POPULARITY
Categories
Learn about a new VMware Tools vulnerability allowing privilege escalation, Microsoft's Patch Tuesday releasing fixes for 70 vulnerabilities including 5 actively exploited zero-days, and Apple's comprehensive OS updates. The episode highlights the importance of patching industrial control systems from Siemens, Schneider Electric, and Phoenix Contact that may be present in healthcare facility automation, EV charging, and data center power systems.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer
Sponsor by SEC Playground
A busy Patch Tuesday. Investigators discover undocumented communications devices inside Chinese-made power inverters. A newly discovered Branch Privilege Injection flaw affects Intel CPUs. A UK retailer may claim up to £100mn from its cyber insurers after a major cyberattack. A Kosovo national has been extradited to the U.S. for allegedly running an illegal online marketplace. CISA will continue alerts on its website following industry backlash. On our Industry Voices segment, Neil Hare-Brown, CEO at STORM Guidance, discusses Cyber Incident Response (CIR) retainer service provision. Shoring up the future of the CVE program. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, we are joined by Neil Hare-Brown, CEO at STORM Guidance, discussing Cyber Incident Response (CIR) retainer service provision. You can learn more here. Selected Reading Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days (Security Affairs) SAP patches second zero-day flaw exploited in recent attacks (Bleeping Computer) Ivanti fixes EPMM zero-days chained in code execution attacks (Bleeping Computer) Fortinet fixes critical zero-day exploited in FortiVoice attacks (Bleeping Computer) Vulnerabilities Patched by Juniper, VMware and Zoom (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact (SecurityWeek) Adobe Patches Big Batch of Critical-Severity Software Flaws (SecurityWeek) Ghost in the machine? Rogue communication devices found in Chinese inverters (Reuters) New Intel CPU flaws leak sensitive data from privileged memory (Bleeping Computer) M&S cyber insurance payout to be worth up to £100mn (Financial Times) US extradites Kosovo national charged in operating illegal online marketplace (The Record) CISA Planned to Kill .Gov Alerts. Then It Reversed Course. (Data BreachToday) CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program (CyberScoop) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
It's spring cleaning time around Notnerd, so it's time to pull out everyone's favorite acronym P.F.A.N.T.S.S. and get started. We'll look at the different things in your digital world that you should consider cleaning up. This is mostly for the two of us, especially when we look back to last year's episode. Watch on YouTube! - Notnerd.com and Notpicks.com INTRO (00:00) MAIN TOPIC: Check Your P.F.A.N.T.S.S (04:55) Episode 436: Spring Cleaning Your Tech – Consider Your P.F.A.N.T.S.S. Physical Files Apps Notifications Time Subscriptions Security DAVE'S PRO-TIP OF THE WEEK: Time of text messages (26:30) JUST THE HEADLINES: (30:40) Newly-elected Pope wears Apple Watch on first official mass Ticketmaster will finally show the full price of your ticket up front SoundCloud changes policies to allow AI training on user content Nintendo can render your Switch 2 permanently unusable if you break their rules Warren Buffett says Apple made Berkshire more money than he ever did Kids are short-circuiting their school-issued Chromebooks for TikTok clout Lithium deposit valued at $1.5 Trillion discovered in Oregon TAKES: Google updating its ‘G' icon for the first time in 10 years (31:20) New Lego-building AI creates models that actually stand up in real life (34:35) Microsoft's May 2025 Patch Tuesday (43:05) FBI releases 2024 Internet Crime Report, ‘new record for losses' (45:00) BONUS ODD TAKE: Ye Olde Funny Headlines (46:50) PICKS OF THE WEEK: Dave: Smile App Launcher (48:40) Nate: 3 Pack 1/4-20 Conversion Adapter Mount with Locking Ring for GoPro Hero 13 12 11 10 9 8 7 6 5 4 3 Insta360 DJI Action Camera (54:15) RAMAZON PURCHASE - Giveaway! (57:20)
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
On this episode, I cover the details of the latest Windows Updates for this month's Patch Tuesday, I dive into the latest AI news, an Office bug causing high resource utilization and much more! Reference Links: https://www.rorymon.com/blog/spectre-v2-raises-its-ugly-head-once-more-patch-tuesday-news-microsoft-announces-layoffs/
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
