Picture of the Week.
Lots of welcome progress on the ransomware front.
Pwn2Own Austin: Last Tuesday-Thursday largest ever 3-day Fall 2021 Pwn2Own.
Windows 11 snipping tool, its emoji picker, and other parts are failing.
Trouble being created by unpatched GitLab servers.
More supply chain attacks.
If it's Tuesday...
Cisco's DEFAULT SSH key.
U.S. Federal agencies have been ordered to patch hundreds of actively exploited flaws.
Closing The Loop.
SpinRite.
Bluetooth Fingerprinting.
We invite you to read our show notes at https://www.grc.com/sn/SN-844-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now! at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
itpro.tv/securitynow  promo code SN30
bitwarden.com/twit
wwt.com/twit


SN 844: Bluetooth Fingerprinting - Pwn2Own Austin, Unpatched GitLab Servers, Cisco's DEFAULT SSH Key

Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Technology

Tech News

Podcasting

Gadgets

Software How-To

 
The bigger problem with AI Overview 
https://udm14.com/ -and- https://tenbluelinks.org/ 
The horses have left the barn 
VPNs and Firewalls 
Email @ GRC 
Extension to fix Google search 
Passwords and SPAM 
Fixing motherboard components 
Vertical tabs in Firefox 
FritzBox routers 
Too many PINs 
More Google search fixes 
Testing Windows XP 
The 50 Gigabyte Privacy Bomb 
Show Notes - https://www.grc.com/sn/SN-976-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT
bitwarden.com/twit
1bigthink.com


SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

 
When you're the biggest target... 
Searching for Search 
How long will a Windows XP machine survive unprotected on the Internet? 
Free Laundry 
VPNs and Firewalls 
Netgate SG1100 
Ad Industry vs. Google Privacy Sandbox 
Bitwarden and passkeys 
Token2 passkey dongle 
312 Scientists & Researchers Respond 
Show Notes - https://www.grc.com/sn/SN-975-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
1bigthink.com
business.eset.com/twit
mylio.com/twit


SN 975: 312 Scientists & Researchers Respond - 3 Chrome Zero-Days, Free Laundry

 
Picture of the Week. 
Most to least common 4-digit pins. 
Enhanced LORAN. 
Passkeys. 
Microsoft's Head in the Clouds. 
Show Notes - https://www.grc.com/sn/SN-974-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
1bigthink.com
zscaler.com/zerotrustAI
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT


SN 974: Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft

 
The vulnerability of GPS 
Is the sky falling on all VPN systems? 
Multi-user Passkeys, YubiKeys? 
The iCloud Keychain 
The UK and Google's Topics 
Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Melissa.com/twit
kolide.com/securitynow
lookout.com
bitwarden.com/twit


SN 973: Not So Fast - GPS Vulnerabilites, VPN Flaw

 
GCHQ: No more default passwords for consumer IoT devices! 
What happened with Chrome and 3rd-party cookies? 
Race conditions and multi-threading 
GM "accidentally" enrolled millions into "OnStar Smart Driver +" program 
Steve recommends Ryk Brown's "Frontiers Saga" 
SpinRite update 
Passkeys: A Shattered Dream? 
Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
business.eset.com/twit
vanta.com/SECURITYNOW
1bigthink.com
lookout.com


SN 844: Bluetooth Fingerprinting - Pwn2Own Austin, Unpatched GitLab Servers, Cisco's DEFAULT SSH Key

Download our free app to listen on your phone