FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys

If you are using a Windows PC, your privacy and security are nothing short of a myth, and this incident proves it...

DOGE May Have Misused Social Security Data, DOJ Admits

Plus: The FAA blocks drones over DHS operations, Microsoft admits it hands over Bitlocker encryption keys to the cops, and more...

Azure Linux 3.0 Security Update: samba (CVE-2023-0614)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0614 advisory. - The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters...

The fix in 4.6.16 4.7.9 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.

...

CVE-2023-29063 Lack of DMA Access Protections

The FACSChorus workstation does not prevent physical access to its PCI express PCIe slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM...

PT-2023-22120 · Unknown · Facschorus Workstation

Name of the Vulnerable Software and Affected Versions: FACSChorus workstation affected versions not specified Description: The issue concerns the lack of physical access prevention to the PCI express PCIe slots in the workstation. This could allow a threat actor to insert a PCI card designed for...

OESA-2023-1220 libldb security update

An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. Security Fixes: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain...

AZL-26697 CVE-2023-0614 affecting package samba 4.12.5-7

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

DEBIAN-CVE-2023-0614

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

AZL-37019 CVE-2023-0614 affecting package samba for versions less than 4.18.3-1

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

CVE-2023-0614

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

SUSE CVE-2023-0614

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

PT-2023-2254 · Samba +6 · Samba +6

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.6.16 Samba versions prior to 4.7.9 Samba versions prior to 4.8.4 Samba versions prior to 4.9.7 Description: The issue is related to insufficient protection of service data, which may allow a remote attacker to disclo...