Security Now (Audio)

By TWiT

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.


Category: Technology

Open in Apple Podcasts


Open RSS feed


Open Website


Rate for this podcast

Subscribers: 3777
Reviews: 14

Ali
 Mar 27, 2022
I have been listening to this podcast for years. I have learned a lot about security by listening to this podcast. early on, some episodes were way over my head, but over time I've learned a lot.


 Mar 7, 2022

Security Lover
 Dec 17, 2021
Outstanding info, from sci-fi to propeller-head episodes, Steve is great!


 Sep 8, 2021

ViciousPenguin
 Jun 9, 2021
I think I've learned more through this podcast than all the others I listen to combined. May SG live long and continue to educate us well past episode 999. 🖖

Description

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Episode Date
SN 908: Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacked
1:44:48
  • Android to start blocking old and unsafe apps.
  • Microsoft to block Internet sourced Excel add-ins.
  • An example of saying "no" even when it may hurt.
  • Hacked Wormhole funds on the move.
  • Kevin Rose Hacked.
  • Facebook will be moving more users into E2EE.
  • iOS 6.3 and FIDO.
  • Scan thy Citizenry.
  • The Hive ransomware organization takedown.
  • Errata.
  • Closing the Loop.
  • SpinRite.
  • Data Operand Independent Timing.

Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Feb 01, 2023
SN 907: Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev
1:44:55
  • Picture of the Week.
  • PayPal Credential Stuffing.
  • iOS 16.3 : Cloud encryption for all.
  • InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".
  • CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT.
  • "Meta" fined for the third time.
  • Bitwarden acquires "Passwordless.dev".
  • Closing the Loop.
  • SpinRite.
  • Credential Reuse.

Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jan 25, 2023
SN 906: The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass
1:54:29
  • Picture of the Week
  • About Password Iterations
  • EBC or CB
  • Norton Lifelock Troubles
  • Chrome Follows Microsoft and Firefox
  • Chromium is Beginning to Rust
  • BYOVD and Windows Defender Failures
  • Closing the Loop (feedback)
  • The Rule of Two

Show notes: https://www.grc.com/sn/sn-906-notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jan 18, 2023
SN 905: 1 - LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly
1:51:24
  • Picture of the Week.
  • LastPass Aftermath.
  • LastPass Vault De-Obfuscator.
  • What more do we know this week regarding LastPass?
  • The most alarming discovery by listeners.
  • Understanding the scale of GPU-enhanced password cracking.
  • On the true strength of passwords.
  • Feedback from listeners regarding LastPass.

Show Notes https://www.grc.com/sn/SN-905-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jan 11, 2023
SN 904: Leaving LastPass - How LastPass failed, Steve's next password manager, how to protect yourself
2:02:55
  • Picture of the Week.
  • SpinRite.
  • Leaving LastPass.
  • Is there reason for concern?
  • Well known password cracker Jeremi Gosney's LastPass rant.
  • Steve shares his plan regarding LastPass.
  • What is Steve's next password manager?
  • What should LastPass users do to protect themselves?

Show Notes https://www.grc.com/sn/SN-904-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jan 04, 2023
SN 903: Security Now Best of 2022 - The best moments from throughout the year
2:20:00
  • Anatomy of a Log4j Exploit.
  • Will Russia Disconnect?
  • FCC Says Kaspersky Labs is a National Security Threat.
  • Lenovo UEFI Firmware Troubles.
  • That "Passkeys" Thing.
  • Dis-CONTI-nued: The End of Conti?
  • Steve's Take on the LastPass Breach.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Dec 27, 2022
SN 902: A Generic WAF Bypass - Pwn2Own Toronto, URSNIF malware, Vivaldi Mastodon support, Bye Bye SHA-1
1:56:32
  • Picture of the Week.
  • A malware operation known as URSNIF.
  • Pwn2Own Toronto 2022.
  • Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.
  • Patch Tuesday.
  • Another Uber breach?
  • Elon Botches 'Bot Blockage.
  • Vivaldi integrates Mastodon in its desktop browser.
  • 5,200 Dutch government warnings.
  • CIB: "Coordinated Inauthentic Behavior"
  • GitHub to require 2FA by the end of next year.
  • Bye bye SHA-1.
  • WordFence's VERY useful looking WordPress add-on vulnerability database.
  • Closing The Loop.
  • SpinRite.
  • A Generic WAF Bypass.


Show Notes https://www.grc.com/sn/SN-902-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsor:

Dec 21, 2022
SN 901: Apple Encrypts the Cloud - Chrome Passkeys, Telegram malware, SYNC.com outage, Rackspace lawsuits
2:23:29
  • Picture of the Week.
  • Chrome does Passkeys.
  • SYNC.COM suffered its first outage.
  • Medibank reboot.
  • Totally fake cryptocurrency trading platforms.
  • Malware on Telegram.
  • Texas gets in on the TikTok banning.
  • The LastPass class action lawsuit.
  • Rackspace had a big embarrassing problem.
  • Rackspace is now facing at least three class action lawsuits.
  • Another country goes on the offensive.
  • Closing The Loop.
  • SpinRite.
  • Miscellany.
  • Apple Encrypts the Cloud.


Show Notes https://www.grc.com/sn/SN-901-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Dec 14, 2022
SN 900: LastPass Again - South Dakota bans TikTok, Anker Eufy Camera debacle, Mozilla yanks trusted root
2:02:38
  • Picture of the Week.
  • Don't mess with Australia.
  • Facebook / Meta fined by Ireland.
  • REvil's full Medibank dump.
  • Is nothing sacred?
  • Mozilla yanks a (no longer) trusted root.
  • Android Platform Certs Escape.
  • South Dakota says: No more Tik-Tok.
  • Albania blames its IT staff.
  • Good news on the memory safe languages front.
  • Black Hat USA 2022.
  • Another Chrome 0-day bites the dust.
  • Anker's Eufy Camera debacle.
  • An amazing-looking WiFi-6 router... $119.
  • Elon really said this.
  • Closing the Loop.
  • SpinRite.
  • LastPass Again.

 

Show Notes https://www.grc.com/sn/SN-900-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Dec 07, 2022
SN 899: Freebie Bots & Evil Cameras - iSpoofer no more, Boa server vulnerability, CISA on Mastodon
1:58:48
  • Picture of the Week.
  • iSpoof you no more.
  • Here come the Freebie Bots!
  • Anatomy of the real-time Cryptocurrency heist.
  • Lookin' for something to do?
  • Boa server vulnerability.
  • The dilemma of closed-source Chinese networking products.
  • The Cyber Defense Index.
  • Malicious Docker Hub images.
  • Since we've been tracking 0-days for a while.
  • CISA on Mastodon.
  • Miscellany.
  • Closing The Loop.
  • SpinRite.


Show Notes https://www.grc.com/sn/SN-899-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Nov 30, 2022