Security Bits Logo no alpha channel

Security Bits — 12 December 2021

Feedback & Followups

❗ Action Alerts

Worthy Warnings

Notable News

  • Apache have patched a critical zero-day dubbed Log4Shell in the very widely used logging library Log4J. Log4J is an open source Java library that’s used very heavily in Java-based enterprise apps, and on the platforms powering major cloud services. This is not something end-users can fix, but something sysadmins around the world are now scrambling to fix on their servers. Best you can do is buy any affected sysadmins a much-needed coffee! —… &…
  • The Financial Times is reporting that Apple have ‘loosened’ their anti-tracking policies —…
    • Editorial by Bart: From my reading of this I’m not seeing any ‘there’ there. Aggregated anonymised data is not tracking banned under Apple’s policy, and it’s what Apple themselves provide via their own ad effectiveness reporting APIs. This has the whiff of ‘clickbait’ to me.
  • 🇬🇧 The UK government have published a draft Product Security and Telecommunications Infrastructure (PSTI) bill that would set a security floor on IoT devices, default credentials would be banned, there would be a duty to notify users of vulnerabilities, and the packaging would have to state the length of time security updates will be available —…

Interesting Insights

Palate Cleansers


When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.

Emoji Meaning
🎧 A link to audio content, probably a podcast.
A call to action.
flag The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country.
📊 A link to graphical content, probably a chart, graph, or diagram.
🧯 A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂
💵 A link to an article behind a paywall.
📌 A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future.
🎩 A tip of the hat to thank a member of the community for bringing the story to our attention.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top