Security Now (Audio)

By: TWiT
Listen for free

  • Summary

  • Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
    This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
    Show more Show less
Show more Show less
Episodes
  • SN 1021: Device Bound Session Credentials - Hotpatching in Win 11, Apple vs. UK

    SN 1021: Device Bound Session Credentials - Hotpatching in Win 11, Apple vs. UK
    Apr 16 2025
    • Android to get "Lockdown Mode".
    • What's in the new editions of Chrome and Firefox?
    • Why did Apple silently re-enable automatic updates?
    • My new iPhone 16, Chinese tariffs and electronics.
    • Dynamic "hotpatching" coming to Win11 Enterprise & Edu.
    • Why is it so difficult for Oracle to fess up?
    • Another multi-year breach inside US Treasury.
    • An Apple -vs- the UK update.
    • "Thundermail" (Can't someone come up with a better name?)
    • The (in)Security of Programmable Logic Controllers.
    • When LLM's write code and hallucinate non-existent packages.
    • Wordpress core security and PHP gets an important audit.
    • Device-Bound Session Credentials update session cookie technology

    Show Notes - https://www.grc.com/sn/SN-1021-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to Security Now at https://twit.tv/shows/security-now.

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Join Club TWiT for Ad-Free Podcasts!
    Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

    Sponsors:

    • expressvpn.com/securitynow
    • vanta.com/SECURITYNOW
    • threatlocker.com for Security Now
    • legatosecurity.com
    • bitwarden.com/twit
    Show more Show less
    3 hrs and 15 mins
  • SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE

    SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE
    Apr 9 2025
    • Canon printer driver vulnerabilities enable Windows kernel exploitation.
    • Astonishing cyber-security awareness from a household appliance manufacturer.
    • France tries to hook 2.5 million school children with a Phishing test.
    • Wordpress added an abuse prone feature in 2022. Guess what happened?
    • Oracle? Is there something you'd like to tell us?
    • Utah's governor just signed the App Store Accountability Act. Now what?
    • AI bots hungry for new data are DDoSing FOSS projects.
    • No Microsoft Account? No Microsoft Windows 11.
    • Gmail claims it now offers E2EE. It kinda sorta does. Somewhat.
    • A dreaded CVSS 10.0 was discovered in Apache Parquet.
    • A bunch of terrific listener feedback.
    • What's Multi-Perspective Issuance Corroboration and why must all certificate authorities now do it?

    Show Notes - https://www.grc.com/sn/SN-1020-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to Security Now at https://twit.tv/shows/security-now.

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Join Club TWiT for Ad-Free Podcasts!
    Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

    Sponsors:

    • material.security
    • threatlocker.com for Security Now
    • canary.tools/twit - use code: TWIT
    • joindeleteme.com/twit promo code TWIT
    • bitwarden.com/twit
    Show more Show less
    3 hrs and 8 mins
  • SN 1019: EU OS - Troy Hunt Phished, Ransomware List, InControl

    SN 1019: EU OS - Troy Hunt Phished, Ransomware List, InControl
    Apr 2 2025
    • Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard.
    • A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site.
    • Cloudflare completely pulls the plug on port 80 (HTTP) API access.
    • Malware is switching to obscure languages to avoid detection. FORTH, anyone?
    • Password reuse doesn't appear to be dropping. Cloudflare has numbers.
    • A listener shares his log of malicious Microsoft login attempts. Why no geofencing?
    • 23andMe down for the count (reminder).
    • A sobering Ransomware attack & victim listing website. Gulp!
    • "InControl" keeps VR planes aloft.
    • And the European Union gets serious about a switch to Linux

    Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to Security Now at https://twit.tv/shows/security-now.

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Join Club TWiT for Ad-Free Podcasts!
    Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

    Sponsors:

    • drata.com/securitynow
    • outsystems.com/twit
    • bitwarden.com/twit
    • threatlocker.com for Security Now
    • legatosecurity.com
    Show more Show less
    3 hrs and 5 mins
adbl_web_global_use_to_activate_webcro768_stickypopup

What listeners say about Security Now (Audio)

Average customer ratings
Overall
  • 5 out of 5 stars
  • 5 Stars
    11
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Performance
  • 5 out of 5 stars
  • 5 Stars
    11
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Story
  • 5 out of 5 stars
  • 5 Stars
    11
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
Sort by:
Filter by:
  • Overall
    5 out of 5 stars
  • Performance
    5 out of 5 stars
  • Story
    5 out of 5 stars
Profile Image for Craig Batty

The best tech security podcast

For anyone interested in tech security, this is the best podcast around. Steve and Leo draw on decades of industry expertise to break down all the weekly tech security news that we need to know.

Report this

Something went wrong. Please try again in a few minutes.

You voted on this review!

You reported this review!

  • Overall
    5 out of 5 stars
  • Performance
    5 out of 5 stars
  • Story
    5 out of 5 stars
Profile Image for Robinson

Best Security Podcast around

This is by far the best security podcast I have found. Been listening since college when I began my security career. I have learned a lot from this show and also been able to give real insight on things that I otherwise probably would not have known. Thanks for the great work!

Report this

Something went wrong. Please try again in a few minutes.

You voted on this review!

You reported this review!

  • Overall
    5 out of 5 stars
  • Performance
    5 out of 5 stars
  • Story
    5 out of 5 stars
Profile Image for calvin d.

Welcome Aboard. The water is fine.

Might need to stand on your tippy toes. It's mighty deep. Or stand on Steve's shoulders.

Report this

Something went wrong. Please try again in a few minutes.

You voted on this review!

You reported this review!

1 person found this helpful