Security Now (Audio)

SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Listen Later

A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses.

  • The lowdown on last week's "no turn" picture of the week.
  • Is an AI-driven hacking campaign a big deal now.
  • Clause used in multiple Mexican government attacks.
  • Apple continues to be confronted with age restrictions.
  • COPPA needs an exception to allow age collection.
  • Meta swamps law enforcement with AI-slop CSAM reports.
  • Roskomnadzor has been busy blocking VPNs. Guess how many.
  • The UK tries to report their self-scanning success.
  • Remember that hacker who extorted the psychotherapy patients.
  • Scattered Lapsus$ Hunters is actively recruiting women.
  • Cisco lands another breathtakingly rare 10.0 CVSS.
  • VulnCheck's report on 2025 vulnerabilities and exploits.
  • Steve discovers a fabulous $72 Hardware Security Module.
  • A listener shares an interesting AI service discovery.
  • The very potent "ClickFix" exploit evolves

    • Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to Security Now at https://twit.tv/shows/security-now.

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Join Club TWiT for Ad-Free Podcasts!

    Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

    Sponsors:

    • meter.com/securitynow
    • guardsquare.com
    • threatlocker.com/twit
    • adaptivesecurity.com
    • outsystems.com/twit

      • ...more
      View all episodesView all episodes
      Download on the App Store
      Security Now (Audio)By TWiT
      • 5
      • 5
      • 5
      • 5
      • 5

      5

      3 ratings

      More shows like Security Now (Audio)

      View all
      Global News Podcast by BBC World Service

      Global News Podcast

      7,821 Listeners

      No Agenda Show by Adam Curry & John C. Dvorak

      No Agenda Show

      5,976 Listeners

      Macworld Podcast by Foundry

      Macworld Podcast

      309 Listeners

      This Week in Tech (Audio) by TWiT

      This Week in Tech (Audio)

      3,062 Listeners

      Security Now (Audio) by TWiT

      Security Now (Audio)

      2,009 Listeners

      MacBreak Weekly (Audio) by TWiT

      MacBreak Weekly (Audio)

      2,011 Listeners

      Intelligent Machines (Audio) by TWiT

      Intelligent Machines (Audio)

      781 Listeners

      Accidental Tech Podcast by Marco Arment, Casey Liss, John Siracusa

      Accidental Tech Podcast

      2,142 Listeners

      LINUX Unplugged by Jupiter Broadcasting

      LINUX Unplugged

      275 Listeners

      The Amp Hour Electronics Podcast by The Amp Hour (Chris Gammell and David L Jones)

      The Amp Hour Electronics Podcast

      228 Listeners

      Smashing Security by Graham Cluley

      Smashing Security

      319 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,090 Listeners

      Tech Brew Ride Home by Morning Brew

      Tech Brew Ride Home

      971 Listeners

      This Week in Space (Audio) by TWiT

      This Week in Space (Audio)

      163 Listeners

      Risky Bulletin by Risky Business Media

      Risky Bulletin

      45 Listeners