- Picture of the Week
- ESXiArgs follow-up
- ChatGPT's Malicious Use
- Google Security Key Giveaway
- Brave goes HTTPS-by-default
- 1Password Makes Another Passkeys Move
- Russian Patriotic Hackers
- Amazon to FINALLY Secure Its AWS S3 Instances
- More Anti-Chinese Camera Removals
- Microsoft to embed Adobe Acrobat PDF reader into Edge
- Password Exhaustion
- One Time Passowrd OTPAuth
- Password Exhaustion
- Ascon
Show Notes https://www.grc.com/sn/sn-910-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week.
- The European Union's Internet Surveillance Proposal.
- 30,000 patient records online?
- .DEV is always HTTPS!
- Google changes Chrome's release strategy.
- Russia shoots the messenger.
- A fool and his Crypto...
- QNAP is back.
- CVSS severity discrepancy.
- Closing the Loop.
- How ESXi Fell.
Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Android to start blocking old and unsafe apps.
- Microsoft to block Internet sourced Excel add-ins.
- An example of saying "no" even when it may hurt.
- Hacked Wormhole funds on the move.
- Kevin Rose Hacked.
- Facebook will be moving more users into E2EE.
- iOS 6.3 and FIDO.
- Scan thy Citizenry.
- The Hive ransomware organization takedown.
- Errata.
- Closing the Loop.
- SpinRite.
- Data Operand Independent Timing.
Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week.
- PayPal Credential Stuffing.
- iOS 16.3 : Cloud encryption for all.
- InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".
- CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT.
- "Meta" fined for the third time.
- Bitwarden acquires "Passwordless.dev".
- Closing the Loop.
- SpinRite.
- Credential Reuse.
Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week
- About Password Iterations
- EBC or CB
- Norton Lifelock Troubles
- Chrome Follows Microsoft and Firefox
- Chromium is Beginning to Rust
- BYOVD and Windows Defender Failures
- Closing the Loop (feedback)
- The Rule of Two
Show notes: https://www.grc.com/sn/sn-906-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week.
- LastPass Aftermath.
- LastPass Vault De-Obfuscator.
- What more do we know this week regarding LastPass?
- The most alarming discovery by listeners.
- Understanding the scale of GPU-enhanced password cracking.
- On the true strength of passwords.
- Feedback from listeners regarding LastPass.
Show Notes https://www.grc.com/sn/SN-905-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week.
- SpinRite.
- Leaving LastPass.
- Is there reason for concern?
- Well known password cracker Jeremi Gosney's LastPass rant.
- Steve shares his plan regarding LastPass.
- What is Steve's next password manager?
- What should LastPass users do to protect themselves?
Show Notes https://www.grc.com/sn/SN-904-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Anatomy of a Log4j Exploit.
- Will Russia Disconnect?
- FCC Says Kaspersky Labs is a National Security Threat.
- Lenovo UEFI Firmware Troubles.
- That "Passkeys" Thing.
- Dis-CONTI-nued: The End of Conti?
- Steve's Take on the LastPass Breach.
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- Picture of the Week.
- A malware operation known as URSNIF.
- Pwn2Own Toronto 2022.
- Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.
- Patch Tuesday.
- Another Uber breach?
- Elon Botches 'Bot Blockage.
- Vivaldi integrates Mastodon in its desktop browser.
- 5,200 Dutch government warnings.
- CIB: "Coordinated Inauthentic Behavior"
- GitHub to require 2FA by the end of next year.
- Bye bye SHA-1.
- WordFence's VERY useful looking WordPress add-on vulnerability database.
- Closing The Loop.
- SpinRite.
- A Generic WAF Bypass.
Show Notes https://www.grc.com/sn/SN-902-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsor:
- Picture of the Week.
- Chrome does Passkeys.
- SYNC.COM suffered its first outage.
- Medibank reboot.
- Totally fake cryptocurrency trading platforms.
- Malware on Telegram.
- Texas gets in on the TikTok banning.
- The LastPass class action lawsuit.
- Rackspace had a big embarrassing problem.
- Rackspace is now facing at least three class action lawsuits.
- Another country goes on the offensive.
- Closing The Loop.
- SpinRite.
- Miscellany.
- Apple Encrypts the Cloud.
Show Notes https://www.grc.com/sn/SN-901-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors: