SN 863: Use After Free - OpenSSL Bug, Cybercrime Reporting Law, Node.js Supply Chain Compromise - a podcast by TWiT

• Picture of the Week.


• Report Cybercrime: It's the Law.


• A software supply chain compromise.


• Browser in the Browser.


• TrickBot, MicroTik & Microsoft.


• The Infinite Loop OpenSSL Bug.


• CISA Alert AA22-074A.


• The Windows Local Privilege Escalation that Microsoft seems unable to fix.


• Use After Free.

We invite you to read our show notes at https://www.grc.com/sn/SN-863-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• barracuda.com/securitynow


• Melissa.com/twit


• plextrac.com/twit

Further episodes of Security Now (Audio)

Further podcasts by TWiT

Website of TWiT