Security Now with Steve Gibson and Leo Laporte

Jan 21st 2025

Security Now 1009

Attacking TOTP

Hosted by Steve Gibson, Leo Laporte

Force-Installed Outlook, DJI Firmware Update

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Subscribe on Apple Podcasts
Subscribe on Pocket Casts
Subscribe on Club TWiT
Subscribe on RSS
Subscribe on YouTube
Category: Help & How To
  • What do we learn from January's record breaking 0-day critical Patch Tuesday?
  • Microsoft to "force-install" a new Outlook into all Windows 10 and 11 desktops?
  • GoDaddy required to get much more serious about its hosting security.
  • More age verification enforcement is coming, including globally.
  • What another instance of a widely exposed management interface teaches us.
  • DJI drone's official firmware update lifts geofencing for unrestricted flight.
  • CISA's efforts pay off with MUCH improved critical infrastructure security.
  • Listener feedback about TOTP, HOTP and age-verification.
  • And we take a deep dive into cracking authenticator keys

Show Notes - https://www.grc.com/sn/SN-1009-Notes.pdf

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors

Join Club TWiT and get episodes ad-free plus other exclusive membership benefits.

You can submit a question to Security Now at the GRC Feedback Page.