Security Now (Audio)

• Picture of the Week.
• NASA "shouted" at Voyager.
• Another view of Microsoft.
• What about this Chinese attack?
• AI meets Keyboard Acoustic Side-Channel attacks.
• Closing the Loop.
• Revisiting Global Privacy Control.

Show Notes: https://www.grc.com/sn/SN-934-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

• Picture of the Week.
• Satellite Turla: APT Command and Control in the Sky.
• OS 17 to further crack down on device fingerprinting.
• Android to start warning of "unknown trackers".
• The 7th branch of the US military.
• Russia criminalizes open source project contribution.
• VirusTotal's 2023 report.
• Closing the Loop.
• TETRA:BURST.

Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Building Cyber Resilience Podcast
• bitwarden.com/twit
• drata.com/twit

• Picture of the Week.
• R.I.P. Kevin Mitnick.
• Apple says: "Thanks, but we'd rather leave."
• Web Environment Integrity.
• Web Analytics under the spotlight.
• More progress on the IoT security front.
• The "Expeditionary cyber force".
• Ransomware payouts being made much less often.
• MOVEit Update.
• TikTok + Passkeys.
• Closing the Loop.
• SpinRite.
• Satellite Insecurity, Part 2.

Show Notes: https://www.grc.com/sn/SN-932-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• drata.com/twit
• GO.ACILEARNING.COM/TWIT
• bitwarden.com/twit

• Picture of the Week.
• Kaspersky on Microsoft's Patch Tuesday.
• As the worm turns: WormGPT.
• Microsoft revokes 100+ malicious drivers.
• MOVEit Update.
• Does Dun & Bradstreet know you?
• No Threads for you! (or EU!)
• All Bitcoin addresses look alike.
• Twitter changes DM settings.
• Closing the Loop.
• SpinRite.
• Satellite Insecurity, Part 1.

Show Notes: https://www.grc.com/sn/SN-931-Notes.pdf 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• kolide.com/securitynow
• drata.com/twit
• cs.co/twit

• Picture of the Week.
• Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software.
• And as for MOVEit...
• What's a "Rug Pull" ??
• "Avast, ye Matey"
• China's OpenKylin v1.
• TootRoot!
• Firefox 115.
• Did Russia Disconnect?
• Use some honey if you want to catch some flies.
• Cryptocurrency losses.
• International Consumer Data Transit.
• Apple's emergency update retraction.
• Syncthing Revisited.
• Closing the Loop.
• SpinRite's first RTM release.
• RTOS-32.
• Rowhammer Indelible Fingerprinting.

Show Notes: https://www.grc.com/sn/SN-930-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• canary.tools/twit - use code: TWIT
• bitwarden.com/twit
• GO.ACILEARNING.COM/TWIT

• Picture of the Week.
• Catching Leo up to speed from last week.
• DuckDuckBrowse.
• And an updated Tor Browser.
• Opera, now enhanced with "AI".
• The KasperskyOS Phone.
• The cost of doing business in Russia.
• Slowly turn the wheels of justice.
• The US to create a new "Cyber Force".
• Apple.com now supports Passkeys.
• Selective GDPR enforcement?
• Facial Recognition is Photo Recognition.
• Google cybersecurity clinics.
• Progress/MOVEit sued.
• Closing the Loop.
• SpinRite.
• Operation Triangulation.

Show Notes: https://www.grc.com/sn/SN-929-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• drinkAG1.com/securitynow
• lookout.com
• drata.com/twit

• Picture of the Week.
• Patch Tuesday.
• Does EVERYTHING leak??
• Closing the Loop.
• SpinRite gets version 7.1!
• The Massive MOVEit Maelstrom.

Show Notes: https://www.grc.com/sn/SN-928-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• drata.com/twit
• cs.co/twit
• kolide.com/securitynow

• Picture of the Week.
• Cryptomining Rude Surprise Billing.
• Musk's Twitter is refusing to pay for Cloud Services.
• IoT DDoS rapidly rising.
• H1CA found executing code on client machines.
• Apple's WWDC Redux.
• France takes a different approach...
• Russia: Scanners stay out!
• Miscellany.
• Closing the Loop.
• SpinRite.
• Scanning the Internet.

Show Notes: https://www.grc.com/sn/SN-927-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• GO.ACILEARNING.COM/TWIT
• bitwarden.com/twit
• athleticgreens.com/securitynow

• Picture of the Week.
• Another week of silence from HP.
• Mandatory "SMB Signing" coming to Windows 11.
• OWASP.
• Did Apple help the NSA attack the Kremlin?
• Kaspersky's analysis of this iPhone attack and compromise.
• The Trifecta Jackpot!
• Who wrote that?
• Tor gets anti-DoS protection.
• Cybersecurity at Educational institutions.
• Civilian Surveillance Cameras in Ukraine.
• Cyber Mercenaries.
• Closing the Loop.
• Windows Platform Binary Table.

Show Notes: https://www.grc.com/sn/SN-926-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• meraki.cisco.com/twit
• joindeleteme.com/twittv
• canary.tools/twit - use code: TWIT

• Picture of the Week.
• HP = "Huge Pile"
• The ".ZIP" TLD — What could possibly go wrong?
• PyPI gets more serious about security AND privacy.
• "No logs saved anywhere"???
• Twitter in the EU?
• Bitwarden's support for Passkeys.
• A €1.2 billion fine will grab your attention.
• Editing WhatsApp messages.
• A new Google Bug Bounty.
• SpinRite.
• Brave's Brilliant Off the Record Request.

Show Notes: https://www.grc.com/sn/SN-925-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• cs.co/twit
• drata.com/twit
• Melissa.com/twit