It's go time: The biggest Patch Tuesday of 2025 sets the stage for 2025! Microsoft has finally revealed whether it will further extend Windows 10 support past October (it won't). Also, Microsoft designed notifications in Windows 11 to be annoying and pointless, so Paul has some advice. Plus, Proton Drive gets a long awaited albums feature, and more on the way.Windows 11 Recall (preview) and Click to Do (preview) come to stable for the first time Let's give Microsoft a bit of credit for this one non-reported behavior Also: Improvements to Settings, Narrator, Start, Phone Link, Widgets, File Explorer You knew this was coming: Microsoft now testing a "Hey, Copilot" feature It's opt-in and an alternative to holding down Alt + Spacebar for two seconds Microsoft discusses the new Start design and it's not a s#$t show like it was three years ago No builds for the second Friday in a row Improvements to Settings AI agent, intelligent text actions in Click to Do, a few small changes come to 24H2 in Dev and Beta channels Copilot Vision gets Highlights and 2-App Support across all channels Google's big Android reveal includes Material Expressive, big Wear OS update. Android, like Windows 11 (and iOS) is just being updated all the time now Windows 10 Extended support program Will support Microsoft 365 on Windows 10 through October 2028 Those time frames are identical So what about those Surface PCs that can't upgrade to Windows 11? Microsoft has an answer (for all unsupported PCs) and it's not as cynical as you think Microsoft quietly discontinued entry-level 13.8-inch Surface Laptop and 13-inch Surface Pro when it introduced those smaller new models last week Layoffs Microsoft just made $70 billion, so naturally it's laying off employees. How to explain this? The FTC's losing streak against Microsoft continues A proposal for solving the "Mozilla problem" in U.S. v. Google Fortnite could return to the iPhone App Store as soon as today AI OH MY GOD IS THERE NO AI NEWS FOR ONCE. OK, three small items OpenAI brings OneDrive and SharePoint integration with ChatGPT for paid business customers "AI mode" could replace "I'm feeling lucky" on the Google home page Spotify's AI DJ keeps improving Dev Build is next week in Seattle, a few thoughts .NET 10 Preview 4 is out Xbox & Games Today's the day: DOOM: The Dark Ages goes live at 8:00 ET tonight! Xbox Insiders can now play cloud-enabled games with mouse and keyboard Paul reviews the Backbone Pro controller Nintendo revenues slide big ahead of Switch 2 - 15m consoles expected in first year Sony sold 18.5 million PS5s in the most recent fiscal year, down 11 percent YOY Tips & Picks Tip of the week: Windows 11 notifications make iOS look sophisticated App pick of the week: Proton Drive RunAs Radio this week: Active Directory in 2025 with Liz Tesch Brown liquor pick of the week: Limeburners Albany Tawny Cask These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/932 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: 1password.com/windowsweekly threatlocker.com/twit uscloud.com
Referências do EpisódioMicrosoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flawsStack-based buffer overflow vulnerability in APISecurity Advisory Ivanti Neurons for ITSM (On-Premises Only) (CVE-2025-22462)Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)SAP Security Patch Day - May 2025/bin/live: Gabriela SallesRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots of terrific feedback from our listeners. How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com threatlocker.com for Security Now outsystems.com/twit hoxhunt.com/securitynow
In this episode, I provide a roundup of Patch Tuesday news including worrying aspects of one patch and vulnerability mitigation process, I also provide an update on the Oracle breach, a change to Windows 11 Start Menu and more! Reference Links: https://www.rorymon.com/blog/confusing-patch-tuesday-news-cyber-gangs-messages-leaked-wsus-driver-sync-revived/
We discuss new US tariffs placed on China might affect the price of Apple products in the coming months. We now know more about how a journalist was added to a supposedly private Signal chat among White House officials. Researchers claim any Bluetooth device can be converted to behave like an AirTag tracker. And we've got a few ideas and tricks on how you can use the buttons on your iPhone and iPad. Show Notes: You Should Think About Replacing Your iPhone — Now How the Atlantic's Jeffrey Goldberg got added to the White House Signal group chat Apple sometimes shows “Maybe:” based on what the sender claims To turn this feature off, go to Settings > Apps > Contacts > Siri, then turn off Show Contact Suggestions Why you see “Maybe” before contacts on iPhone, and how to fix it UK Court Rejects Government Secrecy in Apple's Fight Against Backdoor Request Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware Tracking You from a Thousand Miles Away! Turning a Bluetooth Device into an Apple AirTag Google fixes Android zero-days exploited in attacks, 60 other flaws Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws Everything you can do with the buttons on your iPhone or iPad Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you're ready to buy.
