SN 944: Abusing HTTP/2 Rapid Reset - Passkeys, ValiDrive follow-up, 2FA apps, pre-release Spinrite | allinfosecnews.com

Oct. 18, 2023, 2:57 a.m. | TWiT

Security Now (Audio) twit.tv

ValiDrive release follow-up

Passkeys exportability and phishing risk

Passkeys for device verification like SSH keys

Possibility of hobby browsers vs. production browsers

Availability of SpinRite 6.1 pre-release

Filling drives with crypto noise using VeraCrypt

Steve and Leo's favorite OTP apps

Google Docs link rewriting could be to prevent referrer leakage

Abusing HTTP/2 Rapid Reset

Show notes: https://www.grc.com/sn/SN-944-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit …

0-day vulnerability 2fa 2fa apps 2 rapid reset abusing apps availability browsers crypto ddos attacks device device verification docs drives drive wiping fido2 google google docs help & how to http iab19 ios keys leo leo laporte link noise otp passkeys phishing rapid rapid reset release reset risk security security now spinrite spinrite 6.1 ssh ssh keys steve steve gibson technology tracking links twit validrive veracrypt verification web browsers

More from twit.tv / Security Now (Audio)

SN 974: Microsoft's Head in the Clouds - 4-Digit Pins, Long Range Navigation, Microsoft 4 days, 3 hours ago | twit.tv

1password android passkeys can clouds +33

SN 973: Not So Fast - GPS Vulnerabilites, VPN Flaw 1 week, 4 days ago | twit.tv

can cookies fast feedback +28

SN 972: Passkeys: A Shattered Dream? - IoT Default Passwords, Passkeys 2 weeks, 4 days ago | twit.tv

chrome conditions consumer consumer iot +39

SN 971: Chat (out of) Control - Fuxnet, Android Quarantine, Gentoo 3 weeks, 4 days ago | twit.tv

actalis ai amp android +45

SN 970: GhostRace - AT&T Breach Update, Cookie Notices, Router Buttons 1 month ago | twit.tv

amp att breach button +38

SN 969: Minimum Viable Secure Product - Dlink NAS Backdoor, Privnote, Crowdefense 1 month, 1 week ago | twit.tv

android apple backdoor can +37

SN 968: A Cautionary Tale - XZ Outbreak, AT&T Data Breach 1 month, 2 weeks ago | twit.tv

ad blockers advertisers amp att +34

SN 967: GoFetch - Apple vs. DOJ, ".INTERNAL" TLD 1 month, 3 weeks ago | twit.tv

ai apple authentication blocked +43

SN 966: Morris The Second - Voyager 1, The Web Turns 35 1 month, 4 weeks ago | twit.tv

2fa accounts addresses anonymous +41

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France

View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com