Cybersecurity website owned by Alphabet Inc.
POPULARITY
The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?” Industry Voices On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents. Selected Reading Many Malware Campaigns Linked to Proton66 Network (SecurityWeek) New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News) CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers) Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek) Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine) $40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine) Fog ransomware notes troll with DOGE references, bait insider attacks (SC World) Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security) Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews) Digital Weaning Guide from the United States (Dagbladet Information) Two top cyber officials resign from CISA (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
https://www.virustotal.com/gui/home/search Virustotal escanea, vía web, extensión o app en Android archivos y direcciones web con 90 antivirus al mismo tiempo. Gratis y en Español. Además, he cambiado de teléfono, porque se ha estropeado el que tenía hasta ahora. Podcast asociado a la red de SOSPECHOSOS HABITUALES. Suscríbase con este feed: https://feedpress.me/sospechososhabituales
https://www.virustotal.com/gui/home/search Virustotal escanea, vía web, extensión o app en Android archivos y direcciones web con 90 antivirus al mismo tiempo. Gratis y en Español. Además, he cambiado de teléfono, porque se ha estropeado el que tenía hasta ahora. Podcast asociado a la red de SOSPECHOSOS HABITUALES. Suscríbase con este feed: https://feedpress.me/sospechososhabituales
ESET believes this bootkit is likely an initial proof of concept, and based on ESET telemetry, it has not been deployed in the wild. However, it is the first evidence that UEFI bootkits are no longer confined to Windows systems alone. The bootkit's main goal is to disable the kernel's signature verification feature and to preload two as yet unknown ELF binaries via the Linux "init" process (which is the first process executed by the Linux kernel during system startup). The previously unknown UEFI application, named "bootkit.efi," was uploaded to VirusTotal. Bootkitty is signed by a self-signed certificate, thus is not capable of running on systems with UEFI Secure Boot enabled by default. However, Bootkitty is designed to boot the Linux kernel seamlessly, whether UEFI Secure Boot is enabled or not, as it patches, in memory, the necessary functions responsible for integrity verification. The bootkit is an advanced rootkit that is capable of replacing the boot loader, and of patching the kernel ahead of its execution. Bootkitty allows the attacker to take full control over the affected machine, as it co-opts the machine's booting process, and executes malware before the operating system has even started. During the analysis, ESET discovered a possibly related unsigned kernel module that ESET named BCDropper - with signs suggesting that it could have been developed by the same author(s) as Bootkitty. It deploys an ELF binary responsible for loading yet another kernel module unknown at the time of analysis. "Bootkitty contains many artifacts, suggesting that this is more like a proof of concept than the work of a threat actor. Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems since it can affect only a few Ubuntu versions, it emphasizes the necessity of being prepared for potential future threats," says ESET researcher Martin Smolar, who analyzed Bootkitty. "To keep your Linux systems safe from such threats, make sure that UEFI Secure Boot is enabled, your system firmware, security software and OS are up-to-date, and so is your UEFI revocations list," he adds. After booting up a system with Bootkitty in the ESET testing environment, researchers noticed that the kernel was marked as tainted (a command can be used to check the tainted value), which was not the case when the bootkit was absent. Another way to tell whether the bootkit is present on the system with UEFI Secure Boot enabled is by attempting to load an unsigned dummy kernel module during runtime. If it's present, the module will be loaded; if not - the kernel refuses to load it. A simple remedy to get rid of the bootkit, when the bootkit is deployed as "/EFI/ubuntu/grubx64.efi", is to move the legitimate "/EFI/ubuntu/grubx64-real.efi" file back to its original location, which is "/EFI/ubuntu/grubx64.efi". Over the past few years, the UEFI threat landscape, particularly that of UEFI bootkits, has evolved significantly. It all started with the first UEFI bootkit proof of concept (PoC), described by Andrea Allievi in 2012, which served as a demonstration of deploying bootkits on modern UEFI-based Windows systems, and was followed with many other PoCs (EfiGuard, Boot Backdoor, UEFI-bootkit). I t took several years until the first two real UEFI bootkits were discovered in the wild (one of those was ESPecter in 2021 by ESET), and it took two more years until the infamous BlackLotus - the first UEFI bootkit capable of bypassing UEFI Secure Boot on up-to-date systems - appeared (in 2023, discovered by ESET). A common thread among these publicly known bootkits was their exclusive targeting of Windows systems. For a more detailed analysis and technical breakdown of Bootkitty, the first bootkit for Linux, check out the latest ESET Research blogpost, "Bootkitty: Analyzing the first UEFI bootkit for Linux," on WeLiveSecurity.com. Make sure to follow ESET Research on X for the latest news from ESET Rese...
