Security Now (MP3)Author: TWiT
23 Mar 2019

Security Now (MP3)

Download, listen or watch all podcasts

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

  • Listen

    SN 706: Open Source eVoting

    Security Now (Audio)

    • Last week's Patch Tuesday March Madness
    • Win7 SHA256 Windows Update... Update
    • Many attacks leveraging the recently discovered WinRAR vulnerability
    • What happens when Apple, Google, and GoDaddy all drop a bit?
    • A big recent jump in Mirai Botnet Capability
    • Compromised Counter-Strike gaming servers
    • Privacy enhancements coming in Android Q
    • A pair of very odd web browser extensions for Chrome and Firefox from Microsoft
    • A VERY exciting and encouraging project to create an entirely open eVoting system

    Hosts: Leo Laporte and Steve Gibson

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 20 Mar 2019

    download
  • Listen

    SN 705: SPOILER

    Security Now (Audio)

    • 0-day exploit bidding war
    • NSA releases Ghidra v9
    • Firefox adds Tor privacy
    • A pair of nasty 0-days
    • A worrisome breach at Citrix
    • The risk of claiming to be an unhackable aftermarket car alarm
    • A new and interesting "Windows developers chatting with users" idea at Microsoft
    • A semi-solution to Windows updates crashing systems
    • Detailed news of the Marriott/Starwood breach, a bit of miscellany from
    • SPOILER: Another new and different consequence of speculation on Intel machines.

    We invite you to read our show notes at https://www.grc.com/sn/SN-705-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 13 Mar 2019

    download
  • Listen

    SN 704: Careers in Bug Hunting

    Security Now (Audio)

    • The increasing feasibility of making a sustainable career out of hunting for software bugs
    • A newly available improvement in Spectre mitigation performance and who can try it now
    • Adobe's ColdFusion emergency and patch,
    • More problems with A/V and self-signed certs
    • A Docker vulnerability being exploited in the wild
    • The end of Coinhive
    • A new major Wireshark release
    • A nifty web browser website screenshot hack
    • Continuing troubles with the over-privileged Thunderbolt interface
    • Bot-based credential stuffing attacks

    We invite you to read our show notes at https://www.grc.com/sn/SN-704-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 05 Mar 2019

    download
  • Listen

    SN 703: Out in the Wild

    Security Now (Audio)

    • A number of ongoing out-in-the-wild attacks
    • Another early-warned Drupal vulnerability
    • A 19-year old flaw in an obscure decompress for the "ACE" archive format
    • Microsoft reveals an abuse of HTTP/2 protocol which is DoSing its IIS servers.
    • Mozilla faces a dilemma about a wanna-be Certificate Authority and they also send a worried letter to Australia.
    • Microsoft's Edge browser is revealed to be secretly whitelisting 58 web domains which are allowed to bypass its "Click-To-Run" permission for Flash.
    • ICANN renews its plea for the Internet to adopt DNSSEC.
    • NVIDIA releases a handful of critical driver updates for Windows.
    • Apple increases the intelligence of it's Intelligent Tracking Prevention.

    We invite you to read our show notes at https://www.grc.com/sn/SN-703-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 27 Feb 2019

    download
  • Listen

    SN 702: Authenticity on the Internet

    Security Now (Audio)

    • Last week's doozy of a patch Tuesday for both Microsoft and Adobe
    • An interesting twist coming to Windows 7 and Server 2008 security updates
    • Eight mining apps pulled from the Windows Store
    • Another positive security initiative from Google
    • Electric scooters being hacked
    • Chipping away at Tor's privacy guarantees
    • A year and a half after Equifax, and where's the data?
    • The beginnings of GDPR-like legislation for US
    • An extremely concerning new and emerging threat for the Internet

    We invite you to read our show notes.

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 20 Feb 2019

    download

Follow Playlisto