Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Tue Nov 01 2022 13:09:19

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

***

OpenSSL patches are out - CRITICAL bug downgraded to HIGH, but patch
anyway!

That bated-breath OpenSSL update is out! It's no longer rated CRITICAL,
but we advise you to patch ASAP anyway. Here's why...

***
	
SHA-3 code execution bug patched in PHP - check your version!

As everyone waits for news of a bug in OpenSSL, here's a reminder that
other cryptographic code in your life may also need patching!

***
	
Psychotherapy extortion suspect: arrest warrant issued

Wanted! Not only the extortionist who abused the data, but also the CEO 
who let it happen.

***
	
Chrome issues urgent zero-day fix - update now!

We've said it before/And we'll say it again/It's not *if* you should 
patch/It's a matter of *when*. (Hint: now!)

***

Updates to Apple's zero-day update story - iPhone and iPad users
read this!

Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day
for iOS 15...

***
	
S3 Ep106: Facial recognition without consent - should it be banned?

Latest episode - listen (or read) now. Teachable moments for X-Ops 
professionals!

***
--- SBBSecho 3.15-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.