help & how to

SN 995: uBlock Origin & Manifest V3 - DDoS Record, N. Korean Workers, Vitamin D
Security Now (Audio)October 09, 2024
995
2:35:2171.28 MB

SN 995: uBlock Origin & Manifest V3 - DDoS Record, N. Korean Workers, Vitamin D

Facebook's parent Meta not hashing passwords A New, forthcoming PayPal default opts their users into merchant data sharing DDoS breaks another record Speaking of these ASUS routers Do you know who you're hiring? Vitamin D The CUPS vulnerablility Routers for normal people uBlock Origin & Manifes...

SN 994: Recall's Re-Rollout - Domain Security, Tor + Tails, VLC Update
Security Now (Audio)October 02, 2024
994
2:16:2262.58 MB

SN 994: Recall's Re-Rollout - Domain Security, Tor + Tails, VLC Update

The Linux remote code execution flaw The CRUCIAL importance of Domain Control Security Roskomnadzor strikes a discordant note VLC gets a security update Tor and Tails Merge Telegram changes its long-standing "zero cooperation" policy Enshittification Bobiverse book 5 Windows 10 notifications Experi...

SN 993: Kaspersky exits the U.S. - Exploding Pagers, Passkeys in Chrome
Security Now (Audio)September 25, 2024
993
2:27:0567.5 MB

SN 993: Kaspersky exits the U.S. - Exploding Pagers, Passkeys in Chrome

The case of the exploding pagers and walkie-talkies "Ford seeks patent for tech that listens to driver conversations to serve ads" Another large chunk of personal data exposed Passkeys takes a big step forward: Now supported by Chrome A nascent 9.9 Linux Unauthenticated RCE? Freezing Credit Credit ...

SN 992: Password Manager Injection Attacks - Aging Media, Naval Starlink, adam:ONE
Security Now (Audio)September 18, 2024
992
2:23:3965.91 MB

SN 992: Password Manager Injection Attacks - Aging Media, Naval Starlink, adam:ONE

Windows Endpoint Security Ecosystem Summit Aging storage media does NOT last forever How Navy chiefs conspired to get themselves illegal warship Wi-Fi adam:ONE named the #1 best Secure Access Service Edge (SASE) solution AI Talk Password Manager Injection Attacks Show Notes - https://www.grc.com/sn...

SN 991: RAMBO - Cloned YubiKeys, Telegram vs. Signal, French Elevators, Unix Time
Security Now (Audio)September 11, 2024
991
2:19:3164.01 MB

SN 991: RAMBO - Cloned YubiKeys, Telegram vs. Signal, French Elevators, Unix Time

Offer to uninstall Recall was a bug, not a feature YubiKeys can be cloned Miscellany Is WhatsApp secure? Telegram vs Signal French elevators Freezing your credit The Quiet Canine Unix time Bobiverse book 5 Exodus: The Achemedes Engine Watching SpinRite RAMBO Show Notes - https://www.grc.com/sn/SN-9...

SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?
Security Now (Audio)September 04, 2024
990
2:09:19118.59 MB

SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?

Telegram puts End-to-End Privacy in the Crosshairs Free security logging is good for everyone CrowdStrike hemorrhaging customers Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors Yelp's Unhappy with Google Telegram as the hotbed for DDoSass – DDoS as a Service Chrome ...

SN 989: Cascading Bloom Filters - Key Card Backdoors, Fake Cisco Gear
Security Now (Audio)August 28, 2024
989
2:10:0559.74 MB

SN 989: Cascading Bloom Filters - Key Card Backdoors, Fake Cisco Gear

CrowdStrike Exec's "Most Epic Fail" Award Hardware backdoors discovered in Chinese-made key cards Counterfeit CISCO networking gear SpinRite Errata NPD breach updates from listeners Looking back at old SN episodes Cascading Bloom Filters Show Notes - https://www.grc.com/sn/SN-989-Notes.pdf Hosts: S...

SN 988: National Public Data - Big Patch Tuesday, The Biggest Data Breach
Security Now (Audio)August 21, 2024
988
2:14:2461.71 MB

SN 988: National Public Data - Big Patch Tuesday, The Biggest Data Breach

Revocation Update GRC's next experiment Patch Tuesday "The Famous Computer Café" IsBootSecure GRC Email Working through WiFi Firewalls Transferring DNS OCSP attestation vs. TLS expiration Platform key expiration National Public Data Show Notes - https://www.grc.com/sn/SN-988-Notes.pdf Hosts: Steve ...

SN 987: Rethinking Revocation - SinkClose, IsBootSecure, Another Bad RCE
Security Now (Audio)August 14, 2024
987
2:18:2163.49 MB

SN 987: Rethinking Revocation - SinkClose, IsBootSecure, Another Bad RCE

Sitting Ducks DNS attack A Bad RCE in another Microsoft server SinkClose The CLFS.SYS BSoD IsBootSecure Rethinking Revocation Show Notes - https://www.grc.com/sn/SN-987-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get episo...

