Cover image of Security Now (Audio)
(1467)

Rank #7 in Tech News category

Technology
News
Tech News

Security Now (Audio)

Updated 2 months ago

Rank #7 in Tech News category

Technology
News
Tech News
Read more

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Read more

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

iTunes Ratings

1467 Ratings
Average Ratings
1215
110
58
38
46

Great combination of top-notch production, & great content

By #CanesFan305 - May 08 2020
Read more
It’s pretty obvious to me that Leo is a consummate professional at his craft, & so is Steve. Both are a little quirky (which brings great personality to the podcast), and this duo present some very technical information while still managing to make it entertaining. Some here argue that the podcast is too long (that’s ok if you’re just looking to skim the surface of topics), but I enjoy the deep-dives, tangents, and all other aspects of the show during my commute to/from work (& even occasionally look into some of their sponsors that peak my interest). Bottom line is I Hope Steve changes his mind about ending the pod at episode 999 just so he doesn’t have to re-tool whatever counter he has to understand a 4-digit number, so that I can continue enjoying the content for many years to come!

Security Now is the first place to go for security news and advice.

By c60chemist - Apr 03 2020
Read more
If you are willing to put some effort and time you can read all the news releases, and understand the details of the threats and mitigation. Most people don’t have that kind of time and training. Steve Gibson offers news and explanations, advice, and strategies. Steve is the reason I have a separate banking computer, a separate WiFi network for my IoT devices, and a hardware firewall. He explained WPA, WEP, WPS, DoH, DNSSEC. Yes I probably could have gotten all that on my own. But I didn’t. I learned it all from Steve. Do you have time to do all this on your own? Most people don’t. So you should listen to Steve.

iTunes Ratings

1467 Ratings
Average Ratings
1215
110
58
38
46

Great combination of top-notch production, & great content

By #CanesFan305 - May 08 2020
Read more
It’s pretty obvious to me that Leo is a consummate professional at his craft, & so is Steve. Both are a little quirky (which brings great personality to the podcast), and this duo present some very technical information while still managing to make it entertaining. Some here argue that the podcast is too long (that’s ok if you’re just looking to skim the surface of topics), but I enjoy the deep-dives, tangents, and all other aspects of the show during my commute to/from work (& even occasionally look into some of their sponsors that peak my interest). Bottom line is I Hope Steve changes his mind about ending the pod at episode 999 just so he doesn’t have to re-tool whatever counter he has to understand a 4-digit number, so that I can continue enjoying the content for many years to come!

Security Now is the first place to go for security news and advice.

By c60chemist - Apr 03 2020
Read more
If you are willing to put some effort and time you can read all the news releases, and understand the details of the threats and mitigation. Most people don’t have that kind of time and training. Steve Gibson offers news and explanations, advice, and strategies. Steve is the reason I have a separate banking computer, a separate WiFi network for my IoT devices, and a hardware firewall. He explained WPA, WEP, WPS, DoH, DNSSEC. Yes I probably could have gotten all that on my own. But I didn’t. I learned it all from Steve. Do you have time to do all this on your own? Most people don’t. So you should listen to Steve.
Cover image of Security Now (Audio)

Security Now (Audio)

Latest release on Jul 29, 2020

Read more

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Rank #1: SN 768: Contact Tracing Apps R.I.P. - Contact Tracing Apps Are Not Going to Work

Podcast cover
Read more

Contact tracing apps are not going to work.

  • Why contact tracing apps are never going to work
  • Unc0ver: There's a new iOS jailbreak in town, and as jailbreaks go, it looks VERY nice!
  • Firefox 77 picks up a nifty new security trick
  • New features in Chrome 83: cookie management, "Safety Check," blocking third-party cookies by default in Incognito mode, and "Tab Groups"
  • Adobe rushes out four out-of-cycle emergency updates to fix security flaws
  • Zerodium temporarily stops buying iOS remote code execution vulnerabilities
  • The NXNS Attack: A group of cybersecurity researchers in Israeli have responsibly disclosed details about a new way they worked out of using the Internet's domain name resolution system to hugely amplify (by a factor of at least 1620 packets) a DDoS attack to take down targeted websites.
  • BIAS - Bluetooth Impersonation AttackS is nothing less than a complete collapse of Bluetooth security.
  • Is eBay port scanning its user's computers? Kinda.
  • Security Now trivia: Steve Gibson helped develop the Speak & Spell! It did voice synthesis with only a 4K bits (0.5K bytes) processor.