Treasury's OCC reports a major email breach. Patch Tuesday updates. A critical vulnerability in AWS Systems Manager (SSM) Agent allowed attackers to execute arbitrary code with root privileges. Experts urge Congress to keep strict export controls to help slow China's progress in AI. A critical bug in WhatsApp for Windows allows malicious code execution.CISA adds multiple advisories on actively exploited vulnerabilities. Insider threat allegations rock a major Maryland medical center. Microsoft's Ann Johnson from Afternoon Cyber Tea is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. Feds Aim to Rewrite Social Security Code in Record Time. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In this episode of Afternoon Cyber Tea, Ann Johnson is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. You can hear the full conversation here. Be sure to catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWIre and your favorite podcast app. Selected Reading Treasury's OCC Says Hackers Had Access to 150,000 Emails (SecurityWeek) Microsoft Fixes Over 130 CVEs in April Patch Tuesday (Infosecurity Magazine) Vulnerabilities Patched by Ivanti, VMware, Zoom (SecurityWeek) Fortinet Patches Critical FortiSwitch Vulnerability (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider (SecurityWeek) AWS Systems Manager Plugin Vulnerability Let Attackers Execute Arbitrary Code (Cyber Security News) Tech experts recommend full steam ahead on US export controls for AI (CyberScoop) Don't open that file in WhatsApp for Windows just yet (The Register) CISA Warns of Microsoft Windows CLFS Vulnerability Exploited in Wild (Cyber Security News) CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days (SecurityWeek) Pharmacist accused of spying on women using work, home cams (The Register) DOGE Plans to Rebuild SSA Code Base in Months, Risking Benefits and System Collapse (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
Introducing the Windows 11 Feature Tracker "From the 'I should have done this two years ago' files, the 'I have wasted my life' files, and the, 'great, I needed more work to do' files ... There is a need for this. So I made one. But it will evolve. Maybe into a web app/wiki/something else... like a Notion website?" - Paul Patch Tuesday brings a metric ton of new features - And what the tracker showed clearly Two seconds after posting the tracker, Microsoft changed the Copilot app yet again - proving the need for the tracker - And demonstrating why the Insider Program is so screwed up A hidden new Start menu in recent builds presents an interesting conundrum: How to handle something Microsoft has not announced? More Windows 11 Beta build for 23H2: File new tab/new window changes, Explorer context menu regression may be permanent Dev and Beta (24H2): Taskbar icon scaling is a blast from the past we all need desperately Intel is killing Unison app and service Like winter, Build is coming Build session catalog is live - mostly AI as expected. Paul and Richard are going Overview of the Windows Copilot Runtime (one year after it was announced), Windows Actions, standard Kayla Cinnamon talk on Windows productivity, using your own model with WCR, native app experiences(!), Arm64 app perf, etc. AI Final thoughts on Microsoft's 50th: Biggest accomplishment wasn't any tech, it was changing with the times. What it's best at: Democratizing tech for the commoners, an expansion on Jack Tramiel/Commodore's "computers for the masses, not the classes" schtick. And that is exactly what it is doing with AI right now Microsoft hosts a consumer AI event and announces a metric ton of new Copilot features We need a Copilot feature tracker. Copilot = every single feature other AIs have - Copilot Actions on the web, memory and personalization, Copilot Vision on mobile and Windows, AI-generated podcasts and Microsoft releases Copilot Search in Bing Is AI turning us all into Charly from Flowers for Algernon? AI is making us stupider! There are studies!! This is the argument against every single tech advance from the steam train to the ballpoint pen to this Microsoft's AI demo of vibe-coded Quake II highlights the problem nicely Sometimes it's the little things: AI recaps for book series in Kindle GitHub Copilot updated with Agent Mode, Cursor-style code overviews, more Xbox & gaming Microsoft announces new Xbox Games Showcase for June Edge Game Assist gets new features, support for new games GTA V and enhanced version for PC coming to Game Pass on April 15 - In addition to the previous Game Pass titles we discussed last week Good: Nintendo Switch 2 supports ray tracing and DLSS Bad: Nintendo delays Switch 2 to figure out the tariffs mess Tips and Picks Tip of the week: Programmers at Work App pick of the week: Apple Music RunAs Radio this week: Application Risk in Security Copilot with Ari Schorr Brown liquor pick of the week: The Heart Cut #02 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/927 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell
In April 2025's edition of Patch [FIX] Tuesday, the crew dives into April 2025's patch highlights. Ryan kicks things off with a critical RDP Gateway vulnerability that requires no user interaction—just network access and bad intentions. Seth breaks down a kernel-level CLFS exploit that's already been seen in the wild, while Henry shifts gears to Apple's massive 130+ CVE patch dump for macOS Sequoia. From use-after-free bugs to sneaky audio file attacks, this episode covers the month's biggest risks.TL;DR: Patch your systems, secure your gateways, and maybe don't trust that sketchy MP3.
