logo
episode-header-image
Sep 2024
2h 9m

SN 990: Is Telegram an Encrypted App? - ...

TWiT
About this episode
  • Telegram puts End-to-End Privacy in the Crosshairs
  • Free security logging is good for everyone
  • CrowdStrike hemorrhaging customers
  • Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors
  • Yelp's Unhappy with Google
  • Telegram as the hotbed for DDoSass – DDoS as a Service
  • Chrome grows more difficult to exploit
  • Cox Media Group's "Active Listening" has apparently not ended
  • Cascading Bloom Filter follow-up
  • Closing the Loop
  • Is Telegram an encrypted app?

Show Notes - https://www.grc.com/sn/SN-990-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
May 7
SN 1024: Don't Blame Signal - The Real Story Behind the TM SGNL Breach
Microsoft to officially abandon passwords and support their deletion. Meta's RayBan smart glasses weaken their privacy terms. 30% of Microsoft code is now being written by AI. Google says prying Chrome from it will damage its security. Nearly 1,000 six-year-old eCommerce backdoor ... Show More
2h 46m
Apr 30
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. ... Show More
2h 44m
Apr 23
SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats
Enabling Firefox's Tab Grouping. Recalled Recall Re-Rolls out. The crucial CVE program nearly died. It's been given new life. China confesses to hacking the US (blames our stance on Taiwan). CISA says what Oracle still refuses to. Brute force attacks on the (rapid) rise. An AI/ML ... Show More
2h 53m
Recommended Episodes
Jul 2021
A new tool to protect your email privacy
Samsung sets a date to unveil its latest foldable phones; Instagram introduces a new way to control sensitive content; DuckDuckGo has a new email protection tool; Apple's MagSafe Battery; Venmo makes some big changes; emergency alerts on streaming services; FTC backs right to rep ... Show More
59m 25s
Aug 2024
80% of professional programmers are unhappy (News)
The latest Stack Overflow Developer Survey has some concerning results, Joeri Sebrechts helps you do plain vanilla web dev, MIT’s “missing semester” course looks pretty amazing, a dive into the fascinating history of CSV & a tool to get request analytics from the nginx access log ... Show More
6m 44s
Jul 2024
Squarespace's square off with hijacked domains.
Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fi ... Show More
36m 53s
Dec 2017
Slowing Down iPhones, Better Android SMS App & Fire TV Web Browsers [211]
Rich talks about Apple slowing down iPhones, a better texting app for Android and how you can now browse the web on Amazon's Fire TV. Callers ask about Google Home connection issues, iCloud password problems and more.Show notes: See Privacy Policy at https://art19.com/privacy and ... Show More
55m 2s
Aug 2024
Episode 85: Practical Applications of DEFCON 32 Web Research
Episode 85: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel talk through some of the research coming out of DEFCON, mainly from the PortSwigger team. Web timing attacks, cache exploitation, and exploits related to email protocols are all featured. Plus w ... Show More
1h 30m
Aug 2018
090: Fortnite for Android, and the FCC's DDoS BS
Fortnite players are told they'll have to disable a security setting on Android, the FCC finally admits that it wasn't hit by a DDoS attack, and Verizon's VPN smallprint raises privacy concerns. All this and much much more is discussed in the latest edition of the "Sm ... Show More
36m 47s
Sep 2024
They really are watching what we watch.
An FTC report confirms online surveillance and privacy concerns. Ukraine bans Telegram for state and security officials. Sensitive customer data from India’s largest health insurer is leaked. German law enforcement shuts down multiple cryptocurrency exchange services. HZ RAT sets ... Show More
33m 58s
Aug 2024
From secret chats to public spats.
Telegram’s CEO is arrested by French police, presumably over moderation failures. A cyberattack disrupted services at Seattle-Tacoma International Airport and the Port of Seattle. SonicWall has warned customers of a critical vulnerability that could lead to unauthorized access or ... Show More
32m 10s
Jun 27
Turbulence in the cloud.
Hawaiian Airlines reports a cybersecurity incident. Microsoft updates its Windows Resiliency Initiative after the 2024 CrowdStrike crash. CitrixBleed 2 is under active exploitation in the wild. Researchers disclose a critical vulnerability in Open VSX. Malware uses prompt injecti ... Show More
37m 13s
Aug 2021
Google takes on Ring with latest Nest cameras
Google announces new Nest cams that are more useful without a subscription; Apple combats Child Sexual Abuse Material; American Airlines gives passengers free in-flight TikTok; Citizen introduces a new protection subscription; Vudu replaces FandangoNow and a website that ports Si ... Show More
51m 39s