Security Now

SN 706: Open Source eVoting

Security Now (Audio)

  • Last week's Patch Tuesday March Madness
  • Win7 SHA256 Windows Update... Update
  • Many attacks leveraging the recently discovered WinRAR vulnerability
  • What happens when Apple, Google, and GoDaddy all drop a bit?
  • A big recent jump in Mirai Botnet Capability
  • Compromised Counter-Strike gaming servers
  • Privacy enhancements coming in Android Q
  • A pair of very odd web browser extensions for Chrome and Firefox from Microsoft
  • A VERY exciting and encouraging project to create an entirely open eVoting system

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 705: SPOILER

Security Now (Audio)

  • 0-day exploit bidding war
  • NSA releases Ghidra v9
  • Firefox adds Tor privacy
  • A pair of nasty 0-days
  • A worrisome breach at Citrix
  • The risk of claiming to be an unhackable aftermarket car alarm
  • A new and interesting "Windows developers chatting with users" idea at Microsoft
  • A semi-solution to Windows updates crashing systems
  • Detailed news of the Marriott/Starwood breach, a bit of miscellany from
  • SPOILER: Another new and different consequence of speculation on Intel machines.

We invite you to read our show notes at https://www.grc.com/sn/SN-705-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 704: Careers in Bug Hunting

Security Now (Audio)

  • The increasing feasibility of making a sustainable career out of hunting for software bugs
  • A newly available improvement in Spectre mitigation performance and who can try it now
  • Adobe's ColdFusion emergency and patch,
  • More problems with A/V and self-signed certs
  • A Docker vulnerability being exploited in the wild
  • The end of Coinhive
  • A new major Wireshark release
  • A nifty web browser website screenshot hack
  • Continuing troubles with the over-privileged Thunderbolt interface
  • Bot-based credential stuffing attacks

We invite you to read our show notes at https://www.grc.com/sn/SN-704-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 703: Out in the Wild

Security Now (Audio)

  • A number of ongoing out-in-the-wild attacks
  • Another early-warned Drupal vulnerability
  • A 19-year old flaw in an obscure decompress for the "ACE" archive format
  • Microsoft reveals an abuse of HTTP/2 protocol which is DoSing its IIS servers.
  • Mozilla faces a dilemma about a wanna-be Certificate Authority and they also send a worried letter to Australia.
  • Microsoft's Edge browser is revealed to be secretly whitelisting 58 web domains which are allowed to bypass its "Click-To-Run" permission for Flash.
  • ICANN renews its plea for the Internet to adopt DNSSEC.
  • NVIDIA releases a handful of critical driver updates for Windows.
  • Apple increases the intelligence of it's Intelligent Tracking Prevention.

We invite you to read our show notes at https://www.grc.com/sn/SN-703-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 702: Authenticity on the Internet

Security Now (Audio)

  • Last week's doozy of a patch Tuesday for both Microsoft and Adobe
  • An interesting twist coming to Windows 7 and Server 2008 security updates
  • Eight mining apps pulled from the Windows Store
  • Another positive security initiative from Google
  • Electric scooters being hacked
  • Chipping away at Tor's privacy guarantees
  • A year and a half after Equifax, and where's the data?
  • The beginnings of GDPR-like legislation for US
  • An extremely concerning new and emerging threat for the Internet

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 701: Adiantum

Security Now (Audio)

  • Apple's most recent v12.1.4 iOS update and the two 0-day vulnerabilities it closed
  • Worrisome new Android image-display vulnerability
  • An interesting "reverse RDP" attack
  • The new LibreOffice & OpenOffice vulnerability
  • Microsoft's research into the primary source of software vulnerabilities
  • MaryJo gets an early peek at enterprise pricing for extending Windows 7 support
  • China and Russia continue their work to take control of their countries' Internet
  • Firefox's resumption of its A/V warning in release 65.
  • How Google does the Cha-Cha with their new "Adiantum" ultra-high-performance cryptographic cipher.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 700: 700 and Counting!

Security Now (Audio)

  • Chrome gets "spell-check for URLs"
  • Catch up on your Linux patch up!
  • Performance enhancements for Chrome and FireFox.
  • Facebook must really like being in the doghouse.
  • The Japanese government takes on IoT security.
  • Ubiquiti routers are in trouble again.
  • Chrome "Never Slow" mode in the works.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 699: Browser Extension Security

Security Now (Audio)

  • The expressive power of the social media friends we keep
  • The persistent DNS hijacking campaign which has the US Government quite concerned
  • Last week's iOS and macOS updates (and doubtless another one very soon!)
  • A valiant effort to take down malware distribution domains
  • Chrome catching up to IE and Firefox with drive-by file downloads
  • Two particularly worrisome vulnerabilities in two Cisco router models publicly disclosed last Friday
  • The state of the industry and the consequences of extensions to our web browsers.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 698: Which Mobile VPN Client?

Security Now (Audio)

  • Which is the right VPN client for Android, and which should you avoid at all costs?
  • A very worrisome WiFi bug affecting billions of devices
  • Hack a Tesla Model 3 at Pwn2Own
  • Russia's ongoing, failing and flailing efforts to control the Internet
  • The return of the Anubis Android banking malware
  • Google's changing policy for phone and SMS App access
  • Tim Cook's note in TIME Magazine
  • News of a nice Facebook Ad auditing page
  • Another Cisco default password nightmare in widely used lower-end devices

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 697: Zerodium

Security Now (Audio)

  • The implications of the recent increase in bounty for the purchase of 0-day vulnerabilities.
  • The intended and unintended consequences of last week's Windows Patch Tuesday.
  • Speaking of unintended consequences, the US Government shutdown has had some, too!
  • A significant privacy failure in WhatsApp.
  • Another Ransomware decryptor (with a twist).
  • Movement on the DNS-over-TLS front.
  • An expectation of the cyberthreat landscape for 2019.
  • A cloudy forecast for The Weather Channel App.
  • A successful 51% attack against the Ethereum Classic cryptocurrency.
  • Another court reversing compelled biometric authentication.
  • An update on the lingering death of Flash... now in hospice care.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:




Select a Feed

Boston Bruins News
Fred Langa at Information Week
Security Now
Deal Detective
Cheap Stingy Bargains
NY Times National Headlines
Boston Red Sox News
New Egg's Hottest Deals



Back To Top
© 1998 - 2019 psacake.com | My3C's

Version 7.2 | Advertise on this site