Security Now (Audio)

This week as we examine still another new Spectre processor speculation attack, some news on DRAM hammering attacks and mitigation, the consequences of freely available malware source code, the reemergence of concern over DNS rebinding attacks, Venmo's very public transaction log, more Russian shenanigans, the emergence of flash botnets, Apple continuing move of Chinese data to China, another (the 5th) Cisco secret backdoor found, an optional missing Windows patch from last week, a bit of Firefox news and piece of errata... and then we look at "The Data Transfer Project" which, I think, marks a major step of maturity for our industry. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: LastPass.com/twit RocketMortgage.com/SecurityNow expressvpn.com/securitynow

This week we look at even MORE, new, Spectre-related attacks, highlights from last Tuesday's monthly patch event, advances in GPS spoofing technology, GitHub's welcome help with security dependencies, Chrome's new (or forthcoming) "Site Isolation" feature, when hackers DO look behind the routers they commandeer, the consequences of deliberate BGP routing misbehavior... and reading between the lines of last Friday's DOJ indictment of the US 2016 election hacking by 12 Russian operatives -- the US appears to really have been "all up in their business." Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: ITPro.TV/securitynow - use code: SN30 duo.com

This week we discuss another worrisome trend in malware, another fitness tracking mapping incident and mistake, something to warn our friends and family to ignore, the value of periodically auditing previously-granted web app permissions, when malware gets picky about the machines it infects, another kinda-well-meaning Coinhive service gets abused, what are the implications of D-Link losing control of its code signing cert?, some good news about Android apps, iOS v11.4.1 introduces "USB Restricted Mode"... but is it?, a public service reminder about the need to wipe old thumb drives and memory cards, what about those free USB fans that were handed out at the recent North Korea / US summit?... and then we take a look at eMail's STARTTLS system and the EFF's latest initiative to increase its usefulness and security. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: canary.tools/twit - use code: TWIT Moogsoft.com RocketMortgage.com/SecurityNow

This week we discuss the interesting case of a VirusTotal upload... or was it?, newly discovered problems with our 4G LTE... and even what follows, another new EFF encryption initiative, troubles with Spectre and Meltdown in some browsers, the evolution of UPnP-enabled attacks, an unpatched Wordpress vulnerability that doesn't appear to be worrying the Wordpress devs... and an early look at next year's forthcoming WPA3 standard... which appears to fix everything! We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: expressvpn.com/securitynow LastPass.com/twit RING.COM/SecurityNow

This week we examine some new side-channel worries and vulnerabilities, did Mandiant "hack back" on China?, more trouble with browsers, the big Google Firebase mess, sharing a bit of my dead system resurrection, and a look at the recent Supreme Court decision addressing cellular location privacy. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: Moogsoft.com duo.com ITPro.TV/securitynow - use code: SN30

This week we examine a rather "mega" patch Tuesday, a nifty hack of Win10's Cortana, Microsoft's official "when do we patch" guidelines, the continuing tweaking of web browser behavior for our sanity, a widespread Windows 10 rootkit, the resurgence of the Satori IoT botnet, clipboard monitoring malware, a forthcoming change in Chrome's extensions policy, hacking apparent download counts on the Android store, some miscellany, an update on the status of Spectre & Meltdown... and yes, yet another brand new speculative execution vulnerability our OSes will be needing to patch against. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: RocketMortgage.com/SecurityNow www.capitalone.com/eno/virtualnumbers WordPress.com/securitynow

This week we update again on VPNFilter, look at another new emerging threat, check in on Drupalgeddon2, examine a very troubling remote Android vulnerability under active wormable exploitation, take stock of Cisco's multiple firmware backdoors, look at a new cryptomining strategy, the evolution of Russian state-sponsored cybercrime, a genealogy service that lost its user database, ongoing Russian censorship, another Adobe FLASH mess, and a check-in on how Marcus Hutchins is doing. Then we look at yet another huge mess resulting from insecure interpreters. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: RING.COM/SecurityNow canary.tools/twit - use code: TWIT LastPass.com/twit

This week we discuss yesterday's further good privacy news from Apple, the continuation of VPNFilter, an extremely clever web browser cross-site information leakage side-channel attack, Microsoft Research's fork of OpenVPN for security in a post-quantum world, Microsoft drops the ball on a 0-day remote code execution vulnerability in JScript, Valve finally patches a longstanding and very potent RCE vulnerability, Redis caching servers continue to be in serious trouble, a previously patched IE 0-day continues to find victims, Google's latest Chrome browser has removed support for HTTP public key pinning (HPKP), and... what is "Certificate Transparency" and why do we need it? We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: FreshBooks.com/securitynow RocketMortgage.com/SecurityNow ITPro.TV/securitynow - use code: SN30

