Security Now (Video)

• Picture of the Week.
• Another week of silence from HP.
• Mandatory "SMB Signing" coming to Windows 11.
• OWASP.
• Did Apple help the NSA attack the Kremlin?
• Kaspersky's analysis of this iPhone attack and compromise.
• The Trifecta Jackpot!
• Who wrote that?
• Tor gets anti-DoS protection.
• Cybersecurity at Educational institutions.
• Civilian Surveillance Cameras in Ukraine.
• Cyber Mercenaries.
• Closing the Loop.
• Windows Platform Binary Table.

Show Notes: https://www.grc.com/sn/SN-926-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• meraki.cisco.com/twit
• joindeleteme.com/twittv
• canary.tools/twit - use code: TWIT

• Picture of the Week.
• HP = "Huge Pile"
• The ".ZIP" TLD — What could possibly go wrong?
• PyPI gets more serious about security AND privacy.
• "No logs saved anywhere"???
• Twitter in the EU?
• Bitwarden's support for Passkeys.
• A €1.2 billion fine will grab your attention.
• Editing WhatsApp messages.
• A new Google Bug Bounty.
• SpinRite.
• Brave's Brilliant Off the Record Request.

Show Notes: https://www.grc.com/sn/SN-925-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• cs.co/twit
• drata.com/twit
• Melissa.com/twit

• Picture of the Week.
• Tracker Follow-Up.
• Automatic IoT device updating.
• HP 9020e - error code 83C0000B.
• Section 230 Stands.
• The KeePass Vulnerability.
• Apple joins Samsung, Amazon and Verizon in banning ChatGPT.
• Google's Privacy Sandbox moves forward.
• The FBI heavily misused FISA powers.
• Supply Chain Nightmare.
• SpinRite.
• VCaaS – Voice Cloning as a Service.

Show Notes: https://www.grc.com/sn/SN-924-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• expressvpn.com/securitynow
• athleticgreens.com/securitynow
• lookout.com

• Picture of the Week.
• SpinRite.
• Location Tracker Behavior.
• Formal definitions from the specification.
• Bluetooth LE devices have MAC addresses and therein lies a problem.
• All devices are serialized.
• And now, that "pairing registry".
• Privacy considerations.

Show Notes: https://www.grc.com/sn/SN-923-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• bitwarden.com/twit
• GO.ACILEARNING.COM/TWIT

• Picture of the Week.
• Google & Passkeys.
• TP-Link routers DO auto-update.
• US Marshals Service: Where's the backup??
• T-Mobile keeps getting breached.
• Chrome: No more LOCK icon.
• Apple's new "Rapid Security Response" system.
• Elon Musk, making friends wherever he goes...
• A quick Mastodon aside.
• Here come the fake AI-generated "news" sites.
• Russia to replace "American" TCP/IP with "Russian Internet".
• Vint Serf's 3 mistakes.
• Detecting Unwanted Location Trackers.

Show Notes: https://www.grc.com/sn/SN-922-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsor:

• kolide.com/securitynow

• Picture of the Week.
• The Encryption Debate.
• Age does matter...
• Age Verification.
• WhatsApp: Rather be blocked in UK than weaken security.
• Exposing Side-Channel Monitoring.
• Closing the Loop.
• A new UDP reflection attack vector.
• Google Authenticator Updated.
• Does Israel use NSO Group commercial spyware?
• A Russian OS?
• TP-Link routers compromised.
• A pre-release security audit.
• Another Intel side-channel attack.
• Windows users: Don't remove cURL!
• AI comes to VirusTotal. 
  Show Notes    https://www.grc.com/sn/SN-921-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• canary.tools/twit - use code: TWIT
• joindeleteme.com/twittv
• drata.com/twit

• Picture of the Week.
• Lockdown Mode seen succeeding.
• A growing black market for ChatGPT accounts.
• Decommissioned Corporate Routers Leak Secrets.
• Jaguar Tooth: Cisco router vulnerabilities.
• Security Research Legal Defense Fund.
• A quick Firefox fix.
• Kubernetes security audit.
• Google Chrome zero-day.
• An End-to-End Encryption Proposal.

Show Notes https://www.grc.com/sn/SN-920-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• athleticgreens.com/securitynow
• lookout.com

• Picture of the Week.
• Patch Tuesday Review.
• Risky Business News.
• Google Assured Open Source Software.
• WhatsApp Improvements.
• Bad Security? Go to jail!
• Forced Entry.

Show Notes https://www.grc.com/sn/SN-919-Notes.pdf
 

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• meraki.cisco.com/twit
• bitwarden.com/twit
• GO.ACILEARNING.COM/TWIT

• Picture of the Week.
• Microsoft and Fortra go on the offensive.
• Can ChatGPT keep a secret?
• Apple updates their OS's.
• Wordpress under attack... again.
• Mozilla's Site Breach Monitor.
• Another ChatGPT investigation.
• Samsung handsets reaching EoL.
• Less access for loan apps.
• The right to be forgotten.
• SpinRite.
• A Dangerous Interpretation.

Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf
 

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• joindeleteme.com/twittv
• meraki.cisco.com/twit
• kolide.com/securitynow

• Picture of the Week
• So... Not an attack, then?
• AI Overlord Hysteria
• Italy says NO to ChatGPT
• It's illegal... How much will that be?
• The U.S. FDA & medical device security
• Hack the Pentagon
• Firefox 3dr-party DLL check-up
• Microsoft's Extortion?
• The Silver Ships
• Zombie Software

Show Notes: https://www.grc.com/sn/sn-917-notes.pdf
 

Hosts: Steve Gibson and Ant Pruitt

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• kolide.com/securitynow
• canary.tools/twit - use code: TWIT
• meraki.cisco.com/twit