Security Now (MP3)

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.


  • SN 701: Adiantum

    Feb 13 2019

    Apple's most recent v12.1.4 iOS update and the two 0-day vulnerabilities it closedWorrisome new Android image-display vulnerabilityAn interesting "reverse RDP" attackThe new LibreOffice & OpenOffice vulnerabilityMicrosoft's research into the primary source of software vulnerabilitiesMaryJo gets an early peek at enterprise pricing for extending Windows 7 supportChina and Russia continue their work to take control of their countries' InternetFirefox's resumption of its A/V warning in release 6...more

  • SN 700: 700 and Counting!

    Feb 06 2019

    Chrome gets "spell-check for URLs"Catch up on your Linux patch up!Performance enhancements for Chrome and FireFox.Facebook must really like being in the doghouse. The Japanese government takes on IoT security. Ubiquiti routers are in trouble again.Chrome "Never Slow" mode in the works.We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedba...more

  • SN 699: Browser Extension Security

    Jan 30 2019

    The expressive power of the social media friends we keepThe persistent DNS hijacking campaign which has the US Government quite concernedLast week's iOS and macOS updates (and doubtless another one very soon!)A valiant effort to take down malware distribution domainsChrome catching up to IE and Firefox with drive-by file downloadsTwo particularly worrisome vulnerabilities in two Cisco router models publicly disclosed last FridayThe state of the industry and the consequences of extensions to our ...more

  • SN 698: Which Mobile VPN Client?

    Jan 23 2019

    Which is the right VPN client for Android, and which should you avoid at all costs?A very worrisome WiFi bug affecting billions of devicesHack a Tesla Model 3 at Pwn2OwnRussia's ongoing, failing and flailing efforts to control the InternetThe return of the Anubis Android banking malwareGoogle's changing policy for phone and SMS App accessTim Cook's note in TIME MagazineNews of a nice Facebook Ad auditing pageAnother Cisco default password nightmare in widely used lower-end devicesWe invite you t...more

  • SN 697: Zerodium

    Jan 16 2019

    The implications of the recent increase in bounty for the purchase of 0-day vulnerabilities. The intended and unintended consequences of last week's Windows Patch Tuesday.Speaking of unintended consequences, the US Government shutdown has had some, too!A significant privacy failure in WhatsApp. Another Ransomware decryptor (with a twist).Movement on the DNS-over-TLS front.An expectation of the cyberthreat landscape for 2019. A cloudy forecast for The Weather Channel App. A successful 51% attack ...more

  • SN 696: Here Comes 2019!

    Jan 09 2019

    The NSA announces the forthcoming release of an internal powerful reverse-engineering tool for examining and understanding other people's code.Emergency out-of-cycle patches from both Adobe and Microsoft.PewDiePie hacker strikes again.Prolific 0-day dropper SandboxEscaper ruffles some feathers.A new effort by the US government to educate industry about the risks of Cyber attacks.Welcome news on the ransomware front.VERY welcome news of a new Windows 10 feature.A note about a just-published side-...more

  • SN 695: Our Best of 2018

    Dec 25 2018

    The Best of Security Now from 2018! Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: securitynow.cachefly.com

  • SN 694: The SQLite RCE Flaw

    Dec 19 2018

    Rhode Island's response to Google's recent API flawSignal's response to Australia's anti-encryption legislationThe return of PewDiePieUS border agents retaining traveler's private dataThis Week in Android HijinksConfusion surrounding the Windows v5 releaseAnother Facebook API mistakeThe 8th annual most common passwords list (AKA "How's 'monkey' doing?")Why all might not be lost if someone is hit with drive encrypting malwareMicrosoft's recent 4-month run of 0-day vulnerability patchesThe Firefox...more

  • SN 693: Internal Bug Discovery

    Dec 12 2018

    Australia's recently passed anti-encryption legislationDetails of a couple more mega-breaches including a bit of Marriott follow-upA welcome call for legislation from MicrosoftA new twist on online advertising click fraudThe DHS is interested in deanonymizing cryptocurrencies beyond BitcoinThe changing landscape of TOR fundingAn entirely foreseeable disaster with a new Internet IoT-oriented protocolGoogle finds bugs in Google+ and acts responsibly -- again -- what that suggests for everyone else...more

  • SN 692: GPU RAM Image Leakage

    Dec 05 2018

    Another Lenovo SuperFish-style local security certificate screw upThe Marriott breach and several other new, large and high-profile secure breach incidentsThe inevitable evolution of exploitation of publicly exposed UPnP router servicesThe emergence of "Printer Spam"How well does ransomware pay? We have an idea now.The story of two iOS scam appsProgress on the DNS over HTTPS frontRumors that Microsoft is abandoning their EdgeHTML engine in favor of Chromium We also have a bit ofA Cyber Security ...more