This week we will examine two incredibly clever, new (and bad) attacks named eFail and Throwhammer. But first we catchup on the rest of the past week's security and privacy news, including the evolution of UPnProxy, a worrisome flaw discovered in a very popular web development platform, the 1st anniversary of EternalBlue, the exploitation of those GPON routers, this week's disgusting security head shaker, a summary of the RSA conference's security practices survey, the appearance of persistent IoT malware, a significant misconception about hard drive failure, an interesting bit of listener feedback... then a look at two VERY clever new attacks. We invite you to read the show notes! Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: ITPro.TV/securitynow - use code: SN30 ZipRecruiter.com/securitynow

This week we begin by updating the status of several ongoing security stories: Russia vs Telegram, DrupalGeddon2, and the return of RowHammer. We will conclude with MAJOR new bad news related to Spectre. We also have a new cryptomalware, Twitter's in-the-clear passwords mistake, New Android 'P' security features, a crazy service for GDPR compliance, Firefox's sponsored content plan, another million routers being attacked, More deliberately compromised JavaScript found in the wild, a new Microsoft Meltdown mistake, a comprehensive Windows command reference, and signs of future encrypted Twitter DMs. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: canary.tools/twit - use code: TWIT www.capitalone.com/eno/virtualnumbers

Windows 10 got a new spring in its step, Microsoft further patches Intel microcode, even the UK's NHS plans to update, another hack of modern connected autos, Oracle's botched WebLogic patch, an interesting BSOD-on-demand Windows hack, a PDF credentials theft hack (which Adobe won't fix), your Echo may be listening to you, a powerful Hotel keycard hack, a bit of errata and feedback, and a discussion of another Microsoft-driven security initiative. We invite you to read our show notes. Hosts: Steve Gibson and Fr. Robert Ballecer, SJ Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: RocketMortgage.com/SecurityNow RING.COM/SecurityNow FreshBooks.com/securitynow

This week we discuss Drupalgeddon2 continuing to unfold right on plan, the Orangeworm takes aim at medical equipment and companies, the FDA moves forward on requiring device updates, Microsoft leads a new Cybersecurity Tech Accord, another instance of loud noises and hard drives not mixing, considerations for naming your WiFi network, the unappreciated needs of consumer routers, Google's new unencrypted messaging app push, Amazon pulls the trigger on "in-car" package delivery, the first puzzle recommendation in a long time, and Microsoft's move to secure the IoT space. We invite you to read our show notes. Hosts: Steve Gibson and Fr. Robert Ballecer, SJ Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: LastPass.com/twit ITPro.TV/securitynow - use code: SN30 WordPress.com/securitynow

This week we discuss AMD's release of their long-awaited Spectre variant 2 microcode patches, the end of Telegram messenger in Russia, the on-time arrival of Drupalgeddon2, Firefox and TLS v1.3, the new and widespread UPnProxy attacks, Microsoft's reversal on no longer providing Windows security updates without A/V installed, Google Chrome's decision to prematurely remove HTTP cookies, the Android "patch gap", renewed worries over old and insecure Bitcoin crypto, new attacks on old IIS, a WhatsApp photo used for police forensics, and an IoT vulnerability from our "you can't make this stuff up" department. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: ZipRecruiter.com/securitynow RocketMortgage.com/SecurityNow www.capitalone.com/eno/virtualnumbers

This week we discuss Intel's big Spectre microcode announcement, Telegram is not long for Russia, the US law enforcement's continuing push for "lawful decryption", more state-level net neutrality news, Win10's replacement for "Disk Cleanup", a bug bounty policy update, some follow-up to last week's Quad-1 DNS conversation, why clocks had been running slow throughout Europe... then a look at the deprecation of earlier version of TLS and a big Cisco mistake. We invite you to read our show notes. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: RING.COM/SecurityNow turbotaxlive.com/securitynow canary.tools/twit - use code: TWIT

This week we discuss "DrupalGeddon2", Cloudflare's new DNS offering, a reminder about GRC's DNS Benchmark, Microsoft's Meltdown meltdown, the persistent iOS QR Code flaw and its long-awaited v11.3 update, another VPN user IP leak, more bug bounty news, an ill-fated-seeming new eMail initiative, Free electricity, a policy change at Google's Chrome store, another "please change your passwords" after another website breach, a bit of miscellany, a heart-warming SpinRite report, some closing the loop feedback from our terrific listeners, and a closer look at the Swiss encrypted ProtonMail service. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Bandwidth for Security Now is provided by CacheFly. Sponsors: RocketMortgage.com/SecurityNow FreshBooks.com/securitynow ITPro.TV/securitynow - use code: SN30