SN 865: Port Knocking - Wyze Gets Spanked, FinFisher Bites the Dust, Spring4Shell, LAPSUS$ Update - a podcast by TWiT

• Picture of the Week.


• 0-Day Watch.


• Spring Forward (Java: Spring4Shell)


• QNAP and the OpenSSL DoS vulnerability.


• Sophos has a 9.8.


• CISA orders federal civilian agencies to patch the Sophos vulnerability.


• Browser-in-the-browser.


• The supply-chain attacks on NPM have been growing.


• FinFisher bites the dust.


• A LAPSUS$ in judgment.


• Not so Wyze.


• Closing The Loop.


• Port Knocking.

We invite you to read our show notes at https://www.grc.com/sn/SN-865-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• bitwarden.com/twit


• itpro.tv/securitynow promo code SN30


• kolide.com/securitynow

Further episodes of Security Now (Audio)

Further podcasts by TWiT

Website of TWiT