logo
episode-header-image
Oct 2024
2h 32m

SN 996: BIMI (up Scotty) - NPD Goes Brok...

TWiT
About this episode
  • uBlock Origin to the rescue
  • National Public Data files for bankruptcy
  • Will the .IO top level domain be disappearing?
  • Patch Tuesday
  • Firefox under attack
  • Miscellany
  • Sci-Fi
  • The Sequence
  • uBlock Origin
  • Eero Routers
  • Pep Link Router
  • BIMI (up Scotty)

Show Notes - https://www.grc.com/sn/SN-996-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
Aug 5
SN 1037: Chinese Participation in MAPP - Why Signal is Leaving Australia
A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrom ... Show More
2h 47m
Jul 22
SN 1035: Cloudflare's 1.1.1.1 Outage - Bypassing Passkey Protections
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet ... Show More
2h 48m
May 27
SN 1027: Artificial Intelligence - The Status of Encrypted Client Hello
What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid b ... Show More
2h 54m
Recommended Episodes
Dec 2023
539: Rollback Required
This week, our embarrassment is your entertainment. Then, we check the age and health of all our disks with one app.Sponsored By:Tailscale: Tailscale is a Zero config VPN. It installs on any device in minutes, manages firewall rules for you, and works from anywhere. Get 20 device ... Show More
1h 12m
Jan 2025
When retaliation turns digital.
New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit card skimmer malware targets WordPress checkout pages. The Banshee macOS i ... Show More
33m 29s
Jul 2024
Squarespace's square off with hijacked domains.
Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fi ... Show More
36m 53s
Aug 2024
80% of professional programmers are unhappy (News)
The latest Stack Overflow Developer Survey has some concerning results, Joeri Sebrechts helps you do plain vanilla web dev, MIT’s “missing semester” course looks pretty amazing, a dive into the fascinating history of CSV & a tool to get request analytics from the nginx access log ... Show More
6m 44s
Dec 2020
SLP238 Zach Herbert & Ken Carpenter - Passport by Foundation Devices: Air Gapped Hardware Wallet
The market for high quality hardware wallets is becoming more competitive with new entrants over time. Zach Herbert & Ken Carpenter of Foundation Devices join me to talk about their new upcoming product, Passport. Passport is fully air gapped (QR or microSD), PSBT, and designed w ... Show More
1h 3m
Jun 11
Ghost students “haunting” online colleges.
Patch Tuesday. Mozilla patches two critical FireFox security flaws. A critical flaw in Salesforce OmniStudio exposes sensitive customer data stored in plain text. The Badbox botnet continues to evolve. AI-powered “ghost students” enrolling in online college courses to steal gover ... Show More
37m 6s
Jul 13
TWiT 1040: The $100,000 Stapler - Veo 3 and Deepfakes
A New Era of Internet Regulation Is About to Begin Australia is quietly rolling out age checks for search engines like Google Bluesky is rolling out age verification in the UK House "crypto week" could change how Americans use, save money Latest stablecoin bill addresses foreign ... Show More
3h 8m
Dec 2024
Lessons from 2024's Biggest Cyber Incidents and Building Stronger Defenses for 2025
In this episode, Shrav Mehta, Founder, and CEO at Secureframe, joins me to discuss major cybersecurity incidents in 2024, highlighting five significant breaches: National Public Data (2.7 billion records), AT&T (50 billion), Ticketmaster (500 million), Change Healthcare (145 mill ... Show More
36m 10s
Aug 2024
Hackers strike LiteSpeed cache again.
The exploitation of the LiteSpeed Cache Wordpress plugin has begun. Halliburton confirms a cyberattack. Velvet Ant targets Cisco Switch appliances. The Qilin ransomware group harvests credentials stored in Google Chrome. Ham radio enthusiasts pay a million dollar ransom. SolarWin ... Show More
30m 5s
Jan 2025
Massive malware cleanup.
The FBI deletes PlugX malware from thousands of U.S. computers. Researchers uncover vulnerabilities in Windows 11 allowing attackers to bypass protections and execute code at the kernel level. A look at (a busy) Patch Tuesday. Researchers uncovered six critical vulnerabilities in ... Show More
35m 35s
Listen to millions of songs and podcasts on Anghami