SN 902: A Generic WAF Bypass - Pwn2Own Toronto, URSNIF malware, Vivaldi Mastodon support, Bye Bye SHA-1

Picture of the Week. A malware operation known as URSNIF. Pwn2Own Toronto 2022. Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities. Patch Tuesday. Another Uber breach? Elon Botches 'Bot Blockage. Vivaldi integrates Mastodon in its desktop browser. 5,200 Dutch government warnings. CIB: "Coordinated Inauthentic Behavior" GitHub to require 2FA by the end of next year. Bye bye SHA-1. WordFence's VERY useful looking WordPress add-on vulnerability database. Closing The Loop. SpinRite. A Generic WAF Bypass. Show Notes https://www.grc.com/sn/SN-902-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: plextrac.com/twit

Om Podcasten

Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.