logo
episode-header-image
Sep 2024
2h 27m

SN 993: Kaspersky exits the U.S. - Explo...

TWiT
About this episode
  • The case of the exploding pagers and walkie-talkies
  • "Ford seeks patent for tech that listens to driver conversations to serve ads"
  • Another large chunk of personal data exposed
  • Passkeys takes a big step forward: Now supported by Chrome
  • A nascent 9.9 Linux Unauthenticated RCE?
  • Freezing Credit
  • Credit Bureaus
  • Drobo 5N
  • SN email labeled as spam
  • Public Wi-fi saftey
  • SN for Certs
  • Windows Defender
  • Kaspersky exits the U.S.

Show Notes - https://www.grc.com/sn/SN-993-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
May 7
SN 1024: Don't Blame Signal - The Real Story Behind the TM SGNL Breach
Microsoft to officially abandon passwords and support their deletion. Meta's RayBan smart glasses weaken their privacy terms. 30% of Microsoft code is now being written by AI. Google says prying Chrome from it will damage its security. Nearly 1,000 six-year-old eCommerce backdoor ... Show More
2h 46m
Apr 30
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. ... Show More
2h 44m
Apr 23
SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats
Enabling Firefox's Tab Grouping. Recalled Recall Re-Rolls out. The crucial CVE program nearly died. It's been given new life. China confesses to hacking the US (blames our stance on Taiwan). CISA says what Oracle still refuses to. Brute force attacks on the (rapid) rise. An AI/ML ... Show More
2h 53m
Recommended Episodes
Jul 2024
Squarespace's square off with hijacked domains.
Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fi ... Show More
36m 53s
Jan 2025
Hands-On Samsung S25, Deleting Old Accounts & Accessibility Tech
Rich gives his initial impressions of the Samsung Galaxy S25 series. Freddy in Yonkers is looking for a way to rip audio off CDs. Rich mentioned Exact Audio Copy. Drew in Sherman Oaks is looking for a way to free up storage on on his iPad without deleting his photos from iCloud. ... Show More
1h 47m
Jan 2025
When retaliation turns digital.
New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit card skimmer malware targets WordPress checkout pages. The Banshee macOS i ... Show More
33m 29s
Aug 2024
Almost letting hackers rule the web.
A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart car ... Show More
32m 7s
Oct 2022
S3 E5 - Ed Holloway-George: Building Secure Apps, Root/Jailbreak Detection, Tap Jacking & more!
Today’s guest is Ed Holloway-George, Senior Android Engineer @Asos & speaker on all things cyber app security.In this episode we discuss: • The most common app vulnerabilities in 2022 • How to build more secure apps • Using hardware keystores • What is Tap Jacking • and much more ... Show More
35m 56s
Jun 27
Turbulence in the cloud.
Hawaiian Airlines reports a cybersecurity incident. Microsoft updates its Windows Resiliency Initiative after the 2024 CrowdStrike crash. CitrixBleed 2 is under active exploitation in the wild. Researchers disclose a critical vulnerability in Open VSX. Malware uses prompt injecti ... Show More
37m 13s
Sep 2024
They really are watching what we watch.
An FTC report confirms online surveillance and privacy concerns. Ukraine bans Telegram for state and security officials. Sensitive customer data from India’s largest health insurer is leaked. German law enforcement shuts down multiple cryptocurrency exchange services. HZ RAT sets ... Show More
33m 58s
Dec 2022
512: Owned With a P
Pre-show: Past-Marco made poor life choices, and today-Marco paid the price Follow-up: Mastodon instances and federation Hive Social is going… well, it’s not really going actually Sharrow 👍 Merlin is vindicated; it’s a real thing 👎 …but it’s not exactly a “share arrow”. But it ... Show More
1h 56m
Listen to millions of songs and podcasts on Anghami