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
Did Copilot uninstall from your computer recently? You're not alone. At least Microsoft is working on a fix. Plus, Satya Nadella has created a new Office of Strategy and Transformation to meet the rapidly evolving needs of the AI era. Discord finally has a Social SDK now, Copilot for Gaming is preparing for mobile testing, and a Call of Duty franchise sale that brings savings up to 67 percent off. Lastly, Paul's app pick is a free, open source, third-party File Explorer replacement that is beautiful and highly customizable. And it never badgers you to backup to OneDrive. Windows March security update hilariously removes Copilot app from Windows 11 New Canary build today Release Preview (today): 24H2 ahead of Week D Release Preview: 23H2 and Windows 10 ahead of Week D Dev, Beta, Beta (23H3) - Voice access suggestions, File Explorer fix Paint is getting new Cocreator features New Notepad and Snipping Tool features for all Microsoft Microsoft announces vague transformation that could be important FTC to move forward with Microsoft antitrust probe Microsoft no longer includes power supply with Surface PCs sold in Europe AI/Dev Gemini adds Canvas and Audio Overview features Plus, Gemini is replacing Assistant in Android (and Chromebook) Zoom AI Companion is going agentic Meta claims one billion downloads of Llama AI models Microsoft ships .NET 10 Preview 2 Xbox Microsoft is bringing Copilot to Xbox Xbox Adaptive Joystick is now available for $29.99 Here are the new games heading to Game Pass in second half of March Epic Games and Qualcomm partner on bringing games to WOA Discord has an SDK now Google Play Games for PC is adding native games Tips and Picks Tip of the week: Call of Duty titles are on sale in the Microsoft Store App pick of the week: Files RunAs Radio this week: Managing AI Costs with Sonia Cuff Brown liquor pick of the week: Toki Suntory Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com zscaler.com/security 1password.com/windowsweekly
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
Did Copilot uninstall from your computer recently? You're not alone. At least Microsoft is working on a fix. Plus, Satya Nadella has created a new Office of Strategy and Transformation to meet the rapidly evolving needs of the AI era. Discord finally has a Social SDK now, Copilot for Gaming is preparing for mobile testing, and a Call of Duty franchise sale that brings savings up to 67 percent off. Lastly, Paul's app pick is a free, open source, third-party File Explorer replacement that is beautiful and highly customizable. And it never badgers you to backup to OneDrive. Windows March security update hilariously removes Copilot app from Windows 11 New Canary build today Release Preview (today): 24H2 ahead of Week D Release Preview: 23H2 and Windows 10 ahead of Week D Dev, Beta, Beta (23H3) - Voice access suggestions, File Explorer fix Paint is getting new Cocreator features New Notepad and Snipping Tool features for all Microsoft Microsoft announces vague transformation that could be important FTC to move forward with Microsoft antitrust probe Microsoft no longer includes power supply with Surface PCs sold in Europe AI/Dev Gemini adds Canvas and Audio Overview features Plus, Gemini is replacing Assistant in Android (and Chromebook) Zoom AI Companion is going agentic Meta claims one billion downloads of Llama AI models Microsoft ships .NET 10 Preview 2 Xbox Microsoft is bringing Copilot to Xbox Xbox Adaptive Joystick is now available for $29.99 Here are the new games heading to Game Pass in second half of March Epic Games and Qualcomm partner on bringing games to WOA Discord has an SDK now Google Play Games for PC is adding native games Tips and Picks Tip of the week: Call of Duty titles are on sale in the Microsoft Store App pick of the week: Files RunAs Radio this week: Managing AI Costs with Sonia Cuff Brown liquor pick of the week: Toki Suntory Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com zscaler.com/security 1password.com/windowsweekly
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
Did Copilot uninstall from your computer recently? You're not alone. At least Microsoft is working on a fix. Plus, Satya Nadella has created a new Office of Strategy and Transformation to meet the rapidly evolving needs of the AI era. Discord finally has a Social SDK now, Copilot for Gaming is preparing for mobile testing, and a Call of Duty franchise sale that brings savings up to 67 percent off. Lastly, Paul's app pick is a free, open source, third-party File Explorer replacement that is beautiful and highly customizable. And it never badgers you to backup to OneDrive. Windows March security update hilariously removes Copilot app from Windows 11 New Canary build today Release Preview (today): 24H2 ahead of Week D Release Preview: 23H2 and Windows 10 ahead of Week D Dev, Beta, Beta (23H3) - Voice access suggestions, File Explorer fix Paint is getting new Cocreator features New Notepad and Snipping Tool features for all Microsoft Microsoft announces vague transformation that could be important FTC to move forward with Microsoft antitrust probe Microsoft no longer includes power supply with Surface PCs sold in Europe AI/Dev Gemini adds Canvas and Audio Overview features Plus, Gemini is replacing Assistant in Android (and Chromebook) Zoom AI Companion is going agentic Meta claims one billion downloads of Llama AI models Microsoft ships .NET 10 Preview 2 Xbox Microsoft is bringing Copilot to Xbox Xbox Adaptive Joystick is now available for $29.99 Here are the new games heading to Game Pass in second half of March Epic Games and Qualcomm partner on bringing games to WOA Discord has an SDK now Google Play Games for PC is adding native games Tips and Picks Tip of the week: Call of Duty titles are on sale in the Microsoft Store App pick of the week: Files RunAs Radio this week: Managing AI Costs with Sonia Cuff Brown liquor pick of the week: Toki Suntory Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com zscaler.com/security 1password.com/windowsweekly
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
Did Copilot uninstall from your computer recently? You're not alone. At least Microsoft is working on a fix. Plus, Satya Nadella has created a new Office of Strategy and Transformation to meet the rapidly evolving needs of the AI era. Discord finally has a Social SDK now, Copilot for Gaming is preparing for mobile testing, and a Call of Duty franchise sale that brings savings up to 67 percent off. Lastly, Paul's app pick is a free, open source, third-party File Explorer replacement that is beautiful and highly customizable. And it never badgers you to backup to OneDrive. Windows March security update hilariously removes Copilot app from Windows 11 New Canary build today Release Preview (today): 24H2 ahead of Week D Release Preview: 23H2 and Windows 10 ahead of Week D Dev, Beta, Beta (23H3) - Voice access suggestions, File Explorer fix Paint is getting new Cocreator features New Notepad and Snipping Tool features for all Microsoft Microsoft announces vague transformation that could be important FTC to move forward with Microsoft antitrust probe Microsoft no longer includes power supply with Surface PCs sold in Europe AI/Dev Gemini adds Canvas and Audio Overview features Plus, Gemini is replacing Assistant in Android (and Chromebook) Zoom AI Companion is going agentic Meta claims one billion downloads of Llama AI models Microsoft ships .NET 10 Preview 2 Xbox Microsoft is bringing Copilot to Xbox Xbox Adaptive Joystick is now available for $29.99 Here are the new games heading to Game Pass in second half of March Epic Games and Qualcomm partner on bringing games to WOA Discord has an SDK now Google Play Games for PC is adding native games Tips and Picks Tip of the week: Call of Duty titles are on sale in the Microsoft Store App pick of the week: Files RunAs Radio this week: Managing AI Costs with Sonia Cuff Brown liquor pick of the week: Toki Suntory Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com zscaler.com/security 1password.com/windowsweekly
An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing a lot of action. Google weighs in on the Age Verification controversy. In a vacuum, Kazakhstan comes up with their own solution. Was Google also served an order from the UK? Can they say? A serious PHP vulnerability you need to know you don't have. A bunch of great listener feedback, some Sci-Fi content reviews and... A new tool allows YOU to test YOUR PCs for their RowHammer susceptibility Show Notes - https://www.grc.com/sn/SN-1017-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW bitwarden.com/twit threatlocker.com for Security Now veeam.com
Did Copilot uninstall from your computer recently? You're not alone. At least Microsoft is working on a fix. Plus, Satya Nadella has created a new Office of Strategy and Transformation to meet the rapidly evolving needs of the AI era. Discord finally has a Social SDK now, Copilot for Gaming is preparing for mobile testing, and a Call of Duty franchise sale that brings savings up to 67 percent off. Lastly, Paul's app pick is a free, open source, third-party File Explorer replacement that is beautiful and highly customizable. And it never badgers you to backup to OneDrive. Windows March security update hilariously removes Copilot app from Windows 11 New Canary build today Release Preview (today): 24H2 ahead of Week D Release Preview: 23H2 and Windows 10 ahead of Week D Dev, Beta, Beta (23H3) - Voice access suggestions, File Explorer fix Paint is getting new Cocreator features New Notepad and Snipping Tool features for all Microsoft Microsoft announces vague transformation that could be important FTC to move forward