Security Now (Audio)

* Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? * And what new Windows Update crashing hack did this also create? * North Korea is now creating fake US companies to lure would-be employees. * The "Inception" attack subverts all GPT conversational AIs. * New information about data loss in unpowered SSD mass storage. * Lots of terrific feedback from our listeners. * How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf [https://www.grc.com/sn/SN-1023-Notes.pdf] Hosts: Steve Gibson [https://twit.tv/people/steve-gibson] and Leo Laporte [https://twit.tv/people/leo-laporte] Download or subscribe to Security Now at https://twit.tv/shows/security-now [https://twit.tv/shows/security-now]. You can submit a question to Security Now at the GRC Feedback Page [https://www.grc.com/feedback.htm]. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com [https://www.grc.com/securitynow.htm], also the home of the best disk maintenance and recovery utility ever written Spinrite 6 [https://www.grc.com/sr/spinrite.htm]. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit [https://twit.tv/clubtwit] Sponsors: * legatosecurity.com [http://legatosecurity.com] * threatlocker.com for Security Now [https://www.threatlocker.com/pages/solutions?utm_medium=podcast&utm_source=twit&utm_campaign=securitynow] * outsystems.com/twit [http://outsystems.com/twit] * hoxhunt.com/securitynow [http://hoxhunt.com/securitynow]

* Enabling Firefox's Tab Grouping. * Recalled Recall Re-Rolls out. * The crucial CVE program nearly died. It's been given new life. * China confesses to hacking the US (blames our stance on Taiwan). * CISA says what Oracle still refuses to. * Brute force attacks on the (rapid) rise. * An AI/ML Python package rates a 9.8 (again!) * The CA/Browser forum passed short-life certs. :( * A wonderful crosswalk hack hits Silicon Valley. * Android to add force restarting ahead of schedule. Maybe. * The EFF is never happy. But especially now, about Florida. * Interesting research into ransomware payouts. * Windows Sandbox: The amazing gem hidden inside all Windows 10 & 11! Show Notesb - https://www.grc.com/sn/SN-1022-Notes.pdf [https://www.grc.com/sn/SN-1022-Notes.pdf] Hosts: Steve Gibson [https://twit.tv/people/steve-gibson] and Leo Laporte [https://twit.tv/people/leo-laporte] Download or subscribe to Security Now at https://twit.tv/shows/security-now [https://twit.tv/shows/security-now]. You can submit a question to Security Now at the GRC Feedback Page [https://www.grc.com/feedback.htm]. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com [https://www.grc.com/securitynow.htm], also the home of the best disk maintenance and recovery utility ever written Spinrite 6 [https://www.grc.com/sr/spinrite.htm]. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit [https://twit.tv/clubtwit] Sponsors: * joindeleteme.com/twit promo code TWIT [http://joindeleteme.com/twit] * drata.com/securitynow [http://drata.com/securitynow] * bigid.com/securitynow [http://bigid.com/securitynow] * 1password.com/securitynow [http://1password.com/securitynow] * material.security [https://material.security]

* Android to get "Lockdown Mode". * What's in the new editions of Chrome and Firefox? * Why did Apple silently re-enable automatic updates? * My new iPhone 16, Chinese tariffs and electronics. * Dynamic "hotpatching" coming to Win11 Enterprise & Edu. * Why is it so difficult for Oracle to fess up? * Another multi-year breach inside US Treasury. * An Apple -vs- the UK update. * "Thundermail" (Can't someone come up with a better name?) * The (in)Security of Programmable Logic Controllers. * When LLM's write code and hallucinate non-existent packages. * Wordpress core security and PHP gets an important audit. * Device-Bound Session Credentials update session cookie technology Show Notes - https://www.grc.com/sn/SN-1021-Notes.pdf [https://www.grc.com/sn/SN-1021-Notes.pdf] Hosts: Steve Gibson [https://twit.tv/people/steve-gibson] and Leo Laporte [https://twit.tv/people/leo-laporte] Download or subscribe to Security Now at https://twit.tv/shows/security-now [https://twit.tv/shows/security-now]. You can submit a question to Security Now at the GRC Feedback Page [https://www.grc.com/feedback.htm]. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com [https://www.grc.com/securitynow.htm], also the home of the best disk maintenance and recovery utility ever written Spinrite 6 [https://www.grc.com/sr/spinrite.htm]. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit [https://twit.tv/clubtwit] Sponsors: * expressvpn.com/securitynow [http://expressvpn.com/securitynow] * vanta.com/SECURITYNOW [http://vanta.com/SECURITYNOW] * threatlocker.com for Security Now [https://www.threatlocker.com/pages/solutions?utm_medium=podcast&utm_source=twit&utm_campaign=securitynow] * legatosecurity.com [http://legatosecurity.com] * bitwarden.com/twit [http://bitwarden.com/twit]