SN 986: How Revoking! - Crowdstrike Damage, Firefox Cookies
Security Now (Audio)August 07, 2024
986
2:02:0956.06 MB

SN 986: How Revoking! - Crowdstrike Damage, Firefox Cookies

Platform Key Disclosure Firefox's 3rd-party Cookie mess The W3C Finally Weighs-in CrowdStrike Damages. GRC's Email How Revoking! Show Notes - https://www.grc.com/sn/SN-986-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get ep...

SN 985: Platform Key Disclosure - Crowdstrike Post-mortem, Entrust Update
Security Now (Audio)July 31, 2024
985
2:30:1968.95 MB

SN 985: Platform Key Disclosure - Crowdstrike Post-mortem, Entrust Update

Crowdstrike post-mortem PiDP-11 What Crowdstrike is fixing Marcus Hutchins on who is to blame Entrust's Updated Info 3rd-Party Cookie Surprise Security training firm mistakenly hires a North Korean attacker Google and 3rd party cookies Google's influence The auto industry and data brokers DNS Bench...

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

Cellebrite unlocks Trump's would-be assassin's phone. Cisco reported on a CVSS of 10.0 Entrust drops the other shoe Google gives up on removing 3rd-party cookies Miscellany Snowflake and data warehouse applications CDK auto dealership outage Polyfill.io and resource hashes MITM Blocking Copilot Blo...

SN 983: A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack
Security Now (Audio)July 17, 2024
983
2:07:1158.39 MB

SN 983: A Snowflake's Chance - CDN Safety, Microsoft's Behavior, CDK Ransomware Attack

Using Content Delivery Networks Safely The CDK Global Ransomware Attack The IRS and Entrust Polyfill.io fallout Microsoft's Behavior A Snowflake's Chance Show Notes - https://www.grc.com/sn/SN-983-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/sh...

SN 982: The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks
Security Now (Audio)July 10, 2024
982
1:57:2253.91 MB

SN 982: The Polyfill.io Attack - Entrust Responds, Passkey Redaction Attacks

Entrust Responds Other major Certificate Authorities respond Passkey Redaction Attacks Syncing passkeys Port Knocking Fail2Ban The Polyfill.io Attack Show Notes - https://www.grc.com/sn/SN-982-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/...

SN 981: The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust

SN 981: The End of Entrust Trust - Open SSH Vulnerability, SyncThing, Endtrust

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get episodes ad-free...

SN 980: The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
Security Now (Audio)June 26, 2024
980
2:03:4456.82 MB

SN 980: The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox

Expected follow-up on CVE-2024-30078 From Russia with Love An EU privacy agency complains about Google's Privacy Sandbox? Email @ GRC Security Now SPAM? Orange Tsai needs help! Recall and 3rd Party Leakage Errata The Mixed Blessing of a Crappy PRNG Show Notes - https://www.grc.com/sn/SN-980-Notes.p...

SN 979: The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute
Security Now (Audio)June 19, 2024
979
2:14:0761.56 MB

SN 979: The Angle of the Dangle - "Recall" Recall, IT at the NYT, Private Cloud Compute

CVE-2024-30078 "Recall" has been recalled Matthew Green on Apple's Private Cloud Compute A WGET flaw with a CVSS of 10.0? Thou shall not Resolve! Email @ GRC Downloading email with MailStore Home IT at The New York Times ReMarkable The Angle of the Dangle Show Notes - https://www.grc.com/sn/SN-979-...

SN 978: The Rise and Fall of code.microsoft.com - Apple Password Manager, AI Coding
Security Now (Audio)June 12, 2024
978
2:20:5464.68 MB

SN 978: The Rise and Fall of code.microsoft.com - Apple Password Manager, AI Coding

MS on Recall changes Thanks for the "Memory" New York Times (and Wordle) leak Apple's own password manager app DJI drones on the defensive SlashData reveals some interesting developer statistics Are we going to turn programming over to AIs? The Linux Kernel Project goes CVE crazy Email @ GRC Pizza ...

SN 977: A Large Language Model in Every Pot - Problems With Recall, End of ICQ, Email @ GRC
Security Now (Audio)June 05, 2024
977
1:55:2953.08 MB

SN 977: A Large Language Model in Every Pot - Problems With Recall, End of ICQ, Email @ GRC

"Tornado Notes" Email @ GRC Have I Been Pwned? A new "supply chain" attack vector Another CA in the DogHouse ICQ to shutter its service Steve reviews "Déjà vu" Hide my email Security in Windows SpinRite update A Large Language Model in Every Pot Show Notes - https://www.grc.com/sn/SN-977-Notes.pdf ...

SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

The bigger problem with AI Overview https://udm14.com/ -and- https://tenbluelinks.org/ The horses have left the barn VPNs and Firewalls Email @ GRC Extension to fix Google search Passwords and SPAM Fixing motherboard components Vertical tabs in Firefox FritzBox routers Too many PINs More Google sea...