with Microsoft antitrust probe Microsoft no longer includes power supply with Surface PCs sold in Europe AI/Dev Gemini adds Canvas and Audio Overview features Plus, Gemini is replacing Assistant in Android (and Chromebook) Zoom AI Companion is going agentic Meta claims one billion downloads of Llama AI models Microsoft ships .NET 10 Preview 2 Xbox Microsoft is bringing Copilot to Xbox Xbox Adaptive Joystick is now available for $29.99 Here are the new games heading to Game Pass in second half of March Epic Games and Qualcomm partner on bringing games to WOA Discord has an SDK now Google Play Games for PC is adding native games Tips and Picks Tip of the week: Call of Duty titles are on sale in the Microsoft Store App pick of the week: Files RunAs Radio this week: Managing AI Costs with Sonia Cuff Brown liquor pick of the week: Toki Suntory Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com zscaler.com/security 1password.com/windowsweekly
Three Buddy Problem - Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek. Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers, and MEV 'sandwich attacks' front-running cryptocurrency transactions. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Log4J Scans for VMWare Hyhbrid Cloud Extensions An attacker is scanning various login pages, including the authentication feature in the VMWare HCX REST API for Log4j vulnerabilities. The attack submits the exploit string as username, hoping to trigger the vulnerability as Log4j logs the username https://isc.sans.edu/diary/Scans%20for%20VMWare%20Hybrid%20Cloud%20Extension%20%28HCX%29%20API%20(Log4j%20-%20not%20brute%20forcing)/31762 Patch Tuesday Fallout Yesterday's Apple patch may re-activate Apple Intelligence for users who earlier disabled it. Microsoft is offering support for users whos USB printers started printing giberish after a January patch was applies. https://www.macrumors.com/2025/03/11/ios-18-3-2-apple-intelligence-auto-on/ https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22h2#usb-printers-might-print-random-text-with-the-january-2025-preview-update Adobe Updates Adobe updated seven different products, including Adobe Acrobat. The Acrobat vulnerability may lead to remote code execution and Adobe considers the vulnerablities critical. https://helpx.adobe.com/security/security-bulletin.html Medusa Ransomware CISA and partner agencies released details about the Medusa Ransomware. The document includes many details useful to defenders. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-071a Zoom Update Zoom released a critical update fixing a number of remote code execution vulnerabilities. https://www.zoom.com/en/trust/security-bulletin/ FreeType Library Vulnerability https://www.facebook.com/security/advisories/cve-2025-27363
The White House names their nominee for CISA's top spot. Patch Tuesday updates. Apple issues emergency updates for a zero-day WebKit vulnerability. Researchers highlight advanced MFA-bypassing techniques. North Korea's Lazarus Group targets cryptocurrency wallets and browser data. Our guest today is Rocco D'Amico of Brass Valley discussing hidden risks in retired devices and reducing data breach threats. Making sense of the skills gap paradox. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joining us today is Rocco D'Amico of Brass Valley discussing hidden risks in retired devices and reducing data breach threats. Selected Reading Trump nominates Sean Plankey as new CISA director (Tech Crunch) CISA worker says 100-strong red team fired after DOGE action (The Register) March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days (Hackread) ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens (SecurityWeek) CISA Warns of Microsoft Windows Management Console (MMC) Vulnerability Exploited in Wild (Cyber Security News) Apple WebKit Zero-Day Vulnerability Actively Exploit in High Profile Cyber Attacks (Cyber Security News) Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account (Cyber Security News) North Korean Lazarus hackers infect hundreds via npm packages (Bleeping Computer) Welcome to the skills gap paradox (Computing) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Your Patch Tuesday is showing. Paul Thurrott, Richard Campbell, and Leo Laporte go over the latest features for Windows 11 with the KB5053598 update. Also, the hosts discuss Press to Talk for Insiders, the Windows app replacing Remote Desktop, the agentic future of browsers, Copilot integration in GroupMe, Gemma 3, issues with Xbox Wireless Controller 5.23.5.0 firmware, Pocket Casts Web Player, and the "vibe coding" era. Plus, Fences 6 is now in Beta, on sale! Woody Leonhard, RIP Like Jerry Pournelle, a major influence on Paul's career and writing style He had a mysterious life in latter years, not clear what happened Windows 11 Windows 11 gets all the features we've discussed recently Are