Episodes

Reviews

Analytics

Clips

May 22, 2019
SN 715: CPU.fail
This Week's Stories• The next round of Intel processor information leakage problems: Microarchitectural Data Sampling vulnerabilities• Last Tuesday's patches from Microsoft, Abode and Apple includes one for Windows XP• Security problem for Cisco that ever has stock analysts taking notice• Ongoing troubles with the cryptocurrency market• Trouble with Google's Titan Bluetooth dongle• Another monthly problem with Windows 10 updatesWe invite you to read our show notes at https://www.grc.com/sn/SN-715-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT WordPress.com/securitynow pulseway.com/twit
More info...
131 min
May 15, 2019
SN 714: Android 'Q'
This Week's Stories• Update WhatsApp NOW!• Security News from Google I/O 2019 conference• A new exploitable flaw in all Linux kernels earlier than v5.0.8• A new set of flaws affecting all Intel processors known as "ZombieLoad"• Security enhancements in Android Q.We invite you to read our show notes at https://www.grc.com/sn/SN-714-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: go.itpro.tv/securitynow promo code SN30 FreshBooks.com/securitynow Atlassian.com/IT
More info...
109 min
May 8, 2019
SN 713: Post-Coinhive Cryptojacking
This Week's StoriesThe continuing and changing world of cryptojacking after Coinhive closed their doors last month.Google's announcement of self-expiring data retentionThe mess arising from Mozilla's intermediate certificate expirationAnother wrinkle in the exploit marketplaceMozilla's announcement about deliberate code obfuscationA hacker who hacked at least 29 other botnet hackersA warning about a very popular D-Link netcamWho's paying and who's receiving bug bounties by countryAnother User-Agent gotcha with Google DocsA problem with Google Earth on the new Chromium-Edge browserA bit more about Edge's future just dropped at the start of Microsoft's Build 2019 conference. We invite you to read our show notes at https://www.grc.com/sn/SN-713-Notes.pdf Hosts: Leo Laporte and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: ZipRecruiter.com/securitynow LastPass.com/twit securitynow.cachefly.com
More info...
116 min
May 1, 2019
SN 712: Credential Stuffing Attacks
The large and emerging threat of website credential stuffing attacks.Privacy fallout from our recent coverage of Facebook and GoogleThe uptake rate of recent Windows 10 feature releasesThe source of the A/V troubles with the April patch Tuesday updatesThe NIST's formal fuzzing developmentA massive and ongoing database data leak involving more than half of all American householdsWindows Insiders are already finding that their systems won't update to the May 2019 feature update.United Airlines passengers have noticed and been understandably upset by seatback cameras pointing at them.We invite you to read our show notes at https://www.grc.com/sn/SN-712-Notes.pdf Hosts: Leo Laporte and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow Wasabi.com offer code SecurityNow Prilock.com/twit promo code LEO
More info...
117 min
April 24, 2019
SN 711: DNSpionage
Top Security Stories this Week:Google uses its "sensorvault" to help catch the bad guys.Time to update Drupal again.Facebook steals users' email contact lists, logs plaintext Instagram passwordsRussia moves closer to adopting "Internet Master Cutoff Switch" legislation.A reminder that "USB Killers" are a real thing.Marcus Hutchins' plea dealA new(ish) actively exploited Windows 0-dayA bunch of Microsoft Edge newsWindows 7 end-of-life noticesSomething from the "I did say this was bound to happen" departmentDetailed threat research from Cisco's Talos group about the leveraging of DNS espionage.We invite you to read our show notes at https://www.grc.com/sn/SN-711-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Atlassian.com/IT canary.tools/twit - use code: TWIT thehelm.com/SECURITYNOW
More info...
141 min
April 17, 2019
SN 710: DragonBlood
DragonBlood: the first effective attack on the new WPA3 protocolMalicious use of the URL tracking "ping" attributeThe WinRAR NightmareMore 3rd-party A/V troubles with MicrosoftWhat good did April's patch Tuesday accomplish?Adobe 's big patch TuesdayGoogle considering automatically blocking "high risk" downloadsRussia's Roskomnadzor finally lowers the boom on FacebookThe incredible Taj Mahal APT framework Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Wasabi.com offer code SecurityNow go.itpro.tv/securitynow promo code SN30 WordPress.com/securitynow
More info...
132 min
April 10, 2019
SN 709: URL "Ping" Tracking
This Week's StoriesYet another capitulation in the (virtually lost) battle against tracking our behavior on the Internet with URL "ping" tracking.UK government's plan to legislate, police and enforce online social media contentMicrosoft's Chromium-based Edge browser's securityImprovements to Windows 10's update managementNews from the "spoofing biometrics" departmentThe worrisome state of Android mobile financial appsNSA's GHIDRA software reverse engineering tool suitePerhaps the dumbest thing Facebook has done yet (and by policy, not by mistake)An important change in Win10 1809 external storage caching policy Hosts: Jason Howell and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow Atlassian.com/IT ZipRecruiter.com/securitynow
More info...
135 min
April 3, 2019
SN 708: Android Security
Android Security, 10 Years LaterWinRAR, a 20+ Year Old Tool With 500M Users, Acknowledged VulnerabilityRussian GPS Hacking and What It Means For UsAndroid's April Fools Day PatchesTesla Autopilot SpoofingThe ASUS "ShadowHammer" AttackWindows 10 (last) October 2018 UpdateA VMware UpdateWe invite you to read our show notes at https://www.grc.com/sn/SN-708-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: LastPass.com/twit securitynow.cachefly.com FreshBooks.com/securitynow
More info...
140 min
March 27, 2019
SN 707: Tesla, Pwned
Results of the much anticipated Mid-March Vancouver Pwn2Own competitionThe return of "Clippy", Microsoft's much-loathed dancing paperclipOperation "ShadowHammer" which reports say compromised ASUS (... but did it?)The ransomware attack on Norsk Hydro aluminumThe surprise renaming of Windows DefenderA severe bug revealed in the most popular PDF generating PHP libraryAn early look at Microsoft's forthcoming Chromium-based web browserHope for preventing caller ID spoofingA needed update for users of PuTTYMozilla's decision to conditionally rely upon Windows' root storeMicrosoft to offer virtual Windows 7 and 10 desktops through AzureDetails of the Windows 7 End of Life warning dialogue Hosts: Leo Laporte and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Atlassian.com/IT thehelm.com/SECURITYNOW expressvpn.com/securitynow
More info...
145 min
March 20, 2019
SN 706: Open Source eVoting
Last week's Patch Tuesday March MadnessWin7 SHA256 Windows Update... UpdateMany attacks leveraging the recently discovered WinRAR vulnerabilityWhat happens when Apple, Google, and GoDaddy all drop a bit?A big recent jump in Mirai Botnet CapabilityCompromised Counter-Strike gaming serversPrivacy enhancements coming in Android QA pair of very odd web browser extensions for Chrome and Firefox from MicrosoftA VERY exciting and encouraging project to create an entirely open eVoting system Hosts: Leo Laporte and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: ZipRecruiter.com/securitynow Sophos.com canary.tools/twit - use code: TWIT
More info...
131 min
Feedback on the new Podbay?
    1x
    15
    15
    00:00:00
      00:00:00