Security Now (MP3)

Security Now (MP3) Podcast

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

SN 697: Zerodium
The implications of the recent increase in bounty for the purchase of 0-day vulnerabilities. The intended and unintended consequences of last week's Windows Patch Tuesday.Speaking of unintended consequences, the US Government shutdown has had some, too!A significant privacy failure in WhatsApp. Another Ransomware decryptor (with a twist).Movement on the DNS-over-TLS front.An expectation of the cyberthreat landscape for 2019. A cloudy forecast for The Weather Channel App. A successful 51% attack against the ...

Security SecurityNow TWiT stevegibson leolaporte WeatherChannel location Zerodium zero-day Windows patchtuesday governmentshutdown whatsapp ransomeware dls-over-tls Google ethereumclassic 51%attack iPhone FaceID TouchID flash

SN 696: Here Comes 2019!
The NSA announces the forthcoming release of an internal powerful reverse-engineering tool for examining and understanding other people's code.Emergency out-of-cycle patches from both Adobe and Microsoft.PewDiePie hacker strikes again.Prolific 0-day dropper SandboxEscaper ruffles some feathers.A new effort by the US government to educate industry about the risks of Cyber attacks.Welcome news on the ransomware front.VERY welcome news of a new Windows 10 feature.A note about a just-published side-channel atta...

Security SecurityNow TWiT stevegibson leolaporte NSA GHIDRA adobe Microsoft PewDiePie SandboxEscaper NCSC Apple iPhone CES WindowsSandbox ransomware BleepingComputer

SN 695: Our Best of 2018
The Best of Security Now from 2018! Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: securitynow.cachefly.com...

Security GRC stevegibson privacy meltdown spectre leolaporte Bestof2018


SN 694: The SQLite RCE Flaw
Rhode Island's response to Google's recent API flawSignal's response to Australia's anti-encryption legislationThe return of PewDiePieUS border agents retaining traveler's private dataThis Week in Android HijinksConfusion surrounding the Windows v5 releaseAnother Facebook API mistakeThe 8th annual most common passwords list (AKA "How's 'monkey' doing?")Why all might not be lost if someone is hit with drive encrypting malwareMicrosoft's recent 4-month run of 0-day vulnerability patchesThe Firefox 64 updateA ...

Security SecurityNow TWiT stevegibson leolaporte RhodeIsland.Google google+ SignalAustralia encryption PewDiePie Border Windowsv5 Android facebook Microsoft firefox SQLite

SN 693: Internal Bug Discovery
Australia's recently passed anti-encryption legislationDetails of a couple more mega-breaches including a bit of Marriott follow-upA welcome call for legislation from MicrosoftA new twist on online advertising click fraudThe DHS is interested in deanonymizing cryptocurrencies beyond BitcoinThe changing landscape of TOR fundingAn entirely foreseeable disaster with a new Internet IoT-oriented protocolGoogle finds bugs in Google+ and acts responsibly -- again -- what that suggests for everyone elseWe invite yo...

Security SecurityNow TWiT stevegibson leolaporte Australia encryption Marriott breach Microsoft DHS tor iot google+

SN 692: GPU RAM Image Leakage
Another Lenovo SuperFish-style local security certificate screw upThe Marriott breach and several other new, large and high-profile secure breach incidentsThe inevitable evolution of exploitation of publicly exposed UPnP router servicesThe emergence of "Printer Spam"How well does ransomware pay? We have an idea now.The story of two iOS scam appsProgress on the DNS over HTTPS frontRumors that Microsoft is abandoning their EdgeHTML engine in favor of Chromium We also have a bit ofA Cyber Security related Humb...

Security SecurityNow TWiT stevegibson leolaporte JasonHowell Marriott Starwood breach lenovo Superfish sennheiser UPnP quora PrinterSpam ransomware iOS scam PewDiePie DNSoverHTTPS Microsoft edge Chromium HumbleBookBundle


SN 691: ECCploit
Yesterday, the US Supreme Court heard Apple's argument about why a class action lawsuit against their monopoly App Store should not be allowed to proceed. How could this affect iOS security?Google and Mozilla are looking to remove support for FTP from their browsers.From our "what could possibly go wrong" department, we have browsers asking for explicit permission to leave their sandboxes.The next step in the evolution of RowHammer attacks which do, as Bruce Schneier once opined, only get better... or in th...

