{"id":22856,"date":"2021-01-17T15:37:30","date_gmt":"2021-01-17T23:37:30","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=22856"},"modified":"2021-01-17T15:57:37","modified_gmt":"2021-01-17T23:57:37","slug":"sb-2021-01-17","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2021\/01\/sb-2021-01-17\/","title":{"rendered":"Security Bits \u2014 17 January 2021"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>COVID Update:\n<ul>\n<li>Apple have released iOS 12.5.1, bug-fix for the un-expected iOS 12.5 recently released to add COVID exposure tracking to older iPhones \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/apple-releases-ios-12-5-1-to-fix-covid-19-exposure-notifications-on-older-devices\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>Yelp have added fields to allow reviewers to mark whether or not an establishment is following COVID guidelines \u2014 <a href=\"https:\/\/www.imore.com\/yelp-will-tell-you-if-businesses-are-following-covid-19-safety-guidelines\">www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>More SolarWinds fallout:\n<ul>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/sealed-u-s-court-records-exposed-in-solarwinds-breach\/\">Sealed U.S. Court Records Exposed in SolarWinds Breach \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li>CISA has released a new document describing how organisations affected by the SolarWinds attack can check that the attack did not spread into their Office365 tenancies \u2014 <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/01\/08\/cisa-releases-new-alert-post-compromise-threat-activity-microsoft\">us-cert.cisa.gov\/\u2026<\/a><\/li>\n<li>SolarWinds have released details of how they were attacked, and warned that what happened to them could very easily happen to other vendors \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/solarwinds-what-hit-us-could-hit-others\/\">krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Back in November we did a deep dive into the firewall bypass list in macOS Big Sur. At the time Apple were allow-listing many of their apps, and we came to the conclusion they would need to whittle that list down to the bare minimum, and that&#8217;s what Apple have done in the latest Bigsur beta \u2014 <a href=\"https:\/\/www.imore.com\/macos-big-sur-112-beta-2-allows-apples-apps-be-blocked-firewalls\">www.imore.com\/\u2026<\/a>\n<ul>\n<li>The original episode: <a href=\"https:\/\/www.podfeet.com\/blog\/2020\/11\/sb-202011-22\/\">Security Bits \u2014 22 November 2020 \u2014 www.podfeet.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>&#x2757; Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Last Tuesday was Patch Tuesday, and Microsoft&#8217;s suite of updates contained a fix for a zero-day in Windows Defender that is being actively exploited in the wild \u2014  <a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/microsoft-patch-tuesday-january-2021-edition\/\">krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2021\/01\/06\/zyxel-hardcoded-admin-password-found-patch-now\/\">Zyxel hardcoded admin password found \u2013 patch now! \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2021\/01\/ubiquiti-change-your-password-enable-2fa\/\">Ubiquiti: Change Your Password, Enable 2FA \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>As of the end of 2020 Flash is EOL (End of Life), it&#8217;s not going to get security updates from Adobe anymore, so if you still have it installed, get rid of it before it bites!\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/end-2020-also-brought-official-end-adobe-flash\">The end of 2020 also brought the official end of Adobe Flash \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-uninstall-flash-player\/\">How to Uninstall Flash Player &#8211; The Mac Security Blog \u2014 www.intego.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.businessinsider.in\/tech\/news\/over-100-million-debit-and-credit-card-users-data-has-been-leaked-online-from-payments-processor-juspay-amazon-and-swiggy\/articleshow\/80096472.cms\">The company that processes payments for Amazon and Swiggy has reported a data leak of over 100 million debit and credit cardholders \u2014 www.businessinsider.in\/\u2026<\/a> (Actual credit card numbers are not leaked, just masked versions, so the biggest threat is targeted phishing attacks)<\/li>\n<li>(From Allison) <a href=\"https:\/\/techcrunch.com\/2021\/01\/14\/ring-neighbors-exposed-locations-addresses\/\">Amazon\u2019s Ring Neighbors app exposed users\u2019 precise locations and home addresses \u2014 techcrunch.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>WhatsApp have updated their terms of service, and users have been forced to accept the changes to continue using the app. Thew new TOS allows for sharing of data with Facebook \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/update-to-whatsapp-privacy-policy-mandates-facebook-data-sharing\/\">www.macobserver.