Security Now (MP3)

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

https://twit.tv/shows/security-now

subscribe
share


 
 
 

    SN 600: The MMU Side-Channel Attack


    The story behind Microsoft's Patch Tuesday security update disaster. CyberX discovered a new large-scale cyber-reconnaissance operation targeting Ukraine targets: using vulnerabilities in Dropbox data traffic, DDL malware injection. Find out how easy it is to hack and steal an internet connected car. Chrome 56 update that hides connection certificate info. The future of Firefox add-ons. The lock screen of Win 10 leaking Clipboard contents. Project Zero's Windows flaw and NVIDIA Driver....


    share





    2h15m
    Wednesday

    SN 599: TLS Interception INsecurity


    Patch Tuesday DELAYED (and we may know why!), our favorite ad-blocker embraces the last major browser, a university gets attacked by its own vending machines, PHP leaps into the future, a slick high-end Linux hack, the rise of fileless malware, some good advice for tax time, it's not only Android's pattern lock that's vulnerable to visual eavesdropping, what happens with you store a huge pile of Samsung Note 7's in one place?, some fun miscellany, a MUST NOT MISS science fiction TV series,...


    share





    1h52m
    last week

    SN 598: Two Armed Bandits


    Speak of the devil... printers around the world get hacked! Vizio's TVs really were watching their watchers, Windows has a new 0-day problem, Android's easy-to-hack pattern lock, an arsonist's pacemaker rats him out, a survey finds that many iOS apps are not checking TLS certificates, the courts create continuing confusion over eMail search warrants, a blast from the past: SQL Slammer appears to return, Cellebrite's stolen cell phone cracking data begins to surface, some worrisome events in...


    share





    2h5m
    this month

    SN 597: Traitors In Our Midst


    The best "I'm not a Robot" video ever, Cisco's WebEx problem is far more pervasive than first believed, more bad news (and maybe some good news) for Netgear, Gmail adds .js to the no-no list, a hotel finally decides to abandon electronic room keying, more arguments against the use of modern AV, another clever exploitable CSS browser hack, some (hopefully final) password complexity follow-ups, a bit of errata and miscellany, a SQRL status update, a "Luke... trust the SpinRite" story, and a...


    share





    1h55m
    this month

    SN 596: Password Complexity


    Symantec issues additional invalid certificates while on probation, Tavis Ormandy finds a very troubling problem in Cisco's Web conferencing extension for Chrome, yesterday's important update to iOS, renewed concerns about LastPass metadata leakage, the SEC looks askance at what's left of Yahoo, a troubling browser form auto-fill information leakage, Tor further hides it's hidden services, China orbits a source of entangled photons? Heartbleed three years later, a new take on compelling...


    share





    2h12m
    this month

    SN 595: What's Up with WhatsApp?


    A classic bug at GoDaddy bypassed domain validation for 8850 issued certificates, could flashing a peace sign compromise your biometric data?, it's not only new IoT devices that may tattle, many autos have been able to for the past 15 years, McDonald's gets caught in a web security bypass, more famous hackers have been hacked, Google uses AI to increase image resolution, more on the value or danger of password tricks, and... does WhatsApp incorporate a deliberate crypto backdoor?We invite...


    share





    1h56m
    last month

    SN 594: A Look Into PHP Malware


    The US Federal Trade Commission steps into the IoT and home networking malpractice world, a radio station learns a lesson in what words NOT to repeat, Google plans to even eliminate the checkbox, a crucial caveat to the "passwords are long enough" argument, more cause to be wary of third-party software downloads, a few follow-ups to last week's topics, a bit of miscellany and a close look at a well-known piece of PHP malware.We invite you to read our show notes. Hosts: Steve Gibson and Leo...


    share





    2h6m
    last month

    SN 593: I'm NOT a Robot! (Really)


    Law enforcement and the Internet of Tattling things, a very worrisome new and widespread PHP eMail vulnerability, Paul and Mary Jo score a big concession from Microsoft, a six-year-old "hacker" makes the news, Apple discovers how difficult it is to make developers change, hyperventilation over Russian malware found on a power utility's laptop, the required length of high entropy passwords, more pain for Netgear, an update on the just finalized v1.3 of TLS, the EFF's growing "Secure"...


    share





    1h55m
    last month

    SN 592: The Portable Dog Killer


    Steve Gibson tells how he built a device at 16 years old to solve a problem with a neighborhood dog.Original podcast date: May 13, 2010, Episode 248. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now.You can submit a question to Security Now! at the GRC Feedback Page.For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever...


    share





    1h31m
    last month

    SN 591: Law Meets Internet


    This week, Leo and Steve discuss Russia's hacking involvement in the US Election; that, incredibly, it gets even worse for Yahoo!, misguided anti-porn legislation in South Carolina, troubling legislation from Australia, legal confusion from the Florida appellate court, some good news from the U.S. Supreme Court, Linux security stumbling, why Mac OS X got an important fix last week, the Steganography malvertising attack that targets home routers, news of a forthcoming inter-vehicle...


    share





    2h15m
    this year