Summary: <p>This week we will examine two incredibly clever, new (and bad) attacks named eFail and Throwhammer. But first we catchup on the rest of the past week's security and privacy news, including the evolution of UPnProxy, a worrisome flaw discovered in a very popular web development platform, the 1st anniversary of EternalBlue, the exploitation of those GPON routers, this week's disgusting security head shaker, a summary of the RSA conference's security practices survey, the appearance of persistent IoT malware, a significant misconception about hard drive failure, an interesting bit of listener feedback... then a look at two VERY clever new attacks.</p> <p>We invite you to read the<a href="https://www.grc.com/sn/SN-663-Notes.pdf" target="_blank"> show notes!</a></p> <p><strong>Hosts:</strong> <a href="https://twit.tv/people/steve-gibson">Steve Gibson</a> and <a href="https://twit.tv/people/leo-laporte">Leo Laporte</a></p> <p>Download or subscribe to this show at <a href="https://twit.tv/shows/security-now">https://twit.tv/shows/security-now</a>.</p> <p>You can submit a question to Security Now! at the <a href="https://www.grc.com/feedback.htm" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="https://www.grc.com/securitynow.htm" target="_blank">grc.com</a>, also the home of the best disk maintenance and recovery utility ever written <a href="https://www.grc.com/sr/spinrite.htm" target="_blank">Spinrite 6</a>.</p> <p>Bandwidth for Security Now is provided by <a href="https://www.cachefly.com/" target="_blank">CacheFly</a>.</p> <p><strong>Sponsors:</strong></p><ul> <li><a href="http://ITPro.TV/securitynow">ITPro.TV/securitynow - use code: SN30</a></li> <li><a href="http://ZipRecruiter.com/securitynow">ZipRecruiter.com/securitynow</a></li> </ul>
