SN 1009: Attacking TOTP - Force-Installed Outlook, DJI Firmware Update j3a4j

What do we learn from January's record breaking 0-day critical Patch Tuesday? Microsoft to...

What do we learn from January's record breaking 0-day critical Patch Tuesday?
Microsoft to "force-install" a new Outlook into all Windows 10 and 11 desktops?
GoDaddy required to get much more serious about its hosting security.
More age verification enforcement is coming, including globally.
What another instance of a widely exposed management interface teaches us.
DJI drone's official firmware update lifts geofencing for unrestricted flight.
CISA's efforts pay off with MUCH improved critical infrastructure security.
Listener about TOTP, HOTP and age-verification.
And we take a deep dive into cracking authenticator keys
Show Notes - https://www.grc.com/sn/SN-1009-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
or subscribe to Security Now at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors: vanta.com/SECURITYNOW
bitwarden.com/twit
threatlocker.com for Security Now
veeam.com

SN 1010: DNS over TLS - Record DDoS, Hackers Get Hacked 4 meses 02:40:40 SN 1011: Jailbreaking AI - Deepseek, "ROUTERS" Act, Zyxel Vulnerability 4 meses 03:01:18 SN 1012: Hiding School Cyberattacks - SparkCat, Decrypting ADP, AI Fuzzing 4 meses 02:41:26 SN 1013: Chrome Web Store is a mess - Apple Encryption in the UK, Texas Vs. DeepSeek 3 meses 02:31:28 SN 1014: FREEDOM istration - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist 3 meses 02:40:38 Ver más en APP Comentarios del episodio 561m1c