Author: TWiTSecurity Now (Audio)
Download, listen or watch all podcasts
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
- Listen
SN 795: DNS Consolidation - Generic Smart Doorbells, Tesla Model X Key Fobs, Critical Drupal Flaw, Spotify
Generic smart doorbells, Tesla Model X key fobs, critical Drupal flaw, Spotify.
- Chrome Omnibox becomes more Omni.
- Chrome's open tabs search.
- Ransomware news involving Delaware County, Canon, US Fertility, Ritzau, Baltimore County Public Schools, and Banijay group SAS.
- Drupal's security advisory titled "Drupal core - Critical - Arbitrary PHP code execution."
- The revenge of cheap smart doorbells.
- Tesla Key Fob Hack #3.
- CA's adapt to single-year certs.
- Nearly 50,000 Fortinet VPN credentials posted online.
- More than 300,000 Spotify accounts hacked.
- MobileIron MDM CVSS 9.8 RCE.
- The Salvation Trilogy.
- Spinrite update.
- DNS Consolidation.
We invite you to read our show notes at https://www.grc.com/sn/SN-795-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 02 Dec 2020
- Listen
SN 794: Cicada - Ongoing WordPress Attack, RCS Gets End-to-End Encryption
Ongoing WordPress attack, RCS gets End-to-end encryption.
- Chrome moves to release 87.
- Explicit Publication of Privacy Practices.
- Firefox 83 gets HTTPS-only Mode.
- Mozilla seeks consultation on implementing DNS-over-HTTPS.
- The comical announcement strategy of the Egregor Ransomware.
- Large-scale attacks targeting Epsilon Framework Themes in WordPress.
- Cybercrime gang installs hidden e-commerce stores on WordPress sites.
- 245,000 Windows systems still vulnerable to BlueKeep RDP bug.
- Google's Rich Communication Services is getting E2EE via Signal.
- Cicada, a Chinese state-sponsored advanced persistent threat group.
We invite you to read our show notes at https://www.grc.com/sn/SN-794-Notes.pdf
Hosts: Steve Gibson and Jason Howell
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 25 Nov 2020
- Listen
SN 793: SAD DNS - Malicious Android Apps, Ransomware-as-a-Service
Malicious Android apps, ransomware-as-a-service.
- Where do most malicious Android apps come from?
- SAD DNS is a revival of the classic DNS cache poisoning attack
- How many Ransomware-as-a-Service (RaaS) operations are there?
- Ragnar Locker ransomware gang takes out a Facebook ad
- Two more new 0-days revealed in Chrome
- Last Tuesday, Microsoft fixed 112 known vulnerabilities in Microsoft products
We invite you to read our show notes at https://www.grc.com/sn/SN-793-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 18 Nov 2020
- Listen
SN 792: NAT Firewall Bypass - SlipStream NAT Firewall Bypass, MS Police Use Ring Doorbell Cams
SlipStream NAT firewall bypass, MS Police use Ring doorbell cams.
- Let's Encrypt's cross-signed root expires next year
- Chrome updates on Windows, macOS, Linux, and Android to remove 0-day vulnerability
- Mattel, Compel, Capcom, and Campari fall to ransomware attacks
- iOS 14.2 fixes three 0-day vulnerabilities
- Introducing the Tianfu Cup: China's version of the Pwn2Own hacker competition
- November's Patch Tuesday
- The Great Encryption Dilemma hits Europe
- Ring Doorbells to be tapped in a trial by local Police
- WordPress plugins are a hot mess for security
- SlipStream NAT Firewall Bypass
We invite you to read our show notes at https://www.grc.com/sn/SN-792-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 11 Nov 2020
- Listen
SN 791: Google's Root Program - Google One VPN, WordPress Update Fail, Windows 7 0-Day
Google One VPN, WordPress update fail, Windows 7 0-Day.
- A new 0-day in Win7 through Win10
- A public service reminder from Microsoft
- Google One adding an Android VPN
- Vulnonym: Stop the Naming Madness!
- WordPress fumbles an important update
- Chrome's Root Program
We invite you to read our show notes at https://www.grc.com/sn/SN-791-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 04 Nov 2020
Convention TV Summer NAMM 2005 - iPod Video
Late Night Linux (MP3)
