Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Similar Podcasts
FLOSS Weekly (Audio)
We're not talking dentistry here; FLOSS all about Free Libre Open Source Software. Join host Doc Searls and his rotating panel of co-hosts every Wednesday as they talk with the most interesting and important people in the Open Source and Free Software community.
Records live every Wednesday at 12:30pm Eastern / 9:30am Pacific / 17:30 UTC.
no dogma podcast
discussions on software development
Open Source Security Podcast
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
SN 923: Location Tracker Behavior - Diving deep into Google and Apple's tracker spec, SpinRite update
Picture of the Week.SpinRite.Location Tracker Behavior.Formal definitions from the specification.Bluetooth LE devices have MAC addresses and therein lies a problem.All devices are serialized.And now, that "pairing registry".Privacy considerations.Show Notes: https://www.grc.com/sn/SN-923-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit GO.ACILEARNING.COM/TWIT
SN 922: Detecting Unwanted Location Trackers - Google Passkeys, Chrome lock icon, AI news sites, Vint Cerf
Picture of the Week.Google & Passkeys.TP-Link routers DO auto-update.US Marshals Service: Where's the backup??T-Mobile keeps getting breached.Chrome: No more LOCK icon.Apple's new "Rapid Security Response" system.Elon Musk, making friends wherever he goes...A quick Mastodon aside.Here come the fake AI-generated "news" sites.Russia to replace "American" TCP/IP with "Russian Internet".Vint Serf's 3 mistakes.Detecting Unwanted Location Trackers.Show Notes: https://www.grc.com/sn/SN-922-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow
SN 921: OSB OMG and Other News! - Age verification, Google Authenticator E2EE, VirusTotal AI, cURL
Picture of the Week.The Encryption Debate.Age does matter...Age Verification.WhatsApp: Rather be blocked in UK than weaken security.Exposing Side-Channel Monitoring.Closing the Loop.A new UDP reflection attack vector.Google Authenticator Updated.Does Israel use NSO Group commercial spyware?A Russian OS?TP-Link routers compromised.A pre-release security audit.Another Intel side-channel attack.Windows users: Don't remove cURL!AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
SN 920: An End-to-End Encryption Proposal - Wipe those routers, Lockdown Mode, ChatGPT black market
Picture of the Week. Lockdown Mode seen succeeding. A growing black market for ChatGPT accounts. Decommissioned Corporate Routers Leak Secrets. Jaguar Tooth: Cisco router vulnerabilities. Security Research Legal Defense Fund. A quick Firefox fix. Kubernetes security audit. Google Chrome zero-day. An End-to-End Encryption Proposal. Show Notes https://www.grc.com/sn/SN-920-Notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: athleticgreens.com/securitynow lookout.com
SN 919: Forced Entry - Patch Tuesday, Google Assured Open Source Software, WhatsApp Improvements
Picture of the Week.Patch Tuesday Review.Risky Business News.Google Assured Open Source Software.WhatsApp Improvements.Bad Security? Go to jail!Forced Entry.Show Notes https://www.grc.com/sn/SN-919-Notes.pdf Hosts: Steve Gibson and Jason HowellDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: meraki.cisco.com/twit bitwarden.com/twit GO.ACILEARNING.COM/TWIT
SN 918: A Dangerous Interpretation - H26FORGE, Privatized ChatGPT, Mozilla Site Breach Monitor
Picture of the Week.Microsoft and Fortra go on the offensive.Can ChatGPT keep a secret?Apple updates their OS's.Wordpress under attack... again.Mozilla's Site Breach Monitor.Another ChatGPT investigation.Samsung handsets reaching EoL.Less access for loan apps.The right to be forgotten.SpinRite.A Dangerous Interpretation.Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason HowellDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
SN 917: Zombie Software - ChatGPT Ban, Hacking the Pentagon
Picture of the WeekSo... Not an attack, then?AI Overlord HysteriaItaly says NO to ChatGPTIt's illegal... How much will that be?The U.S. FDA & medical device securityHack the PentagonFirefox 3dr-party DLL check-upMicrosoft's Extortion?The Silver ShipsZombie SoftwareShow Notes: https://www.grc.com/sn/sn-917-notes.pdf Hosts: Steve Gibson and Ant PruittDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT meraki.cisco.com/twit
SN 916: Microsoft's Email Extortion - Pwn2Own, Edge Crypto Wallet
Picture of the Week.Synacktiv wins this year's CanSecWest Pwn2OwnGitHub: Mistakes happenDDoS for Hire. . .Or Not144,000 malicious packages publishedNo iPhones For Russian Presidential StaffI NUITEdge Gets CryptoMicrosoft's Email ExtortionShow Notes: https://www.grc.com/sn/sn-916-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: lookout.com kolide.com/securitynow Melissa.com/twit
SN 915: Flying Trojan Horses - Exynos 0-days, TikTok Tick Tock, 90-day TLS cert life, CHESS is safe!