We invite you to read our show notes at https://www.grc.com/sn/SN-768-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

May 27 2020

1hr 50mins

Play

SN 777: rwxrwxrwx - Garmin Outage, Twitter Hack Update, GnuTLS

Podcast cover
Read more
  • F5 Networks "Big-IP" devices in Big-Trouble
  • Twitter bitcoin hack update
  • GnuTLS vs OpenSSL
  • The Garmin outage then and now
  • Cisco's latest trouble
  • Surprising SpinRite results

We invite you to read our show notes at https://www.grc.com/sn/SN-777-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 29 2020

1hr 43mins

Play

SN 776: A Tale of Two Counterfeits - Twitter Hack, Cloudflare Outage, Zoom's Vanity URL Flaw

Podcast cover
Read more
  • Here's how Twitter was hacked. How can we prevent the next Twitter hack?
  • Cloudflare outage takes out huge swath of American internet, including Down Detector. All internet got sent to Atlanta.
  • Zoom's vanity URL flaw: when is a "zero day" not a zero day?
  • Not all VPNs are created equal.
  • Apple updated its iOS and macOS with a handful of useful security patches.
  • SigRed: "This is not just another vulnerability."
  • And speaking of last week's July Patch Tuesday...
  • "Firefox Send" is still not receiving.
  • A tale of two counterfeits.

We invite you to read our show notes at https://www.grc.com/sn/SN-776-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 22 2020

1hr 57mins

Play

SN 775: Tsunami - EARN IT is Still Evil, Google Tsunami

Podcast cover
Read more

EARN IT is still evil, Google tsunami.

  • Mozilla suspends "Send" due to persistent malware abuse
  • Zoom fixed a new RCE affecting Windows 7 and earlier systems
  • The EARN IT bill, take II is still just as bad as the original
  • Google bans ads on stalkerware
  • A Chinese Internet equipment vendor in the hot seat
  • Locating hidden drone operators
  • Rampant Router Insecurities
  • Tsunami: Google's open-source enterprise network vulnerability scanner

We invite you to read our show notes at https://www.grc.com/sn/SN-775-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 15 2020

1hr 42mins

Play

SN 774: 123456 - Boston Bans Face Recognition, Bad Passwords

Podcast cover
Read more

Boston bans face recognition, bad passwords.

  • Boston bans facial recognition
  • 123456 is still the most popular password
  • iOS 14 catches Linked-In, Tik Tok, and others red handed!
  • US-CERT notes two Emergency Windows Updates
  • HackerOne shares their top 10 public bug bounty programs
  • Sony launches PlayStation bug bounty program with rewards of $50K+
  • F5 Networks patches a highest-severity vulnerability

We invite you to read our show notes at https://www.grc.com/sn/SN-774-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 08 2020

1hr 56mins

Play

SN 773: Ripple20 Too - Congress Wants to Kill Encryption & Face Recognition

Podcast cover
Read more

Congress wants to kill encryption & face recognition.

  • New information about Ripple20
  • The Facial Recognition and Biometric Technology Moratorium Act wants to kill face recognition
  • The Lawful Access to Encrypted Data Act wants to kill encryption
  • Michigan State's legislative House passed the "Microchip Protection Act"
  • Apple forces the industry down to one-year web browser certificate lifespans
  • Safari to eschew 16 new web API's for the sake of user privacy
  • Apple also got on the DoH & DoT bandwagon
  • Mozilla + Comcast + DoH: Strange Bedfellows
  • Don't forget about VirusTotal

We invite you to read our show notes at https://www.grc.com/sn/SN-773-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jul 01 2020

1hr 51mins

Play

SN 772: Ripple20 - Zoom Encryption, Windows 10 Printer Error

Podcast cover
Read more

Zoom encryption, Windows 10 printer error.

  • Ripple20: a set of 19 TCP/IP vulnerabilities that could let remote attackers gain control over your device
  • Russian government lifts its failed ban on Telegram
  • Zoom: everybody gets optional end to end encryption
  • Google removed 106 malicious Chrome extensions collecting sensitive user data
  • Windows 10 update breaks printing
  • VLC Media Player 3.0.11 fixes severe remote code execution flaw
  • Netgear in the doghouse
  • DDoS is alive and well... and growing
  • How to get the new Edge for Windows 7

We invite you to read our show notes at https://www.grc.com/sn/SN-772-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jun 24 2020

2hr 7mins

Play

SN 771: Lamphone - Windows Update Kills Printers & SSDs

Podcast cover
Read more

Windows update kills printers & SSDs.

  • Lamphone: eavesdrop on a hanging lightbulb
  • Brave Browser caught and chastised for tweaking user-entered URLs for its benefit
  • Microsoft breaks its own record for Patch Tuesday patches
  • TFW Windows 10 loses your printer port
  • Last week's Patch Tuesday broke ALL PRINTING (even to PDFs) for many users. Fix won't come for a month
  • Windows 10 2004 update is messing up SSDs and non-SSDs
  • SMBleed
  • Subject: Your Site Has Been Hacked
  • Authentic database ransom attacks
  • Another side-channel attack on Intel chips

We invite you to read our show notes at https://www.grc.com/sn/SN-771-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jun 17 2020

1hr 50mins

Play

SN 770: Zoom's E2EE Debacle - Zoom's End-to-End Encryption Fail

Podcast cover
Read more

Zoom's end-to-end encryption fail.

  • Zoom will offer end-to-end encryption, but only if you pay for it
  • IBM announces no more work on facial recognition
  • The Odd Case of Mozilla's DoH DDoS
  • Cisco's Talos group found two critical flaws in the Zoom client
  • CallStranger UPnP bug has tech press in a tizzy
  • Microsoft has started to replace old Edge with new Edge

We invite you to read our show notes at https://www.grc.com/sn/SN-770-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jun 10 2020

1hr 48mins

Play

SN 769: Zoom's E2EE Design - Zoom Gets End-to-End Encryption

Podcast cover
Read more

Zoom gets end-to-end encryption.

  • ACLU takes Clearview to court, but maybe they should worry about their own website first
  • The state of drive-by malvertising downloads
  • Google will be bad listing notification abusing sites
  • Who else is doing the eBay-like ThreatMetrix port scanning?
  • Facebook to require identity verification for high impact posters
  • Google Messaging is apparently heading toward E2EE
  • The return of a much more worrisome StrandHogg
  • The SHA-1 hash to finally be dropped from OpenSSH
  • What happens when you fuzz USB?
  • Zoom's end-to-end encryption design

We invite you to read our show notes at https://www.grc.com/sn/SN-769-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Jun 03 2020

2hr 12mins

Play

SN 768: Contact Tracing Apps R.I.P. - Contact Tracing Apps Are Not Going to Work

Podcast cover
Read more

Contact tracing apps are not going to work.

  • Why contact tracing apps are never going to work
  • Unc0ver: There's a new iOS jailbreak in town, and as jailbreaks go, it looks VERY nice!
  • Firefox 77 picks up a nifty new security trick
  • New features in Chrome 83: cookie management, "Safety Check," blocking third-party cookies by default in Incognito mode, and "Tab Groups"
  • Adobe rushes out four out-of-cycle emergency updates to fix security flaws
  • Zerodium temporarily stops buying iOS remote code execution vulnerabilities
  • The NXNS Attack: A group of cybersecurity researchers in Israeli have responsibly disclosed details about a new way they worked out of using the Internet's domain name resolution system to hugely amplify (by a factor of at least 1620 packets) a DDoS attack to take down targeted websites.
  • BIAS - Bluetooth Impersonation AttackS is nothing less than a complete collapse of Bluetooth security.
  • Is eBay port scanning its user's computers? Kinda.
  • Security Now trivia: Steve Gibson helped develop the Speak & Spell! It did voice synthesis with only a 4K bits (0.5K bytes) processor.

We invite you to read our show notes at https://www.grc.com/sn/SN-768-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

May 27 2020

1hr 50mins

Play

iTunes Ratings

1467 Ratings
Average Ratings
1215
110
58
38
46

Great combination of top-notch production, & great content

By #CanesFan305 - May 08 2020
Read more
It’s pretty obvious to me that Leo is a consummate professional at his craft, & so is Steve. Both are a little quirky (which brings great personality to the podcast), and this duo present some very technical information while still managing to make it entertaining. Some here argue that the podcast is too long (that’s ok if you’re just looking to skim the surface of topics), but I enjoy the deep-dives, tangents, and all other aspects of the show during my commute to/from work (& even occasionally look into some of their sponsors that peak my interest). Bottom line is I Hope Steve changes his mind about ending the pod at episode 999 just so he doesn’t have to re-tool whatever counter he has to understand a 4-digit number, so that I can continue enjoying the content for many years to come!

Security Now is the first place to go for security news and advice.

By c60chemist - Apr 03 2020
Read more
If you are willing to put some effort and time you can read all the news releases, and understand the details of the threats and mitigation. Most people don’t have that kind of time and training. Steve Gibson offers news and explanations, advice, and strategies. Steve is the reason I have a separate banking computer, a separate WiFi network for my IoT devices, and a hardware firewall. He explained WPA, WEP, WPS, DoH, DNSSEC. Yes I probably could have gotten all that on my own. But I didn’t. I learned it all from Steve. Do you have time to do all this on your own? Most people don’t. So you should listen to Steve.