Security Now (Audio)

•  Picture of the week.
•  Chrome's fourth zero-day of 2022.
•  Mozilla's new Firefox privacy-enhancing feature.
•  HackerOne discloses a malicious insider incident.
•  Closing the loop.
•  The ZuoRAT.

We invite you to read our show notes at https://www.grc.com/sn/SN-878-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• ZipRecruiter.com/securitynow
• itpro.tv/securitynow promo code SN30
• tanium.com/twit

• Picture of the Week.
• Errata: Firefox's "Total Cookie Protection"
• 3rd Party FIDO2 Authenticators
• Germany's not buying the EU's proposal which subverts encryption
• The Conti Gang have finally pulled the last plug
• Log4J and Log4Shell is alive and well
• The '311' emergency number proposal
• 56 Insecure-By-Design Vulnerabilities
• "Long Story Short"
• Closing The Loop
• The "Hertzbleed" Attack

We invite you to read our show notes at https://www.grc.com/sn/SN-877-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• drata.com/twit
• barracuda.com/securitynow
• Melissa.com/twit

• Picture of the Week.
• Double Decryption (Last week's key-strength puzzler).
• 3rd Party Authenticators.
• Firefox: Total Cookie Protection.
• We keep breaking DDoS attack records.
• MS-DFSNM.
• An Apple Safari regression.
• One Million WordPress sites force-updated.
• High-Severity RCE in Fastjson Library.
• Miscellany.
• Closing The Loop.
• Microsoft's Patchy Patches.

We invite you to read our show notes at https://www.grc.com/sn/SN-876-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• privacy.com/securitynow
• newrelic.com/securitynow
• expressvpn.com/securitynow

• Picture of the Week.
• Apple's Passkeys presentation at WWDC 2022.
• WebAuthn.
• FREE Penetration Testing course with Kali Linux.
• Proof of Simulation.
• A valid use for facial recognition: The Smart Pet Door!
• Closing The Loop.
• The PACMAN Attack.

We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• plextrac.com/twit
• NetFoundry.io/TWIT
• canary.tools/twit - use code: TWIT

• Picture of the Week.
• ServiceNSW Responds.
• ExpressVPN pulls the plug in India.
• And speaking of pulling the plug.
• "Follina" under active exploitation.
• And a Windows Search URL schema can be abused, too.
• "Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones".
• Ransomware sanctions are causing trouble.
• Conti spotted compromising motherboard firmware.
• Errata.
• Closing the Loop.
• Passkeys, Take 2.

We invite you to read our show notes at https://www.grc.com/sn/SN-874-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• itpro.tv/securitynow promo code SN30
• cloud.jumpcloud.com/securitynow
• bitwarden.com/twit