Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.
Vendors: /d/vendor_handbook.
While the focus of this community's OpSec discussions may center around DarkNet (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.
by /u/StuckInTheMiddleWithYou P · 5 votes · 2 weeks ago
Vuln was assined CVE-2023-32784.
Ref: hxxps://github[dot]com/vdohney/keepass-password-dumper
TLDR;
Through dumped memory your Master password can get leaked.
There is no updated/patched version yet.
Not a massive concern unless you get busted or an attacker already has access to your machine, but make sure to update once the patch drops.
/u/psychonut · 3 votes · 2 weeks ago · Link
Please keep in mind that this does NOT effect KeePassXC, the password manager that everyone on here probably uses. This vulnerability also requires that the attacker already has pwned you, in which case they have other ways they could obtain your password. They could execute a keylogger and simply wait for you to type it in.