Security Now (Audio)

By TWiT

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.


Category: Technology

Open in Apple Podcasts


Open RSS feed


Open Website


Rate for this podcast

Subscribers: 3678
Reviews: 14

Ali
 Mar 27, 2022
I have been listening to this podcast for years. I have learned a lot about security by listening to this podcast. early on, some episodes were way over my head, but over time I've learned a lot.


 Mar 7, 2022

Security Lover
 Dec 17, 2021
Outstanding info, from sci-fi to propeller-head episodes, Steve is great!


 Sep 8, 2021

ViciousPenguin
 Jun 9, 2021
I think I've learned more through this podcast than all the others I listen to combined. May SG live long and continue to educate us well past episode 999. 🖖

Description

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Episode Date
SN 890: DarkNet Politics - EU and Google Analytics, Rockstar hacker busted, Mozilla says no fair
1:46:37
  • Picture of the Week.
  • Can't have it both ways.
  • Denmark has become the fourth EU member to rule that the use of Google Analytics is illegal.
  • Rockstar Games hacker is busted!
  • Mozilla says: No fair!
  • Vivaldi, Manifest V3, webRequest, and ad blockers.
  • Sticky Chrome vulnerabilities.
  • SMB authentication rate limiter now on by default in Windows Insider.
  • US bill to secure FOSS software.
  • Iran vs Albania.
  • Closing The Loop.
  • The Silver Ships.
  • SpinRite.
  • DarkNet Politics.

We invite you to read our show notes at https://www.grc.com/sn/SN-890-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Sep 28, 2022
SN 889: Spell-Jacking - Cyber-Insurance, GTA 6 leak, MiraclePtr, CVSS9.8 for WordPress, Uber Oops!
1:49:13
  • Picture of the Week.
  • This is Patch News-Day.
  • Lloyd's of London backing away from Cyber-Insurance.
  • Uber Oops!
  • Rockstar Games: Grand Theft Auto 6 Massive Leak.
  • LastPass Breach Update.
  • A CVSS 9.8 for WordPress.
  • What cost, Security?
  • Use-after-freedom: Google's "MiraclePtr"
  • Closing The Loop.
  • Spell-Jacking.

We invite you to read our show notes at https://www.grc.com/sn/SN-889-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Sep 21, 2022
SN 888: The EvilProxy Service - MooBot, Crypto Heist, Cyberwarfare, QNAP, The Silver Ships
2:02:04
  • Picture of the Week.
  • Cyberwarfare: Albania vs Iran.
  • Crypto Heist — this or that.
  • The White House "Tech Platform Accountability" Listening Session.
  • Changes to the Dutch Intelligence Law.
  • Another QNAP mess.
  • D-Link's being taken over by MooBot.
  • Sci-Fi Discovery: "The Silver Ships".
  • Closing The Loop.
  • The EvilProxy Service.

We invite you to read our show notes at https://www.grc.com/sn/SN-888-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Sep 14, 2022
SN 887: Embedded AWS Credentials - TikTok leak, urgent Chrome patch, PyPI warning, Quantum Hype Bubble
2:01:34
  • Picture of the Week.
  • Google's (newest) Open Source Software Vulnerability Rewards Program.
  • Did TikTok leak 2.05 BILLION User Records?
  • An urgent Chrome update patches new 0-day flaw.
  • Permission-less Browser Clipboard Write.
  • Nearly 1/3 of the packages in PyPI trigger an automatic code execution upon download.
  • A Quantum Hype Bubble?
  • All of the BlackHat 2022 Presentation Slides PDFs.
  • Csurf NPM library mistake.
  • SpinRite.
  • Closing The Loop.
  • Sci-Fi Discovery: "The Silver Ships"
  • Embedding AWS Credentials.

