Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Similar Podcasts
FLOSS Weekly (Audio)
We're not talking dentistry here; FLOSS all about Free Libre Open Source Software. Join host Doc Searls and his rotating panel of co-hosts every Wednesday as they talk with the most interesting and important people in the Open Source and Free Software community.
Records live every Wednesday at 12:30pm Eastern / 9:30am Pacific / 17:30 UTC.
Open Source Security Podcast
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
no dogma podcast
discussions on software development
SN 963: Web portal? Yes please! - Firefox v123, LockBit Disrupted
Nevada attempts to block Meta's end-to-end encryption for minors.A survey of security breachesEdge's Super-Duper Secure Mode moves into ChromeDoorDash dashes our privacyAvast charged $16.5 million for selling user browsing dataNo charge for extra logging!European Parliament's IT service has found traces of spyware on the smartphones of its security and defense subcommittee membersLockBit RaaS group disruptedFirefox v123The ScreenConnect Authentication BypassSpinRite updateIntroducing BootAbleCox moving to Yahoo Mail for usersCredit Card securityExploiting password complexity reqirements?Email only loginsFlipper Zero in CanadaGerman Router securityMore Flipper Zero in CanadaThrowaway email addressesShared email accountsPassword quality enforcementFingerprint tech and some future storiesShow Notes - https://www.grc.com/sn/SN-963-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT vanta.com/SECURITYNOW robinhood.com/boost joindeleteme.com/twit promo code TWIT
SN 962: The Internet Dodged a Bullet - Wyze Breach, Patch Tuesday, KeyTrap
Wyze breachMicrosoft patch Tuesday fixes 15 remote code execution flawsWhy are there password restrictions?The Canadian Flipper Zero BanSecurity on the old internetUsing Old PasswordsPasswordless loginTOTP as a second factorGerman ISP using default router passwordsEmail encryption in transitpfSense Tailscale integrationDuckDuckGo's email protection integration with BitwardenThe KeyTrap VulnerabilityShow Notes - https://www.grc.com/sn/SN-962-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow vanta.com/SECURITYNOW GO.ACILEARNING.COM/TWIT
SN 961: Bitlocker: Chipped or Cracked? - Honeypots, Toothbrush Botnet, Bitlocker Cracked
Toothbrush Botnet"There are too many damn Honeypots!"Remotely accessing your home network securelyGoing passwordless as an ecommerce siteFacebook "old password" remindersBrowsers on iOSMore UPnP IssuesA password for every website?"Free" accountsKeeping phones plugged inRunning your own email server in 2024iOS app sizesSpinRite 6.1 running on an iMacSpinRite updateBitlocker's encryption cracked in minutesShow Notes - https://www.grc.com/sn/SN-961-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit kolide.com/securitynow robinhood.com/boost
SN 960: Unforeseen Consequences - CISA's "Secure by Design" Initiative, Fastly's BoringSSL
CISA's "Secure by Design" InitiativeThe GNU C Library FlawFastly CDN switches from OpenSSL to BoringSSLRoskomnadzor asserts itselfGoogle updates Android's Password ManagerFirefox gets post-quantum cryptoGet your TOTP tokens from LastPassInflated iOS app dataLearnDMARCSync mobile app bugSpinRite and Windows DefenderCrypto signing cameraAnalog hole in digital camera authenticationiOS and Google's TopicsThe gathering of the StephvensProgrammable Logic ControllersSpinRite updateMalware-infected ToothbrushThe Unforeseen Consequences of Google's 3rd-party Cookie CutoffShow Notes - https://www.grc.com/sn/SN-960-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Melissa.com/twit joindeleteme.com/twit promo code TWIT GO.ACILEARNING.COM/TWIT vanta.com/SECURITYNOW
SN 959: Stamos on "Microsoft Security" - HP Printer Bricking, Mercedes Benz Source Code
iOS to allow native Chromium and Firefox engines.An OS immune to ransomware?HP back in the doghouse over "anti-virus" printer brickingThe mother of all breachesNew "Thou shall not delete those chats" rulesFewer ransoms are being paidVerified Camera ImagesMore on the $15/month flashlight appWhat happens when apps change publishersMicrosoft hating on FirefoxCredit Karma is storing 1GB of data on the iPhoneStaying on Windows 7Sci-Fi recommendationsWindows 7 and HSTS sitesTOTP codes/secrets and BitwardenSpinRite on MacSpinRite v6.1 is done!LearnDMARC.comAlex Stamos on "Microsoft Security"Show Notes - https://www.grc.com/sn/SN-959-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT
SN 958: A Week of News and Listener Views - HSS Breach, CISA's Policing Results
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT AttackUS Health and Human Services BreachedFirefox vs "The Competition"Brave reduces its anti-fingerprinting protectionsCISA's proactive policing results one year laterLonger Life For Samsung UpdatesGoogle Incognito Mode "Misunderstanding"Show Doc Not showing images on iOS SafariGenerated AI Media AuthenticationWhich computer languages to learn?Flashlight app subscriptionGoogle's Privacy Sandbox systemMalware and IoT devicesProtected Audience API vs. MalvertisingDefensive computingWhy ISPs don't do anything about DDoS attacksSpinRite UpdateShow Notes - https://www.grc.com/sn/SN-958-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow
SN 957: The Protected Audience API - Hacked Washing Machine, Quantum Crypto Troubles
What would an IoT device look like that HAD been taken over?And speaking of DDoS attacksTrouble in the Quantum Crypto worldThe Browser MonocultureQuestion about the Apple backdoorGetting into infosecproton drive vs syncSpinRite updateThe Protected Audience APIShow Notes - https://www.grc.com/sn/SN-957-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: meraki.cisco.com/twit kolide.com/securitynow lookout.com bitwarden.com/twit joindeleteme.com/twit promo code TWIT
