• DragonBlood: the first effective attack on the new WPA3 protocol
• Malicious use of the URL tracking "ping" attribute
• The WinRAR Nightmare
• More 3rd-party A/V troubles with Microsoft
• What good did April's patch Tuesday accomplish?
• Adobe 's big patch Tuesday
• Google considering automatically blocking "high risk" downloads
• Russia's Roskomnadzor finally lowers the boom on Facebook
• The incredible Taj Mahal APT framework

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Wasabi.com offer code SecurityNow
• go.itpro.tv/securitynow promo code SN30
• WordPress.com/securitynow

This Week's Stories

• Yet another capitulation in the (virtually lost) battle against tracking our behavior on the Internet with URL "ping" tracking.
• UK government's plan to legislate, police and enforce online social media content
• Microsoft's Chromium-based Edge browser's security
• Improvements to Windows 10's update management
• News from the "spoofing biometrics" department
• The worrisome state of Android mobile financial apps
• NSA's GHIDRA software reverse engineering tool suite
• Perhaps the dumbest thing Facebook has done yet (and by policy, not by mistake)
• An important change in Win10 1809 external storage caching policy

Hosts: Jason Howell and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• expressvpn.com/securitynow
• Atlassian.com/IT
• ZipRecruiter.com/securitynow

• Android Security, 10 Years Later
• WinRAR, a 20+ Year Old Tool With 500M Users, Acknowledged Vulnerability
• Russian GPS Hacking and What It Means For Us
• Android's April Fools Day Patches
• Tesla Autopilot Spoofing
• The ASUS "ShadowHammer" Attack
• Windows 10 (last) October 2018 Update
• A VMware Update

We invite you to read our show notes at https://www.grc.com/sn/SN-708-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• LastPass.com/twit
• securitynow.cachefly.com
• FreshBooks.com/securitynow

Results of the much anticipated Mid-March Vancouver Pwn2Own competition

• The return of "Clippy", Microsoft's much-loathed dancing paperclip
• Operation "ShadowHammer" which reports say compromised ASUS (... but did it?)
• The ransomware attack on Norsk Hydro aluminum
• The surprise renaming of Windows Defender
• A severe bug revealed in the most popular PDF generating PHP library
• An early look at Microsoft's forthcoming Chromium-based web browser
• Hope for preventing caller ID spoofing
• A needed update for users of PuTTY
• Mozilla's decision to conditionally rely upon Windows' root store
• Microsoft to offer virtual Windows 7 and 10 desktops through Azure
• Details of the Windows 7 End of Life warning dialogue

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Atlassian.com/IT
• thehelm.com/SECURITYNOW
• expressvpn.com/securitynow

• Last week's Patch Tuesday March Madness
• Win7 SHA256 Windows Update... Update
• Many attacks leveraging the recently discovered WinRAR vulnerability
• What happens when Apple, Google, and GoDaddy all drop a bit?
• A big recent jump in Mirai Botnet Capability
• Compromised Counter-Strike gaming servers
• Privacy enhancements coming in Android Q
• A pair of very odd web browser extensions for Chrome and Firefox from Microsoft
• A VERY exciting and encouraging project to create an entirely open eVoting system

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• ZipRecruiter.com/securitynow
• Sophos.com
• canary.tools/twit - use code: TWIT

• 0-day exploit bidding war
• NSA releases Ghidra v9
• Firefox adds Tor privacy
• A pair of nasty 0-days
• A worrisome breach at Citrix
• The risk of claiming to be an unhackable aftermarket car alarm
• A new and interesting "Windows developers chatting with users" idea at Microsoft
• A semi-solution to Windows updates crashing systems
• Detailed news of the Marriott/Starwood breach, a bit of miscellany from
• SPOILER: Another new and different consequence of speculation on Intel machines.

We invite you to read our show notes at https://www.grc.com/sn/SN-705-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• FreshBooks.com/securitynow
• Atlassian.com/IT
• go.itpro.tv/securitynow promo code SN30

• The increasing feasibility of making a sustainable career out of hunting for software bugs
• A newly available improvement in Spectre mitigation performance and who can try it now
• Adobe's ColdFusion emergency and patch,
• More problems with A/V and self-signed certs
• A Docker vulnerability being exploited in the wild
• The end of Coinhive
• A new major Wireshark release
• A nifty web browser website screenshot hack
• Continuing troubles with the over-privileged Thunderbolt interface
• Bot-based credential stuffing attacks

We invite you to read our show notes at https://www.grc.com/sn/SN-704-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• securitynow.cachefly.com
• ZipRecruiter.com/securitynow
• LastPass.com/twit

• A number of ongoing out-in-the-wild attacks
• Another early-warned Drupal vulnerability
• A 19-year old flaw in an obscure decompress for the "ACE" archive format
• Microsoft reveals an abuse of HTTP/2 protocol which is DoSing its IIS servers.
• Mozilla faces a dilemma about a wanna-be Certificate Authority and they also send a worried letter to Australia.
• Microsoft's Edge browser is revealed to be secretly whitelisting 58 web domains which are allowed to bypass its "Click-To-Run" permission for Flash.
• ICANN renews its plea for the Internet to adopt DNSSEC.
• NVIDIA releases a handful of critical driver updates for Windows.
• Apple increases the intelligence of it's Intelligent Tracking Prevention.

We invite you to read our show notes at https://www.grc.com/sn/SN-703-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• thehelm.com/SECURITYNOW
• expressvpn.com/securitynow
• Atlassian.com/IT

• Last week's doozy of a patch Tuesday for both Microsoft and Adobe
• An interesting twist coming to Windows 7 and Server 2008 security updates
• Eight mining apps pulled from the Windows Store
• Another positive security initiative from Google
• Electric scooters being hacked
• Chipping away at Tor's privacy guarantees
• A year and a half after Equifax, and where's the data?
• The beginnings of GDPR-like legislation for US
• An extremely concerning new and emerging threat for the Internet

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• WordPress.com/securitynow
• canary.tools/twit - use code: TWIT
• Wasabi.com offer code SecurityNow

• Apple's most recent v12.1.4 iOS update and the two 0-day vulnerabilities it closed
• Worrisome new Android image-display vulnerability
• An interesting "reverse RDP" attack
• The new LibreOffice & OpenOffice vulnerability
• Microsoft's research into the primary source of software vulnerabilities
• MaryJo gets an early peek at enterprise pricing for extending Windows 7 support
• China and Russia continue their work to take control of their countries' Internet
• Firefox's resumption of its A/V warning in release 65.
• How Google does the Cha-Cha with their new "Adiantum" ultra-high-performance cryptographic cipher.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Atlassian.com/IT
• go.itpro.tv/securitynow promo code SN30
• Sophos.com