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.imore.com\/whatsapp-now-requires-you-share-data-facebook\">www.imore.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/whatsapp-tries-reassure-users-following-facebook-data-sharing-backlash\">WhatsApp tries to reassure users following Facebook data sharing backlash \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.imore.com\/facebook-revamps-access-your-information-name-transparency\">Facebook revamps Access Your Information in the name of transparency \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1fa;&#x1f1f8; Following the violent insurrection on January 6th, tech companies have taken action against President Trump, QAnon, and other extremist groups:\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/facebook-implements-new-moderation-policies-response-us-violence\">Facebook implements new moderation policies in response to U.S. violence \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>President Trump is banned from just about everything:\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/facebook-suspends-president-trump-indefinitely\">Facebook suspends President Trump &#8216;indefinitely&#8217; \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.wsj.com\/articles\/shopify-takes-trumpstore-com-offline-in-response-to-riot-11610035673\">Shopify Takes Trump Organization and Campaign Stores Offline &#8211; WSJ \u2014 www.wsj.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/tiktok-taking-down-videos-trumps-speech-us-capitol-rioters\">TikTok is taking down videos of Trump&#8217;s speech to U.S. Capitol rioters \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/kotaku.com\/twitch-suspends-trumps-channel-to-prevent-him-from-inci-1846011068\">Twitch Suspends Donald Trump&#8217;s Channel To Prevent Him From Inciting &#8216;Further Violence&#8217; \u2014 kotaku.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/snapchat-has-also-locked-down-president-trumps-account\">Snapchat has also locked down President Trump&#8217;s account \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/twitter-has-permanently-suspended-donald-trumps-account\">Twitter has permanently suspended Donald Trump&#8217;s account \u2014 www.imore.com\/\u2026<\/a>   * <a href=\"https:\/\/www.buzzfeednews.com\/article\/carolinehaskins1\/twitter-banned-qanon-accounts\">Twitter Has Banned Michael Flynn, Sidney Powell, And Ron Watkins For Spreading QAnon Delusions \u2014 www.buzzfeednews.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Parler gets shut down\n<ul>\n<li><a href=\"https:\/\/www.macrumors.com\/2021\/01\/09\/apple-suspends-parler-from-app-store\/\">Apple Removes Parler From App Store Due to &#8216;Inadequate&#8217; Measures to Address Dangerous Content \u2014 www.macrumors.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1734051\">Amazon cuts off Parler\u2019s web hosting following Apple, Google bans \u2014 arstechnica.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/tim-cook-parler-can-come-back-if-they-get-their-moderation-together\">Tim Cook: Parler can come back &#8216;if they get their moderation together&#8217; \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> Before Amazon shut them down, white\/grey hat security researchers downloaded almost every post ever made, included deleted ones. This was possible because Parler used sequential IDs, so they could be enumerated, and clearly did not implement adequate throttling (rookie mistakes):\n<ul>\n<li><a href=\"https:\/\/gizmodo.com\/every-deleted-parler-post-many-with-users-location-dat-1846032466\">Every Deleted Parler Post, Many With Users&#8217; Location Data, Has Been Archived \u2014 gizmodo.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.independent.co.uk\/life-style\/gadgets-and-tech\/parler-capitol-hill-personal-data-b1785343.html\">Parler users unknowingly gave away their personal data in videos they uploaded illegally storming Capitol Hill \u2014 www.independent.co.uk\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.wired.com\/story\/capitol-riot-security-congress-trump-mob-clean-up\/\">Post-Riot, the Capitol Hill IT Staff Faces a Security Mess \u2014 www.wired.com\/\u2026<\/a><\/li>\n<li>Tom Merritt explains Amazon&#8217;s decision to stop hosting Parler and a little of what he thinks of it.  <a href=\"https:\/\/www.patreon.com\/posts\/aws-v-parler-46205800\">www.patreon.com\/&#8230;<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/intel-releases-realsense-id\/\">Intel Releases \u2018RealSense ID\u2019 Facial Authentication Technology \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>New facial recognition tech from Japanese firm NEC can identify people wearing masks \u2014 <a href=\"https:\/\/www.bbc.co.uk\/news\/technology-55573802\">www.bbc.co.uk\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/link\/mozilla-vpn-arrives-macos\/\">Mozilla VPN Arrives on macOS and Linux \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; The UK <em>Competition &amp; Markets Authority<\/em> (CMA) has opened an anti-trust investigation into Google over concerns that it&#8217;s privacy improvements in Chrome might harm competitors \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/uk-competition-authority-launches-investigation-into-google\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; (From Allison) <a href=\"https:\/\/www.ftc.gov\/news-events\/press-releases\/2021\/01\/california-company-settles-ftc-allegations-it-deceived-consumers\">California Company Settles FTC Allegations It Deceived Consumers about use of Facial Recognition in Photo Storage App \u2014 www.ftc.gov\/\u2026<\/a>\n<ul>\n<li>The Original Story: <a href=\"https:\/\/www.nbcnews.com\/tech\/security\/millions-people-uploaded-photos-ever-app-then-company-used-them-n1003371\">Millions of people uploaded photos to the Ever app. Then the company used them to develop facial recognition tools \u2014 www.nbcnews.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1fa;&#x1f1f8; Secretary of State Mike Pompeo has created a new <em>Bureau of Cyberspace Security and Emerging Technologies<\/em> (CSET) within the State Department to inform cybersecurity in US foreign policy \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/state-department-creates-cset\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Top Tips<\/h2>\n<aside class=\"small-aside\">Tip, tricks, or advice that is likely to be useful to the NosillaCast audience or the family members and friends whose IT they support.<\/aside>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2021\/01\/13\/home-schooling-how-to-stay-secure\/\">Home schooling \u2013 how to stay secure \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li>An excellent explanation of a new Amazon scam named <em>Brushing<\/em>: <a href=\"https:\/\/www.nbcwashington.com\/news\/consumer\/mysterious-packages-showing-up-on-doorsteps\/2539531\/\">Mysterious Packages Showing Up on Doorsteps \u2014 www.nbcwashington.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Interesting Insights<\/h2>\n<aside class=\"small-aside\">High-quality opinion and editorial content recommended by Bart.<\/aside>\n<ul>\n<li>&#x1f3a7; A great explanation of the storied Pwn2Own competition: <a href=\"https:\/\/overcast.fm\/+PMNcCBN1k\">Darknet Diaries 82: Master of Pwn \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything up-beat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li>A very relevant dive into the XKCD archives: <a href=\"https:\/\/xkcd.com\/1357\/\">xkcd.com\/\u2026<\/a>\n<p><a href=\"https:\/\/xkcd.com\/1357\/\" rel=\"noopener\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/free_speech.png\" alt=\"I can't remember where I heard this, but someone once said that defending a position by citing free speech is sort of the ultimate concession; you're saying that the most compelling thing you can say for your position is that it's not literally illegal to express.\" \/><\/a><\/p>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">&#x1f3a7;<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x2757;<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4ca;<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f9ef;<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> &#x1f642;<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4b5;<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4cc;<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f3a9;<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. COVID Update: Apple have released iOS 12.5.1, bug-fix for the un-expected iOS 12.5 recently released to add COVID exposure tracking to older iPhones \u2014 www.macobserver.com\/\u2026 Yelp have added fields to allow reviewers to mark [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":19030,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147,214],"tags":[4458,4459,50],"class_list":["post-22856","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-insurrection","tag-parler","tag-security"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2019\/08\/security_bits_logo_400px_no_alpha.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/22856","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=22856"}],"version-history":[{"count":3,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/22856\/revisions"}],"predecessor-version":[{"id":22860,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/22856\/revisions\/22860"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/19030"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=22856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=22856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=22856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}