SN 902: A Generic WAF Bypass - Pwn2Own Toronto, URSNIF malware, Vivaldi Mastodon support, Bye Bye SHA-1

• Picture of the Week.


• A malware operation known as URSNIF.


• Pwn2Own Toronto 2022.


• Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.


• Patch Tuesday.


• Another Uber breach?


• Elon Botches 'Bot Blockage.


• Vivaldi integrates Mastodon in its desktop browser.


• 5,200 Dutch government warnings.


• CIB: "Coordinated Inauthentic Behavior"


• GitHub to require 2FA by the end of next year.


• Bye bye SHA-1.


• WordFence's VERY useful looking WordPress add-on vulnerability database.


• Closing The Loop.


• SpinRite.


• A Generic WAF Bypass.

Show Notes https://www.grc.com/sn/SN-902-Notes.pdf …

bypass coordinated inauthentic behavior help & how to iab19 leo laporte malware mastodon patch tuesday microsoft pwn2own security security now steve gibson support technology twit uber breach ursnif ursnif malware vivaldi waf waf bypass wordpress vulnerability database