We invite you to read our show notes at https://www.grc.com/sn/SN-887-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Sep 07, 2022
SN 886: Wacky Data Exfiltration - LastPass breach, FTC Kochava lawsuit, Hikvision IoT mess
2:01:06
  • Picture of the Week.
  • LastPass Breached.
  • The US Federal Trade Commission filed a lawsuit against data broker Kochava.
  • The US Federal Communications Commission launched an investigation into mobile carriers' geolocation data practices.
  • California, here I come!
  • A conversation with a Ransomware Attacker.
  • DuckDuckGo's Privacy-Enhanced eMail Forwarding.
  • Another IoT mess care of "Hikvision"
  • SpinRite.
  • Closing The Loop.
  • Wacky Data Exfiltration.

We invite you to read our show notes at https://www.grc.com/sn/SN-886-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Aug 31, 2022
SN 885: The Bumblebee Loader - RTL819x Exploit, RubyGems Update, Chrome's Fifth 0-Day of 2022
1:47:21
  • VIDEO of the Week
  • Crashing Laptop Computers With Janet Jackson
  • RealTek SoC flaw affects many millions of IoT devices
  • 46 Million RPS - requests per second
  • Chrome's 5th 0-Day of 2022
  • Apple: Not to be left behind...
  • RubyGems to require MFA
  • Closing The Loop: Domain Name Ownership
  • Closing The Loop: Growing in Cybersecurity
  • The Bumblebee Loader

We invite you to read our show notes at https://www.grc.com/sn/SN-885-Notes.pdf

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Aug 24, 2022
SN 884: TLS Private Key Leakage - BIG patch Tuesday, Facebook E2E encryption, VNC insecurity, Cyotek WebCopy
1:52:43
  • Picture of the Week.
  • Patch Flashback Tuesday.
  • Facebook is cautiously creeping toward default E2E encryption.
  • VNC's inherent insecurity.
  • The need to control domain names.
  • And speaking of backup: Cyotek WebCopy.
  • Google's Ryan Sleevi Retweeted Jens Axboe.
  • SandSara Update from Ed Cano.
  • Closing The Loop.
  • SpinRite.
  • TLS Private Key Leakage.

We invite you to read our show notes at https://www.grc.com/sn/SN-884-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Aug 17, 2022
SN 883: The Maker's Schedule - VirusTotal, Daniel Bernstein sues the NSA, Win 11 might damage encrypted data
1:49:13
  • Picture of the Week.
  • Crypto is Hard.
  • VirusTotal: Deception at a scale.
  • Windows 11 might damage encrypted data.
  • Microsoft Defender External Attack Surface Management.
  • Closing The Loop.
  • Daniel Bernstein sues the NSA.
  • The Maker's Schedule.

We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Aug 10, 2022
SN 882: Rowhammer's Nine Lives - TLS-Anvil, Chrome cookies stick around, Atlassian Confluence under attack
2:12:46
  • Picture of the Week.
  • Atlassian's "Confluence" under attack.
  • LS-Anvil.
  • Google delays Chrome's cookie phase-out again.
  • Attacker responding to loss of Office Macros.
  • SpinRite.
  • Closing The Loop.
  • RIP: Nichelle Nichols.
  • "The Dropout" on Hulu and "WeCrashed" on AppleTV+.
  • Winamp releases new version after four years in development.
  • Rowhammer's Nine Lives.

We invite you to read our show notes at https://www.grc.com/sn/SN-882-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Aug 03, 2022
SN 881: The MV720 - MS Office VBA macros, Win 11 security changes, start button failure
2:02:53
  • Picture of the Week.
  • Patch Tuesday Redux Redux.
  • Windows 11 Start button failure.
  • The continuing saga of Windows VBA macros.
  • Windows 11 now blocks RDP brute-force attacks by default.
  • Black Hat and DefCon coming soon.
  • SpinRite.
  • pfSense and TailScale.
  • Closing The Loop.
  • The MV720.

We invite you to read our show notes at https://www.grc.com/sn/SN-881-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 27, 2022