we heading towards something bigger this year? Or just more of the same? New Canary and Beta (23H2) builds New Dev and Beta (24H2) builds Copilot in Windows 11 is getting Press to Talk Microsoft follows through on threat, kills Remote Desktop App - our latest outrage Arc crashed and burned but we can still evolve web browsers What about sidebar apps as a UX baby step forward? Does Edge need to restart every three days now to install updates? Microsoft 365 Google promotes ChromeOS/Chromebooks as the right client ... for Microsoft 365 Dev Build 2025 registration is now open AI It's Microsoft's 50th anniversary, so it's going to announce AI something something Paul has agreed to attend this, from Mexico Also, report that Microsoft's in-house models now rival OpenAI is a hint Microsoft improves Think Deeper in Copilot using OpenAI o3-mini Google secretly owns 14-15 percent of Anthropic WTF is going on with Big Tech and regulatory evasion? On that note, CMA clears Microsoft + OpenAI specifically because of change to partnership Also, Google launches Gemma 3 The Siripocalypse - AI is a hard computer science problem and Siri is the dumb blond in this space Amazon will use AI to dub movies and TV series because obviously Xbox Rumor: Third-party portable Xbox gaming handheld this year, console resets in two years You could have cobbled this together solely based on what Microsoft has said publicly Xbox controller firmware, we have a problem Tips and Picks Tip of the week: Code with AI App pick of the week: Fences RunAs Radio this week: Strong Certificate Mapping in Active Directory with Richard Hicks Brown liquor pick of the week: Ardbeg 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: 1password.com/windowsweekly
Your Patch Tuesday is showing. Paul Thurrott, Richard Campbell, and Leo Laporte go over the latest features for Windows 11 with the KB5053598 update. Also, the hosts discuss Press to Talk for Insiders, the Windows app replacing Remote Desktop, the agentic future of browsers, Copilot integration in GroupMe, Gemma 3, issues with Xbox Wireless Controller 5.23.5.0 firmware, Pocket Casts Web Player, and the "vibe coding" era. Plus, Fences 6 is now in Beta, on sale! Woody Leonhard, RIP Like Jerry Pournelle, a major influence on Paul's career and writing style He had a mysterious life in latter years, not clear what happened Windows 11 Windows 11 gets all the features we've discussed recently Are we heading towards something bigger this year? Or just more of the same? New Canary and Beta (23H2) builds New Dev and Beta (24H2) builds Copilot in Windows 11 is getting Press to Talk Microsoft follows through on threat, kills Remote Desktop App - our latest outrage Arc crashed and burned but we can still evolve web browsers What about sidebar apps as a UX baby step forward? Does Edge need to restart every three days now to install updates? Microsoft 365 Google promotes ChromeOS/Chromebooks as the right client ... for Microsoft 365 Dev Build 2025 registration is now open AI It's Microsoft's 50th anniversary, so it's going to announce AI something something Paul has agreed to attend this, from Mexico Also, report that Microsoft's in-house models now rival OpenAI is a hint Microsoft improves Think Deeper in Copilot using OpenAI o3-mini Google secretly owns 14-15 percent of Anthropic WTF is going on with Big Tech and regulatory evasion? On that note, CMA clears Microsoft + OpenAI specifically because of change to partnership Also, Google launches Gemma 3 The Siripocalypse - AI is a hard computer science problem and Siri is the dumb blond in this space Amazon will use AI to dub movies and TV series because obviously Xbox Rumor: Third-party portable Xbox gaming handheld this year, console resets in two years You could have cobbled this together solely based on what Microsoft has said publicly Xbox controller firmware, we have a problem Tips and Picks Tip of the week: Code with AI App pick of the week: Fences RunAs Radio this week: Strong Certificate Mapping in Active Directory with Richard Hicks Brown liquor pick of the week: Ardbeg 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: 1password.com/windowsweekly
