Security Now

SN 714: Android 'Q'

Security Now - Tue, 05/14/2019 - 10:19pm

This Week's Stories
• Update WhatsApp NOW!
• Security News from Google I/O 2019 conference
• A new exploitable flaw in all Linux kernels earlier than v5.0.8
• A new set of flaws affecting all Intel processors known as "ZombieLoad"
• Security enhancements in Android Q.

We invite you to read our show notes at https://www.grc.com/sn/SN-714-Notes.pdf





Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 713: Post-Coinhive Cryptojacking

Security Now - Tue, 05/07/2019 - 11:01pm

This Week's Stories
• The continuing and changing world of cryptojacking after Coinhive closed their doors last month.
• Google's announcement of self-expiring data retention
• The mess arising from Mozilla's intermediate certificate expiration
• Another wrinkle in the exploit marketplace
• Mozilla's announcement about deliberate code obfuscation
• A hacker who hacked at least 29 other botnet hackers
• A warning about a very popular D-Link netcam
• Who's paying and who's receiving bug bounties by country
• Another User-Agent gotcha with Google Docs
• A problem with Google Earth on the new Chromium-Edge browser
• A bit more about Edge's future just dropped at the start of Microsoft's Build 2019 conference.

We invite you to read our show notes at https://www.grc.com/sn/SN-713-Notes.pdf

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 712: Credential Stuffing Attacks

Security Now - Tue, 04/30/2019 - 10:15pm

• The large and emerging threat of website credential stuffing attacks.
• Privacy fallout from our recent coverage of Facebook and Google
• The uptake rate of recent Windows 10 feature releases
• The source of the A/V troubles with the April patch Tuesday updates
• The NIST's formal fuzzing development
• A massive and ongoing database data leak involving more than half of all American households
• Windows Insiders are already finding that their systems won't update to the May 2019 feature update.
• United Airlines passengers have noticed and been understandably upset by seatback cameras pointing at them.

We invite you to read our show notes at https://www.grc.com/sn/SN-712-Notes.pdf

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 711: DNSpionage

Security Now - Tue, 04/23/2019 - 10:26pm

Top Security Stories this Week:
• Google uses its "SensorVault" to help catch the bad guys.
• Time to update Drupal again.
• Facebook steals users' email contact lists, logs plaintext Instagram passwords
• Russia moves closer to adopting "Internet Master Cutoff Switch" legislation.
• A reminder that "USB Killers" are a real thing.
• Marcus Hutchins' plea deal
• A new(ish) actively exploited Windows 0-day
• A bunch of Microsoft Edge news
• Windows 7 end-of-life notices
• Something from the "I did say this was bound to happen" department
• Detailed threat research from Cisco's Talos group about the leveraging of DNS epionage.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now