Security Now
SN 753: Promiscuous Cookies
- Twitter, Google, and Facebook tell Clearview AI to stop stealing your face to catch crooks
- The NIST is testing methods to recover data from smashed smartphones
- Whoa! We get to REMAIN with Security Essentials under Windows 7!
- Microsoft drops a fix for the wallpaper stretch black screen
- Windows 7 users are being told: "You don't have permission to shut down this computer."
- Win10 Firefox users being "reminded" about Edge
- Last week Google closed an Android RCE flaw in the BlueTooth daemon.
- Data Exfiltration Technique of the Week
- CIA Uses Crypto AG to spy on the world
- Chrome 80 appeared last week with its implementation of the updated handling of the optional "SameSite" enforcement cookie property
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
SN 752: The Little Red Wagon
This Week's Stories:
- - L1D Eviction Sampling becomes "CacheOut"
- - Only one final version of Windows?
- - Windows 7 and the Free Software Foundation
- - Windows 7's final patch broke wallpaper stretching
- - RCE Exploit for Windows RDP Gateway Demoed by Researcher
- - Google more than doubles its own bug bounty record
- - The return of Roskomnadzor!
- - Facebook DID get fined, but not by Russia
- - who exactly owns our biometric data?
- - Avast Jumpshot missed the hoop
- - An Update on the WireGuard VPN in the Linux kernel
- - In this week's Best Hack of the New Decade... a little red wagon
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
SN 751: SHAmbles
This Week's Stories:
- - Is Apple actually encrypting our iCloud storage backups?
- - 250 Million Microsoft Customer Support Records Exposed Online
- - New York state is aiming to ban the use of public funds for Ransomware
- - New Muhstik Botnet Attacks Target Tomato Routers
- - Chrome under attack from browser extensions
- - Firefox under attack from browser extensions
- - NIST publishes a new Privacy Framework
- - Hacker Leaks More Than 500K Telnet Credentials for IoT Devices
- - A Welcome "Micro Patch" for the Windows IE jscript.dll 0-day vulnerability
- - SHA-1 is a Shambles.
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsor:
SN 750: The Crypto CurveBall
This Week's Stories:
- - iPhones join Android in being a Google account security key.
- - How much "substantive assistance" did Apple provide in the Pensacola investigation?
- - A brand new serious Internet Explorer 0-day
- - Giving Windows an additional Edge
- - FBI says nation-state actors breached a US city government and a US financial entity by exploiting Pulse Secure VPN servers.
- - Critical new Windows Remote Desktop Gateway (RD Gateway) remote code execution vulnerability
- - SQRL for Drupal
- - Microsoft issues security update to fix "CurveBall" vulnerability
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors: