Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Similar Podcasts
FLOSS Weekly (Audio)
We're not talking dentistry here; FLOSS all about Free Libre Open Source Software. Join host Doc Searls and his rotating panel of co-hosts every Wednesday as they talk with the most interesting and important people in the Open Source and Free Software community.
Records live every Wednesday at 12:30pm Eastern / 9:30am Pacific / 17:30 UTC.
Open Source Security Podcast
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
no dogma podcast
discussions on software development
SN 993: Kaspersky exits the U.S. - Exploding Pagers, Passkeys in Chrome
The case of the exploding pagers and walkie-talkies"Ford seeks patent for tech that listens to driver conversations to serve ads"Another large chunk of personal data exposedPasskeys takes a big step forward: Now supported by ChromeA nascent 9.9 Linux Unauthenticated RCE?Freezing CreditCredit BureausDrobo 5NSN email labeled as spamPublic Wi-fi safteySN for CertsWindows DefenderKaspersky exits the U.S.Show Notes - https://www.grc.com/sn/SN-993-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: GO.ACILEARNING.COM/TWIT code SN100 canary.tools/twit - use code: TWIT bigid.com/securitynow e-e.com/twit
SN 992: Password Manager Injection Attacks - Aging Media, Naval Starlink, adam:ONE
Windows Endpoint Security Ecosystem SummitAging storage media does NOT last foreverHow Navy chiefs conspired to get themselves illegal warship Wi-Fiadam:ONE named the #1 best Secure Access Service Edge (SASE) solutionAI TalkPassword Manager Injection AttacksShow Notes - https://www.grc.com/sn/SN-992-Notes.pdfHosts: Steve Gibson and Mikah SargentDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT 1password.com/securitynow vanta.com/SECURITYNOW
SN 991: RAMBO - Cloned YubiKeys, Telegram vs. Signal, French Elevators, Unix Time
Offer to uninstall Recall was a bug, not a featureYubiKeys can be clonedMiscellanyIs WhatsApp secure?Telegram vs SignalFrench elevatorsFreezing your creditThe Quiet CanineUnix timeBobiverse book 5Exodus: The Achemedes EngineWatching SpinRiteRAMBOShow Notes - https://www.grc.com/sn/SN-991-Notes.pdfHosts: Steve Gibson and Mikah SargentDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: flashpoint.io bigid.com/securitynow Melissa.com/twit bitwarden.com/twit
SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?
Telegram puts End-to-End Privacy in the CrosshairsFree security logging is good for everyoneCrowdStrike hemorrhaging customersMicrosoft to meet privately with EDR (Endpoint Detection & Response) vendorsYelp's Unhappy with GoogleTelegram as the hotbed for DDoSass – DDoS as a ServiceChrome grows more difficult to exploitCox Media Group's "Active Listening" has apparently not endedCascading Bloom Filter follow-upClosing the LoopIs Telegram an encrypted app?Show Notes - https://www.grc.com/sn/SN-990-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow threatlocker.com for Security Now vanta.com/SECURITYNOW joindeleteme.com/twit promo code TWIT
SN 989: Cascading Bloom Filters - Key Card Backdoors, Fake Cisco Gear
CrowdStrike Exec's "Most Epic Fail" AwardHardware backdoors discovered in Chinese-made key cardsCounterfeit CISCO networking gearSpinRiteErrataNPD breach updates from listenersLooking back at old SN episodesCascading Bloom FiltersShow Notes - https://www.grc.com/sn/SN-989-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT 1password.com/securitynow e-e.com/twit GO.ACILEARNING.COM/TWIT code SN100
SN 988: National Public Data - Big Patch Tuesday, The Biggest Data Breach
Revocation UpdateGRC's next experimentPatch Tuesday"The Famous Computer Café"IsBootSecureGRC EmailWorking through WiFi FirewallsTransferring DNSOCSP attestation vs. TLS expirationPlatform key expirationNational Public DataShow Notes - https://www.grc.com/sn/SN-988-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit vanta.com/SECURITYNOW threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT
