Security Now

• SN 1021: Device Bound Session Credentials - Hotpatching in Win 11, Apple vs. UK

  • Android to get "Lockdown Mode".
  • What's in the new editions of Chrome and Firefox?
  • Why did Apple silently re-enable automatic updates?
  • My new iPhone 16, Chinese tariffs and electronics.
  • Dynamic "hotpatching" coming to Win11 Enterprise & Edu.
  • Why is it so difficult for Oracle to fess up?
  • Another multi-year breach inside US Treasury.
  • An Apple -vs- the UK update.
  • "Thundermail" (Can't someone come up with a better name?)
  • The (in)Security of Programmable Logic Controllers.
  • When LLM's write code and hallucinate non-existent packages.
  • Wordpress core security and PHP gets an important audit.
  • Device-Bound Session Credentials update session cookie technology

  Show Notes - https://www.grc.com/sn/SN-1021-Notes.pdf

  Hosts: Steve Gibson and Leo Laporte

  Download or subscribe to Security Now at https://twit.tv/shows/security-now.

  You can submit a question to Security Now at the GRC Feedback Page.

  For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

  Join Club TWiT for Ad-Free Podcasts!
  Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

  Sponsors:

  • expressvpn.com/securitynow
  • vanta.com/SECURITYNOW
  • threatlocker.com for Security Now
  • legatosecurity.com
  • bitwarden.com/twit

• SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE

  • Canon printer driver vulnerabilities enable Windows kernel exploitation.
  • Astonishing cyber-security awareness from a household appliance manufacturer.
  • France tries to hook 2.5 million school children with a Phishing test.
  • Wordpress added an abuse prone feature in 2022. Guess what happened?
  • Oracle? Is there something you'd like to tell us?
  • Utah's governor just signed the App Store Accountability Act. Now what?
  • AI bots hungry for new data are DDoSing FOSS projects.
  • No Microsoft Account? No Microsoft Windows 11.
  • Gmail claims it now offers E2EE. It kinda sorta does. Somewhat.
  • A dreaded CVSS 10.0 was discovered in Apache Parquet.
  • A bunch of terrific listener feedback.
  • What's Multi-Perspective Issuance Corroboration and why must all certificate authorities now do it?

  Show Notes - https://www.grc.com/sn/SN-1020-Notes.pdf

  Hosts: Steve Gibson and Leo Laporte

  Download or subscribe to Security Now at https://twit.tv/shows/security-now.

  You can submit a question to Security Now at the GRC Feedback Page.

  For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

  Join Club TWiT for Ad-Free Podcasts!
  Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

  Sponsors:

  • material.security
  • threatlocker.com for Security Now
  • canary.tools/twit - use code: TWIT
  • joindeleteme.com/twit promo code TWIT
  • bitwarden.com/twit

• SN 1019: EU OS - Troy Hunt Phished, Ransomware List, InControl

  • Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard.
  • A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site.
  • Cloudflare completely pulls the plug on port 80 (HTTP) API access.
  • Malware is switching to obscure languages to avoid detection. FORTH, anyone?
  • Password reuse doesn't appear to be dropping. Cloudflare has numbers.
  • A listener shares his log of malicious Microsoft login attempts. Why no geofencing?
  • 23andMe down for the count (reminder).
  • A sobering Ransomware attack & victim listing website. Gulp!
  • "InControl" keeps VR planes aloft.
  • And the European Union gets serious about a switch to Linux

  Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf

  Hosts: Steve Gibson and Leo Laporte

  Download or subscribe to Security Now at https://twit.tv/shows/security-now.

  You can submit a question to Security Now at the GRC Feedback Page.

  For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

  Join Club TWiT for Ad-Free Podcasts!
  Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

  Sponsors:

  • drata.com/securitynow
  • outsystems.com/twit
  • bitwarden.com/twit
  • threatlocker.com for Security Now
  • legatosecurity.com

• SN 1018: The Quantum Threat - ESP32 Backdoor Update, RCS E2EE

  • The dangers of doing things you don't understand.
  • Espressif responds to the claims of an ESP32 backdoor.
  • A widely leveraged mistake Microsoft stubbornly refuses to correct.
  • A disturbingly simple remote takeover of Apache Tomcat servers.
  • A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards.
  • Google snapped up another cloud security firm but paid a price!
  • RCS messaging to soon get full end-to-end encryption (done right!).
  • How did an AI Crypto Chatbot lose $105,000?...and what is an AI Crypto Chatbot?
  • Looks like Oracle may take stewardship of TikTok to keep it in-country.
  • Whoops! 23andMe is sinking — don't let them take your genetics with them!
  • The White House says "the cyber guys should stay!"
  • AI project failure rates are on the rise. Anyone surprised?
  • Listener feedback, and a very interesting update on just how looming is the threat from quantum computing?

  Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf

  Hosts: Steve Gibson and Leo Laporte

  Download or subscribe to Security Now at https://twit.tv/shows/security-now.

  You can submit a question to Security Now at the GRC Feedback Page.

  For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

  Join Club TWiT for Ad-Free Podcasts!
  Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

  Sponsors:

  • zscaler.com/security
  • legatosecurity.com
  • joindeleteme.com/twit promo code TWIT

• SN 1017: Is YOUR System Vulnerable to RowHammer? - Telegram's Crypto, Twitter Outage, FBI Warning

  • An analysis of Telegram Messenger's crypto.
  • A beautiful statement of the goal of modern crypto design.
  • Who was behind Twitter's recent outage trouble?
  • An embedded Firefox root certificate expired. Who was surprised?
  • AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day.
  • The FBI warns of another novel attack vector that's seeing a lot of action.
  • Google weighs in on the Age Verification controversy.
  • In a vacuum, Kazakhstan comes up with their own solution.
  • Was Google also served an order from the UK? Can they say?
  • A serious PHP vulnerability you need to know you don't have.
  • A bunch of great listener feedback, some Sci-Fi content reviews and...
  • A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility

  Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf

  Hosts: Steve Gibson and Leo Laporte

  Download or subscribe to Security Now at https://twit.tv/shows/security-now.

  You can submit a question to Security Now at the GRC Feedback Page.

  For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

  Join Club TWiT for Ad-Free Podcasts!
  Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

  Sponsors:

  • vanta.com/SECURITYNOW
  • bitwarden.com/twit
  • threatlocker.com for Security Now
  • veeam.com