LastMess - Online Safety Bill, Microsoft Outlook breach details, auto brand data privacy
UK government appears to back down on demands to break encryption in Online Safety Bill
Microsoft reveals how China-based hackers acquired secret key used to breach Outlook accounts
Multiple flaws allowed key to improperly leave highly secure environment
Mozilla research finds all major auto brands fail on privacy protection
Evidence suggests LastPass encrypted vault data is being decrypted
Researchers tie $35M in crypto thefts to compromised LastPass accounts
Brute force feasible on old low iteration count passwords
Show Notes - https://www.grc.com/sn/SN-939-Notes.pdf
Hosts: Steve Gibson and Jason Howell
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
How masked domain owners can be unmasked through ICANN's new Registration Data Request Service (RDRS)
WhatsApp's addition of Secret Code for extra privacy protection in Chat Lock
Iranian hackers exploited default passwords in programmable logic controllers at US water facilities
Adobe Flash Player Updater is (still) desperately trying to update
Veracrypt password security
Firefox moves to 120 with a bunch of very nice new features
Do-Not-Track is back on track
"ownCloud" -or- "PwnCloud" ?
CrushFTP Critical Vulnerability
Bypassing fingerprint authentication...