Please login or sign up to post and edit reviews.
Security Now 947: Article 45 - Publication Date |
- Nov 08, 2023
- Episode Duration |
- 02:13:25
- Microsoft announced storing their Azure keys in an HSM after previously losing control of a private signing key
- A quartet of new 0-day vulnerabilities in Exchange Server that Microsoft declined to fix
- Apache ActiveMQ servers under attack exploiting a 0-day, with over half of publicly exposed servers vulnerable
- Update on the Citrix Bleed vulnerability with evidence of hackers gaining access and post-exploitation activity
- CVSS version 4 released with new metrics for better granularity and clarity of vulnerability scores
- Ace Hardware suffered a cyberattack impacting servers and systems
- Google abandons controversial "Web DRM" proposal to let sites restrict browser extensions
- Analysis of "BadCandy" malware infecting vulnerable Cisco routers
- Bitwarden password manager adds support for FIDO2 passkeys in browser extension
- Rescuing a severely degraded SSD and bringing it back to life with SpinRite
- Feedback from listeners on IPv6 adoption, factors for choosing crypto primes, installing Windows 11, and more
- The brewing battle in the EU over proposed eIDAS regulation Article 45 that could ban security checks on root certificates and undermine encrypted web traffic
Show Notes - 947-Notes.pdf">https://www.grc.com/sn/SN-947-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
This episode could use a review!
This episode could use a review! Have anything to say about it? Share your thoughts using the button below.
Submit Review