Security Now (Audio)

SN 902: A Generic WAF Bypass - Pwn2Own Toronto, URSNIF malware, Vivaldi Mastodon support, Bye Bye SHA-1

12.20.2022 - By TWiTPlay

Download our free app to listen on your phone

Download on the App StoreGet it on Google Play

Picture of the Week.

A malware operation known as URSNIF.

Pwn2Own Toronto 2022.

Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.

Patch Tuesday.

Another Uber breach?

Elon Botches 'Bot Blockage.

Vivaldi integrates Mastodon in its desktop browser.

5,200 Dutch government warnings.

CIB: "Coordinated Inauthentic Behavior"

GitHub to require 2FA by the end of next year.

Bye bye SHA-1.

WordFence's VERY useful looking WordPress add-on vulnerability database.

Closing The Loop.

SpinRite.

A Generic WAF Bypass.

Show Notes https://www.grc.com/sn/SN-902-Notes.pdf

 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsor:

plextrac.com/twit

More episodes from Security Now (Audio)