New Episode of Security Now: Security Now 1039

In this episode of Security Now, Steve Gibson and Leo Laporte celebrate the 20th anniversary of the show and discuss various topics related to cybersecurity. The episode begins with a discussion on the new features of Chrome, including improvements in privacy and security. They also address the recent data leaks from Allianz Life, which exposed sensitive information, including social security numbers.

Another important topic is the critical vulnerability in Plex Media Server, which has been fixed but requires an immediate update for all users. Steve Gibson explains the importance of keeping software up to date to avoid security vulnerability exploits. They also discuss the implications of AI summaries on online information search and how this affects the economic models of websites.

The conversation then turns to the upcoming changes in messaging in Russia, with Roskomnadzor restricting voice and video calls on WhatsApp and Telegram. Steve Gibson explains the reasons behind this decision and the implications for users in Russia. They also discuss the new lightweight cryptography for IoT devices, developed by NIST, and its importance in securing communications for connected devices.

Another key point is the vulnerability in Scriptcase, a PHP-based web generation tool. Steve Gibson details how this vulnerability allows pre-authenticated remote command execution, which is extremely dangerous. He emphasizes the importance of not exposing vulnerable systems to the internet and maintaining a strict security policy.

Finally, Steve Gibson shares his thoughts on the series "Alien Earth" and his expectations for the upcoming episodes. He discusses the plot elements that interested him and the possible directions the series could take.

For more details, listen to the full episode at https://twit.tv/posts/transcripts/security-now-1039-transcript