Security Now (Audio)

Discover why code signing certificates are skyrocketing in cost and complexity. Unpack Microsoft's new three-day certificates and the challenges they pose for developers. Explore California's innovative DROP data broker opt-out system and its implications for privacy. Hear about humorous AI-generated towns and a hands-on demo of Claude Code. Plus, get insights into AI-assisted coding for non-coders and listener experiences navigating the evolving landscape of code signing!

Discover why code-signing certificates are becoming shorter and more expensive, pushing developers towards costly cloud solutions. The hosts explore the MongoBleed vulnerability and its significant implications for data security. They also delve into the security enhancements coming to the Python Package Index and discuss the curious ban on Raspberry Pis during a New York City inauguration. Plus, get insights on the potential pitfalls of ChatGPT's shift to an advertising model and learn about the fascinating connection between Vitamin D and magnesium.

Get ready for a health-focused celebration as the hosts dive into the fascinating world of vitamin D. Discover how sunlight transforms skin chemistry and why diet alone isn't enough. Explore the vital connection between vitamin D, vitamin K2, and overall well-being. Learn about its broader roles, including immunity and mental health, and hear compelling research linking higher vitamin D levels to reduced cancer risk. Plus, get practical tips on supplementation and the importance of testing for optimal health!

Discover the alarming world of cybersecurity as a massive smart TV botnet comes to light, revealing how innocent browser icons can harbor malware. Dive into North Korea's crypto exploits, including staggering theft amounts and sneaky methods of attack. Learn about insecure Docker APIs being exploited for cryptomining and the implications of compromised cloud services. Plus, hear about the clever PNG steganography used to infect thousands of users. This episode is a must-listen for anyone interested in staying ahead of digital threats!

Australia's social media age verification sparks a global debate over privacy and facial detection flaws. Home Depot faces scrutiny for slow responses to a security breach. The hosts discuss alarming trends in malicious open-source packages and potential threats to the U.S. power grid from China. React vulnerabilities are explored in depth, revealing widespread exploitation. Apple addresses critical security patches, while Let's Encrypt celebrates massive growth amidst centralization risks. Listener feedback highlights concerns about age verification impacts and privacy.

A critical React vulnerability just received a 'perfect 10' for risk, allowing attackers to compromise over a million servers with a single request. GrapheneOS recently withdrew from France, citing privacy concerns over new laws. In India, smartphone tracking mandates faced backlash, leading to their abrupt cancellation. Meanwhile, the demand for RAM driven by AI is causing skyrocketing prices. Finally, local network access permissions in Chrome aim to enhance security against remote attacks.

Cisco finally acknowledges the need for serious security improvements, vowing to implement 'secure by default' devices. A major cybersecurity incident strikes Salesforce, leading to discussions about supply-chain breaches and the risks of outsourcing. Australia introduces a ban on underage social media use, and the EU considers replacing US tech with local alternatives. Best practices for passwords versus passkeys are explored, alongside an intriguing analysis of SSD data retention. Plus, exciting news about a new Stargate series!

Could VPN bans become a reality in the US? Discover the chilling proposals in Wisconsin and Michigan targeting digital privacy for everyone. Delve into the EU's shift on chat control and Windows 11's inclusion of Sysmon for enterprise monitoring. Explore the Pentagon's investment in offensive AI and the real threats of doxing military personnel. Plus, a look at recent WhatsApp vulnerabilities and the implications of banning VPNs altogether. Tune in for insights on tech, privacy, and the future of digital security!

Can your cellphone be tracked without malware? Absolutely! Discover how telecom signaling allows pinpointing your location. Apple’s new Digital ID is set to transform wallets, while Checkout.com opts to fund cybersecurity research over paying ransom. Google juggles AI in the cloud and rolls back some developer registration rules. Venturing into the risky world of cellphone tracking and privacy, experts reveal the ins and outs of SS7 vulnerabilities. Tune in for juicy listener feedback and vital security insights!

Amazon is suing Perplexity AI, questioning the future of automated online shopping. FFmpeg is exploring assembly language for massive performance boosts. Nevada recovers from a ransomware attack without paying a dime. A bizarre mathematical error leads to a $128 million exploit in DeFi. The UK commits to blocking number spoofing to curb scams. Meanwhile, Google acquires Wiz to enhance security, as new cookie rules are on the horizon in the EU. The ongoing discussion about AI agents raises concerns about user control over online purchases.