Article 45 - Citrix Bleed update, Ace Hardware cyberattack, Bitwarden get Passkeys
Vložit
- čas přidán 6. 11. 2023
- • Microsoft announced storing their Azure keys in an HSM after previously losing control of a private signing key
• A quartet of new 0-day vulnerabilities in Exchange Server that Microsoft declined to fix
• Apache ActiveMQ servers under attack exploiting a 0-day, with over half of publicly exposed servers vulnerable
• Update on the Citrix Bleed vulnerability with evidence of hackers gaining access and post-exploitation activity
• CVSS version 4 released with new metrics for better granularity and clarity of vulnerability scores
• Ace Hardware suffered a cyberattack impacting servers and systems
• Google abandons controversial "Web DRM" proposal to let sites restrict browser extensions
• Analysis of "BadCandy" malware infecting vulnerable Cisco routers
• Bitwarden password manager adds support for FIDO2 passkeys in browser extension
• Rescuing a severely degraded SSD and bringing it back to life with SpinRite
• Feedback from listeners on IPv6 adoption, factors for choosing crypto primes, installing Windows 11, and more
• The brewing battle in the EU over proposed eIDAS regulation Article 45 that could ban security checks on root certificates and undermine encrypted web traffic
Show Notes - www.grc.com/sn...
Hosts: Steve Gibson and Leo Laporte
Security Now episode 947
More Info: twit.tv/shows/...
Sponsors:
• lookout.com
• canary.tools/twit - use code: TWIT
• Melissa.com/twit
Download or subscribe to this show at twit.tv/shows/...
Get episodes ad-free with Club TWiT at twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com/ also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Products we recommend: www.amazon.com...
TWiT may earn commissions on certain products.
Follow us:
twit.tv/
/ twit
/ twitnetwork
/ twit.tv
About us:
TWiT.tv is a technology podcasting network located in the San Francisco Bay Area with the #1 ranked technology podcast This Week in Tech hosted by Leo Laporte. Every week we produce dozens of hours of content on a variety of programs including Tech News Weekly, MacBreak Weekly, This Week in Google, Windows Weekly, Security Now, and more.