Three Buddy Problem - Episode 17: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).
Three Buddy Problem - Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton' APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid's essay on Russian disinformation results, and the US government's ICE department using commercial spyware from an Israeli vendor. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).
Vicente Diaz, Threat Intelligence Strategist at VirusTotal, joins host Luke McNamara to discuss his research into using LLMs to analyze malware. Vicente covers how he used Gemini to analyze various windows binaries, the use cases this could help address for security operations, technical challenges with de-obfuscation, and more.For more on this topic: https://blog.virustotal.com/2023/04/introducing-virustotal-code-insight.htmlhttps://blog.virustotal.com/2024/04/analyzing-malware-in-binaries-and.html
Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Vincente Diaz on Using AI for Malware AnalysisPub date: 2024-07-21Vincente Diaz, Threat Intelligence Strategist on Google's VirusTotal team and formerly the EU director of Kaspersky Lab's Global Research & Analysis Team, joins the Nexus Podcast to discuss how artificial intelligence and machine learning is an integral part of what VirusTotal is doing around malware analysis. Vincente describes the advantages these advanced technologies bring to malware analysis, in particular how it cuts down analysis time, and improves exploit detection. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of Cyber Threat Intelligence with CyberWire Hash Table guest John Hultquist, Mandiant's Chief Analyst. References: Andy Greenberg, 2022. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book]. Goodreads. Josephine Wolff, October 2023. How Hackers Swindled Vegas [Explainer]. Slate. Rick Howard, 2023. Cybersecurity First Principles Book Appendix [Book Support Page]. N2K Cyberwire. Staff, September 2023. mWISE Conference 2023 [Conference Website]. Mandiant. Staff, n.d. VirusTotal Submissions Page [Landing Zone]. VirusTotal. Learn more about your ad choices. Visit megaphone.fm/adchoices
Vincente Diaz, Threat Intelligence Strategist on Google's VirusTotal team and formerly the EU director of Kaspersky Lab's Global Research & Analysis Team, joins the Nexus Podcast to discuss how artificial intelligence and machine learning is an integral part of what VirusTotal is doing around malware analysis. Vincente describes the advantages these advanced technologies bring to malware analysis, in particular how it cuts down analysis time, and improves exploit detection.
Cybersecurity has never been more important; Everything is now connected to a network, and rapid technological advancements are being met with new and novel cyber threats, however cutting-edge advancements in AI within cybersecurity are rising to meet them, empowering individuals, businesses, and governments to build a safer, more secure online future. In this podcast, we examine the importance of collaboration between public and private players to safeguard society, critical infrastructure and valuable assets against increasingly sophisticated cyber threats.In the fourth episode of this five-part miniseries, we look at AI's role within cybersecurity. By making cybersecurity accessible to more people, can AI increase the protections for European organisations and businesses of all sizes or will the ability to process large amounts of data enable attacks on businesses?In this episode we speak with Philippe Humeau, CEO of CrowdSec, a French threat intelligence company that offers participative behavioural protection from malicious IP addresses. Isabel Praça, Professor at the Instituto Superior de Engenharia do Porto and AI Expert at European Union Agency for Cybersecurity. Vicente Diaz, Author of VirusTotal's research on AI-driven threat mitigation and detection and security engineer at Google.Our sources: IBM, Cobalt, Digital Skills Job Europe, Morgan StanleyThis content is paid for by Google and is produced in partnership with the Financial Times' Commercial Department. Hosted on Acast. See acast.com/privacy for more information.
