SN 1049: DNS Cache Poisoning Returns - Ransomware Payments Plummet
Security Now (Audio)
Leo Laporte
4.6 • 2.1K Ratings
🗓️ 28 October 2025
⏱️ 176 minutes
🧾️ Download transcript
Summary
Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time.
- The unsuspected sucking power of a Linux-based robot vacuum.
- Russia to follow China's vulnerability reporting laws.
- A pair of Scattered Spider UK teen hackers arrested.
- Facebook,Instagram and TikTok violating the EU's DSA.
- Microsoft Teams bringing user WiFi tracking bypolicy.
- You backed up. That's great. Did you test that backup?
- Coveware reports all-time lowransomware payment rate.
- Ransomware negotiator reports how the bad guys get in.
- Lots of listener thoughts and feedback about NIST passwords.
- And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers.
Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's time for security now. Steve Gibson is here. He's got the story of an Android robot vacuum that doesn't suck. |
| 0:07.8 | Well, maybe it does, actually. We're going to talk about the arrest of two UK hackers. |
| 0:14.6 | Steve's maybe a little bit sympathetic to their plight. We'll talk about how ransomware gets in. |
| 0:20.7 | And then the sad return of a bug in DNS that was |
| 0:24.4 | fixed in 2008. That and a whole lot more coming up next on security now. |
| 0:32.7 | Podcasts you love from people you trust. |
| 0:36.9 | This is Twitter. you love from people you trust this is twit this is security now is steve gipson episode |
| 0:45.2 | one thousand forty nine recorded tuesday october 28th 2025 dns cash poisoning returns it's time for security. I know you wait all week for this. I do too. |
| 0:59.3 | Every Tuesday, Steve Gibson joins us to talk about the latest in security, privacy, technology in general. Hello, Mr. G. |
| 1:07.3 | Yo, Leo. How are you to be with you? |
| 1:11.2 | Great. |
| 1:20.7 | Believe it or not, one of our old friends is back this week, DNS cash poisoning. |
| 1:23.0 | I thought we'd handled that. |
| 1:28.5 | We thought, well, how long ago was 2008? 17 years? |
| 1:31.3 | You think that 17 years we could have gotten it right. |
| 1:32.4 | New. |
| 1:36.0 | So that's our title for today. |
| 1:47.6 | DNS cash poisoning returns for this 28th of October, pre-Hallowing, pre-Hallowing,, doing whatever it's going to do on Sunday episode, 10049. I was glad to hear before that you were as confused as I am about |
| 1:57.1 | what happened. When you fall back, does that mean that it's earlier or later and |
| 2:02.7 | what happens every every six months i have to do this math in my head i think because we move |
| 2:08.3 | but utc doesn't i think we i don't we're now minus eight is what i think i do like the spring |
| 2:15.4 | when we spring forward because that makes it easier to set your |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.