Security Now

SN 753: Promiscuous Cookies

Security Now - Tue, 02/11/2020 - 10:03pm
  • Twitter, Google, and Facebook tell Clearview AI to stop stealing your face to catch crooks
  • The NIST is testing methods to recover data from smashed smartphones
  • Whoa! We get to REMAIN with Security Essentials under Windows 7!
  • Microsoft drops a fix for the wallpaper stretch black screen
  • Windows 7 users are being told: "You don't have permission to shut down this computer."
  • Win10 Firefox users being "reminded" about Edge
  • Last week Google closed an Android RCE flaw in the BlueTooth daemon.
  • Data Exfiltration Technique of the Week
  • CIA Uses Crypto AG to spy on the world
  • Chrome 80 appeared last week with its implementation of the updated handling of the optional "SameSite" enforcement cookie property

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 752: The Little Red Wagon

Security Now - Tue, 02/04/2020 - 9:31pm

This Week's Stories:

  • - L1D Eviction Sampling becomes "CacheOut"
  • - Only one final version of Windows?
  • - Windows 7 and the Free Software Foundation
  • - Windows 7's final patch broke wallpaper stretching
  • - RCE Exploit for Windows RDP Gateway Demoed by Researcher
  • - Google more than doubles its own bug bounty record
  • - The return of Roskomnadzor!
  • - Facebook DID get fined, but not by Russia
  • - who exactly owns our biometric data?
  • - Avast Jumpshot missed the hoop
  • - An Update on the WireGuard VPN in the Linux kernel
  • - In this week's Best Hack of the New Decade... a little red wagon

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 751: SHAmbles

Security Now - Tue, 01/28/2020 - 8:37pm

This Week's Stories:

  • - Is Apple actually encrypting our iCloud storage backups?
  • - 250 Million Microsoft Customer Support Records Exposed Online
  • - New York state is aiming to ban the use of public funds for Ransomware
  • - New Muhstik Botnet Attacks Target Tomato Routers
  • - Chrome under attack from browser extensions
  • - Firefox under attack from browser extensions
  • - NIST publishes a new Privacy Framework
  • - Hacker Leaks More Than 500K Telnet Credentials for IoT Devices
  • - A Welcome "Micro Patch" for the Windows IE jscript.dll 0-day vulnerability
  • - SHA-1 is a Shambles.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsor:

Categories: Security Now

SN 750: The Crypto CurveBall

Security Now - Tue, 01/21/2020 - 9:41pm

This Week's Stories:

  • - iPhones join Android in being a Google account security key.
  • - How much "substantive assistance" did Apple provide in the Pensacola investigation?
  • - A brand new serious Internet Explorer 0-day
  • - Giving Windows an additional Edge
  • - FBI says nation-state actors breached a US city government and a US financial entity by exploiting Pulse Secure VPN servers.
  • - Critical new Windows Remote Desktop Gateway (RD Gateway) remote code execution vulnerability
  • - SQRL for Drupal
  • - Microsoft issues security update to fix "CurveBall" vulnerability

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now