Security Now (Audio)

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.


  • SN 848: XSinator - NSS Has a Bug, Botnet on the Blockchain, HP's Vulnerable Printers, Microsoft Edge Relief

    Dec 08 2021

    Picture of the Week. Tavis finds a bad bug in NSS. Cheap Smartwatches for kids and babies? Additional VPN vendors just say no to Roskomnadzor! Windows 11 loosens its grip on Edge. RTF Templates being used to inject malicious content. A Malicious Botnet uses the Bitcoin Blockchain. HP's has been shipping vulnerable printers for 8 years. Sci-Fi. SpinRite. XSinator. We invite you to read our show notes at https://www.grc.com/sn/SN-848-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subs...more

  • SN 847: Bogons Begone! - 0-Day Windows Exploit, Major MediaTek Flaw, Super Duper Secure Mode

    Dec 01 2021

    Picture of the Week. "Super Duper Secure Mode" 37% of the world's smartphones are vulnerable. The RAT Dispenser. The Entirely Predictable 0-Day Windows Exploit. "The Frontiers Saga: Fringe Worlds" Closing the Loop. Bogons Begone! We invite you to read our show notes at https://www.grc.com/sn/SN-847-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can s...more

  • SN 846: HTTP Request Smuggling - NetGear Routers 0-Day, The Most Brute Forced Passwords, GoDaddy Breach

    Nov 24 2021

    Picture of the Week. An idea whose time has passed... The stats of brute force password attacks. The Most Common Passwords. GoDaddy Breached Bigtime! A heads-up about NetGear routers. HTTP Request Smuggling. We invite you to read our show notes at https://www.grc.com/sn/SN-846-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Secur...more

  • SN 845: Blacksmith - Patch Tuesday's 55 Flaws, The Zen of Code, Ryuk Ransomware Gang

    Nov 17 2021

    Picture of the week. ~10,000 VPN/Firewall appliances from Palo Alto Networks vulnerable. The 0-Patch Guys Produce a Micropatch This brings me to "The Zen of Code" November's Patch Tuesday November broke something, but don't ask me what... Windows 11 received KB5007215 December promises to be Christmas for Printing and more! US detains crypto-exchange exec for helping Ryuk ransomware gang launder profits How do you defraud web-based advertisers? Closing The Loop SpinRite Blacksmith We invite you ...more

  • SN 844: Bluetooth Fingerprinting - Pwn2Own Austin, Unpatched GitLab Servers, Cisco's DEFAULT SSH Key

    Nov 10 2021

    Picture of the Week. Lots of welcome progress on the ransomware front. Pwn2Own Austin: Last Tuesday-Thursday largest ever 3-day Fall 2021 Pwn2Own. Windows 11 snipping tool, its emoji picker, and other parts are failing. Trouble being created by unpatched GitLab servers. More supply chain attacks. If it's Tuesday... Cisco's DEFAULT SSH key. U.S. Federal agencies have been ordered to patch hundreds of actively exploited flaws. Closing The Loop. SpinRite. Bluetooth Fingerprinting. We invite you to ...more

  • SN 843: Trojan Source - Chrome 0-days, Windows 11 confusion, VoIP DDos attacks, Dune

    Nov 03 2021

    Chrome 0-days, Windows 11 confusion, VoIP DDoS attacks, Dune More 0-days for Chrome. Two naughty Firefox add-ons have been caught abusing an extension API. Windows 11 News: Can we print yet? A new Local Privilege Escalation affecting all versions of Windows. Ask your AI. And speaking of the PC Health Check. Stand back for the Adobe Security Patch Tsunami. The VoIP DDoS attacks continue. Closing The Loop. SpinRite. "Trojan Source" Hosts: Steve Gibson and Jason Howell Download or subscribe to ...more

  • SN 842: The More Things Change... - Gummy Browsers Attack, What Happened to REvil, Comms Hub, Win 11 Fixes

    Oct 27 2021

    Picture of the Week. A sneak peak at November 9th upcoming Win11 fixes. Leo gets his wish!! REvil WAS recently re-taken down by Law Enforcement! Microsoft: "We're Excited to Announce the Launch of Comms Hub!" Microsoft: "Windows update expiration policy explained" And while we're on the subject of Windows Updates... Windows XP's 20th Anniversary. Last Tuesday the 19th, Zerodium tweeted... The "Devastating" Gummy Browsers attack! User-Agent Parser NPM package maliciously altered. Closing the Loop...more

  • SN 841: Minh Duong's Epic Rickroll - REvil Gone for Good? Tianfu Cup 2021, Patch Tuesday Aftermath

    Oct 20 2021

    Picture of the week. Windows 11 Watch - Don't update to Windows 11 unless you need to. Patch Tuesday - PrintNightmare fix to fix the previous print nightmare fix that broke other things. Point and Print feature is the problem, not a bug. On Windows 11, installing printers might also fail when using the Internet Printing Protocol (IPP) in organizations sharing an IPP printer using printer connections. "While Microsoft provided a fix in their September 2021 update, the patch resulted in a number o...more

  • SN 840: 0-Day Angst - Windows 11 Watch, Google's Universal 2SV, Twitch Hack, Patch Tuesday

    Oct 13 2021

    Picture of the week. Windows 11 Watch: "AllowUpgradesWithUnsupportedTPMOrCPU" AMD processors running some apps up to 15% slower. The Windows 10 taskbar on Windows 11. Microsoft is disagreeing... with themselves. We have an update on the Windows Explorer RAM leak I mentioned previously... VirtualBox and Windows HyperVisors don't get along. Dropped UDP packets with network optimization. Patch Tuesday. The Joy of the (new!) Default: Excel 4.0 macros to be disabled. Google warns Gmail users of phish...more

  • SN 839: “Something Went Wrong” - Windows 11 Released, New Android Trojan, Windows Explorer Memory Leak

    Oct 06 2021

    Picture of the Week. Another two, in-the-wild, true 0-days found and fixed in Chrome. Windows 11 arrives. A known memory leak in Windows Explorer. Ransomware and cyber warfare. On the topic of thwarting SIM swapping attacks... A widespread Android Trojan is making someone a bunch of money! There's a problem with Apple Pay and Visa. Foundation update. SpinRite update. "Something Went Wrong" We invite you to read our show notes at https://www.grc.com/sn/SN-839-Notes.pdf Hosts: Steve Gibson and Le...more