Security Now (Audio)
Download, listen or watch all podcasts
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
- Listen
SN 878: The ZuoRAT - 0-Day Chrome, Firefox v102, HackerOne
- Picture of the week.
- Chrome's fourth zero-day of 2022.
- Mozilla's new Firefox privacy-enhancing feature.
- HackerOne discloses a malicious insider incident.
- Closing the loop.
- The ZuoRAT.
We invite you to read our show notes at https://www.grc.com/sn/SN-878-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 06 Jul 2022
- Listen
SN 877: The "Hertzbleed" Attack - 3rd Party FIDO2, Log4Shell, '311" Proposal
- Picture of the Week.
- Errata: Firefox's "Total Cookie Protection"
- 3rd Party FIDO2 Authenticators
- Germany's not buying the EU's proposal which subverts encryption
- The Conti Gang have finally pulled the last plug
- Log4J and Log4Shell is alive and well
- The '311' emergency number proposal
- 56 Insecure-By-Design Vulnerabilities
- "Long Story Short"
- Closing The Loop
- The "Hertzbleed" Attack
We invite you to read our show notes at https://www.grc.com/sn/SN-877-Notes.pdf
Hosts: Steve Gibson and Jason Howell
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 28 Jun 2022
- Listen
SN 876: Microsoft's Patchy Patches - 3rd Party Authenticators, MS-DFSNM, Safari Regression, Firefox Cookies
- Picture of the Week.
- Double Decryption (Last week's key-strength puzzler).
- 3rd Party Authenticators.
- Firefox: Total Cookie Protection.
- We keep breaking DDoS attack records.
- MS-DFSNM.
- An Apple Safari regression.
- One Million WordPress sites force-updated.
- High-Severity RCE in Fastjson Library.
- Miscellany.
- Closing The Loop.
- Microsoft's Patchy Patches.
We invite you to read our show notes at https://www.grc.com/sn/SN-876-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 22 Jun 2022
- Listen
SN 875: The PACMAN Attack - WebAuthn, Passkeys at WWDC, Free Kali Linux Pen Test Course, Proof of Simulation
- Picture of the Week.
- Apple's Passkeys presentation at WWDC 2022.
- WebAuthn.
- FREE Penetration Testing course with Kali Linux.
- Proof of Simulation.
- A valid use for facial recognition: The Smart Pet Door!
- Closing The Loop.
- The PACMAN Attack.
We invite you to read our show notes at https://www.grc.com/sn/SN-875-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 15 Jun 2022
- Listen
SN 874: Passkeys, Take 2 - ServiceNSW Responds, Follina, Windows Search URL, UNISOC Chip Vulnerability
- Picture of the Week.
- ServiceNSW Responds.
- ExpressVPN pulls the plug in India.
- And speaking of pulling the plug.
- "Follina" under active exploitation.
- And a Windows Search URL schema can be abused, too.
- "Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones".
- Ransomware sanctions are causing trouble.
- Conti spotted compromising motherboard firmware.
- Errata.
- Closing the Loop.
- Passkeys, Take 2.
We invite you to read our show notes at https://www.grc.com/sn/SN-874-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
-
download
Posted on 08 Jun 2022