Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Similar Podcasts
FLOSS Weekly (Audio)
We're not talking dentistry here; FLOSS all about Free Libre Open Source Software. Join host Doc Searls and his rotating panel of co-hosts every Wednesday as they talk with the most interesting and important people in the Open Source and Free Software community.
Records live every Wednesday at 12:30pm Eastern / 9:30am Pacific / 17:30 UTC.
Open Source Security Podcast
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
no dogma podcast
discussions on software development
SN 918: A Dangerous Interpretation - H26FORGE, Privatized ChatGPT, Mozilla Site Breach Monitor
Picture of the Week.Microsoft and Fortra go on the offensive.Can ChatGPT keep a secret?Apple updates their OS's.Wordpress under attack... again.Mozilla's Site Breach Monitor.Another ChatGPT investigation.Samsung handsets reaching EoL.Less access for loan apps.The right to be forgotten.SpinRite.A Dangerous Interpretation.Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason HowellDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
SN 917: Zombie Software - ChatGPT Ban, Hacking the Pentagon
Picture of the WeekSo... Not an attack, then?AI Overlord HysteriaItaly says NO to ChatGPTIt's illegal... How much will that be?The U.S. FDA & medical device securityHack the PentagonFirefox 3dr-party DLL check-upMicrosoft's Extortion?The Silver ShipsZombie SoftwareShow Notes: https://www.grc.com/sn/sn-917-notes.pdf Hosts: Steve Gibson and Ant PruittDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT meraki.cisco.com/twit
SN 916: Microsoft's Email Extortion - Pwn2Own, Edge Crypto Wallet
Picture of the Week.Synacktiv wins this year's CanSecWest Pwn2OwnGitHub: Mistakes happenDDoS for Hire. . .Or Not144,000 malicious packages publishedNo iPhones For Russian Presidential StaffI NUITEdge Gets CryptoMicrosoft's Email ExtortionShow Notes: https://www.grc.com/sn/sn-916-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com kolide.com/securitynow Melissa.com/twit
SN 915: Flying Trojan Horses - Exynos 0-days, TikTok Tick Tock, 90-day TLS cert life, CHESS is safe!
Picture of the Week.Multiple Exploitable Samsung 0-Days.A good idea for NPM.The TikTok Tick Tock.Google pushes for 90-day TLS certificate life.CHESS is safe.CISA has begun scanning!Flying Trojan Horses.Show Notes: https://www.grc.com/sn/SN-915-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT expressvpn.com/securitynow
SN 914: Sony Sues Quad9 - Polynonce attack, Germany Huawei ban, Plex Media Server defect, Andor review
Picture of the Week.Another Malicious Chrome Extension.Germany to join the Huawei & ZTE ban.Putting "phishing" into perspective.The Polynonce attack.Plex's RCE now in CISA's KEV.Sci-Fi: Andor.Sony Sues Quad9.Show Notes: https://www.grc.com/sn/SN-914-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: fortra.com bitwarden.com/twit plextrac.com/twit
SN 913: A Fowl Incident - DDoS'ing Fosstodon, Strategic Objective 3.3, CISA's Covert Red-Team
Picture of the Week.DDoS'ing Fosstodon.DDoS for Hire takedowns.TikTok Insanity.Illegal Warrantless Surveillance.Strategic Objective 3.3.GitHub Secret Scanning.CISA's Covert Red-Team.What's left?What's old is new again.TCG TPM vulnerabilities.WordPress "All In One SEO".Russia fines Wikipedia.A Fowl Incident.Show Notes: https://www.grc.com/sn/SN-913-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT drata.com/twit kolide.com/securitynow
SN 912: The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Picture of the Week.Windows 11? ... anyone?As Plain as Ever.Edge's new built-in VPN?LastPass Incident Update.Signal says NO to the UK.More PyPI troubles.The QNAP bug bounty program.SpinRite.The NSA @ Home.Show Notes: https://www.grc.com/sn/SN-912-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow
SN 911: A Clever Regurgitator - GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified
GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta VerifiedPicture of the Week.GoneDaddy.Section 230.No Blue, No SMS-based 2FA.Bitwarden gets Argon."Meta Verified".Emsisoft Fake Code Signing.Attacks breaking records.More Mirai.NPM malware.Patch Tuesday.Samsung announces "Message Guard".The Hyundai & Kia mess.A Clever Regurgitator.Show Notes https://www.grc.com/sn/sn-911-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT
SN 910: Ascon - Malicious ChatGPT Use, Goole Security Key Giveaway, OTPAuth
Picture of the WeekESXiArgs follow-upChatGPT's Malicious UseGoogle Security Key GiveawayBrave goes HTTPS-by-default1Password Makes Another Passkeys MoveRussian Patriotic HackersAmazon to FINALLY Secure Its AWS S3 InstancesMore Anti-Chinese Camera RemovalsMicrosoft to embed Adobe Acrobat PDF reader into EdgePassword ExhaustionOne Time Passowrd OTPAuthPassword ExhaustionAsconShow Notes https://www.grc.com/sn/sn-910-notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit plextrac.com/twit fortra.com
SN 909: How ESXi Fell - EU Internet Surveillance, QNAP returns, .DEV is always HTTPS
Picture of the Week.The European Union's Internet Surveillance Proposal.30,000 patient records online?.DEV is always HTTPS!Google changes Chrome's release strategy.Russia shoots the messenger.A fool and his Crypto...QNAP is back.CVSS severity discrepancy.Closing the Loop.How ESXi Fell.Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
SN 908: Data Operand Independent Timing - Old Android apps, Kevin Rose, iOS 6.3 and FIDO, Hive hacked
Android to start blocking old and unsafe apps.Microsoft to block Internet sourced Excel add-ins.An example of saying "no" even when it may hurt.Hacked Wormhole funds on the move.Kevin Rose Hacked.Facebook will be moving more users into E2EE.iOS 6.3 and FIDO.Scan thy Citizenry.The Hive ransomware organization takedown.Errata.Closing the Loop.SpinRite.Data Operand Independent Timing.Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Melissa.com/twit kolide.com/securitynow
SN 907: Credential Reuse - iOS 16.3, ChatGPT creates malware, Bitwarden acquires Passwordless.dev
Picture of the Week.PayPal Credential Stuffing.iOS 16.3 : Cloud encryption for all.InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT."Meta" fined for the third time.Bitwarden acquires "Passwordless.dev".Closing the Loop.SpinRite.Credential Reuse.Show Notes: https://www.grc.com/sn/SN-907-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: GO.ACILEARNING.COM/TWIT expressvpn.com/securitynow drata.com/twit
SN 906: The Rule of Two - Norton Lifelock Data Breach, Chromium and Rust, LastPass
Picture of the WeekAbout Password IterationsEBC or CBNorton Lifelock TroublesChrome Follows Microsoft and FirefoxChromium is Beginning to RustBYOVD and Windows Defender FailuresClosing the Loop (feedback)The Rule of TwoShow notes: https://www.grc.com/sn/sn-906-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
SN 905: 1 - LastPass Aftermath, LastPass vault de-obfuscator, LastPass iteration count folly
Picture of the Week.LastPass Aftermath.LastPass Vault De-Obfuscator.What more do we know this week regarding LastPass?The most alarming discovery by listeners.Understanding the scale of GPU-enhanced password cracking.On the true strength of passwords.Feedback from listeners regarding LastPass.Show Notes https://www.grc.com/sn/SN-905-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: tanium.com/twit drata.com/twit
SN 904: Leaving LastPass - How LastPass failed, Steve's next password manager, how to protect yourself
Picture of the Week.SpinRite.Leaving LastPass.Is there reason for concern?Well known password cracker Jeremi Gosney's LastPass rant.Steve shares his plan regarding LastPass.What is Steve's next password manager?What should LastPass users do to protect themselves?Show Notes https://www.grc.com/sn/SN-904-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: fortra.com canary.tools/twit - use code: TWIT