all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SN 944: Abusing HTTP/2 Rapid Reset - Passkeys, ValiDrive follow-up, 2FA apps, pre-release Spinrite

Add to bookmarks
Oct. 18, 2023, 2:57 a.m. | TWiT

Security Now (Audio) twit.tv


  • ValiDrive release follow-up

  • Passkeys exportability and phishing risk

  • Passkeys for device verification like SSH keys

  • Possibility of hobby browsers vs. production browsers

  • Availability of SpinRite 6.1 pre-release

  • Filling drives with crypto noise using VeraCrypt

  • Steve and Leo's favorite OTP apps

  • Google Docs link rewriting could be to prevent referrer leakage

  • Abusing HTTP/2 Rapid Reset

Show notes: https://www.grc.com/sn/SN-944-Notes.pdf


Hosts: Steve Gibson and Leo Laporte


Download or subscribe to this show at https://twit.tv/shows/security-now.


Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit …

0-day vulnerability 2fa 2fa apps 2 rapid reset abusing apps availability browsers crypto ddos attacks device device verification docs drives drive wiping fido2 google google docs help & how to http iab19 ios keys leo leo laporte link noise otp passkeys phishing rapid rapid reset release reset risk security security now spinrite spinrite 6.1 ssh ssh keys steve steve gibson technology tracking links twit validrive veracrypt verification web browsers

Visit resource

More from twit.tv / Security Now (Audio)

SN 971: Chat (out of) Control - Fuxnet, Android Quarantine, Gentoo 3 days, 12 hours ago | twit.tv
actalis ai amp android +45
SN 970: GhostRace - AT&T Breach Update, Cookie Notices, Router Buttons 1 week, 3 days ago | twit.tv
amp att breach button +38
SN 969: Minimum Viable Secure Product - Dlink NAS Backdoor, Privnote, Crowdefense 2 weeks, 3 days ago | twit.tv
android apple backdoor can +37
SN 968: A Cautionary Tale - XZ Outbreak, AT&T Data Breach 3 weeks, 3 days ago | twit.tv
ad blockers advertisers amp att +34
SN 967: GoFetch - Apple vs. DOJ, ".INTERNAL" TLD 1 month ago | twit.tv
ai apple authentication blocked +43
SN 966: Morris The Second - Voyager 1, The Web Turns 35 1 month, 1 week ago | twit.tv
2fa accounts addresses anonymous +41
SN 966: Morris The Second - Voyager 1, The Web Turns 35 1 month, 1 week ago | twit.tv
2fa accounts addresses anonymous +41
SN 966: Morris The Second - Voyager 1, The Web Turns 35 1 month, 1 week ago | twit.tv
2fa accounts addresses anonymous +41
SN 965: Passkeys vs. 2FA - Unhelpful CERT, VMware patch, Signal 7.0 Beta 1 month, 2 weeks ago | twit.tv
2fa accelerators american beta +45

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs