SN 877: The "Hertzbleed" Attack - 3rd Party FIDO2, Log4Shell, '311" Proposal

Security Now (Video)

English - June 28, 2022 21:57 - 2 hours - 1.93 GB Video - ★★★★★ - 82 ratings
Tech News News Technology twit technology steve gibson leo laporte security spyware malware hacking cyber crime encryption Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: SN 876: Microsoft's Patchy Patches - 3rd Party Authenticators, MS-DFSNM, Safari Regression, Firefox Cookies

Next Episode: SN 878: The ZuoRAT - 0-Day Chrome, Firefox v102, HackerOne

Picture of the Week.
Errata: Firefox's "Total Cookie Protection"
3rd Party FIDO2 Authenticators
Germany's not buying the EU's proposal which subverts encryption
The Conti Gang have finally pulled the last plug
Log4J and Log4Shell is alive and well
The '311' emergency number proposal
56 Insecure-By-Design Vulnerabilities
"Long Story Short"
Closing The Loop
The "Hertzbleed" Attack

We invite you to read our show notes at https://www.grc.com/sn/SN-877-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

drata.com/twit
barracuda.com/securitynow
Melissa.com/twit