What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Author: Paul Ducklin
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes.
We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed, at least.)
Latest episode - listen now (or read if you prefer!)
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Don't delay - patch today.
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...