Security SecurityNow TWiT stevegibson leolaporte SCOTUS Apple appstore iPhone Google mozilla firefox FTP browsers webapps rowhammer

SN 690: Are Passwords Immortal?
All the action at last week's Pwn2Own Mobile hacking contestThe final word on processor mis-design in the Meltdown/Spectre eraA workable solution for unsupported Intel firmware upgrades for hostile environmentsA forthcoming Firefox breach alert featureThe expected takeover of exposed Docker-offering servershe recently announced successor to recently ratified HTTP/21.1.1.1 errataThe future of passwords: a thoughtful article written by Troy Hunt, the creator of the popular "Have I Been Pwned" web serviceWe in...

Security SecurityNow TWiT stevegibson leolaporte PWN2Own meltdown spectre intel firefox docker http/2 1.1.1.1 passwords HaveIBeenPwned TroyHunt

SN 689: Self-Decrypting Drives
Last month's Patch Tuesday, this monthA GDPR-inspired lawsuit filed by Privacy InternationalCheck these two router ports to protect against a new botnet that's making the roundsAnother irresponsibly disclosed zero-day, this time in Virtual BoxCloudFlare's release of a very cool 1.1.1.1 app for iOS and AndroidMicrosoft's caution about the in-RAM vulnerabilities of the BitLocker whole drive encryptionA deep dive into last week's worrisome revelation about the lack of true security being offered by today's Sel...

Security SecurityNow TWiT stevegibson leolaporte patchtuesday privacy GDPR botnet zero-day VirtualBox cloudflare 1.1.1.1 iOS Android Microsoft bitlocker self-encrypting ssd BCMPUPnP_Hunterbotnet


SN 688: PortSmash
A close look at the impact and implication of the new "PortSmash" attack against Intel (and almost certainly other) processors. The new "BleedingBit" Bluetooth flaws JavaScript is no longer optional with Google A new Microsoft Edge browser 0-dayWindows Defender plays in its own sandboxMicrosoft and SysInternals newsThe further evolution of the CAPTCHA The 30th anniversary of the Internet's first worm A bizarre requirement of Ransomware A nice new bit of security non-tech from AppleWe invite you to read our ...

SecurityNow TWiT stevegibson leolaporte Portsmash BleedingBit bluetooth javascript Google Microsoft edge WindowsDefender Sysinternals captcha ransomware Apple MorrisWorm

SN 687: Securing the Vending Machine
More Zero-day exploits in Windows 10, publicly exposed Docker Engine APIs, Google's plan to fix Android, the DoD is expanding its existing "Hack the Pentagon" bug-bounty program to include hardware assets, the going rate for DDoS-for-Hire, and Steve has the answer to our vending machine conundrum from last week. We invite you to read our show notes. Hosts: Leo Laporte and Steve Gibson Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now!...

Security Microsoft windows10 zero-dayexploits exploits docker Google Android hadoop DemonBot apache Dod hack hacking DDoS firefox linux FreeBSD vulnerability

SN 686: Libssh's Big Whoopsie!
This week a widely used embedded OS (FreeRTOS) is in the doghouse, as are at least eight D-Link routers which have serious problems most of which D-Link has stated will never be patched. We look at five new problems in Drupal 7 and 8, two of which are rated critical, trouble with Live Networks RTSP streaming server, still more trouble with the now-infamous Windows 10 Build 1809 feature update, and a long standing 0-day in the widely used and most popular plugin for jQuery. We then look at what can only be d...

Security SecurityNow TWiT leolaporte stevegibson FreeRTOS D-link Drupal windows10 LiveNetworks RTSP jQuery libssh puzzler


SN 685: Good Samaritans?
This week we observe the untimely death of Microsoft's co-founder Paul Allen, revisit the controversial Bloomberg China supply chain hacking report, catch up on Microsoft's October patching fiasco, follow-up on Facebook's privacy breach, look at the end of TLS v1.0 and 1.1, explore Google's addition of control flow integrity to Android 9, look at a GAO report about the state of US DOD weapons cybersecurity, consider the EOL of PHP 5.x chain, take a quick look at an A/V comparison test, entertain a few bits ...

