SN 877: The "Hertzbleed" Attack - 3rd Party FIDO2, Log4Shell, '311" Proposal

• Picture of the Week.
• Errata: Firefox's "Total Cookie Protection"
• 3rd Party FIDO2 Authenticators
• Germany's not buying the EU's proposal which subverts encryption
• The Conti Gang have finally pulled the last plug
• Log4J and Log4Shell is alive and well
• The '311' emergency number proposal
• 56 Insecure-By-Design Vulnerabilities
• "Long Story Short"
• Closing The Loop
• The "Hertzbleed" Attack

We invite you to read our show notes at https://www.grc.com/sn/SN-877-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• drata.com/twit
• barracuda.com/securitynow
• Melissa.com/twit