Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Similar Podcasts
FLOSS Weekly (Audio)
We're not talking dentistry here; FLOSS all about Free Libre Open Source Software. Join host Doc Searls and his rotating panel of co-hosts every Wednesday as they talk with the most interesting and important people in the Open Source and Free Software community.
Records live every Wednesday at 12:30pm Eastern / 9:30am Pacific / 17:30 UTC.
no dogma podcast
discussions on software development
Open Source Security Podcast
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
SN 925: Brave's Brilliant Off the Record Request - .ZIP TLD, Bitwarden Passkey support, PyPi
Picture of the Week.HP = "Huge Pile"The ".ZIP" TLD — What could possibly go wrong?PyPI gets more serious about security AND privacy."No logs saved anywhere"???Twitter in the EU?Bitwarden's support for Passkeys.A €1.2 billion fine will grab your attention.Editing WhatsApp messages.A new Google Bug Bounty.SpinRite.Brave's Brilliant Off the Record Request.Show Notes: https://www.grc.com/sn/SN-925-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cs.co/twit drata.com/twit Melissa.com/twit
SN 924: VCaaS – Voice Cloning as a Service - HP printer update, KeePass vulnerability, SpinRite bug
Picture of the Week.Tracker Follow-Up.Automatic IoT device updating.HP 9020e - error code 83C0000B.Section 230 Stands.The KeePass Vulnerability.Apple joins Samsung, Amazon and Verizon in banning ChatGPT.Google's Privacy Sandbox moves forward.The FBI heavily misused FISA powers.Supply Chain Nightmare.SpinRite.VCaaS – Voice Cloning as a Service.Show Notes: https://www.grc.com/sn/SN-924-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow athleticgreens.com/securitynow lookout.com
SN 923: Location Tracker Behavior - Diving deep into Google and Apple's tracker spec, SpinRite update
Picture of the Week.SpinRite.Location Tracker Behavior.Formal definitions from the specification.Bluetooth LE devices have MAC addresses and therein lies a problem.All devices are serialized.And now, that "pairing registry".Privacy considerations.Show Notes: https://www.grc.com/sn/SN-923-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit GO.ACILEARNING.COM/TWIT
SN 922: Detecting Unwanted Location Trackers - Google Passkeys, Chrome lock icon, AI news sites, Vint Cerf
Picture of the Week.Google & Passkeys.TP-Link routers DO auto-update.US Marshals Service: Where's the backup??T-Mobile keeps getting breached.Chrome: No more LOCK icon.Apple's new "Rapid Security Response" system.Elon Musk, making friends wherever he goes...A quick Mastodon aside.Here come the fake AI-generated "news" sites.Russia to replace "American" TCP/IP with "Russian Internet".Vint Serf's 3 mistakes.Detecting Unwanted Location Trackers.Show Notes: https://www.grc.com/sn/SN-922-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow
SN 921: OSB OMG and Other News! - Age verification, Google Authenticator E2EE, VirusTotal AI, cURL
Picture of the Week.The Encryption Debate.Age does matter...Age Verification.WhatsApp: Rather be blocked in UK than weaken security.Exposing Side-Channel Monitoring.Closing the Loop.A new UDP reflection attack vector.Google Authenticator Updated.Does Israel use NSO Group commercial spyware?A Russian OS?TP-Link routers compromised.A pre-release security audit.Another Intel side-channel attack.Windows users: Don't remove cURL!AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
SN 920: An End-to-End Encryption Proposal - Wipe those routers, Lockdown Mode, ChatGPT black market
Picture of the Week. Lockdown Mode seen succeeding. A growing black market for ChatGPT accounts. Decommissioned Corporate Routers Leak Secrets. Jaguar Tooth: Cisco router vulnerabilities. Security Research Legal Defense Fund. A quick Firefox fix. Kubernetes security audit. Google Chrome zero-day. An End-to-End Encryption Proposal. Show Notes https://www.grc.com/sn/SN-920-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: athleticgreens.com/securitynow lookout.com
SN 919: Forced Entry - Patch Tuesday, Google Assured Open Source Software, WhatsApp Improvements
