Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Tue Nov 15 2022 12:23:59

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

***

Log4Shell-like code execution hole in popular Backstage dev tool

Researchers at cloud coding security company Oxeye have written up
a critical bug that they recently discovered in the popular cloud
development toolkit Backstage. Their report includes an explanation
of how the bug works, plus proof-of-concept (PoC) code showing how
to exploit it.

***

"Gucci Master" business email scammer Hushpuppi gets 11 years

Learn how to protect yourself from big-money tricksters like the 
Hushpuppis of the world...

***

Dangerous SIM-swap lockscreen bypass - update Android now!

A bit like leaving the front door keys under the doormat... 

***

Emergency code execution patch from Apple - but not an 0-day

Not a zero-day, but important enough for a quick-fire patch to one 
system library... 

***

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Patches, busts, leaks and why even low-likelihood exploits can be 
high-severity risks - listen now! 

***
--- SBBSecho 3.15-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.