Security Microsoft cybersecurity PHP patching TLS PaulAllen Coca-cola Google Android9 facebook Bloomberg chinahack

SN 684: The Supply Chain
An October Surprise of a different sort - Windows 10 update deletes users' filesA security researcher has massively weaponzied the existing MicroTik vulnerability and released it as a proof-of-conceptA clever voicemail WhatsApp OTP bypassWhat happened with that recent Google+ breach?Google tightens up its Chrome extensions security policiesWiFi radio protocol designations finally switch to simple version numberingIntel unwraps its 9th-generation processorsHead-spinning PDF updates from Adobe and Foxit (this...

Security SecurityNow TWiT leolaporte stevegibson Google google+ API Windows windows10 MicroTik whatsapp chrome Wi-Fi intel PDF adobe Foxit China Apple amazon DHS supermicro Elemental Bloomberg supplychain

SN 683: The Facebook Breach
This week we discuss yet another treat from Cloudflare, the growing legislative battle over Net Neutrality, the rise of Python malware, Cisco's update report on the VPNFilter malware, still more Chrome controversy and some placating, the rapid exploitation of 0-day vulnerabilities, the first UEFI rootkit found in the wild, another new Botnet discovery, the danger of the RDP protocol, a nasty website browser trick and how to thwart it, a quick update on recent non-fiction and science fiction, and then a look...

SecurityNow TWiT leolaporte stevegibson chrome Google www Chromium 0-day exploit Microsoft SabriHaddouche firefox BrowserReaper matthewgreen Chrome69 UnGoogled westerndigital MiraiBotnet FBI Equifax cloudflare


SN 682: SNI Encryption
This week we look at additional changes coming from Google's Chromium team, another powerful instance of newer cross-platform malware, the publication of a 0-day exploit after Microsoft missed its deadline, the return of Sabri Haddouche with browser crash attacks, the reasoning behind Matthew Green's decision to abandon Chrome after a change in release 69... and an "UnGoogled" Chromium alternative that Matthew might approve of, Western Digital's pathetic response to a very serious vulnerability, a cool devi...

Security SecurityNow TWiT leolaporte stevegibson chrome Google www Chromium 0-day exploit Microsoft SabriHaddouche firefox BrowserReaper matthewgreen Chrome69 UnGoogled westerndigital MiraiBotnet FBI Equifax cloudflare

SN 681: The Browser Extension Ecosystem
This week we prepare for the first ever Presidential Alert unblockable nationwide text message, we examine Chrome's temporary "www" removal reversal, checkout Comodo's somewhat unsavory marketing, discuss a forthcoming solution to BGP hijacking, examine California's forthcoming IoT legislation, deal with the return of Cold Boot attacks, choose not to click on a link that promptly crashes any Safari OS, congratulate Twitter on adding some auditing, check in on the Mirai Botnet's steady evolution, look at the...

Security SecurityNow TWiT leolaporte stevegibson JasonHowell EmergencyPresidentialAlert chrome Comodo BGPhijacking iot california ColdBoot SafariRipper safari iOS12 macos

SN 677: The Foreshadow Flaw
As we head into our 14th year of Security Now​, this week we look at some of the research released during last week's USENIX Security symposium, we also take a peek at last week's Patch Tuesday details, Skype's newly released implementation of Open Whisper Systems' Signal privacy protocol, Google's Chrome browser's increasing pushback against being injected into, news following last week's observation about Google's user tracking, Microsoft's announcement of more spoofed domain takedowns, another page table...

Security SecurityNow TWiT leolaporte stevegibson usenix patchtuesday skype OpenWhisperSystems Google chrome Microsoft russia MaliciousRegularExpressions coinhive intel spectre


SN 676: The Mega FaxSploit
This week we cover lots of discoveries revealed during last week's Black Hat 2018 and DEF CON 26 Las Vegas security conferences. Among them, 47 vulnerabilities across 25 Android smartphones, Android "Disk-In-The-Middle" attacks, Google tracking when asked not to, more Brazilian DLink router hijack hijinks, a backdoor found in VIA C3 processors, a trusted-client attack on WhatsApp, a macOS 0-day, a tasty new feature for Win10 Enterprise, a new Signal-based secure eMail service, Facebook's FIZZ TLS v1.3 libra...

SecurityNow TWiT leolaporte stevegibson blackhat defcon Android Google DLink VIAC3 whatsapp macos Win10 signal facebook let'sencrypt FaxSploit

SN 675: New WiFi Password Attack
This week we discuss yet another new and diabolical router hack and attack, Reddit's discovery of SMS 2FA failure, WannaCry refuses to die, law enforcement's ample unused forensic resources, a new and very clever BGP-based attack, Windows 10 update dissatisfaction, Google advances their state-sponsored attack notifications, what is Google's project Dragonfly?, a highly effective and highly targeted Ransomware campaign, some closing-the-loop feedback from our listeners, and a breakthrough in hacking/attackin...

