This month’s ‘Ouch!’ newsletter from SANS covers password managers. A password manager is a small program that stores all of your passwords, in an encrypted form. When you forget a password, you only need to remember the password manager’s password to access your collection.
I’ve been using the freeware Password Corral for years and recommend it.
On October 3, 2013, Adobe announced that their network and some of their servers had been breached. Their investigation continues, and the full scope and impact of the breach has yet to be determined.
However, we do know the following:
The intruders obtained Adobe customer data, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. According to Adobe, “At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.” Adobe reset the passwords for all affected user accounts, and has been sending out alerts to those users. If you have never purchased software from Adobe directly, you should be safe. If you receive an alert from Adobe, follow their instructions to change your password.
The intruders also obtained source code for at least one product: Acrobat/Reader. Reader is already a popular target for malware perpetrators, and having access to the source code can only make things easier for them. Stay tuned for a fresh new crop of Reader security issues.
Patches from Microsoft and Adobe were announced today, along with a new version of Flash.
Eight bulletins from Microsoft fix security vulnerabilities in Windows, Internet Explorer, .NET, Office, Windows Server and Silverlight.
The Microsoft Security Research Center as usual provides a more friendly overview of this month’s patches, while the SANS Internet Storm Center provides a wealth of technical details.
Development continues on the new Webkit-based version of the Opera web browser. Version 17 was announced today. This version adds pinned tabs, startup options and custom search engine support.
Purists can still download the classic version 12.x Opera. It remains to be seen how many of the features lost in the transition from the Presto-based browser will be added to the Webkit-based browser. So far there’s plenty missing, including bookmarks, the sidebar and proper tab control.
Next Tuesday, October 8, will see patches from Microsoft (for Internet Explorer, Windows, .NET, Office and Silverlight) and Adobe (for Reader/Acrobat).
Google announced Chrome 30.0.1599.66 on Tuesday. This version fixes a whopping 50 security vulnerabilities, many of which were reported via Google’s Vulnerability Rewards Program. The new version also includes many performance and stability improvements.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.