SN 987: Rethinking Revocation - SinkClose, IsBootSecure, Another Bad RCE
Sitting Ducks DNS attackA Bad RCE in another Microsoft serverSinkCloseThe CLFS.SYS BSoDIsBootSecureRethinking RevocationShow Notes - https://www.grc.com/sn/SN-987-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twit promo code TWIT bigid.com/securitynow vanta.com/SECURITYNOW 1password.com/securitynow
SN 986: How Revoking! - Crowdstrike Damage, Firefox Cookies
Platform Key DisclosureFirefox's 3rd-party Cookie messThe W3C Finally Weighs-inCrowdStrike Damages.GRC's EmailHow Revoking!Show Notes - https://www.grc.com/sn/SN-986-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bigid.com/securitynow vanta.com/SECURITYNOW
SN 985: Platform Key Disclosure - Crowdstrike Post-mortem, Entrust Update
Crowdstrike post-mortemPiDP-11What Crowdstrike is fixingMarcus Hutchins on who is to blameEntrust's Updated Info3rd-Party Cookie SurpriseSecurity training firm mistakenly hires a North Korean attackerGoogle and 3rd party cookiesGoogle's influenceThe auto industry and data brokersDNS Benchmark on MacPlatform Key DisclosureShow Notes - https://www.grc.com/sn/SN-985-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com GO.ACILEARNING.COM/TWIT code SN100 panoptica.app bitwarden.com/twit
SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust
Cellebrite unlocks Trump's would-be assassin's phone.Cisco reported on a CVSS of 10.0Entrust drops the other shoeGoogle gives up on removing 3rd-party cookiesMiscellanySnowflake and data warehouse applicationsCDK auto dealership outagePolyfill.io and resource hashesMITMBlocking CopilotBlocking incoming connections via IPCrowdStruckShow Notes - https://www.grc.com/sn/SN-984-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app canary.tools/twit - use code: TWIT vanta.com/SECURITYNOW bigid.com/securitynow
SN 983: A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack
Using Content Delivery Networks SafelyThe CDK Global Ransomware AttackThe IRS and EntrustPolyfill.io falloutMicrosoft's BehaviorA Snowflake's ChanceShow Notes - https://www.grc.com/sn/SN-983-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: vanta.com/SECURITYNOW panoptica.app lookout.com joindeleteme.com/twit promo code TWIT
SN 982: The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks
Entrust RespondsOther major Certificate Authorities respondPasskey Redaction AttacksSyncing passkeysPort KnockingFail2BanThe Polyfill.io AttackShow Notes - https://www.grc.com/sn/SN-982-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com vanta.com/SECURITYNOW bitwarden.com/twit panoptica.app
SN 981: The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust
The regreSSHion Bug50BTC movedVoyager 1 UpdateEmail @ GRCSyncThingDNS queriesRecallThe End of Entrust TrustShow Notes - https://www.grc.com/sn/SN-981-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com
SN 980: The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
Expected follow-up on CVE-2024-30078From Russia with LoveAn EU privacy agency complains about Google's Privacy Sandbox?Email @ GRCSecurity Now SPAM?Orange Tsai needs help!Recall and 3rd Party LeakageErrataThe Mixed Blessing of a Crappy PRNGShow Notes - https://www.grc.com/sn/SN-980-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twit promo code TWIT 1password.com/securitynow mylio.com/twit canary.tools/twit - use code: TWIT
SN 979: The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute
CVE-2024-30078"Recall" has been recalledMatthew Green on Apple's Private Cloud ComputeA WGET flaw with a CVSS of 10.0?Thou shall not Resolve!Email @ GRCDownloading email with MailStore HomeIT at The New York TimesReMarkableThe Angle of the DangleShow Notes - https://www.grc.com/sn/SN-979-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit 1bigthink.com kolide.com/securitynow GO.ACILEARNING.COM/TWIT - code TWIT30