SecurityNow TWiT leolaporte stevegibson router coinhive reddit SMS2FA yubikey WannaCry bgp windows10 Google Dragonfly wifi

SN 674: Attacking Bluetooth Pairing
This week we examine still another new Spectre processor speculation attack, we look at the new "Death Botnet", the security of the US DoD websites, lots of Google Chrome news, a push by the US Senate toward more security, the emergence and threat of clone websites in other TLDs, more cryptocurrency mining bans, Google's Titan hardware security dongles, and we finish by examining the recently discovered flaw in the Bluetooth protocol which has device manufacturers and OS makers scrambling. (But do they real...

SecurityNow TWiT stevegibson JasonHowell spectre Dod HTTPS DeathBotnet RonWyden senate TLDs GoogleTitan yubikey cryptocurrency googleplay bluetooth


SN 673: The Data Transfer Project
This week as we examine still another new Spectre processor speculation attack, some news on DRAM hammering attacks and mitigation, the consequences of freely available malware source code, the reemergence of concern over DNS rebinding attacks, Venmo's very public transaction log, more Russian shenanigans, the emergence of flash botnets, Apple continuing move of Chinese data to China, another (the 5th) Cisco secret backdoor found, an optional missing Windows patch from last week, a bit of Firefox news and p...

Security SecurityNow TWiT leolaporte stevegibson spectre dram rowhammer DNSrebinding venmo Russian flashbotnets Apple China cisco Windows firefox Google Microsoft facebook Twitter DataTransferProject

SN 672: All Up in Their Business
This week we look at even MORE, new, Spectre-related attacks, highlights from last Tuesday's monthly patch event, advances in GPS spoofing technology, GitHub's welcome help with security dependencies, Chrome's new (or forthcoming) "Site Isolation" feature, when hackers DO look behind the routers they commandeer, the consequences of deliberate BGP routing misbehavior... and reading between the lines of last Friday's DOJ indictment of the US 2016 election hacking by 12 Russian operatives -- the US appears to ...

SecurityNow TWiT leolaporte stevegibson spectre patchtuesday gps github chrome SiteIsolation router bgp DOJ russia hacking election indictment

SN 671: STARTTLS Everywhere
This week we discuss another worrisome trend in malware, another fitness tracking mapping incident and mistake, something to warn our friends and family to ignore, the value of periodically auditing previously-granted web app permissions, when malware gets picky about the machines it infects, another kinda-well-meaning Coinhive service gets abused, what are the implications of D-Link losing control of its code signing cert?, some good news about Android apps, iOS v11.4.1 introduces "USB Restricted Mode"... ...

Security SecurityNow TWiT leolaporte stevegibson fortnite rainway malware polar nas FBI fitnesstracking coinhive usbrestrictedmode Grayshift iOS11.4.1 northkorea EFF STARTTLS


SN 670: Wi-Fi Protected Access v3
This week we discuss the interesting case of a VirusTotal upload... or was it?, newly discovered problems with our 4G LTE... and even what follows, another new EFF encryption initiative, troubles with Spectre and Meltdown in some browsers, the evolution of UPnP-enabled attacks, an unpatched Wordpress vulnerability that doesn't appear to be worrying the Wordpress devs... and an early look at next year's forthcoming WPA3 standard... which appears to fix everything! We invite you to read our show notes. Ho...

SN 669: Cellular Location Privacy
This week we examine some new side-channel worries and vulnerabilities, did Mandiant "hack back" on China?, more trouble with browsers, the big Google Firebase mess, sharing a bit of my dead system resurrection, and a look at the recent Supreme Court decision addressing cellular location privacy. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feed...

SN 668: Lazy FPU State Restore
This week we examine a rather "mega" patch Tuesday, a nifty hack of Win10's Cortana, Microsoft's official "when do we patch" guidelines, the continuing tweaking of web browser behavior for our sanity, a widespread Windows 10 rootkit, the resurgence of the Satori IoT botnet, clipboard monitoring malware, a forthcoming change in Chrome's extensions policy, hacking apparent download counts on the Android store, some miscellany, an update on the status of Spectre & Meltdown... and yes, yet another brand new...