

Security Now (Audio)
TWiT
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Episodes
Mentioned books

22 snips
Aug 27, 2025 • 0sec
SN 1040: Clickjacking "Whac-A-Mole" - Inside the Password Manager Clickjacking Frenzy and What It Means
Alarm bells ring over a potential browser zero-day threat, but is it really that serious? The discussion dives into clickjacking and its implications for password security. Germany may outlaw ad blockers, raising privacy concerns. There's also news about the UK backing off its demands from Apple and Microsoft throttling new tenants. AI's dual role in advertising and cybersecurity is explored, along with vulnerabilities in Linux systems and password managers. Finally, the balance between user control and advertising impact is examined.

28 snips
Aug 20, 2025 • 2h 52min
SN 1039: The Sad Case of ScriptCase - Data Brokers Dodge Deletion
The hosts dive into the fallout from the Allianz Life data breach and the urgent need for Plex server updates. They explore Chrome's upcoming privacy features and how data brokers are making it tough to opt-out of personal data sharing. A discussion about NIST's lightweight IoT cryptography standards follows, emphasizing security in small devices. Meanwhile, vulnerabilities in ScriptCase are unravelled, revealing serious flaws that could lead to unauthorized access. The conversation wraps with a light-hearted take on the new 'Alien' series.

60 snips
Aug 13, 2025 • 3h 4min
SN 1038: Perplexity's Duplicity - Malicious Repository Libraries
CISA issues an urgent directive regarding SharePoint vulnerabilities. NVIDIA dismisses fears about embedded chips, while Dashlane scraps its free tier. Malicious repository libraries pose serious threats, and more than 100 Dell laptop models face security risks. Learn about web filtering innovations with uBlock Origin and the alarming rise of AI-driven cyberattacks. A humorous dive into healthcare absurdities leads into a serious discussion on security updates and the implications of new AI technologies in our digital landscape.

7 snips
Aug 6, 2025 • 2h 47min
SN 1037: Chinese Participation in MAPP - Why Signal is Leaving Australia
The discussion kicks off with the fallout from a SharePoint server patch debacle. Tensions rise as Signal plans to abandon Australia due to governmental encryption demands. The podcast explores espionage tactics used by Russia, while also addressing vulnerabilities in network devices like TP-Link routers. Plus, listeners learn about the discontinuation of Dropbox's password manager and the implications of age verification technology. Geopolitical issues clash with cybersecurity as concerns arise over China's role in Microsoft's MAPP program.

37 snips
Jul 30, 2025 • 2h 58min
SN 1036: Inside the SharePoint 0-day - Is Our Data Safe Anywhere?
Discover how Brave is enhancing user privacy by randomizing fingerprints and blocking Microsoft Recall by default. Delve into the alarming Clorox lawsuit over a major cyber breach impacting data security. Learn about the significant vulnerabilities in Microsoft's SharePoint, exacerbated by a hacking competition revelation, and the implications for national security. Explore the rise of cyber warfare, recent massive data breaches, and the urgent need for effective password management and advanced security measures.

51 snips
Jul 23, 2025 • 2h 48min
SN 1035: Cloudflare's 1.1.1.1 Outage - Bypassing Passkey Protections
Explore the complexities of online age verification and the rise of new technologies designed to enhance security without compromising privacy. Discover the implications of recent ransomware attacks and how Cloudflare's DNS outage impacted users worldwide. Delve into the ongoing censorship challenges in Russia and the intricacies of Microsoft’s shift to subscription-based Exchange Servers. The discussion also highlights the evolving cybersecurity landscape, with humorously linked themes of quantum mechanics and phishing tactics.

17 snips
Jul 16, 2025 • 2h 56min
SN 1034: Introduction to Zero-Knowledge Proofs - Taking Down Quantum Factorization
Discover the latest on quantum factorization and why the claims surrounding it may be overstated. Delve into the fascinating world of zero-knowledge proofs, where you can verify information without giving away secrets, and learn their potential for digital age verification. Explore the security dilemmas of messaging apps like Signal and WhatsApp, and unpack the complexities of browser fingerprinting that threaten online privacy. Plus, get insights into Notepad++'s new code signing certificate amid ongoing privacy battles.

44 snips
Jul 9, 2025 • 3h 5min
SN 1033: Going on the Offensive - The Digital Arms Race
Dive into the latest in cybersecurity, from the emergence of a new Israeli spyware to concerns over Windows 11's rapid deletion of restore points. Explore the EU's push for post-quantum crypto and legislative efforts on cryptocurrency ATMs combating scams. Discover why U.S. states are cracking down on Bitcoin ATMs while the government restricts WhatsApp use. Plus, an examination of open-source software vulnerabilities and a humorous look at the rise of commercial spyware. It's a wild ride through today’s digital arms race!

20 snips
Jul 2, 2025 • 2h 58min
SN 1032: Pervasive Web Fingerprinting - How Websites Tracks You Despite Cookie Blocks
Discover the intriguing world of web fingerprinting and its implications for privacy. Explore Microsoft's new updates, including unexpected restarts and adjustments to Windows 10 and 11. Learn about Russia's requirement for local app installations on iPhones and a French city's switch from Windows to Linux. Delve into novel AI malware techniques and the latest vulnerabilities in Cisco systems. Laugh along as hosts dissect changes in certificate notifications and the whimsical side of everyday surveillance. The conversation highlights the tense balance between online tracking and user privacy.

60 snips
Jun 25, 2025 • 3h 1min
SN 1031: How Salt Typhoon Gets In - What "AI" Really Means
Dive into the alarming breaches linked to China's Salt Typhoon and its impact on state healthcare portals. Discover the implications of adopting passkeys for secure logins as tech giants like Apple and Facebook make strides. Explore cybersecurity vulnerabilities in the telecom sector and the need for enhanced practices. Unpack the complexities of artificial intelligence, its role in phishing, and how both allies and adversaries can wield it. Plus, a humorous twist on security warnings juxtaposed with serious cyber espionage threats!