SN 887: Embedded AWS Credentials - TikTok leak, urgent Chrome patch, PyPI warning, Quantum Hype Bubble

Security Now (Audio)

English - September 07, 2022 02:50 - 2 hours - 55.8 MB - ★★★★★ - 1.5K ratings
Tech News News Technology twit technology steve gibson leo laporte security spyware malware hacking cyber crime encryption Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: SN 886: Wacky Data Exfiltration - LastPass breach, FTC Kochava lawsuit, Hikvision IoT mess

Next Episode: SN 888: The EvilProxy Service - MooBot, Crypto Heist, Cyberwarfare, QNAP, The Silver Ships

Picture of the Week.
Google's (newest) Open Source Software Vulnerability Rewards Program.
Did TikTok leak 2.05 BILLION User Records?
An urgent Chrome update patches new 0-day flaw.
Permission-less Browser Clipboard Write.
Nearly 1/3 of the packages in PyPI trigger an automatic code execution upon download.
A Quantum Hype Bubble?
All of the BlackHat 2022 Presentation Slides PDFs.
Csurf NPM library mistake.
SpinRite.
Closing The Loop.
Sci-Fi Discovery: "The Silver Ships"
Embedding AWS Credentials.

We invite you to read our show notes at https://www.grc.com/sn/SN-887-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

itpro.tv/securitynow promo code SN30
kolide.com/securitynow