Security Now (Audio)

• More on Apple's hardware backdoor
• Russian Hacking of Ukranian cameras
• Russian hackers were inside Ukraine telecoms giant for months
• Things are still a mess at 23andMe
• CoinsPaid was the victim of another cyberattack
• Crypto Hacking in 2023
• Mandiant Twitter scam
• Defining "cyber warfare"
• LastPass is making some changes
• Windows Watch
• Google settles $5 billion lawsuit
• Return Oriented Programming
• Shutting Down Edge
• Root Certificates
• Credit freezing
• SpinRite Update

Show Notes - https://www.grc.com/sn/SN-956-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• lookout.com
• paloaltonetworks.com/ot-security-tco
• kolide.com/securitynow
• bitwarden.com/twit

• New "SparkCat" secret-stealing AI image scanner discovered in App and Play stores.
• The UK demands that Apple does the impossible: decrypting ADP cloud data.
• France moves forward on legislation to require backdoors to encryption.
• Firefox moves to 135 with a bunch of useful new features.
• The Five Eyes alliance publishes edge-device security guidance.
• Six NetGear routers contain CVSS 9.6 and 9.8 vulnerabilities.
• Sysinternals utilities allow malicious Windows DLL injection.
• Google removes restrictive do-gooder language from AI application policies.
• "AI Fuzzing" successfully jailbreaks the most powerful ChatGPT o3 model.
• Examining the well and deliberately hidden truth behind ransomware cyberattacks on U.S. K-12 schools

Show Notes - https://www.grc.com/sn/SN-1012-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• joindeleteme.com/twit promo code TWIT
• canary.tools/twit - use code: TWIT
• zscaler.com/security
• uscloud.com
• 1password.com/securitynow

• What caused last week's connection interruption? Router was rebooting intermittently, but why?
• David Redekop of AdamNetworks explained their enterprise network security solution aims to only allow known safe connections, blocking everything else.
• iMessage gets Contact Key Verification to confirm new devices added to an account belong to the contact.
• Public Interest Research Group asks Microsoft to extend Windows 10 support beyond 2025.
• HackerOne breach bounties surpass $300M total payout.
• CISA releases free Logging Made Easy toolkit to enhance Windows logging capabilities.
• SpinRite 6.1 pre-release 2 published, likely final pre-release with some testing remaining before full launch.
• Moving the Internet fully to IPv6 likely won't happen until IPv4 addresses are fully consumed.
• Open source projects struggle with costly code signing certificates.
• Deep dive into CitrixBleed vulnerability allowing authentication bypass.

Show Notes - https://www.grc.com/sn/SN-946-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• cs.co/twit
• bitwarden.com/twit
• vanta.com/SECURITYNOW

• Privacy Badger blocks trackers on news sites and prevents browser exposure to unwanted domains like TikTok and Datadog.
• No major updates on EU's controversial Article 45 in eIDAS 2.0. Industry pushback continues as implementation would threaten encryption.
• Cryptocurrency exchange Poloniex lost $130M in a hot wallet hack, the 14th largest crypto theft.
• Decentralized finance platform Raft lost $3.3M due to an exploit.
• Crook operated website iotaseed.io to generate wallet seed phrases, then recorded and stole them.
• New Intel processor vulnerability called Downfall leaks encryption keys and sensitive data between users on shared systems.
• Russia moves to formally ban all VPN use in the country.
• Two new flaws found in OpenVPN software, one allowing memory access.
• SpinRite development paused as DOS and Windows versions are complete.
• Understanding assembly language helps malware analysis and exploit development, but high-level decompilers also useful.
• Quantum-safe symmetric cryptography is limited compared to asymmetric crypto.
• EU's Article 45 allows transparent decryption and traffic interception, supposedly for security purposes.
• "Windshield Barnacle" parking enforcement device uses suction cups and 1000 lbs of force to immobilize vehicles until parking tickets are paid.
• Sci-fi book series Aeon 14 by M.D. Cooper offers fun military space opera adventure.
• 27-year-old theoretical crypto attack now shown practical. Passive network observers can steal SSH RSA keys if faulty signature generated, allowing impersonation.

Show Notes - https://www.grc.com/sn/SN-948-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• kolide.com/securitynow
• bitwarden.com/twit
• GO.ACILEARNING.COM/TWIT

• Privacy and Funding Challenges Facing Signal Messaging App
• Loss of Advertisers for Twitter After Controversial Tweet by Elon Musk
• Ransomware Group Files SEC Complaint Against Breached Company
• Europe Opening Up Radio Encryption Standard TETRA for Public Review
• Apple Announcing Adoption of RCS Messaging for iPhones
• Steve's Progress on Dynamic Code Signing for SpinRite Releases
• Removing Suction Cup Barnacles from Windshields
• Recommendations for Benchmarking USB Drive Read/Write Speeds
• Concerns Over EU's Proposed eIDAS 2.0 QWACs Legislation
• Why Protectli Routers Are Preferred for pfSense Setups
• Credit Card Security Precautions for Ex-LastPass Users
• Origins and Evolution of Ethernet Networking Over 50 Years

Show Notes - https://www.grc.com/sn/SN-949-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• vanta.com/SECURITYNOW
• kolide.com/securitynow
• securemyemail.com/twit Use Code TWIT