Picture of the Week.Patch Tuesday Review.Risky Business News.Google Assured Open Source Software.WhatsApp Improvements.Bad Security? Go to jail!Forced Entry.Show Notes https://www.grc.com/sn/SN-919-Notes.pdf Hosts: Steve Gibson and Jason HowellDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: meraki.cisco.com/twit bitwarden.com/twit GO.ACILEARNING.COM/TWIT
SN 918: A Dangerous Interpretation - H26FORGE, Privatized ChatGPT, Mozilla Site Breach Monitor
Picture of the Week.Microsoft and Fortra go on the offensive.Can ChatGPT keep a secret?Apple updates their OS's.Wordpress under attack... again.Mozilla's Site Breach Monitor.Another ChatGPT investigation.Samsung handsets reaching EoL.Less access for loan apps.The right to be forgotten.SpinRite.A Dangerous Interpretation.Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason HowellDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
SN 917: Zombie Software - ChatGPT Ban, Hacking the Pentagon
Picture of the WeekSo... Not an attack, then?AI Overlord HysteriaItaly says NO to ChatGPTIt's illegal... How much will that be?The U.S. FDA & medical device securityHack the PentagonFirefox 3dr-party DLL check-upMicrosoft's Extortion?The Silver ShipsZombie SoftwareShow Notes: https://www.grc.com/sn/sn-917-notes.pdf Hosts: Steve Gibson and Ant PruittDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT meraki.cisco.com/twit
SN 916: Microsoft's Email Extortion - Pwn2Own, Edge Crypto Wallet
Picture of the Week.Synacktiv wins this year's CanSecWest Pwn2OwnGitHub: Mistakes happenDDoS for Hire. . .Or Not144,000 malicious packages publishedNo iPhones For Russian Presidential StaffI NUITEdge Gets CryptoMicrosoft's Email ExtortionShow Notes: https://www.grc.com/sn/sn-916-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com kolide.com/securitynow Melissa.com/twit
SN 915: Flying Trojan Horses - Exynos 0-days, TikTok Tick Tock, 90-day TLS cert life, CHESS is safe!
Picture of the Week.Multiple Exploitable Samsung 0-Days.A good idea for NPM.The TikTok Tick Tock.Google pushes for 90-day TLS certificate life.CHESS is safe.CISA has begun scanning!Flying Trojan Horses.Show Notes: https://www.grc.com/sn/SN-915-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT expressvpn.com/securitynow
SN 914: Sony Sues Quad9 - Polynonce attack, Germany Huawei ban, Plex Media Server defect, Andor review
Picture of the Week.Another Malicious Chrome Extension.Germany to join the Huawei & ZTE ban.Putting "phishing" into perspective.The Polynonce attack.Plex's RCE now in CISA's KEV.Sci-Fi: Andor.Sony Sues Quad9.Show Notes: https://www.grc.com/sn/SN-914-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: fortra.com bitwarden.com/twit plextrac.com/twit
SN 913: A Fowl Incident - DDoS'ing Fosstodon, Strategic Objective 3.3, CISA's Covert Red-Team
Picture of the Week.DDoS'ing Fosstodon.DDoS for Hire takedowns.TikTok Insanity.Illegal Warrantless Surveillance.Strategic Objective 3.3.GitHub Secret Scanning.CISA's Covert Red-Team.What's left?What's old is new again.TCG TPM vulnerabilities.WordPress "All In One SEO".Russia fines Wikipedia.A Fowl Incident.Show Notes: https://www.grc.com/sn/SN-913-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT drata.com/twit kolide.com/securitynow
SN 912: The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Picture of the Week.Windows 11? ... anyone?As Plain as Ever.Edge's new built-in VPN?LastPass Incident Update.Signal says NO to the UK.More PyPI troubles.The QNAP bug bounty program.SpinRite.The NSA @ Home.Show Notes: https://www.grc.com/sn/SN-912-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow
SN 911: A Clever Regurgitator - GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified
GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta VerifiedPicture of the Week.GoneDaddy.Section 230.No Blue, No SMS-based 2FA.Bitwarden gets Argon."Meta Verified".Emsisoft Fake Code Signing.Attacks breaking records.More Mirai.NPM malware.Patch Tuesday.Samsung announces "Message Guard".The Hyundai & Kia mess.A Clever Regurgitator.Show Notes https://www.grc.com/sn/sn-911-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT