- Видео 594
- Просмотров 3 710 869
Security Now
США
Добавлен 15 июн 2012
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.
New episodes every Tuesday on RUclips or get episodes ad-free by joining Club TWiT at twit.tv/clubtwit
New episodes every Tuesday on RUclips or get episodes ad-free by joining Club TWiT at twit.tv/clubtwit
The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute
• CVE-2024-30078
• “Recall” has been recalled
• Matthew Green on Apple’s Private Cloud Compute
• A WGET flaw with a CVSS of 10.0?
• Thou shall not Resolve!
• Email @ GRC
• Downloading email with MailStore Home
• IT at The New York Times
• ReMarkable
• The Angle of the Dangle
Show Notes - www.grc.com/sn/SN-979-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Security Now episode 979
More Info: twit.tv/shows/security-now/episodes/979
Sponsors:
• bitwarden.com/twit
• 1bigthink.com
• kolide.com/securitynow
• GO.ACILEARNING.COM/TWIT - code TWIT30
Download or subscribe to this show at twit.tv/shows/security-now
Get episodes ad-free with Club TWiT at twit.tv/clubtwit
You can submit a question to Security Now at the GRC...
• “Recall” has been recalled
• Matthew Green on Apple’s Private Cloud Compute
• A WGET flaw with a CVSS of 10.0?
• Thou shall not Resolve!
• Email @ GRC
• Downloading email with MailStore Home
• IT at The New York Times
• ReMarkable
• The Angle of the Dangle
Show Notes - www.grc.com/sn/SN-979-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Security Now episode 979
More Info: twit.tv/shows/security-now/episodes/979
Sponsors:
• bitwarden.com/twit
• 1bigthink.com
• kolide.com/securitynow
• GO.ACILEARNING.COM/TWIT - code TWIT30
Download or subscribe to this show at twit.tv/shows/security-now
Get episodes ad-free with Club TWiT at twit.tv/clubtwit
You can submit a question to Security Now at the GRC...
Просмотров: 9 120
Видео
The Rise and Fall of code.microsoft.com - Apple Password Manager, AI Coding
Просмотров 12 тыс.День назад
• MS on Recall changes • Thanks for the “Memory” • New York Times (and Wordle) leak • Apple’s own password manager app • DJI drones on the defensive • SlashData reveals some interesting developer statistics • Are we going to turn programming over to AIs? • The Linux Kernel Project goes CVE crazy • Email @ GRC • Pizza in 2024 • Microsoft Recall at work • Google Domains to Squarespace DNS migrati...
A Large Language Model in Every Pot - Problems With Recall, End of ICQ, Email @ GRC
Просмотров 10 тыс.14 дней назад
• “Tornado Notes” • Email @ GRC • Have I Been Pwned? • A new “supply chain” attack vector • Another CA in the DogHouse • ICQ to shutter its service • Steve reviews “Déjà vu” • Hide my email • Security in Windows • SpinRite update • A Large Language Model in Every Pot Show Notes - www.grc.com/sn/SN-977-Notes.pdf Hosts: Steve Gibson and Leo Laporte Security Now episode 977 More Info: twit.tv/show...
The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall
Просмотров 14 тыс.21 день назад
• The bigger problem with AI Overview • udm14.com/ -and- tenbluelinks.org/ • The horses have left the barn • VPNs and Firewalls • Email @ GRC • Extension to fix Google search • Passwords and SPAM • Fixing motherboard components • Vertical tabs in Firefox • FritzBox routers • Too many PINs • More Google search fixes • Testing Windows XP • The 50 Gigabyte Privacy Bomb Show Notes - www.grc.com/sn/...
312 Scientists & Researchers Respond - 3 Chrome Zero-Days, Free Laundry
Просмотров 11 тыс.Месяц назад
• When you’re the biggest target... • Searching for Search • How long will a Windows XP machine survive unprotected on the Internet? • Free Laundry • VPNs and Firewalls • Netgate SG1100 • Ad Industry vs. Google Privacy Sandbox • Bitwarden and passkeys • Token2 passkey dongle • 312 Scientists & Researchers Respond Show Notes - www.grc.com/sn/SN-975-Notes.pdf Hosts: Steve Gibson and Leo Laporte S...
Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft
Просмотров 10 тыс.Месяц назад
• Picture of the Week. • Most to least common 4-digit pins. • Enhanced LORAN. • Passkeys. • Microsoft's Head in the Clouds. Show Notes - www.grc.com/sn/SN-974-Notes.pdf Hosts: Steve Gibson and Leo Laporte Security Now Episode 974 More Info: twit.tv/shows/security-now/episodes/974 Sponsors: • 1bigthink.com • zscaler.com/zerotrustAI • kolide.com/securitynow • joindeleteme.com/twit promo code TWIT...
Not So Fast - GPS Vulnerabilites, VPN Flaw
Просмотров 16 тыс.Месяц назад
• The vulnerability of GPS • Is the sky falling on all VPN systems? • Multi-user Passkeys, YubiKeys? • The iCloud Keychain • The UK and Google's Topics Show Notes - www.grc.com/sn/SN-973-Notes.pdf Hosts: Steve Gibson and Leo Laporte Security Now episode 973 More Info: twit.tv/shows/security-now/episodes/973 Sponsors: • Melissa.com/twit • kolide.com/securitynow • lookout.com • bitwarden.com/twit...
Passkeys: A Shattered Dream? - IoT Default Passwords, Passkeys
Просмотров 14 тыс.Месяц назад
• GCHQ: No more default passwords for consumer IoT devices! • What happened with Chrome and 3rd-party cookies? • Race conditions and multi-threading • GM "accidentally" enrolled millions into "OnStar Smart Driver " program • Steve recommends Ryk Brown's "Frontiers Saga" • SpinRite update • Passkeys: A Shattered Dream? Show Notes - www.grc.com/sn/SN-972-Notes.pdf Hosts: Steve Gibson and Leo Lapo...
Chat (out of) Control - Fuxnet, Android Quarantine, Gentoo
Просмотров 11 тыс.2 месяца назад
• What do you call “Stuxnet on steroids”?? • Voyager 1 update • Android 15 to quarantine apps • Thunderbird & Microsoft Exchange • China bans Western encrypted messaging apps • Gentoo says “no” to AI • Cars collecting diving data • Freezing your credit • Investopedia • Computer Science Abstractions • Lazy People vs. Secure Systems • Actalis issues free S/MIME certificates • PIN Encryption • DRA...
GhostRace - AT&T Breach Update, Cookie Notices, Router Buttons
Просмотров 18 тыс.2 месяца назад
• An update on the AT&T data breach • 340,000 social security numbers leaked • Cookie Notice Compliance • The GDPR does enforce some transparency • Physical router buttons • Wifi enabled button pressers • Netsecfish disclosure of Dlink NAS vulnerability • Chrome bloat • SpinRite update • GhostRace Show Notes - www.grc.com/sn/SN-970-Notes.pdf Hosts: Steve Gibson and Leo Laporte Security Now epis...
Minimum Viable Secure Product - Dlink NAS Backdoor, Privnote, Crowdefense
Просмотров 10 тыс.2 месяца назад
Out-of-support DLink NAS devices contain hard coded backdoor credentials Privnote is not so “Priv” Crowdfense is willing to pay millions Engineers Pinpoint Cause of Voyager 1 Issue, Are Working on Solution SpinRite Update Minimum Viable Secure Product Show Notes - www.grc.com/sn/SN-969-Notes.pdf Hosts: Steve Gibson and Leo Laporte Security Now episode 969 More Info: twit.tv/shows/security-now/e...
A Cautionary Tale - XZ Outbreak, AT&T Data Breach
Просмотров 13 тыс.2 месяца назад
• A near-Universal (Local) Linux Elevation of Privilege vulnerability • TechCrunch informed AT&T of a 5 year old data breach • Signal to get very useful cloud backups • Telegram to allow restricted incoming • HP exits Russia ahead of schedule • Advertisers are heavier users of Ad Blockers than average Americans! • The Google Incognito Mode Lawsuit • Canonical fights malicious Ubuntu store apps ...
GoFetch - Apple vs. DOJ, ".INTERNAL" TLD
Просмотров 10 тыс.2 месяца назад
• Apple vs U.S. DoJ • G.M.’s Unbelievably Horrible Driver Data Sharing Ends • Super Sushi Samurai • Apple has effectively abandoned HomeKit Secure Routers • The forthcoming “.INTERNAL” TLD • The United Nations vs AI. • Telegram now blocked throughout Spain • Vancouver Pwn2Own 2024 • China warns of incoming hacks • Annual Tax Season Phishing Deluge • SpinRite update • Authentication without a ph...
Morris The Second - Voyager 1, The Web Turns 35
Просмотров 7 тыс.3 месяца назад
• Voyager 1 update • The Web turned 35 and Dad is disappointed • Automakers sharing driving data with insurance companies • A flaw in Passkey thinking • Passkeys vs 2fa • Sharing accounts with Passkeys • Passkyes vs. Passwords/MFA • Workaround to sites that block anonymous email addresses • Open Bounty programs on HackerOne • Steve on Twitter • Ways to disclose bugs publicly • Security by obscu...
Passkeys vs. 2FA - Unhelpful CERT, VMware patch, Signal 7.0 Beta
Просмотров 14 тыс.3 месяца назад
• VMware needs immediate patching • Midnight Blizzard still on the offensive • China is quietly "de-American'ing" their networks • Signal Version 7.0, now in beta • Meta, WhatsApp, and Messenger -meets- the EU's DMA • The Change Healthcare cyberattack • SpinRite update • Telegram's end-to-end encryption • KepassXC now supports passkeys • Login accelerators • Sites start rejecting @duck.com emai...
PQ3 - Voyager 1's fate, Apple's post-quantum iMessage protocol
Просмотров 10 тыс.3 месяца назад
PQ3 - Voyager 1's fate, Apple's post-quantum iMessage protocol
Web portal? Yes please! - Firefox v123, LockBit Disrupted
Просмотров 11 тыс.3 месяца назад
Web portal? Yes please! - Firefox v123, LockBit Disrupted
The Internet Dodged a Bullet - Wyze Breach, Patch Tuesday, KeyTrap
Просмотров 17 тыс.4 месяца назад
The Internet Dodged a Bullet - Wyze Breach, Patch Tuesday, KeyTrap
Bitlocker: Chipped or Cracked? - Honeypots, Toothbrush Botnet, Bitlocker Cracked
Просмотров 9 тыс.4 месяца назад
Bitlocker: Chipped or Cracked? - Honeypots, Toothbrush Botnet, Bitlocker Cracked
Unforeseen Consequences - CISA’s “Secure by Design” Initiative, Fastly's BoringSSL
Просмотров 12 тыс.4 месяца назад
Unforeseen Consequences - CISA’s “Secure by Design” Initiative, Fastly's BoringSSL
Stamos on “Microsoft Security” - HP Printer Bricking, Mercedes Benz Source Code
Просмотров 15 тыс.4 месяца назад
Stamos on “Microsoft Security” - HP Printer Bricking, Mercedes Benz Source Code
A Week of News and Listener Views - HSS Breach, CISA's Policing Results
Просмотров 14 тыс.5 месяцев назад
A Week of News and Listener Views - HSS Breach, CISA's Policing Results
The Protected Audience API - Hacked Washing Machine, Quantum Crypto Troubles
Просмотров 12 тыс.5 месяцев назад
The Protected Audience API - Hacked Washing Machine, Quantum Crypto Troubles
The Inside Tracks - 23andME Mess, Ukraine Telecom Hack, LastPass
Просмотров 10 тыс.5 месяцев назад
The Inside Tracks - 23andME Mess, Ukraine Telecom Hack, LastPass
The Mystery of CVE-2023-38606 - SpinRite Update, Nebula Mesh, Apple's Backdoor
Просмотров 17 тыс.5 месяцев назад
The Mystery of CVE-2023-38606 - SpinRite Update, Nebula Mesh, Apple's Backdoor
Security Now's Best Moments of 2023
Просмотров 4,1 тыс.5 месяцев назад
Security Now's Best Moments of 2023
Active Listening - KOSA, Cloudflare's Numbers, SpinRite Update
Просмотров 13 тыс.6 месяцев назад
Active Listening - KOSA, Cloudflare's Numbers, SpinRite Update
Quantum Computing Breakthrough - The Clear/Deep/Dark Web, Quad 9 victory, Telegram Flaw
Просмотров 12 тыс.6 месяцев назад
Quantum Computing Breakthrough - The Clear/Deep/Dark Web, Quad 9 victory, Telegram Flaw
Revisiting Browser Trust - ICANN RDRS, Beeper Mini, TikTok ban, .meme TLD
Просмотров 8 тыс.6 месяцев назад
Revisiting Browser Trust - ICANN RDRS, Beeper Mini, TikTok ban, .meme TLD
Leo Turns 67 - Fingerprint Security, Do-Not-Track
Просмотров 9 тыс.6 месяцев назад
Leo Turns 67 - Fingerprint Security, Do-Not-Track