Security Now

SN 754: The Internet of Troubles

Security Now - Tue, 02/18/2020 - 10:04pm

TWiT Audience Survey- ENDS FEBRUARY 19TH!!!

  • It's time for TWiT's annual audience survey and we want to hear from you! It only takes five minutes.
  • Please visit twit.tv/survey and let us know what you think.
  • There's no sign-up form and we don't track you. Your feedback helps us make TWiT even better."


This Week's Stories

  • How to fix the Windows 7 "You don't have permission to shut down this computer." error
  • Win10's "One Button PC Reset" fails after KB4524244.
  • And, also... "The new disappearing User Profile problem" (Desktop and all user data)
  • The popular "GDPR Cookie Consent" Wordpress plugin had a critical flaw
  • Whoa! The average tenure of a CISO is just 26 months due to high stress and burnout
  • Microsoft's "ElectionGuard" being used for the first time today!
  • IoT lightbulb vulnerabilities are not such a joke, after all.
  • SweynTooth Vulnerabilities: a set of more than 12 newly discovered vulnerabilities across a wide range of Bluetooth devices, many of which will never be updated, which allow for, among other things, full device compromise.

We invite you to read our show notes at https://www.grc.com/sn/SN-754-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 753: Promiscuous Cookies

Security Now - Tue, 02/11/2020 - 10:03pm
  • Twitter, Google, and Facebook tell Clearview AI to stop stealing your face to catch crooks
  • The NIST is testing methods to recover data from smashed smartphones
  • Whoa! We get to REMAIN with Security Essentials under Windows 7!
  • Microsoft drops a fix for the wallpaper stretch black screen
  • Windows 7 users are being told: "You don't have permission to shut down this computer."
  • Win10 Firefox users being "reminded" about Edge
  • Last week Google closed an Android RCE flaw in the BlueTooth daemon.
  • Data Exfiltration Technique of the Week
  • CIA Uses Crypto AG to spy on the world
  • Chrome 80 appeared last week with its implementation of the updated handling of the optional "SameSite" enforcement cookie property

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 752: The Little Red Wagon

Security Now - Tue, 02/04/2020 - 9:31pm

This Week's Stories:

  • - L1D Eviction Sampling becomes "CacheOut"
  • - Only one final version of Windows?
  • - Windows 7 and the Free Software Foundation
  • - Windows 7's final patch broke wallpaper stretching
  • - RCE Exploit for Windows RDP Gateway Demoed by Researcher
  • - Google more than doubles its own bug bounty record
  • - The return of Roskomnadzor!
  • - Facebook DID get fined, but not by Russia
  • - who exactly owns our biometric data?
  • - Avast Jumpshot missed the hoop
  • - An Update on the WireGuard VPN in the Linux kernel
  • - In this week's Best Hack of the New Decade... a little red wagon

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now

SN 751: SHAmbles

Security Now - Tue, 01/28/2020 - 8:37pm

This Week's Stories:

  • - Is Apple actually encrypting our iCloud storage backups?
  • - 250 Million Microsoft Customer Support Records Exposed Online
  • - New York state is aiming to ban the use of public funds for Ransomware
  • - New Muhstik Botnet Attacks Target Tomato Routers
  • - Chrome under attack from browser extensions
  • - Firefox under attack from browser extensions
  • - NIST publishes a new Privacy Framework
  • - Hacker Leaks More Than 500K Telnet Credentials for IoT Devices
  • - A Welcome "Micro Patch" for the Windows IE jscript.dll 0-day vulnerability
  • - SHA-1 is a Shambles.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsor:

Categories: Security Now