Security Now 865: Port Knocking

Picture of the Week. 0-Day Watch. Spring Forward (Java: Spring4Shell) QNAP and the OpenSSL DoS vulnerability. Sophos has a 9.8. CISA orders federal civilian agencies to patch the Sophos vulnerability. Browser-in-the-browser. The supply-chain attacks on NPM have been growing. FinFisher bites the dust. A LAPSUS$ in judgment. Not so Wyze. Closing The Loop. Port Knocking. We invite you to read our show notes at https://www.grc.com/sn/SN-865-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 kolide.com/securitynow