SN 1009: Attacking TOTP - Force-Installed Outlook, DJI Firmware Update
Update: 2025-01-22
Description
- What do we learn from January's record breaking 0-day critical Patch Tuesday?
- Microsoft to "force-install" a new Outlook into all Windows 10 and 11 desktops?
- GoDaddy required to get much more serious about its hosting security.
- More age verification enforcement is coming, including globally.
- What another instance of a widely exposed management interface teaches us.
- DJI drone's official firmware update lifts geofencing for unrestricted flight.
- CISA's efforts pay off with MUCH improved critical infrastructure security.
- Listener feedback about TOTP, HOTP and age-verification.
- And we take a deep dive into cracking authenticator keys
Show Notes - https://www.grc.com/sn/SN-1009-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Comments
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
