Security Leftovers
-
KeePass Update Patches Vulnerability Exposing Master Password
KeePass 2.54 patches a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump.
-
Announcing Istio 1.17.3
This release contains bug fixes to improve robustness. This release note describes what is different between Istio 1.17.2 and Istio 1.17.3.
-
Service Rents Email Addresses for Account Signups
One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.
-
Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges [Ed: Microsoft Windows TCO]
Verizon’s 16th annual Data Breach Investigations Report (DBIR) provides data on ransomware costs, the frequency of human error in breaches, and BEC trends.
-
Google Patches Third Chrome Zero-Day of 2023
Google has released a Chrome 114 security update that patches CVE-2023-3079, the third zero-day vulnerability patched in the browser in 2023.
-
Several Major Organizations Confirm Being Impacted by MOVEit Attack
Major companies have confirmed being impacted by the recent MOVEit zero-day attack, including BBC, British Airways and Zellis.