Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Wed Aug 31 2022 13:50:08

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

***
	
Chrome patches 24 security holes, enables "Sanitizer" safety system

24 existing bugs fixed. And, we hope, numerous potential future bugs 
prevented.

***

JavaScript bugs aplenty in Node.js ecosystem - found automatically

How to get the better of bugs in all the possible packages in your
supply chain?

***

LastPass source code breach - do we still recommend password managers?

As you no doubt already know, because the story has been all over the 
news and social media recently, the widely-known and widely-used password 
manager LastPass last week reported a security breach. The breach itself 
actually happened two weeks before that, the company said, and involved 
attackers getting into the system where LastPass keeps the source code
of its software.

***

Firefox 104 is out - no critical bugs, but update anyway

Two trust-spoofing bugs were the main culprits this month - but 
neither one was a zero-day.

***

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

Latest episode - listen now! (Or read the transcript if you prefer the
text version.)
	
***
--- SBBSecho 3.15-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.