SN 1076: FAST16.SYS - Unmasking the NSA's Most Diabolical Digital Sabotage
From Security Now (Audio) by TWiT
April 29, 2026 · 2h 35m · Episode 1076
About this episode
The episode reveals the impact of a 21-year-old NSA rootkit on scientific research and discusses various cybersecurity topics.
What if your engineering calculations secretly sabotaged your nation's best efforts? This week, we reveal how a newly uncovered 21-year-old NSA rootkit quietly corrupted scientific research in hostile states and why it changes everything you think you know about cyberwarfare. Bitwarden's CLI hit with a supply-chain attack. Commercial routers in Iran fail shortly before the war. Meta logging all employee activity to train replacement AI. GRC's DNS Benchmark Release 5. Two miscellaneous AI thoughts. A bunch of terrific listener feedback. Unraveling the diabolical history of "fast16.sys" Show Notes - https://www.grc.com/sn/SN-1076-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now . You can submit a question to Security Now at the GRC Feedback Page . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com , also the home of the best disk maintenance and recovery utility ever written Spinrite 6 . Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit…
People in this episode
Hosts: Steve Gibson, Leo Laporte
Topics covered
- cyberwarfare
- NSA rootkit
- scientific research sabotage
- supply-chain attack
- AI
- listener feedback
Keywords
- NSA
- rootkit
- cyberwarfare
- Bitwarden
- Meta
- AI
- listener feedback
- fast16.sys
Sponsors
Club TWiT, doppel.com, threatlocker.com, material.security, cyberhoot.com, guardsquare.com
Mentioned in this episode
Organizations: NSA, Bitwarden, Meta, GRC
More episodes of Security Now (Audio)
- SN 1082: The Malicious Use of AI - Anthropic's Red Team Report · June 10, 2026 · 2h 37m
- SN 1081: AI Captured the Flag - Personal AI: Productivity Superpower or Privacy Threat? · June 3, 2026 · 3h 20m
- SN 1080: Vulnerability Debt Repayment - Will Mythos Change Cybersecurity Forever? · May 27, 2026 · 2h 44m
- SN 1079: Daybreak and Codename MDASH - Microsoft's Edge Password Blunder · May 20, 2026 · 2h 52m
- SN 1078: DigiCert does it right - Hugging Face Under Fire · May 13, 2026 · 2h 41m
- SN 1077: A Browser AI API? - End of Bug Bounties? · May 6, 2026 · 2h 35m
Explore listener stats, chart rankings, contacts and more on the Security Now (Audio) podcast page.