Summary:

- Firefox releases updates fixing various flaws, including a potential permissions request bypass and a bypass of cross-origin restrictions.

- A new vulnerability called Collide+Power allows attackers to determine data values used in other applications by accessing shared CPU components.

- The SEC is demanding a four-day disclosure limit for cybersecurity breaches, but the disclosure is only necessary if the attack is considered material.

- Ransomware attacks come in different types, and the type of ransomware is important in determining the materiality of the attack.

Hashtags: #Firefox #Vulnerabilities #CollidePower #SEC #DisclosureLimit #Ransomware

https://nakedsecurity.sophos.com/2023/08/03/s3-ep146-tell-us-about-that-breach-if-you-want-to/