Summary: <ul> <li>The increasing feasibility of making a sustainable career out of hunting for software bugs</li> <li>A newly available improvement in Spectre mitigation performance and who can try it now</li> <li>Adobe's ColdFusion emergency and patch,</li> <li>More problems with A/V and self-signed certs</li> <li>A Docker vulnerability being exploited in the wild</li> <li>The end of Coinhive</li> <li>A new major Wireshark release</li> <li>A nifty web browser website screenshot hack</li> <li>Continuing troubles with the over-privileged Thunderbolt interface</li> <li>Bot-based credential stuffing attacks</li> </ul><p>We invite you to read our show notes at <a href="https://www.grc.com/sn/SN-704-Notes.pdf">https://www.grc.com/sn/SN-704-Notes.pdf</a></p> <p><strong>Hosts:</strong> <a href="https://twit.tv/people/steve-gibson">Steve Gibson</a> and <a href="https://twit.tv/people/leo-laporte">Leo Laporte</a></p> <p>Download or subscribe to this show at <a href="https://twit.tv/shows/security-now">https://twit.tv/shows/security-now</a>.</p> <p>You can submit a question to Security Now! at the <a href="https://www.grc.com/feedback.htm" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="https://www.grc.com/securitynow.htm" target="_blank">grc.com</a>, also the home of the best disk maintenance and recovery utility ever written <a href="https://www.grc.com/sr/spinrite.htm" target="_blank">Spinrite 6</a>.</p> <p><strong>Sponsors:</strong></p><ul> <li><a href="https://securitynow.cachefly.com">securitynow.cachefly.com</a></li> <li><a href="http://ZipRecruiter.com/securitynow">ZipRecruiter.com/securitynow</a></li> <li><a href="http://LastPass.com/twit">LastPass.com/twit</a></li> </ul>
