SN 965: Passkeys vs. 2FA - Unhelpful CERT, VMware patch, Signal 7.0 Beta
Security Now (Audio)
Leo Laporte
4.6 • 2.1K Ratings
🗓️ 12 March 2024
⏱️ 143 minutes
🧾️ Download transcript
Summary
- VMware needs immediate patching
- Midnight Blizzard still on the offensive
- China is quietly "de-American'ing" their networks
- Signal Version 7.0, now in beta
- Meta, WhatsApp, and Messenger -meets- the EU's DMA
- The Change Healthcare cyberattack
- SpinRite update
- Telegram's end-to-end encryption
- KepassXC now supports passkeys
- Login accelerators
- Sites start rejecting @duck.com emails
- Tool to detect chrome extensions change owners
- Sortest SN title
- Passkeys vs 2FA
Show Notes - https://www.grc.com/sn/SN-965-Notes.pdf
Hosts: Steve Gibson and Mikah Sargent
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hey I'm Mike Sergeant Subbing in for Leo Report coming up on security now. |
| 0:04.4 | First we follow up on what happened with cert. |
| 0:07.7 | Yes, the listener who talked about a huge serious security flaw in the website of a major enterprise has some follow-up on |
| 0:18.7 | speaking to the vulnerability analysis team at cert. Then we talk about what VMware is dealing with, what Microsoft |
| 0:27.0 | is choosing to do when it comes to vulnerability disclosure. here's a hint. |
| 0:33.4 | They're kind of waiting until the end of the week |
| 0:35.2 | to tell people what's going on. |
| 0:37.1 | Plus China Ditching America, at least in terms of its technology, |
| 0:41.7 | and easily my favorite part of the show, Steve Gibson explains |
| 0:45.8 | why Paskeys are quote far more secure than any super strong password plus any second factor. |
| 0:55.0 | All of that coming up on security now. |
| 0:57.0 | Podcasts you love. |
| 1:00.0 | From people you trust. |
| 1:03.0 | This is Twit. |
| 1:05.0 | This is Twit. |
| 1:06.0 | This is Security Now, |
| 1:11.0 | Episode 965 with Steve Gibson and Micah Sergeant, recorded Tuesday, March 12, |
| 1:17.0 | 2024. |
| 1:18.8 | Pasquies versus 2FA. |
| 1:22.2 | This episode of Security Now is brought to you by Vanta, your single platform for continuously |
| 1:27.3 | monitoring your controls, reporting on security posture, and streamlining audit readiness. Managing the requirements for modern security programs is increasingly challenging and time-consuming. |
| 1:38.0 | Enter Vanta. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.