• Windows Endpoint Security Ecosystem Summit
• Aging storage media does NOT last forever
• How Navy chiefs conspired to get themselves illegal warship Wi-Fi
• adam:ONE named the #1 best Secure Access Service Edge (SASE) solution
• AI Talk
• Password Manager Injection Attacks

Show Notes - https://www.grc.com/sn/SN-992-Notes.pdf

Hosts: Steve Gibson and Mikah Sargent

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• threatlocker.com for Security Now
• joindeleteme.com/twit promo code TWIT
• 1password.com/securitynow
• vanta.com/SECURITYNOW

• Offer to uninstall Recall was a bug, not a feature
• YubiKeys can be cloned
• Miscellany
• Is WhatsApp secure?
• Telegram vs Signal
• French elevators
• Freezing your credit
• The Quiet Canine
• Unix time
• Bobiverse book 5
• Exodus: The Achemedes Engine
• Watching SpinRite
• RAMBO

Show Notes - https://www.grc.com/sn/SN-991-Notes.pdf

Hosts: Steve Gibson and Mikah Sargent

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• flashpoint.io
• bigid.com/securitynow
• Melissa.com/twit
• bitwarden.com/twit

• Telegram puts End-to-End Privacy in the Crosshairs
• Free security logging is good for everyone
• CrowdStrike hemorrhaging customers
• Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors
• Yelp's Unhappy with Google
• Telegram as the hotbed for DDoSass – DDoS as a Service
• Chrome grows more difficult to exploit
• Cox Media Group's "Active Listening" has apparently not ended
• Cascading Bloom Filter follow-up
• Closing the Loop
• Is Telegram an encrypted app?

Show Notes - https://www.grc.com/sn/SN-990-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• bigid.com/securitynow
• threatlocker.com for Security Now
• vanta.com/SECURITYNOW
• joindeleteme.com/twit promo code TWIT

• CrowdStrike Exec's "Most Epic Fail" Award
• Hardware backdoors discovered in Chinese-made key cards
• Counterfeit CISCO networking gear
• SpinRite
• Errata
• NPD breach updates from listeners
• Looking back at old SN episodes
• Cascading Bloom Filters

Show Notes - https://www.grc.com/sn/SN-989-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• canary.tools/twit - use code: TWIT
• 1password.com/securitynow
• e-e.com/twit
• GO.ACILEARNING.COM/TWIT code SN100

• Revocation Update
• GRC's next experiment
• Patch Tuesday
• "The Famous Computer Café"
• IsBootSecure
• GRC Email
• Working through WiFi Firewalls
• Transferring DNS
• OCSP attestation vs. TLS expiration
• Platform key expiration
• National Public Data

Show Notes - https://www.grc.com/sn/SN-988-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• bitwarden.com/twit
• vanta.com/SECURITYNOW
• threatlocker.com for Security Now
• joindeleteme.com/twit promo code TWIT

• Sitting Ducks DNS attack
• A Bad RCE in another Microsoft server
• SinkClose
• The CLFS.SYS BSoD
• IsBootSecure
• Rethinking Revocation

Show Notes - https://www.grc.com/sn/SN-987-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• joindeleteme.com/twit promo code TWIT
• bigid.com/securitynow
• vanta.com/SECURITYNOW
• 1password.com/securitynow

• Platform Key Disclosure
• Firefox's 3rd-party Cookie mess
• The W3C Finally Weighs-in
• CrowdStrike Damages.
• GRC's Email
• How Revoking!

Show Notes - https://www.grc.com/sn/SN-986-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• threatlocker.com for Security Now
• joindeleteme.com/twit promo code TWIT
• bigid.com/securitynow
• vanta.com/SECURITYNOW

• Crowdstrike post-mortem
• PiDP-11
• What Crowdstrike is fixing
• Marcus Hutchins on who is to blame
• Entrust's Updated Info
• 3rd-Party Cookie Surprise
• Security training firm mistakenly hires a North Korean attacker
• Google and 3rd party cookies
• Google's influence
• The auto industry and data brokers
• DNS Benchmark on Mac
• Platform Key Disclosure

Show Notes - https://www.grc.com/sn/SN-985-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• lookout.com
• GO.ACILEARNING.COM/TWIT code SN100
• panoptica.app
• bitwarden.com/twit