Android to start blocking old and unsafe apps.Microsoft to block Internet sourced Excel add-ins.An example of saying "no" even when it may hurt.Hacked Wormhole funds on the move.Kevin Rose Hacked.Facebook will be moving more users into E2EE.iOS 6.3 and FIDO.Scan thy Citizenry.The Hive ransomware organization takedown.Errata.Closing the Loop.SpinRite.Data Operand Independent Timing. Show Notes: https://www.grc.com/sn/SN-908-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:Melissa.com/twitkolide.com/securitynow

Picture of the Week.PayPal Credential Stuffing.iOS 16.3 : Cloud encryption for all.InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT."Meta" fined for the third time.Bitwarden acquires "Passwordless.dev".Closing the Loop.SpinRite.Credential Reuse. Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:GO.ACILEARNING.COM/TWITexpressvpn.com/securitynowdrata.com/twit

Picture of the WeekAbout Password IterationsEBC or CBNorton Lifelock TroublesChrome Follows Microsoft and FirefoxChromium is Beginning to RustBYOVD and Windows Defender FailuresClosing the Loop (feedback)The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:plextrac.com/twitbitwarden.com/twitbarracuda.com/securitynow

Picture of the Week.LastPass Aftermath.LastPass Vault De-Obfuscator.What more do we know this week regarding LastPass?The most alarming discovery by listeners.Understanding the scale of GPU-enhanced password cracking.On the true strength of passwords.Feedback from listeners regarding LastPass. Show Notes https://www.grc.com/sn/SN-905-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:tanium.com/twitdrata.com/twit

Picture of the Week.SpinRite.Leaving LastPass.Is there reason for concern?Well known password cracker Jeremi Gosney's LastPass rant.Steve shares his plan regarding LastPass.What is Steve's next password manager?What should LastPass users do to protect themselves? Show Notes https://www.grc.com/sn/SN-904-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:fortra.comcanary.tools/twit - use code: TWIT

Anatomy of a Log4j Exploit.Will Russia Disconnect?FCC Says Kaspersky Labs is a National Security Threat.Lenovo UEFI Firmware Troubles.That "Passkeys" Thing.Dis-CONTI-nued: The End of Conti?Steve's Take on the LastPass Breach. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:expressvpn.com/securitynowkolide.com/securitynow

Picture of the Week.A malware operation known as URSNIF.Pwn2Own Toronto 2022.Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.Patch Tuesday.Another Uber breach?Elon Botches 'Bot Blockage.Vivaldi integrates Mastodon in its desktop browser.5,200 Dutch government warnings.CIB: "Coordinated Inauthentic Behavior"GitHub to require 2FA by the end of next year.Bye bye SHA-1.WordFence's VERY useful looking WordPress add-on vulnerability database.Closing The Loop.SpinRite.A Generic WAF Bypass. Show Notes https://www.grc.com/sn/SN-902-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor:plextrac.com/twit

Picture of the Week.Chrome does Passkeys.SYNC.COM suffered its first outage.Medibank reboot.Totally fake cryptocurrency trading platforms.Malware on Telegram.Texas gets in on the TikTok banning.The LastPass class action lawsuit.Rackspace had a big embarrassing problem.Rackspace is now facing at least three class action lawsuits.Another country goes on the offensive.Closing The Loop.SpinRite.Miscellany.Apple Encrypts the Cloud. Show Notes https://www.grc.com/sn/SN-901-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:barracuda.com/securitynowbitwarden.com/twitexpressvpn.com/securitynow

Picture of the Week.Don't mess with Australia.Facebook / Meta fined by Ireland.REvil's full Medibank dump.Is nothing sacred?Mozilla yanks a (no longer) trusted root.Android Platform Certs Escape.South Dakota says: No more Tik-Tok.Albania blames its IT staff.Good news on the memory safe languages front.Black Hat USA 2022.Another Chrome 0-day bites the dust.Anker's Eufy Camera debacle.An amazing-looking WiFi-6 router... $119.Elon really said this.Closing the Loop.SpinRite.LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:itpro.tv/securitynowcanary.tools/twit - use code: TWITplextrac.com/twit

Picture of the Week.iSpoof you no more.Here come the Freebie Bots!Anatomy of the real-time Cryptocurrency heist.Lookin' for something to do?Boa server vulnerability.The dilemma of closed-source Chinese networking products.The Cyber Defense Index.Malicious Docker Hub images.Since we've been tracking 0-days for a while.CISA on Mastodon.Miscellany.Closing The Loop.SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors:kolide.com/securitynowplextrac.com/twitnordlayer.com/twit