Picture of the Week.Multiple Exploitable Samsung 0-Days.A good idea for NPM.The TikTok Tick Tock.Google pushes for 90-day TLS certificate life.CHESS is safe.CISA has begun scanning!Flying Trojan Horses.Show Notes: https://www.grc.com/sn/SN-915-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT expressvpn.com/securitynow
SN 914: Sony Sues Quad9 - Polynonce attack, Germany Huawei ban, Plex Media Server defect, Andor review
Picture of the Week.Another Malicious Chrome Extension.Germany to join the Huawei & ZTE ban.Putting "phishing" into perspective.The Polynonce attack.Plex's RCE now in CISA's KEV.Sci-Fi: Andor.Sony Sues Quad9.Show Notes: https://www.grc.com/sn/SN-914-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: fortra.com bitwarden.com/twit plextrac.com/twit
SN 913: A Fowl Incident - DDoS'ing Fosstodon, Strategic Objective 3.3, CISA's Covert Red-Team
Picture of the Week.DDoS'ing Fosstodon.DDoS for Hire takedowns.TikTok Insanity.Illegal Warrantless Surveillance.Strategic Objective 3.3.GitHub Secret Scanning.CISA's Covert Red-Team.What's left?What's old is new again.TCG TPM vulnerabilities.WordPress "All In One SEO".Russia fines Wikipedia.A Fowl Incident.Show Notes: https://www.grc.com/sn/SN-913-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT drata.com/twit kolide.com/securitynow
SN 912: The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Picture of the Week.Windows 11? ... anyone?As Plain as Ever.Edge's new built-in VPN?LastPass Incident Update.Signal says NO to the UK.More PyPI troubles.The QNAP bug bounty program.SpinRite.The NSA @ Home.Show Notes: https://www.grc.com/sn/SN-912-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow
SN 911: A Clever Regurgitator - GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified
GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta VerifiedPicture of the Week.GoneDaddy.Section 230.No Blue, No SMS-based 2FA.Bitwarden gets Argon."Meta Verified".Emsisoft Fake Code Signing.Attacks breaking records.More Mirai.NPM malware.Patch Tuesday.Samsung announces "Message Guard".The Hyundai & Kia mess.A Clever Regurgitator.Show Notes https://www.grc.com/sn/sn-911-notes.pdfHosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit GO.ACILEARNING.COM/TWIT
SN 910: Ascon - Malicious ChatGPT Use, Goole Security Key Giveaway, OTPAuth
Picture of the WeekESXiArgs follow-upChatGPT's Malicious UseGoogle Security Key GiveawayBrave goes HTTPS-by-default1Password Makes Another Passkeys MoveRussian Patriotic HackersAmazon to FINALLY Secure Its AWS S3 InstancesMore Anti-Chinese Camera RemovalsMicrosoft to embed Adobe Acrobat PDF reader into EdgePassword ExhaustionOne Time Passowrd OTPAuthPassword ExhaustionAsconShow Notes https://www.grc.com/sn/sn-910-notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit plextrac.com/twit fortra.com
SN 909: How ESXi Fell - EU Internet Surveillance, QNAP returns, .DEV is always HTTPS
Picture of the Week.The European Union's Internet Surveillance Proposal.30,000 patient records online?.DEV is always HTTPS!Google changes Chrome's release strategy.Russia shoots the messenger.A fool and his Crypto...QNAP is back.CVSS severity discrepancy.Closing the Loop.How ESXi Fell.Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo LaporteDownload or subscribe to this show at https://twit.tv/shows/security-now.Get episodes ad-free with Club TWiT at https://twit.tv/clubtwitYou can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT