 
Picture of the Week. 
0-Day Watch. 
Spring Forward (Java: Spring4Shell) 
QNAP and the OpenSSL DoS vulnerability. 
Sophos has a 9.8. 
CISA orders federal civilian agencies to patch the Sophos vulnerability. 
Browser-in-the-browser. 
The supply-chain attacks on NPM have been growing. 
FinFisher bites the dust. 
A LAPSUS$ in judgment. 
Not so Wyze. 
Closing The Loop. 
Port Knocking. 
We invite you to read our show notes at https://www.grc.com/sn/SN-865-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now! at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bitwarden.com/twit
itpro.tv/securitynow  promo code SN30
kolide.com/securitynow


SN 865: Port Knocking - Wyze Gets Spanked, FinFisher Bites the Dust, Spring4Shell, LAPSUS$ Update

Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.

Technology

Tech News

Podcasting

Gadgets

Software How-To

 
The bigger problem with AI Overview 
https://udm14.com/ -and- https://tenbluelinks.org/ 
The horses have left the barn 
VPNs and Firewalls 
Email @ GRC 
Extension to fix Google search 
Passwords and SPAM 
Fixing motherboard components 
Vertical tabs in Firefox 
FritzBox routers 
Too many PINs 
More Google search fixes 
Testing Windows XP 
The 50 Gigabyte Privacy Bomb 
Show Notes - https://www.grc.com/sn/SN-976-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT
bitwarden.com/twit
1bigthink.com


SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

 
When you're the biggest target... 
Searching for Search 
How long will a Windows XP machine survive unprotected on the Internet? 
Free Laundry 
VPNs and Firewalls 
Netgate SG1100 
Ad Industry vs. Google Privacy Sandbox 
Bitwarden and passkeys 
Token2 passkey dongle 
312 Scientists & Researchers Respond 
Show Notes - https://www.grc.com/sn/SN-975-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
1bigthink.com
business.eset.com/twit
mylio.com/twit


SN 975: 312 Scientists & Researchers Respond - 3 Chrome Zero-Days, Free Laundry

 
Picture of the Week. 
Most to least common 4-digit pins. 
Enhanced LORAN. 
Passkeys. 
Microsoft's Head in the Clouds. 
Show Notes - https://www.grc.com/sn/SN-974-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
1bigthink.com
zscaler.com/zerotrustAI
kolide.com/securitynow
joindeleteme.com/twit promo code TWIT


SN 974: Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft

 
The vulnerability of GPS 
Is the sky falling on all VPN systems? 
Multi-user Passkeys, YubiKeys? 
The iCloud Keychain 
The UK and Google's Topics 
Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Melissa.com/twit
kolide.com/securitynow
lookout.com
bitwarden.com/twit


SN 973: Not So Fast - GPS Vulnerabilites, VPN Flaw

 
GCHQ: No more default passwords for consumer IoT devices! 
What happened with Chrome and 3rd-party cookies? 
Race conditions and multi-threading 
GM "accidentally" enrolled millions into "OnStar Smart Driver +" program 
Steve recommends Ryk Brown's "Frontiers Saga" 
SpinRite update 
Passkeys: A Shattered Dream? 
Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf 
Hosts: Steve Gibson and Leo Laporte 
Download or subscribe to this show at https://twit.tv/shows/security-now. 
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit 
You can submit a question to Security Now at the GRC Feedback Page. 
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
business.eset.com/twit
vanta.com/SECURITYNOW
1bigthink.com
lookout.com


SN 865: Port Knocking - Wyze Gets Spanked, FinFisher Bites the Dust, Spring4Shell, LAPSUS$ Update

Download our free app to listen on your phone