• SN 1009: Attacking TOTP - Force-Installed Outlook, DJI Firmware Update

  • Jan 22 2025
  • Length: 3 hrs and 7 mins
  • Podcast

SN 1009: Attacking TOTP - Force-Installed Outlook, DJI Firmware Update

Listen for free

View show details

  • Summary

    • What do we learn from January's record breaking 0-day critical Patch Tuesday?
    • Microsoft to "force-install" a new Outlook into all Windows 10 and 11 desktops?
    • GoDaddy required to get much more serious about its hosting security.
    • More age verification enforcement is coming, including globally.
    • What another instance of a widely exposed management interface teaches us.
    • DJI drone's official firmware update lifts geofencing for unrestricted flight.
    • CISA's efforts pay off with MUCH improved critical infrastructure security.
    • Listener feedback about TOTP, HOTP and age-verification.
    • And we take a deep dive into cracking authenticator keys

    Show Notes - https://www.grc.com/sn/SN-1009-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to Security Now at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:

    • vanta.com/SECURITYNOW
    • bitwarden.com/twit
    • threatlocker.com for Security Now
    • veeam.com
    Show more Show less
Show more Show less

What listeners say about SN 1009: Attacking TOTP - Force-Installed Outlook, DJI Firmware Update

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available