logo
episode-header-image
Oct 2024
2h 16m

SN 994: Recall's Re-Rollout - Domain Sec...

TWiT
About this episode
  • The Linux remote code execution flaw
  • The CRUCIAL importance of Domain Control Security
  • Roskomnadzor strikes a discordant note
  • VLC gets a security update
  • Tor and Tails Merge
  • Telegram changes its long-standing "zero cooperation" policy
  • Enshittification
  • Bobiverse book 5
  • Windows 10 notifications
  • Experian woes
  • Nuevomailer
  • SpinRite
  • Peter F. Hamilton
  • Recall's Re-Rollout

Show Notes - https://www.grc.com/sn/SN-994-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
May 7
SN 1024: Don't Blame Signal - The Real Story Behind the TM SGNL Breach
Microsoft to officially abandon passwords and support their deletion. Meta's RayBan smart glasses weaken their privacy terms. 30% of Microsoft code is now being written by AI. Google says prying Chrome from it will damage its security. Nearly 1,000 six-year-old eCommerce backdoor ... Show More
2h 46m
Apr 30
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. ... Show More
2h 44m
Apr 23
SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats
Enabling Firefox's Tab Grouping. Recalled Recall Re-Rolls out. The crucial CVE program nearly died. It's been given new life. China confesses to hacking the US (blames our stance on Taiwan). CISA says what Oracle still refuses to. Brute force attacks on the (rapid) rise. An AI/ML ... Show More
2h 53m
Recommended Episodes
Jan 2025
Massive malware cleanup.
The FBI deletes PlugX malware from thousands of U.S. computers. Researchers uncover vulnerabilities in Windows 11 allowing attackers to bypass protections and execute code at the kernel level. A look at (a busy) Patch Tuesday. Researchers uncovered six critical vulnerabilities in ... Show More
35m 35s
Jul 2024
Squarespace's square off with hijacked domains.
Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fi ... Show More
36m 53s
Jun 4
Emergency Patches, Ransomware Exposes, and Rising QR Code Scams
In this episode of Cybersecurity Today, host Jim Love discusses the latest urgent security updates and cyber threats. Google has released an emergency Chrome patch to fix a high-severity zero-day vulnerability, while Microsoft issued an emergency patch to resolve Windows 11 boot ... Show More
10m 51s
Sep 2024
UK’s newest cybersecurity MVPs.
The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More
34m 29s
Sep 2020
SLP215 Michael Flaxman - 10x Your Bitcoin Security With Multisig
After terrifying everyone with his prior SLP appearance re: hardware wallet security, Michael Flaxman rejoins me on the show to talk about his new multisig guide to help users secure their coins without any single point of failure. We cover: What’s improved in the space since las ... Show More
2h 33m
May 13
Log4j vulnerability (noun) [Word Notes]
Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/log4j⁠ Audio reference link: “⁠CISA Dire ... Show More
9m 16s
Jan 2025
Cybersecurity Today: Browser Exploits, U.S. Treasury Breach & CrowdStrike's Comeback: Monday, January 6, 2024
In this episode, we delve into the latest cybersecurity threats and developments. We cover a new double click exploit that bypasses browser protections and a massive compromise affecting millions of Chrome users through infected extensions. Additionally, we discuss the U.S. Treas ... Show More
10m 5s
Feb 2021
SLP252 NVK Bitcoin Hardware Wallets vs Air Gapped Computers
NVK, CEO of CoinKite joins me on the show to talk about hardware wallets, air gapped computers and all kinds of useful security questions. This episode will help you learn about the kinds of attacks possible against air gapped computers and hardware wallets, as well as bring some ... Show More
1h 2m
Jun 2020
BlueLeaks hacktivists dump police files online. NSO Group back in the news. COVID-19 apps and databases versus privacy. Cyber conflict: China versus India and Australia. An alt-coin baron’s story.
BlueLeaks dumps stolen police files online. A report of spyware delivered via network injection. COVID-19 apps and databases are reported to have indifferent privacy safeguards, and there’s been one big recent leak. India and Australia both on alert for Chinese cyberattacks. Our ... Show More
21m 50s
Listen to millions of songs and podcasts on Anghami