Security Now

SN 719: Exim Under Siege

Security Now (Audio)

A new DRAM problem called "RAMBleed"
A bad Linux TCP SACK server kernel crashing flaw
Last week's patch Tuesday
A Bluetooth surprise
Another useless warning about the BlueKeep vulnerability
Microsoft misses a 90-day Tavis Ormandy deadline
Good news about GandCrab wrapup
Yubico's entropy mistake
Post-announce SQRL news
Our favorite iOS security app
Attacks on Exim mail servers and other pending disasters

We invite you to read our show notes at https://www.grc.com/sn/SN-719-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 718: Update Exim Now!

Security Now (Audio)

SandboxEscaper drops another 0-day
The still-not-yet-widely-exploited BlueKeep vulnerability
GoldBrute Botnet pounding on RDP servers (but not yet using BlueKeep)
The FBI issued an interesting advisory about not trusting secure sites just because they're secure
VLC receives 33 security bug fixes
Microsoft's Edge browser takes another step forward
Mozilla reorganizes
MUST HAVE utility of the week: DNS Query Sniffer
The first formal full release of SQRL
Anyone running an Exim mail server needs to update immediately!

We invite you to read our show notes at https://www.grc.com/sn/SN-718-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 717: The Nansh0u Campaign

Security Now (Audio)

Checking in on the BlueKeep RDP vulnerability
The planned shutdown of one of the most "successful" affiliate-based ransomware systems
An update on the anti-Robocalling problem
Russian and Chinese militaries plan to quit using Windows
Apple's announcement yesterday of their forthcoming "Sign in with Apple" service
The Nansh0u campaign, apparently sourced from China, has successfully compromised many tens of thousands of servers exposed to the Internet.

We invite you to read our show notes at https://www.grc.com/sn/SN-717-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 716: RDP - Really Do Patch

Security Now (Audio)

The Internet is Doomed: BlueKeep Attacks Windows Remote Desktop Protocol
Google Stores Unhashed G Suite Passwords
Sandbox Escaper Drops FIVE New Zero-Day Exploits
Microsoft's Just-released Win10 Feature Update 1903
Security Enhancements in Firefox's Release 67

We invite you to read our show notes at https://www.grc.com/sn/SN-716-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 715: CPU.fail

Security Now (Audio)

This Week's Stories
The next round of Intel processor information leakage problems: Microarchitectural Data Sampling vulnerabilities
Last Tuesday's patches from Microsoft, Adobe and Apple includes one for Windows XP
Security problem for Cisco that ever has stock analysts taking notice
Ongoing troubles with the cryptocurrency market
Trouble with Google's Titan Bluetooth dongle
Another monthly problem with Windows 10 updates

We invite you to read our show notes at https://www.grc.com/sn/SN-715-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 714: Android 'Q'

Security Now (Audio)

This Week's Stories
Update WhatsApp NOW!
Security News from Google I/O 2019 conference
A new exploitable flaw in all Linux kernels earlier than v5.0.8
A new set of flaws affecting all Intel processors known as "ZombieLoad"
Security enhancements in Android Q.

We invite you to read our show notes at https://www.grc.com/sn/SN-714-Notes.pdf





Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 713: Post-Coinhive Cryptojacking

Security Now (Audio)

This Week's Stories

  • The continuing and changing world of cryptojacking after Coinhive closed their doors last month.
  • Google's announcement of self-expiring data retention
  • The mess arising from Mozilla's intermediate certificate expiration
  • Another wrinkle in the exploit marketplace
  • Mozilla's announcement about deliberate code obfuscation
  • A hacker who hacked at least 29 other botnet hackers
  • A warning about a very popular D-Link netcam
  • Who's paying and who's receiving bug bounties by country
  • Another User-Agent gotcha with Google Docs
  • A problem with Google Earth on the new Chromium-Edge browser
  • A bit more about Edge's future just dropped at the start of Microsoft's Build 2019 conference.

We invite you to read our show notes at https://www.grc.com/sn/SN-713-Notes.pdf

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 712: Credential Stuffing Attacks

Security Now (Audio)

  • The large and emerging threat of website credential stuffing attacks.
  • Privacy fallout from our recent coverage of Facebook and Google
  • The uptake rate of recent Windows 10 feature releases
  • The source of the A/V troubles with the April patch Tuesday updates
  • The NIST's formal fuzzing development
  • A massive and ongoing database data leak involving more than half of all American households
  • Windows Insiders are already finding that their systems won't update to the May 2019 feature update.
  • United Airlines passengers have noticed and been understandably upset by seatback cameras pointing at them.

We invite you to read our show notes at https://www.grc.com/sn/SN-712-Notes.pdf

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 711: DNSpionage

Security Now (Audio)

Top Security Stories this Week:

  • Google uses its "sensorvault" to help catch the bad guys.
  • Time to update Drupal again.
  • Facebook steals users' email contact lists, logs plaintext Instagram passwords
  • Russia moves closer to adopting "Internet Master Cutoff Switch" legislation.
  • A reminder that "USB Killers" are a real thing.
  • Marcus Hutchins' plea deal
  • A new(ish) actively exploited Windows 0-day
  • A bunch of Microsoft Edge news
  • Windows 7 end-of-life notices
  • Something from the "I did say this was bound to happen" department
  • Detailed threat research from Cisco's Talos group about the leveraging of DNS espionage.

We invite you to read our show notes at https://www.grc.com/sn/SN-711-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:



SN 710: DragonBlood

Security Now (Audio)

  • DragonBlood: the first effective attack on the new WPA3 protocol
  • Malicious use of the URL tracking "ping" attribute
  • The WinRAR Nightmare
  • More 3rd-party A/V troubles with Microsoft
  • What good did April's patch Tuesday accomplish?
  • Adobe 's big patch Tuesday
  • Google considering automatically blocking "high risk" downloads
  • Russia's Roskomnadzor finally lowers the boom on Facebook
  • The incredible Taj Mahal APT framework

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:




Select a Feed

Boston Bruins News
Fred Langa at Information Week
Security Now
Deal Detective
Cheap Stingy Bargains
NY Times National Headlines
Boston Red Sox News
New Egg's Hottest Deals



Back To Top
© 1998 - 2019 psacake.com | My3C's

Version 7.2 | Advertise on this site