Security Now!

SN 613: WannaCry Aftermath

Dodany: 24 maja 2017


This week we examine a bunch of WannaCry follow-ups, including some new background, reports of abilities to decrypt drives, attacks on the Killswitch, and more. We also look at what the large...

SN 612: Makes You WannaCry

Dodany: 17 maja 2017


This week Steve and Leo discuss an update on the FCC's Net Neutrality comments, the discovery of an active keystroke logger on dozens of HP computer models, the continuing loss of web browser...

SN 611: Go FCC Yourself

Dodany: 10 maja 2017


This week Steve and Leo discuss much more about the Intel ATM nightmare, Tavis and Natalie discover a serious problem in Microsoft's built-in malware scanning technology, Patch Tuesday, Google's...

SN 610: Intel's Mismanagement Engine

Dodany: 3 maja 2017


This week Steve and Leo discuss the long-expected remote vulnerability in Intel's super-secret motherboard Management Engine technology, exploitable open ports in Android apps, another IoT blows a...

SN 609: The Double Pulsar

Dodany: 26 kwietnia 2017


This week Steve and Leo discuss how one of the NSA's Vault7 vulnerabilities has gotten loose, a clever hacker removes Microsoft deliberate (and apparently unnecessary) block on Win7/8.1 updates for...

SN 608: News & Feedback Potpurri

Dodany: 19 kwietnia 2017


This week Steve and Leo discuss another new side-channel attack on smartphone PIN entry (and much more), Smartphone fingerprint readers turn out to be far more spoofable that we had hoped. All...

SN 607: Proactive Privacy, Really!

Dodany: 12 kwietnia 2017


This week Steve and Leo discuss Symantec finding 40 past attacks explained by the Vault7 document leaks, an incremental improvement coming to CA certificate issuance, Microsoft patches a 0-day...

SN 606: Proactive Privacy

Dodany: 5 kwietnia 2017


This week Steve and Leo discuss another iOS update update, more bad news and some good news on the IoT front, the readout on Tavis Ormandy's shower revelation, more worrisome anti-encryption saber...

SN 605: Google -vs- Symantec

Dodany: 29 marca 2017


This week Steve and Jason discuss... Google's Tavis Ormandy takes a shower, iOS gets a massive feature and security update, a new target for 'Bot money harvesting appears, Microsoft suffers a...

SN 604: Taming Web Ads

Dodany: 22 marca 2017


This week Steve and Leo discuss developments in the new windows on old hardware front, Cisco finds a surprise in the Vault7 docs, Ubiquity was caught with the PHPs down, CheckPoint discovered...

SN 603: Vault 7

Dodany: 15 marca 2017


This week Steve and Leo discuss March's long-awaited patch Tuesday, the release deployment of Google Invisible reCaptcha, getting more than you bargained for with a new Android smartphone, the new...

SN 602: Let's Spoof!

Dodany: 8 marca 2017


Countdown to March's patch Tuesday; what was behind Amazon's S3 outage? Why don't I have a cellular connectivity backup? Some additional Cloudflare perspective, Amazon to fight another day over...

SN 601: The First SHA-1 Collision

Dodany: 1 marca 2017


This week, Leo and Steve discuss the "CloudBleed" adventure, another project zero 90-day timer expires for Microsoft, this week's IoT head-shaker, a New York airport exposes critical server data...

SN 600: The MMU Side-Channel Attack

Dodany: 22 lutego 2017


The story behind Microsoft's Patch Tuesday security update disaster. CyberX discovered a new large-scale cyber-reconnaissance operation targeting Ukraine targets: using vulnerabilities in Dropbox...

SN 599: TLS Interception INsecurity

Dodany: 15 lutego 2017


Patch Tuesday DELAYED (and we may know why!), our favorite ad-blocker embraces the last major browser, a university gets attacked by its own vending machines, PHP leaps into the future, a slick...

SN 598: Two Armed Bandits

Dodany: 8 lutego 2017


Speak of the devil... printers around the world get hacked! Vizio's TVs really were watching their watchers, Windows has a new 0-day problem, Android's easy-to-hack pattern lock, an arsonist's...

SN 597: Traitors In Our Midst

Dodany: 1 lutego 2017


The best "I'm not a Robot" video ever, Cisco's WebEx problem is far more pervasive than first believed, more bad news (and maybe some good news) for Netgear, Gmail adds .js to the no-no list, a...

SN 596: Password Complexity

Dodany: 25 stycznia 2017


Symantec issues additional invalid certificates while on probation, Tavis Ormandy finds a very troubling problem in Cisco's Web conferencing extension for Chrome, yesterday's important update to...

SN 595: What's Up with WhatsApp?

Dodany: 18 stycznia 2017


A classic bug at GoDaddy bypassed domain validation for 8850 issued certificates, could flashing a peace sign compromise your biometric data?, it's not only new IoT devices that may tattle, many...

SN 594: A Look Into PHP Malware

Dodany: 11 stycznia 2017


The US Federal Trade Commission steps into the IoT and home networking malpractice world, a radio station learns a lesson in what words NOT to repeat, Google plans to even eliminate the checkbox, a...