❗ Action Alerts
- SAMBA have patched a critical bug in their open source implementation of Microsoft’s Active Directory, if you use SAMBA, patch ASAP! — nakedsecurity.sophos.com/…
- The commonly used open source crypto library GnuTLS has patched a critical memory management bug, so many open source OSes and apps will have updated waiting to protect their users, now would be a good time to remember to update things like HomeBrew or MacPorts as well as the more obvious stuff like Linux OSes — nakedsecurity.sophos.com/…
Worthy Warnings
- Security researchers have found well over 3K apps that leaked Twitter API keys. Unless you’re a developer your Twitter account is extremely unlikely to be caught up in this, but many big brands may well be, so be extra skeptical of everything you see on official Twitter accounts because there’s a greater than normal chance they’ve been hijacked ATM — www.macobserver.com/…
- Yet another reminder that the whole DeFi/crypto/web3 thing is still very much in its utterly insecure wild-west early phase, and you absolutely should not ‘invest’ (gamble really), and money you can’t take a 100% loss on: Cryptocoin “token swapper” Nomad loses $200 million in coding blunder — nakedsecurity.sophos.com/…
Notable News
- iCloud Passwords for Windows now has support for storing 2FA codes — www.imore.com/…
- MacPaw have released an iOS version of their Spybuster app that sans your iPhone/iPad for apps connected to Russia — www.macobserver.com/… & macpaw.com/… (Editorial by Bart: I tried it, it works, I have no idea how! I’m guessing Apple granted the app an unusual entitlement that lets it scan your installed application files)
- 🇺🇸 T-Mobile to cough up $500 million over 2021 data breach — nakedsecurity.sophos.com/…
Just Because it’s Cool 😎
- Work on Linux support for M-series Macs is continuing apace, and to underline the point, Linus Torvalds pushed the latest Linux release into production from an M2 MacBook Air running Asahi Linux! — appleinsider.com/…
Legend
When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.
| Emoji | Meaning |
|---|---|
| 🎧 | A link to audio content, probably a podcast. |
| ❗ | A call to action. |
| flag | The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country. |
| 📊 | A link to graphical content, probably a chart, graph, or diagram. |
| 🧯 | A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂 |
| 💵 | A link to an article behind a paywall. |
| 📌 | A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future. |
| 🎩 | A tip of the hat to thank a member of the community for bringing the story to our attention. |