* Canon printer driver vulnerabilities enable Windows kernel exploitation. * Astonishing cyber-security awareness from a household appliance manufacturer. * France tries to hook 2.5 million school children with a Phishing test. * Wordpress added an abuse prone feature in 2022. Guess what happened? * Oracle? Is there something you'd like to tell us? * Utah's governor just signed the App Store Accountability Act. Now what? * AI bots hungry for new data are DDoSing FOSS projects. * No Microsoft Account? No Microsoft Windows 11. * Gmail claims it now offers E2EE. It kinda sorta does. Somewhat. * A dreaded CVSS 10.0 was discovered in Apache Parquet. * A bunch of terrific listener feedback. * What's Multi-Perspective Issuance Corroboration and why must all certificate authorities now do it? Show Notes - https://www.grc.com/sn/SN-1020-Notes.pdf [https://www.grc.com/sn/SN-1020-Notes.pdf] Hosts: Steve Gibson [https://twit.tv/people/steve-gibson] and Leo Laporte [https://twit.tv/people/leo-laporte] Download or subscribe to Security Now at https://twit.tv/shows/security-now [https://twit.tv/shows/security-now]. You can submit a question to Security Now at the GRC Feedback Page [https://www.grc.com/feedback.htm]. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com [https://www.grc.com/securitynow.htm], also the home of the best disk maintenance and recovery utility ever written Spinrite 6 [https://www.grc.com/sr/spinrite.htm]. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit [https://twit.tv/clubtwit] Sponsors: * material.security [https://material.security] * threatlocker.com for Security Now [https://www.threatlocker.com/pages/solutions?utm_medium=podcast&utm_source=twit&utm_campaign=securitynow] * canary.tools/twit - use code: TWIT [http://canary.tools/twit] * joindeleteme.com/twit promo code TWIT [http://joindeleteme.com/twit] * bitwarden.com/twit [http://bitwarden.com/twit]

* Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. * A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. * Cloudflare completely pulls the plug on port 80 (HTTP) API access. * Malware is switching to obscure languages to avoid detection. FORTH, anyone? * Password reuse doesn't appear to be dropping. Cloudflare has numbers. * A listener shares his log of malicious Microsoft login attempts. Why no geofencing? * 23andMe down for the count (reminder). * A sobering Ransomware attack & victim listing website. Gulp! * "InControl" keeps VR planes aloft. * And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf [https://www.grc.com/sn/SN-1019-Notes.pdf] Hosts: Steve Gibson [https://twit.tv/people/steve-gibson] and Leo Laporte [https://twit.tv/people/leo-laporte] Download or subscribe to Security Now at https://twit.tv/shows/security-now [https://twit.tv/shows/security-now]. You can submit a question to Security Now at the GRC Feedback Page [https://www.grc.com/feedback.htm]. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com [https://www.grc.com/securitynow.htm], also the home of the best disk maintenance and recovery utility ever written Spinrite 6 [https://www.grc.com/sr/spinrite.htm]. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit [https://twit.tv/clubtwit] Sponsors: * drata.com/securitynow [http://drata.com/securitynow] * outsystems.com/twit [http://outsystems.com/twit] * bitwarden.com/twit [http://bitwarden.com/twit] * threatlocker.com for Security Now [https://www.threatlocker.com/pages/solutions?utm_medium=podcast&utm_source=twit&utm_campaign=securitynow] * legatosecurity.com [http://legatosecurity.com]