SN 704: Careers in Bug Hunting

Security Now (Video HI) show

Summary: <ul> <li>The increasing feasibility of making a sustainable career out of hunting for software bugs</li> <li>A newly available improvement in Spectre mitigation performance and who can try it now</li> <li>Adobe's ColdFusion emergency and patch,</li> <li>More problems with A/V and self-signed certs</li> <li>A Docker vulnerability being exploited in the wild</li> <li>The end of Coinhive</li> <li>A new major Wireshark release</li> <li>A nifty web browser website screenshot hack</li> <li>Continuing troubles with the over-privileged Thunderbolt interface</li> <li>Bot-based credential stuffing attacks</li> </ul><p>We invite you to read our show notes at <a href=""></a></p> <p><strong>Hosts:</strong> <a href="">Steve Gibson</a> and <a href="">Leo Laporte</a></p> <p>Download or subscribe to this show at <a href=""></a>.</p> <p>You can submit a question to Security Now! at the <a href="" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="" target="_blank"></a>, also the home of the best disk maintenance and recovery utility ever written <a href="" target="_blank">Spinrite 6</a>.</p> <p><strong>Sponsors:</strong></p><ul> <li><a href=""></a></li> <li><a href=""></a></li> <li><a href=""></a></li> </ul>