On this week's show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds' CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk's Gaza Strip adventures Much, much more This week's show is brought to you by Greynoise. Andrew Morris, Greynoise's founder and CEO, is this week's sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple's promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow's lawsuit against NSO Group
On this week's show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds' CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk's Gaza Strip adventures Much, much more This week's show is brought to you by Greynoise. Andrew Morris, Greynoise's founder and CEO, is this week's sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple's promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow's lawsuit against NSO Group
Malicious packages are found attached to NuGet. Russia will establish its own substitute for VirusTotal. Commodity tools empower low-grade Russian cybercriminals. Malware mealkits, and other notes from the cyber underground. Insights from a Cybersecurity workforce study. Mr Security Answer Person John Pescatore looks at MFA. Drew Rose from Living Security on the very scary human side of cyber attacks. And more details from President Biden's Executive Order on artificial intelligence. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/208 Selected reading. IAmReboot: Malicious NuGet packages exploit loophole in MSBuild integrations (ReversingLabs) Russia to launch its own version of VirusTotal due to US snooping fears (Record). Russian hacking tool floods social networks with bots, researchers say (Record) How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime (Trend Micro) HP Wolf Security Threat Insights Report Q3 2023 (HP Wolf Security) How the Economy, Skills Gap and Artificial Intelligence are Challenging the Global Cybersecurity Workforce (ISC2) Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (The White House) Learn more about your ad choices. Visit megaphone.fm/adchoices
Executive order outlines generative AI rules in the US Russia launchings its own VirusTotal Roaming data could leak geolocations Thanks to today's episode sponsor, Hunters Piecing together a SIEM not only takes forever, but it wastes your security team's valuable resources. Hunters is a SIEM alternative purpose built to help your Security Operations mature to the next level in a fraction of the time. Spontnana, a next-generation Travel-as-a-Service platform, uses Hunters' built-in correlation and enrichment capabilities to make better security decisions and experienced value from day one. Are you ready to evaluate Hunters as a SIEM alternative? Visit Hunters.security to learn more.
In this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell. Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place. But as you'll hear, Stairwell is broadening out the use cases for its platform. You don't want to forward files from every system? You don't have to. It's still very useful as an analysis platform. It's sort of like VirusTotal, but private and with a bunch more bells and whistles. There's also a bunch of sharing tools in the platform, which gives it a “social network for CTI nerds” flavour.
In this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell. Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place. But as you'll hear, Stairwell is broadening out the use cases for its platform. You don't want to forward files from every system? You don't have to. It's still very useful as an analysis platform. It's sort of like VirusTotal, but private and with a bunch more bells and whistles. There's also a bunch of sharing tools in the platform, which gives it a “social network for CTI nerds” flavour.
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
On Security Now, Steve Gibson and Leo Laporte discuss a recently discovered and patched WinRAR vulnerability that allowed attackers to execute malicious code when users extracted files from specially crafted archives. For the full episode go to: https://twit.tv/sn/937 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT
On Security Now, Steve Gibson and Leo Laporte discuss a recently discovered and patched WinRAR vulnerability that allowed attackers to execute malicious code when users extracted files from specially crafted archives. For the full episode go to: https://twit.tv/sn/937 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: podtail.com/podcast/building-cyber-resilience bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The 7th branch of the US military. Russia criminalizes open source project contribution. VirusTotal's 2023 report. Closing the Loop. TETRA:BURST. Show Notes - https://www.grc.com/sn/SN-933-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Building Cyber Resilience Podcast bitwarden.com/twit drata.com/twit
This week on Hacker And The Fed new cyber security labels proposed by the US government could help us buy our new devices, an employee exposes thousands of intelligence and defense employees, Google may be restricting internet access to some employees to reduce their cyber attack risk, a hacker infects his own computer, and Google says an Apple employee found a zero-day but didn't report it, and we answer listener questions about our phones getting searched and email encryption. Links from the episode: White House teams with Amazon, Google and Qualcomm on cybersecurity labels for gadgets https://www.cnbc.com/2023/07/18/us-cyber-trust-labels-will-help-consumers-pick-safer-smart-devices.html Google exposes intelligence and defense employee names in VirusTotal leak https://therecord.media/virustotal-user-email-addresses-leaked-google-military-intelligence Google restricting internet access to some employees to reduce cyberattack risk https://www.cnbc.com/2023/07/18/google-restricting-internet-access-to-some-employees-for-security.html Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware https://www.securityweek.com/black-hat-hacker-exposes-real-identity-after-infecting-own-computer-with-malware/ IT Security Analyst Jailed for Impersonating as a Hacker in Own Company https://cybersecuritynews.com/it-security-analyst-jailed/ Google says Apple employee found a zero-day but did not report it https://techcrunch.com/2023/07/20/google-says-apple-employee-found-a-zero-day-but-did-not-report-it/ https://news.ycombinator.com/item?id=36803537 Microsoft Cybersecurity Analyst Professional Certificate https://www.coursera.org/professional-certificates/microsoft-cybersecurity-analyst Cybersecurity Expert Kevin David Mitnick died https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 Listener Questions: https://www.theverge.com/2021/8/18/22630439/apple-csam-neuralhash-collision-vulnerability-flaw-cryptography Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees Get your Hacker and the Fed merchandise at hackerandthefed.com
This episode reports on a patch for Adobe OpenMeetings, a lack of patching of Zyxel devices, allegations that Microsoft's security breach may be worse than thought, and more
In today's podcast we cover four crucial cyber and technology topics, including: 1. Lockbit cripples two areas in the U.S. 2. Scammer arrested in Spain after decade on run 3. Sensitive customer information leaked on VirusTotal 4. Microsoft investigating email outage I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal. Show Notes https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit
On The Cloud Pod this week, Amazon announces Amazon Inspector's new support of Windows OS for continual software vulnerability scanning of EC2 workloads, Google has several exciting announcements regarding Chronicle, Azure is announcing pretty much everything under the sun, and Oracle announces OCI Lake in beta. Thank you to our sponsor, Foghorn Consulting, which provides top notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you're having trouble hiring? Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week. Episode Highlights ⏰ Amazon Inspector now supports Windows operating system (OS) for continual software vulnerability scanning of EC2 workloads. ⏰ Google makes 3 announcements about Chronicle. ⏰ Azure has three–yes, three–new releases this week. ⏰ Oracle announces OCI Lake in beta. Top Quote
Picture of the Week. Crypto is Hard. VirusTotal: Deception at a scale. Windows 11 might damage encrypted data. Microsoft Defender External Attack Surface Management. Closing The Loop. Daniel Bernstein sues the NSA. The Maker's Schedule. We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow expressvpn.com/securitynow drata.com/twit
Picture of the Week. Crypto is Hard. VirusTotal: Deception at a scale. Windows 11 might damage encrypted data. Microsoft Defender External Attack Surface Management. Closing The Loop. Daniel Bernstein sues the NSA. The Maker's Schedule. We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow expressvpn.com/securitynow drata.com/twit
Picture of the Week. Crypto is Hard. VirusTotal: Deception at a scale. Windows 11 might damage encrypted data. Microsoft Defender External Attack Surface Management. Closing The Loop. Daniel Bernstein sues the NSA. The Maker's Schedule. We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow expressvpn.com/securitynow drata.com/twit
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Credential Leaks on Virustotal https://isc.sans.edu/forums/diary/Credentials+Leaks+on+VirusTotal/28426/ GPS Issues Around Finish Rusian Border https://www.straitstimes.com/world/europe/finland-detects-gps-disturbance-near-russias-kaliningrad Russia Considering Internal Certificate Authority https://www.gosuslugi.ru/tls https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/ New Spectre Variant https://www.vusec.net/projects/bhi-spectre-bhb/ Package Manager Vulnerabilities (yarn, pip, composer...) https://blog.sonarsource.com/securing-developer-tools-package-managers
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Credential Leaks on Virustotal https://isc.sans.edu/forums/diary/Credentials+Leaks+on+VirusTotal/28426/ GPS Issues Around Finish Rusian Border https://www.straitstimes.com/world/europe/finland-detects-gps-disturbance-near-russias-kaliningrad Russia Considering Internal Certificate Authority https://www.gosuslugi.ru/tls https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/ New Spectre Variant https://www.vusec.net/projects/bhi-spectre-bhb/ Package Manager Vulnerabilities (yarn, pip, composer...) https://blog.sonarsource.com/securing-developer-tools-package-managers