Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Tue Aug 30 2022 17:35:48

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

***

JavaScript bugs aplenty in Node.js ecosystem - found automatically

How to get the better of bugs in all the possible packages in your
supply chain?

***

LastPass source code breach - do we still recommend password managers?

As you no doubt already know, because the story has been all over the 
news and social media recently, the widely-known and widely-used password 
manager LastPass last week reported a security breach. The breach itself 
actually happened two weeks before that, the company said, and involved 
attackers getting into the system where LastPass keeps the source code
of its software.

***

Firefox 104 is out - no critical bugs, but update anyway

Two trust-spoofing bugs were the main culprits this month - but 
neither one was a zero-day.

***

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

Latest episode - listen now! (Or read the transcript if you prefer the
text version.)
	
***

Breaching airgap security: using your phone's compass as a microphone!

One bit per second makes the Voyager probe data rate seem blindingly fast.
But it's enough to break your security assumptions...

***
--- SBBSecho 3.15-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.