SN 956: The Inside Tracks - 23andME Mess, Ukraine Telecom Hack, LastPass
More on Apple's hardware backdoorRussian Hacking of Ukranian camerasRussian hackers were inside Ukraine telecoms giant for monthsThings are still a mess at 23andMeCoinsPaid was the victim of another cyberattackCrypto Hacking in 2023Mandiant Twitter scamDefining "cyber warfare"LastPass is making some changesWindows WatchGoogle settles $5 billion lawsuitReturn Oriented ProgrammingShutting Down EdgeRoot CertificatesCredit freezingSpinRite UpdateShow Notes - https://www.grc.com/sn/SN-956-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com paloaltonetworks.com/ot-security-tco kolide.com/securitynow bitwarden.com/twit
SN 955: The Mystery of CVE-2023-38606 - SpinRite Update, Nebula Mesh, Apple's Backdoor
SpinRite 6.1 updatePruning Root CertificatesA solution to Schrodinger's BowlDNS Benchmark and anti-virus toolsNebula MeshSpinRite 7 is comingThe Mystery of CVE-2023-38606Show Notes - https://www.grc.com/sn/SN-955-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit kolide.com/securitynow Melissa.com/twit drata.com/twit
SN 954: Best of 2023 - Security Now's Best Moments of 2023
Leo looks back at the year's top security stories of 2023.Steve's Next Password Manager After the LastPass HackCHESS is SafeHere Come the Fake AI-generated "News" SitesHow Bad Guys Use SatellitesMicrosoft's "Culture of Toxic Obfuscation"Steve announces his commitment to SNApple Says NoNSA's Decade of Huawei HackingValiDrive announcementHost: Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
SN 953: Active Listening - KOSA, Cloudflare's Numbers, SpinRite Update
Child protection legislation in the USMeta pushes back on the $200 billion FTC fine for COPPA violationAge verification on the internetGoogle moving from 3rd party cookies to topicsA look at Cloudflare's metricsSpinRite updateCox Media admits that it spys on youShow Notes - https://www.grc.com/sn/SN-953-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: securemyemail.com/twit Use Code TWIT drata.com/twit GO.ACILEARNING.COM/TWIT
SN 952: Quantum Computing Breakthrough - The Clear/Deep/Dark Web, Quad 9 victory, Telegram Flaw
The government collection of push notification metadataFacebook Messenger sets end to end encryption as the defaultIran's Cyber Av3ngersCisco's Talos Top 10 cyber security exploits this yearOver 30% of apps are still using a using a vulnerable version the Log4J libraryQuad 9 speaks on their legal victory against SonyWhat are the "Clear Web", "Dark Web", and "Deep Web"?A Flaw in TelegramXfinity Mobile wants you to accept a root CA, DO NOTHardware VPN alternativeA breakthrough in quantum computingShow Notes - https://www.grc.com/sn/SN-952-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: GO.ACILEARNING.COM/TWIT lookout.com bitwarden.com/twit
SN 951: Revisiting Browser Trust - ICANN RDRS, Beeper Mini, TikTok ban, .meme TLD
How masked domain owners can be unmasked through ICANN's new Registration Data Request Service (RDRS)WhatsApp's addition of Secret Code for extra privacy protection in Chat LockIranian hackers exploited default passwords in programmable logic controllers at US water facilitiesAttempt by Montana to ban TikTok statewide was stalled by a federal judge rulingOver 1 billion Android devices now have RCS messaging enabledEU Cyber Resilience Act will improve security of Internet of Things devices sold in the EUBlack Basta ransomware group has netted over $107 million since early 2022Google's new .meme top-level domain allowing meme-related web propertiesCISA's Secure by Design initiative echoes security best practices frequently recommended on the podcastFrance plans to ban use of "foreign" end-to-end encrypted messaging apps like Telegram and require use of French app Olvid insteadConcerns raised by industry experts Ivan Ristic and Ryan Hurst about EU's eIDAS 2.0 legislation undermining certificate authority trustShow Notes - https://www.grc.com/sn/SN-951-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT vanta.com/SECURITYNOW
SN 950: Leo Turns 67 - Fingerprint Security, Do-Not-Track
Adobe Flash Player Updater is (still) desperately trying to updateVeracrypt password securityFirefox moves to 120 with a bunch of very nice new featuresDo-Not-Track is back on track"ownCloud" -or- "PwnCloud" ?CrushFTP Critical VulnerabilityBypassing fingerprint authenticationApacheMQTransUnion & Experian both hackedShow Notes - https://www.grc.com/sn/SN-950-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco Melissa.com/twit GO.ACILEARNING.COM/TWIT
SN 949: Ethernet Turned 50 - Signal funding, X (Twitter) ad fallout, RCS for iPhone, TETRA review
Privacy and Funding Challenges Facing Signal Messaging AppLoss of Advertisers for Twitter After Controversial Tweet by Elon MuskRansomware Group Files SEC Complaint Against Breached CompanyEurope Opening Up Radio Encryption Standard TETRA for Public ReviewApple Announcing Adoption of RCS Messaging for iPhonesSteve's Progress on Dynamic Code Signing for SpinRite ReleasesRemoving Suction Cup Barnacles from WindshieldsRecommendations for Benchmarking USB Drive Read/Write SpeedsConcerns Over EU's Proposed eIDAS 2.0 QWACs LegislationWhy Protectli Routers Are Preferred for pfSense SetupsCredit Card Security Precautions for Ex-LastPass UsersOrigins and Evolution of Ethernet Networking Over 50 YearsShow Notes - https://www.grc.com/sn/SN-949-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: vanta.com/SECURITYNOW kolide.com/securitynow securemyemail.com/twit Use Code TWIT