It’s been a bad few months for password managers — albeit mostly just for LastPass. But after the revelations that LastPass had suffered a major breach, attention is now turning to open-source manager KeePass.
Related The vulnerability, logged as CVE-2023-24055, is available to anyone with write access to a user’s system. Once that’s been obtained, a threat actor can add commands to KeePass’s XML configuration file that automatically export the app’s database — including all usernames and passwords — into an unencrypted plaintext file.
In other words, once someone has access to your device, this kind of XML exploit is unnecessary. Attackers could install a keylogger to get the master password, for instance. The line of reasoning is that worrying about this kind of attack is like shutting the door after the horse has bolted. If an attacker has access to your computer, fixing the XML exploit won’t help.
You’ll also need to make sure regular users do not have write access to any important files or folders contained within the KeePass directory, and that both the KeePass .exe file and the enforced configuration file are in the same folder.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:
Entertainment Entertainment Latest News, Entertainment Entertainment Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
How I built a couch gaming PC that puts the PS5 to shame | Digital TrendsYou haven't been able to beat the PS5 with a custom PC for a couple of years, but now is the time for PCs to make a comeback. Here's the build you need. I like how the build went over budget, didn't include OS cost, used a slower ssd, used the more expensive PS5 that includes the drive when the build didn't have one and most of all, the excuses. Try again in a few more years. I’m like cool. This looks interesting. Proceeds to build something completely different. WTH?! Nice try but I seem to forget some people play on multiple platforms and know their PC parts quite well...this is subpar to the PS5 in many ways. You seem to forget the PS5 is assembled in bulk and that puts prices at a point that a PC can't match in the same bracket.
Source: DigitalTrends - 🏆 95. / 65 Read more »
The best smart notebooks in 2023: 8 picks you need to check out | Digital TrendsPart digital and part analog, smart notebooks save your writing and doodlings to the cloud. Here are a few of the best available now.
Source: DigitalTrends - 🏆 95. / 65 Read more »
Two spacecraft worked together to learn about Venus | Digital TrendsA pair of spacecraft happened to be passing by Venus on their way somewhere else, but they managed to grab some bonus data about the planet.
Source: DigitalTrends - 🏆 95. / 65 Read more »
Scientists discover monster 17-pound meteorite in Antarctica | Digital TrendsA team of researchers working in Antarctica have discovered a massive meteorite, weighing in at a hefty 17 pounds. Its the goddamn Thing, don't open it. This won’t end well…
Source: DigitalTrends - 🏆 95. / 65 Read more »
Stars sparkle in Orion Nebula in gorgeous Hubble image | Digital TrendsHubble has captured a scene from the Orion Nebula, located 1,450 light-years away and famous as a stellar nursery where large numbers of new stars are born.
Source: DigitalTrends - 🏆 95. / 65 Read more »
How to watch this week's spacewalk from the ISS | Digital TrendsThis Thursday, February 2, two astronauts will be performing a spacewalk from the International Space Station (ISS). Here's howtowatch.
Source: DigitalTrends - 🏆 95. / 65 Read more »