virus steals iron from the blood, it does not fill your lungs with fluids I am reading from doctors, which is necessary to use a ventilator! They give you paralyzing drugs and if your lungs are dry that machine has a 50% it will kill you, and your body will immediately cremated, nothing for trial lawyers to exhume? Epidemiological experts say this is just another flu, do not let these political hacks kill you as they ignore warnings mitigation efforts prolong the virus? That is why the bat lady from China on day one said try malaria drugs, they open a channel into the virus so zinc or something else can bind instead of oxygen robbing iron stolen from your body? Would you help politicians round up people to put them in killing machines they could blame on a virus? I don't think so. You delay respi
stop taking long breakkkkkk
I used to enjoy this show. Now it's become the "I like to insert my politics into everything - Leo" show. Stick to the core subject! Even Steve sounds uncomfortable.
A great tech podcast thanks to Steve Gibson. Leo Laporte lets him speak in depth without getting in the way unlike some of the other TWIT podcasts.