help & how to

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

Cellebrite unlocks Trump's would-be assassin's phone. Cisco reported on a CVSS of 10.0 Entrust drops the other shoe Google gives up on removing 3rd-party cookies Miscellany Snowflake and data warehouse applications CDK auto dealership outage Polyfill.io and resource hashes MITM Blocking Copilot Blo...

SN 983: A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack
Security Now (Audio)July 17, 2024
983
2:07:1158.39 MB

SN 983: A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack

Using Content Delivery Networks Safely The CDK Global Ransomware Attack The IRS and Entrust Polyfill.io fallout Microsoft's Behavior A Snowflake's Chance Show Notes - https://www.grc.com/sn/SN-983-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/sh...

SN 982: The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks
Security Now (Audio)July 10, 2024
982
1:57:2253.91 MB

SN 982: The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks

Entrust Responds Other major Certificate Authorities respond Passkey Redaction Attacks Syncing passkeys Port Knocking Fail2Ban The Polyfill.io Attack Show Notes - https://www.grc.com/sn/SN-982-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/...

SN 981: The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust

SN 981: The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get episodes ad-free...

SN 980: The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
Security Now (Audio)June 26, 2024
980
2:03:4456.82 MB

SN 980: The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox

Expected follow-up on CVE-2024-30078 From Russia with Love An EU privacy agency complains about Google's Privacy Sandbox? Email @ GRC Security Now SPAM? Orange Tsai needs help! Recall and 3rd Party Leakage Errata The Mixed Blessing of a Crappy PRNG Show Notes - https://www.grc.com/sn/SN-980-Notes.p...

SN 979: The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute
Security Now (Audio)June 19, 2024
979
2:14:0761.56 MB

SN 979: The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute

CVE-2024-30078 "Recall" has been recalled Matthew Green on Apple's Private Cloud Compute A WGET flaw with a CVSS of 10.0? Thou shall not Resolve! Email @ GRC Downloading email with MailStore Home IT at The New York Times ReMarkable The Angle of the Dangle Show Notes - https://www.grc.com/sn/SN-979-...

SN 978: The Rise and Fall of code.microsoft.com - Apple Password Manager, AI Coding
Security Now (Audio)June 12, 2024
978
2:20:5464.68 MB

SN 978: The Rise and Fall of code.microsoft.com - Apple Password Manager, AI Coding

MS on Recall changes Thanks for the "Memory" New York Times (and Wordle) leak Apple's own password manager app DJI drones on the defensive SlashData reveals some interesting developer statistics Are we going to turn programming over to AIs? The Linux Kernel Project goes CVE crazy Email @ GRC Pizza ...

SN 977: A Large Language Model in Every Pot - Problems With Recall, End of ICQ, Email @ GRC
Security Now (Audio)June 05, 2024
977
1:55:2953.08 MB

SN 977: A Large Language Model in Every Pot - Problems With Recall, End of ICQ, Email @ GRC

"Tornado Notes" Email @ GRC Have I Been Pwned? A new "supply chain" attack vector Another CA in the DogHouse ICQ to shutter its service Steve reviews "Déjà vu" Hide my email Security in Windows SpinRite update A Large Language Model in Every Pot Show Notes - https://www.grc.com/sn/SN-977-Notes.pdf ...

SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

The bigger problem with AI Overview https://udm14.com/ -and- https://tenbluelinks.org/ The horses have left the barn VPNs and Firewalls Email @ GRC Extension to fix Google search Passwords and SPAM Fixing motherboard components Vertical tabs in Firefox FritzBox routers Too many PINs More Google sea...

SN 975: 312 Scientists & Researchers Respond - 3 Chrome Zero-Days, Free Laundry

SN 975: 312 Scientists & Researchers Respond - 3 Chrome Zero-Days, Free Laundry

When you're the biggest target... Searching for Search How long will a Windows XP machine survive unprotected on the Internet? Free Laundry VPNs and Firewalls Netgate SG1100 Ad Industry vs. Google Privacy Sandbox Bitwarden and passkeys Token2 passkey dongle 312 Scientists & Researchers Respond ...

SN 974: Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft

SN 974: Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft

Picture of the Week. Most to least common 4-digit pins. Enhanced LORAN. Passkeys. Microsoft's Head in the Clouds. Show Notes - https://www.grc.com/sn/SN-974-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get episodes ad-free ...

SN 973: Not So Fast - GPS Vulnerabilites, VPN Flaw

SN 973: Not So Fast - GPS Vulnerabilites, VPN Flaw

The vulnerability of GPS Is the sky falling on all VPN systems? Multi-user Passkeys, YubiKeys? The iCloud Keychain The UK and Google's Topics Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security...

SN 972: Passkeys: A Shattered Dream? - IoT Default Passwords, Passkeys

SN 972: Passkeys: A Shattered Dream? - IoT Default Passwords, Passkeys

GCHQ: No more default passwords for consumer IoT devices! What happened with Chrome and 3rd-party cookies? Race conditions and multi-threading GM "accidentally" enrolled millions into "OnStar Smart Driver +" program Steve recommends Ryk Brown's "Frontiers Saga" SpinRite update Passkeys: A Shattered...

SN 971: Chat (out of) Control - Fuxnet, Android Quarantine, Gentoo
Security Now (Audio)April 24, 2024
971
2:15:5962.46 MB

SN 971: Chat (out of) Control - Fuxnet, Android Quarantine, Gentoo

What do you call "Stuxnet on steroids"?? Voyager 1 update Android 15 to quarantine apps Thunderbird & Microsoft Exchange China bans Western encrypted messaging apps Gentoo says "no" to AI Cars collecting diving data Freezing your credit Investopedia Computer Science Abstractions Lazy People vs....