Security Now

Subscribe to Security Now feed Security Now
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
URL: https://twit.tv/shows/security-now
Updated: 1 day 12 hours ago

SN 1008: HOTP and TOTP - SyncThing, Auto-Updates, Sci-Fi Recs

Tue, 01/14/2025 - 10:57pm
  • Meta winds down 3rd-party content filtering. Is encryption soon to follow?
  • Taking over abandoned Command & Control server domains (strictly for research purposes only).
  • IoT devices to get the "Cyber Trust Mark" — Will anyone notice or care?
  • "SyncThing" receives a (blessedly infrequent) update.
  • Government email is not using encryption? Really?
  • Email relaying prevents point-to-point end-to-end encryption and authentication.
  • Just because Let's Encrypt doesn't support email doesn't mean it's impossible.
  • What Sci-Fi does ChatGPT think I (Steve) should start reading next?
  • To auto-update or not to auto-update? — is that one question or two?
  • And, until today, we've never taken a deep dive into the technology of time-varying 6-digit one time tokens.

Show Notes - https://www.grc.com/sn/SN-1008-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Categories: Security Now

SN 1007: AI Training & Inference - Unencrypted Email, Doom Captcha

Tue, 01/07/2025 - 10:40pm
  • The consequences of Internet content restriction.
  • The measured risks of 3rd-party browser extensions.
  • The consequences of SonicWall's unpatched 9.8 firewall severity.
  • The incredible number of still-unencrypted email servers.
  • SonicWall vulnerability patching
  • Shadowserver Foundation & eMail Encryption
  • Salt Typhoon Evicted
  • HIPAA gets a long-needed cybersecurity upgrade.
  • The EU standardizes on USB-C for power charging. What?
  • Believe it or not, a CATCHA you solve by playing DOOM.
  • And... what I learned from three weeks of study of AI

Show Notes - https://www.grc.com/sn/SN-1007-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Security Now