Your Patch Tuesday is showing. Paul Thurrott, Richard Campbell, and Leo Laporte go over the latest features for Windows 11 with the KB5053598 update. Also, the hosts discuss Press to Talk for Insiders, the Windows app replacing Remote Desktop, the agentic future of browsers, Copilot integration in GroupMe, Gemma 3, issues with Xbox Wireless Controller 5.23.5.0 firmware, Pocket Casts Web Player, and the "vibe coding" era. Plus, Fences 6 is now in Beta, on sale! Woody Leonhard, RIP Like Jerry Pournelle, a major influence on Paul's career and writing style He had a mysterious life in latter years, not clear what happened Windows 11 Windows 11 gets all the features we've discussed recently Are we heading towards something bigger this year? Or just more of the same? New Canary and Beta (23H2) builds New Dev and Beta (24H2) builds Copilot in Windows 11 is getting Press to Talk Microsoft follows through on threat, kills Remote Desktop App - our latest outrage Arc crashed and burned but we can still evolve web browsers What about sidebar apps as a UX baby step forward? Does Edge need to restart every three days now to install updates? Microsoft 365 Google promotes ChromeOS/Chromebooks as the right client ... for Microsoft 365 Dev Build 2025 registration is now open AI It's Microsoft's 50th anniversary, so it's going to announce AI something something Paul has agreed to attend this, from Mexico Also, report that Microsoft's in-house models now rival OpenAI is a hint Microsoft improves Think Deeper in Copilot using OpenAI o3-mini Google secretly owns 14-15 percent of Anthropic WTF is going on with Big Tech and regulatory evasion? On that note, CMA clears Microsoft + OpenAI specifically because of change to partnership Also, Google launches Gemma 3 The Siripocalypse - AI is a hard computer science problem and Siri is the dumb blond in this space Amazon will use AI to dub movies and TV series because obviously Xbox Rumor: Third-party portable Xbox gaming handheld this year, console resets in two years You could have cobbled this together solely based on what Microsoft has said publicly Xbox controller firmware, we have a problem Tips and Picks Tip of the week: Code with AI App pick of the week: Fences RunAs Radio this week: Strong Certificate Mapping in Active Directory with Richard Hicks Brown liquor pick of the week: Ardbeg 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: 1password.com/windowsweekly
Your Patch Tuesday is showing. Paul Thurrott, Richard Campbell, and Leo Laporte go over the latest features for Windows 11 with the KB5053598 update. Also, the hosts discuss Press to Talk for Insiders, the Windows app replacing Remote Desktop, the agentic future of browsers, Copilot integration in GroupMe, Gemma 3, issues with Xbox Wireless Controller 5.23.5.0 firmware, Pocket Casts Web Player, and the "vibe coding" era. Plus, Fences 6 is now in Beta, on sale! Woody Leonhard, RIP Like Jerry Pournelle, a major influence on Paul's career and writing style He had a mysterious life in latter years, not clear what happened Windows 11 Windows 11 gets all the features we've discussed recently Are we heading towards something bigger this year? Or just more of the same? New Canary and Beta (23H2) builds New Dev and Beta (24H2) builds Copilot in Windows 11 is getting Press to Talk Microsoft follows through on threat, kills Remote Desktop App - our latest outrage Arc crashed and burned but we can still evolve web browsers What about sidebar apps as a UX baby step forward? Does Edge need to restart every three days now to install updates? Microsoft 365 Google promotes ChromeOS/Chromebooks as the right client ... for Microsoft 365 Dev Build 2025 registration is now open AI It's Microsoft's 50th anniversary, so it's going to announce AI something something Paul has agreed to attend this, from Mexico Also, report that Microsoft's in-house models now rival OpenAI is a hint Microsoft improves Think Deeper in Copilot using OpenAI o3-mini Google secretly owns 14-15 percent of Anthropic WTF is going on with Big Tech and regulatory evasion? On that note, CMA clears Microsoft + OpenAI specifically because of change to partnership Also, Google launches Gemma 3 The Siripocalypse - AI is a hard computer science problem and Siri is the dumb blond in this space Amazon will use AI to dub movies and TV series because obviously Xbox Rumor: Third-party portable Xbox gaming handheld this year, console resets in two years You could have cobbled this together solely based on what Microsoft has said publicly Xbox controller firmware, we have a problem Tips and Picks Tip of the week: Code with AI App pick of the week: Fences RunAs Radio this week: Strong Certificate Mapping in Active Directory with Richard Hicks Brown liquor pick of the week: Ardbeg 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: 1password.com/windowsweekly
US lawmakers respond to the UK's outrageous demand about Apple's encryption. What, exactly, is a "backdoor", and can a "backdoor" NOT be secret? Highlights from last week's Windows' Patch Tuesday. A look into RansomHub: The latest king of the Ransomware hill. "TOAD": Telephone-Oriented Attack Delivery. The state of Texas -versus- DeepSeek. Disabling Apple's "Restricted Mode". Where did I put that $800 million in Bitcoin? A Sci-Fi author update. And a deep dive into the misoperation of Chrome's critically important Web Extension Store Show Notes - https://www.grc.com/sn/SN-1013-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: veeam.com legatosecurity.com threatlocker.com for Security Now bitwarden.com/twit vanta.com/SECURITYNOW