• Exim email server ignored ZDI's responsible disclosure of critical remote code execution flaws for over a year, putting millions of servers at risk.
• Malicious ads are appearing in Bing Chat responses, promoting fake sites distributing malware.
• Windows 11 now natively supports passkeys, though browser support may make this redundant.
• Researchers exploit WiFi beamforming side-channel to potentially reveal keystrokes, but practicality is limited.
• The ECH TLS extension encrypts the ClientHello packet to hide SNI data.
• Exim disclosure timeline and impact on millions of vulnerable servers.
• Bing chat ads mimic search result malvertising risks amplified by chatbot trust.
Show notes: www.grc.com/sn...
Hosts: Steve Gibson and Leo Laporte
Security Now episode 942
More Info: twit.tv/shows/...
Sponsors:
• canary.tools/twit - use code: TWIT
• expressvpn.com/securitynow
• kolide.com/securitynow
Download or subscribe to this show at twit.tv/shows/...
Get episodes ad-free with Club TWiT at twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com/ also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Products we recommend: www.amazon.com...
TWiT may earn commissions on certain products.
Join our TWiT Community on Discourse: www.twit.commu...
Follow us:
twit.tv/
/ twit
/ twitnetwork
/ twit.tv
About us:
TWiT.tv is a technology podcasting network located in the San Francisco Bay Area with the #1 ranked technology podcast This Week in Tech hosted by Leo Laporte. Every week we produce over 30 hours of content on a variety of programs including Tech News Weekly, MacBreak Weekly, This Week in Google, Windows Weekly, Security Now, All About Android, and more.