Security Now (Video)
by TWiTCybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Copyright: This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
Episodes
SN 964: PQ3 - Voyager 1's fate, Apple's post-quantum iMessage protocol
2h 12m · Published- "Death, Lonely Death" by Doug Muir, about the decades-old Voyager 1 explorer
- Cory Doctorow's Visions of the Future Humble Book Bundle
- CTRL-K shortcut for search on a browser
- Direct bootable image downloading for GRC's servers
- Closing the loop on compromised emails
- Taco Bell's passwordless app
- A solution for Bcrypt's password length limit of 72 bytes
- Data as the missing piece for law enforcement and privacy advocates
- The token solution for email-only login
- Apple's Password Manager Resources on Github
- The risk of long-term persistent cookies in browsers
- Why mainframe industries still require weak passwords
- A conundrum involving an exploitable Response Header error and a bounty payment.
- An inspection of Apple's new Post-Quantum Encryption upgrade
Show Notes - https://www.grc.com/sn/SN-964-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- GO.ACILEARNING.COM/TWIT
- Melissa.com/twit
- bitwarden.com/twit
- kolide.com/securitynow
SN 963: Web portal? Yes please! - Firefox v123, LockBit Disrupted
2h 4m · Published- Nevada attempts to block Meta's end-to-end encryption for minors.
- A survey of security breaches
- Edge's Super-Duper Secure Mode moves into Chrome
- DoorDash dashes our privacy
- Avast charged $16.5 million for selling user browsing data
- No charge for extra logging!
- European Parliament's IT service has found traces of spyware on the smartphones of its security and defense subcommittee members
- LockBit RaaS group disrupted
- Firefox v123
- The ScreenConnect Authentication Bypass
- SpinRite update
- Introducing BootAble
- Cox moving to Yahoo Mail for users
- Credit Card security
- Exploiting password complexity reqirements?
- Email only logins
- Flipper Zero in Canada
- German Router security
- More Flipper Zero in Canada
- Throwaway email addresses
- Shared email accounts
- Password quality enforcement
- Fingerprint tech and some future stories
Show Notes - https://www.grc.com/sn/SN-963-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- canary.tools/twit - use code: TWIT
- vanta.com/SECURITYNOW
- robinhood.com/boost
- joindeleteme.com/twit promo code TWIT
SN 962: The Internet Dodged a Bullet - Wyze Breach, Patch Tuesday, KeyTrap
2h 14m · Published- Wyze breach
- Microsoft patch Tuesday fixes 15 remote code execution flaws
- Why are there password restrictions?
- The Canadian Flipper Zero Ban
- Security on the old internet
- Using Old Passwords
- Passwordless login
- TOTP as a second factor
- German ISP using default router passwords
- Email encryption in transit
- pfSense Tailscale integration
- DuckDuckGo's email protection integration with Bitwarden
- The KeyTrap Vulnerability
Show Notes - https://www.grc.com/sn/SN-962-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- panoptica.app
- kolide.com/securitynow
- vanta.com/SECURITYNOW
- GO.ACILEARNING.COM/TWIT
SN 961: Bitlocker: Chipped or Cracked? - Honeypots, Toothbrush Botnet, Bitlocker Cracked
2h 3m · Published- Toothbrush Botnet
- "There are too many damn Honeypots!"
- Remotely accessing your home network securely
- Going passwordless as an ecommerce site
- Facebook "old password" reminders
- Browsers on iOS
- More UPnP Issues
- A password for every website?
- "Free" accounts
- Keeping phones plugged in
- Running your own email server in 2024
- iOS app sizes
- SpinRite 6.1 running on an iMac
- SpinRite update
- Bitlocker's encryption cracked in minutes
Show Notes - https://www.grc.com/sn/SN-961-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- joindeleteme.com/twit promo code TWIT
- bitwarden.com/twit
- kolide.com/securitynow
- robinhood.com/boost
SN 960: Unforeseen Consequences - CISA's "Secure by Design" Initiative, Fastly's BoringSSL
2h 4m · Published- CISA's "Secure by Design" Initiative
- The GNU C Library Flaw
- Fastly CDN switches from OpenSSL to BoringSSL
- Roskomnadzor asserts itself
- Google updates Android's Password Manager
- Firefox gets post-quantum crypto
- Get your TOTP tokens from LastPass
- Inflated iOS app data
- LearnDMARC
- Sync mobile app bug
- SpinRite and Windows Defender
- Crypto signing camera
- Analog hole in digital camera authentication
- iOS and Google's Topics
- The gathering of the Stephvens
- Programmable Logic Controllers
- SpinRite update
- Malware-infected Toothbrush
- The Unforeseen Consequences of Google's 3rd-party Cookie Cutoff
Show Notes - https://www.grc.com/sn/SN-960-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Melissa.com/twit
- joindeleteme.com/twit promo code TWIT
- GO.ACILEARNING.COM/TWIT
- vanta.com/SECURITYNOW
SN 959: Stamos on "Microsoft Security" - HP Printer Bricking, Mercedes Benz Source Code
0s · Published- iOS to allow native Chromium and Firefox engines.
