Security Now (MP3)

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.


  • SN 728: The KNOB is Broken

    Aug 21 2019

    Last Tuesday was another busy and important patch TuesdayAnd speaking of Patch Tuesday... 3rd-Party A/V Strikes Again!Kaspersky facilitates independent web trackingSo, what the heck is "CTF"?23 Government agencies in Texas were hit with a well-coordinated ransomware attack last Friday, August 16thRIP, EV: The coming demise of Extended Validation (EV) certificatesAnd... So long FTP!HTTP/2 goes to the Movies"The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth ...more

  • SN 727: BlackHat & DefCon

    Aug 14 2019

    This Week's StoriesBlackHat and Def Con 2019Microsoft dangles $300,000 for Azure hacks at BlackHat...Hotel chaos from Germany's Chaos Computer Club40 dangerous driversGoogle's battle to allow its Incognito users' Incognitoness to be IncognitoMicrosoft ranks the industry's top bug huntersApple bumps its bountiesWe invite you to read our show notes at https://www.grc.com/sn/SN-727-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/securit...more

  • SN 726: Steve's File Sync Journey

    Aug 07 2019

    This week's stories• A widespread false alarm about Facebook's planned subversion of end-to-end encryption• Still more municipality Ransomware attacks• Anti-encryption saber rattling among the Five Eyes nations• Microsoft's discovery of Russian-backed IoT compromise• Chrome 76's changes• Black Hat and Def Con preview• The challenge of synchronizing a working set of files between two locations We invite you to read our show notes at https://www.grc.com/sn/SN-726-Notes.pdf Hosts: Steve Gibson ...more

  • SN 725: Urgent/11

    Jul 31 2019

    This Week's StoriesMarcus Hutchins ... is Free!U.S. Attorney General Bill Barr on "warrant proof data encryption"What malware is the most popular underground?This Week in RansomwareYour NAS is Grass!11 vulnerabilities in VxWorks' TCP/IP stack We invite you to read our show notes at https://www.grc.com/sn/SN-725-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedba...more

  • SN 724: Hide Your RDP Now!

    Jul 24 2019

    This Week's StoriesWelcome to Kazakhstan! Please check your privacy at the border.Mozilla marking all non-HTTPS pages as "not secure"Chrome Incognito Mode getting a bit more incognitoA forthcoming "super Incognito mode" for FirefoxRust-TLS outperforms OpenSSL in nearly every wayMicrosoft announces "ElectionGuard" during last week's Aspen Security ForumProFTPD Server is wide open to remote compromiseSophos: "RDP exposed: the wolves already at your door"We invite you to read our show notes at http...more

  • SN 723: Encrypting DNS

    Jul 17 2019

    Bullet points from last Tuesday's monthly Windows patches as wellNotes from the end of Windows 7Laporte County Under Ransomware AttackThe mixed blessing of fining companies for self-reportingA survey of enterprise malware headachesSome Mozilla/ Firefox newsAnother (kinda obvious) way of exfiltrating information from a PCDNS EncryptionWe invite you to read our show notes at https://www.grc.com/sn/SN-723-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https:...more

  • SN 722: Gem Hack & Ghost Protocol

    Jul 10 2019

    This Week's StoriesMozilla's privacy-enhancing DNS over HTTPS supportFacial recognition and automobile license plate scannersThe future of satellite-based Internet servicesHow a Ruby code repository was hackedThe UK GCHQ's proposal for adding "ghost" participants into private conversationsWe invite you to read our show notes at https://www.grc.com/sn/SN-722-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit...more

  • SN 721: Exposed Cloud Databases

    Jul 03 2019

    Ransomware in Florida and elsewhereThe "Going Dark" anti-encryption debateA BlueKeep Proof of Concept demo produced by the guys at SophosLabsMassive publicly-exposed databasesChinese IoT manufacturer logs a million+ customer devices into a 2+ billion record publicly-exposed databaseThe dilemma we have with the utter lack of oversight and control over our own IoT devicesWe invite you to read our show notes at https://www.grc.com/sn/SN-721-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download...more

  • SN 720: Bug Bounty Business

    Jun 26 2019

    Update on the Linux TCP SACK Kernel panicHackers exploit a Firefox flaw and attack CoinbaseGoogle corrects a flaw with NestcamAn elegant solution to OpenSSH key theft via Rowhammer attacksUpdate on the BlueKeep RDP vulnerabilityVerizon's negligence caused a major Cloudflare and Amazon customer outageNASA was infected by an APT for more than a yearShould you pay ransomware?Microsoft's Chromium-based Edge browser updateThe state of the commercial Bug Bounty BusinessWe invite you to read our show n...more

  • SN 719: Exim Under Siege

    Jun 19 2019

    A new DRAM problem called "RAMBleed"A bad Linux TCP SACK server kernel crashing flawLast week's patch TuesdayA Bluetooth surpriseAnother useless warning about the BlueKeep vulnerabilityMicrosoft misses a 90-day Tavis Ormandy deadlineGood news about GandCrab wrap upYubico's entropy mistakePost-announce SQRL newsOur favorite iOS security appAttacks on Exim mail servers and other pending disastersWe invite you to read our show notes at https://www.grc.com/sn/SN-719-Notes.pdf Hosts: Steve Gibson a...more