Security Now

SN 759: TRRespass

Security Now - Tue, 03/24/2020 - 6:10pm

This week's stories:

  • Two new un-patched 0-days affecting billions of Windows users - here is the fix!
  • Mozilla reversed itself on TLS v1.0 and 1.1 deprecation... due to the coronavirus
  • A micropatch for Win7 and Server 2008
  • Chrome's release schedule has been impacted by the coronavirus
  • Avast emergency-disables their internal JavaScript emulator
  • CookieThief - "FireSheep evolves for the 21st century"
  • PwnToOwn Spring 2020 winners
  • Steve's coronavirus journey
  • The fixes for RowHammer have not worked

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 758: The SMBGhost Fiasco

Security Now - Tue, 03/17/2020 - 8:07pm

This Week's Stories:

  • Does Steve have coronavirus? Maybe? He got very sick over the weekend and is still coughing, but he couldn't get tested.
  • Mayhem ensues after last week's Patch Tuesday
  • List of free technology services during coronavirus, from Adobe to Zoom
  • The state of open source vulnerabilities
  • The "EARN IT" act is a despicable attack on encryption and freedom of speech. Please call your congressperson and tell them not to support it.
  • The SMBGhost Fiasco

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 757: The Fuzzy Bench

Security Now - Tue, 03/10/2020 - 9:54pm

This Week's Stories

  • Microsoft, Google, LogMeIn & Cisco offer limited-time free use of telecommuting Tools
  • Hack the Pentagon!
  • The Android security dilemma
  • AMD processors get some unwelcome but necessary side-channel attack scrutiny
  • Intel also has some serious new trouble on its hands
  • SETI@home shuts down its distributed computing project after 21 years
  • Critical PPP daemon flaw opens most Linux systems to remote hackers
  • FuzzBench: fuzzer benchmarking as a service

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 756: Kr00k

Security Now - Tue, 03/03/2020 - 11:08pm

This Week's Stories

  • Lets Encrypt hits 1 BILLION certs
  • Pakistan passes Internet censorship law
  • Clearview AI breach: clients and searches stolen
  • Swiss government submits criminal complaint over CIA Crypto spying scandal
  • Ghostcat - (Apache) Tomcat Users: Update NOW!
  • Revisiting OCSP Must Staple
  • Kr00k: serious WiFi vulnerability affecting more than a billion devices

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now