SN 945: The Power of Privilege - New cURL vulnerabilities, CVSS 10.0 Cisco Nightmare, So long VBScript!
10/24/23 • 130 min
- How fake drives continue to be sold on Amazon despite negative reviews
- Microsoft is discontinuing support for the VBScript language
- The 30-year old NTLM authentication protocol will eventually be removed from Windows
- Two new vulnerabilities found in cURL
- A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices
- Debate over whether "lib" should rhyme with "vibe" or "air"
- Instructions for accessing the SpinRite 6.1 pre-release version
- Feedback on passkey exportability and server IP address encryption
- A listener asks if ransomware can encrypt already encrypted files
- How Privacy Badger un-rewrites Google's search result links
- The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts
Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- How fake drives continue to be sold on Amazon despite negative reviews
- Microsoft is discontinuing support for the VBScript language
- The 30-year old NTLM authentication protocol will eventually be removed from Windows
- Two new vulnerabilities found in cURL
- A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices
- Debate over whether "lib" should rhyme with "vibe" or "air"
- Instructions for accessing the SpinRite 6.1 pre-release version
- Feedback on passkey exportability and server IP address encryption
- A listener asks if ransomware can encrypt already encrypted files
- How Privacy Badger un-rewrites Google's search result links
- The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts
Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Previous Episode
SN 944: Abusing HTTP/2 Rapid Reset - Passkeys, ValiDrive follow-up, 2FA apps, pre-release Spinrite
- ValiDrive release follow-up
- Passkeys exportability and phishing risk
- Passkeys for device verification like SSH keys
- Possibility of hobby browsers vs. production browsers
- Availability of SpinRite 6.1 pre-release
- Filling drives with crypto noise using VeraCrypt
- Steve and Leo's favorite OTP apps
- Google Docs link rewriting could be to prevent referrer leakage
- Abusing HTTP/2 Rapid Reset
Show notes: https://www.grc.com/sn/SN-944-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Next Episode
SN 946: CitrixBleed - iMessage Contact Key Verification, HackerOne bug bounty news, CISA's Logging Made Easy
- What caused last week's connection interruption? Router was rebooting intermittently, but why?
- David Redekop of AdamNetworks explained their enterprise network security solution aims to only allow known safe connections, blocking everything else.
- iMessage gets Contact Key Verification to confirm new devices added to an account belong to the contact.
- Public Interest Research Group asks Microsoft to extend Windows 10 support beyond 2025.
- HackerOne breach bounties surpass $300M total payout.
- CISA releases free Logging Made Easy toolkit to enhance Windows logging capabilities.
- SpinRite 6.1 pre-release 2 published, likely final pre-release with some testing remaining before full launch.
- Moving the Internet fully to IPv6 likely won't happen until IPv4 addresses are fully consumed.
- Open source projects struggle with costly code signing certificates.
- Deep dive into CitrixBleed vulnerability allowing authentication bypass.
Show Notes - https://www.grc.com/sn/SN-946-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/security-now-audio-297831/sn-945-the-power-of-privilege-new-curl-vulnerabilities-cvss-100-cisco-39748781"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to sn 945: the power of privilege - new curl vulnerabilities, cvss 10.0 cisco nightmare, so long vbscript! on goodpods" style="width: 225px" /> </a>
Copy