- An OS immune to ransomware?
- HP back in the doghouse over "anti-virus" printer bricking
- The mother of all breaches
- New "Thou shall not delete those chats" rules
- Fewer ransoms are being paid
- Verified Camera Images
- More on the $15/month flashlight app
- What happens when apps change publishers
- Microsoft hating on Firefox
- Credit Karma is storing 1GB of data on the iPhone
- Staying on Windows 7
- Sci-Fi recommendations
- Windows 7 and HSTS sites
- TOTP codes/secrets and Bitwarden
- SpinRite on Mac
- SpinRite v6.1 is done!
- LearnDMARC.com
- Alex Stamos on "Microsoft Security"
Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- expressvpn.com/securitynow
- panoptica.app
- kolide.com/securitynow
- canary.tools/twit - use code: TWIT
SN 958: A Week of News and Listener Views - HSS Breach, CISA's Policing Results
2h 14m · Published- Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
- US Health and Human Services Breached
- Firefox vs "The Competition"
- Brave reduces its anti-fingerprinting protections
- CISA's proactive policing results one year later
- Longer Life For Samsung Updates
- Google Incognito Mode "Misunderstanding"
- Show Doc Not showing images on iOS Safari
- Generated AI Media Authentication
- Which computer languages to learn?
- Flashlight app subscription
- Google's Privacy Sandbox system
- Malware and IoT devices
- Protected Audience API vs. Malvertising
- Defensive computing
- Why ISPs don't do anything about DDoS attacks
- SpinRite Update
Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- paloaltonetworks.com/ot-security-tco
- bitwarden.com/twit
- drata.com/twit
- kolide.com/securitynow
SN 957: The Protected Audience API - Hacked Washing Machine, Quantum Crypto Troubles
1h 45m · Published- What would an IoT device look like that HAD been taken over?
- And speaking of DDoS attacks
- Trouble in the Quantum Crypto world
- The Browser Monoculture
- Question about the Apple backdoor
- Getting into infosec
- proton drive vs sync
- SpinRite update
- The Protected Audience API
Show Notes - https://www.grc.com/sn/SN-957-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- meraki.cisco.com/twit
- kolide.com/securitynow
- lookout.com
- bitwarden.com/twit
- joindeleteme.com/twit promo code TWIT
SN 956: The Inside Tracks - 23andME Mess, Ukraine Telecom Hack, LastPass
1h 53m · Published- More on Apple's hardware backdoor
- Russian Hacking of Ukranian cameras
- Russian hackers were inside Ukraine telecoms giant for months
- Things are still a mess at 23andMe
- CoinsPaid was the victim of another cyberattack
- Crypto Hacking in 2023
- Mandiant Twitter scam
- Defining "cyber warfare"
- LastPass is making some changes
- Windows Watch
- Google settles $5 billion lawsuit
- Return Oriented Programming
- Shutting Down Edge
- Root Certificates
- Credit freezing
- SpinRite Update
Show Notes - https://www.grc.com/sn/SN-956-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- lookout.com
- paloaltonetworks.com/ot-security-tco
- kolide.com/securitynow
- bitwarden.com/twit
SN 955: The Mystery of CVE-2023-38606 - SpinRite Update, Nebula Mesh, Apple's Backdoor
1h 52m · PublishedSpinRite 6.1 update
Pruning Root Certificates
A solution to Schrodinger's Bowl
DNS Benchmark and anti-virus tools
Nebula Mesh
SpinRite 7 is coming
The Mystery of CVE-2023-38606
Show Notes - https://www.grc.com/sn/SN-955-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- bitwarden.com/twit
- kolide.com/securitynow
- Melissa.com/twit
- drata.com/twit
Security Now (Video) has 73 episodes in total of non- explicit content. Total playtime is 133:09:02. The language of the podcast is English. This podcast has been added on February 22nd 2023. It might contain more episodes than the ones shown here. It was last updated on May 17th, 2024 19:16.