{"id":24858,"date":"2021-11-28T14:43:09","date_gmt":"2021-11-28T22:43:09","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=24858"},"modified":"2021-11-28T14:43:09","modified_gmt":"2021-11-28T22:43:09","slug":"sb-2021-11-28","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2021\/11\/sb-2021-11-28\/","title":{"rendered":"Security Bits \u2014 28 November 2021"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li><strong>Pegasus\/NSO Group:<\/strong> <a href=\"https:\/\/tidbits.com\/2021\/11\/24\/apple-lawsuit-goes-after-spyware-firm-nso-group\/\">Apple Lawsuit Goes After Spyware Firm NSO Group \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li><strong>Apple Digital IDs:<\/strong>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/apple-delays-ios-15s-drivers-license-support-until-early-2022\">Apple delays iOS 15&#8217;s driver&#8217;s license support until &#8216;early 2022&#8217; \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>Reporting from CNBC reveals details of Apple&#8217;s contract with states rolling out their new digital drivers licenses etc. \u2014 <a href=\"https:\/\/www.imore.com\/report-details-control-apple-has-over-states-their-digital-id-card-rollout\">Report details the control Apple has over states &amp; their digital ID card rollout \u2014 www.imore.com\/\u2026<\/a> (the original report pus a very anti-Apple spin on things, but the information is interesting)\n<ul>\n<li>Apple get to control the devices that will and won&#8217;t offer the feature, and when it rolls out<\/li>\n<li>The states have to run the back-end and are responsible for asserting people&#8217;s identities.<\/li>\n<li>The States have to publicise the service, and Apple gets to OK the marketing materials<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li><strong>iOS 15 Mail Privacy Protection:<\/strong> Security researchers have noticed that the AppleWatch doesn&#8217;t support Apple&#8217;s new mail privacy features, so if you enable the feature on your iPhone, but use your Apple Watch to read emails, your watch will use your real IP address to load any remote images in your emails \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2021\/11\/17\/apples-privacy-protection-feature-watch-out-if-you-have-a-watch\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><strong>Apple&#8217;s iOS Privacy Protections:<\/strong> Apple&#8217;s carrot to go with their <em>App Tracking Transparency<\/em> stick is <em>Private Click Measurement<\/em> \u2013 it gives advertisers information on the effectiveness of their ads without compromising user privacy. Initially, the feature was only available for web ads, but Apple have now expanded it to in-app ads \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/product-news\/pcm-ios-15-2\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li><strong>Social Media Updates:<\/strong>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/whatsapp-begin-warning-people-when-they-receive-messages-businesses\">WhatsApp to begin warning people when they receive messages from businesses \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>&#x2757; Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2021\/11\/23\/godaddy-admits-to-password-breach-check-your-managed-wordpress-site\/\">GoDaddy admits to password breach: check your Managed WordPress site! \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<blockquote><p>\n    * On November 17&#8230; an unauthorized third party gained access to certain authentication information for administrative services, specifically, the customer number and email address associated with your account; your WordPress Admin login set at inception; and your sFTP and database usernames and passwords.<br \/>\n    * We are taking several steps to protect you and your data. First, we have blocked the unauthorized third party from our systems.<br \/>\n    * Second, we have reset your WordPress Admin login credentials, sFTP password and your database password. Your website is still up and running, but you won&#8217;t be able to edit content until you set new passwords.\n<\/p><\/blockquote>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>There&#8217;s currently an un-patched vulnerability in many Intel chips that lets attackers with physical access bypass full disk encryption and install malicious malware. The machines are vulnerable to so-called <em>evil maid<\/em> attacks. Intel are working on a patch, but for now all we can do is avoid allowing our Intel-powered machines out of our physical control \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/intel-chip-flaw-firmware\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; A data breach at California Pizza Kitchen appears to have leaked personal data, including SSNs, of over 100K former &amp; current employees (the company is not being particularly transparent) \u2014 <a href=\"https:\/\/techcrunch.com\/2021\/11\/18\/california-pizza-kitchen-data-breach\/\">techcrunch.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/krebsonsecurity.com\/2021\/11\/the-zelle-fraud-scam-how-it-works-how-to-fight-back\/\">The \u2018Zelle Fraud\u2019 Scam: How it Works, How to Fight Back \u2013 Krebs on Security \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2021\/11\/24\/us-government-securities-watchdog-spoofed-by-investment-scammers-dont-fall-for-it\/\">US government securities watchdog spoofed by investment scammers \u2013 don\u2019t fall for it! \u2014 nakedsecurity.sophos.com\/\u2026<\/a> (in this instance it was the SEC who were spoofed, but it could of course be any agency from any government in any country)<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.macrumors.com\/2021\/11\/23\/apple-state-sponsored-spyware-threat-notifications\/\">Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks \u2014 www.macrumors.com\/\u2026<\/a><\/li>\n<li>&#x1f1f7;&#x1f1fa; <a href=\"https:\/\/www.reuters.com\/markets\/europe\/moscow-says-13-foreign-tech-firms-must-be-represented-russian-soil-by-2022-2021-11-23\/\">Moscow tells 13 mostly U.S. tech firms they must set up in Russia by 2022 \u2014 www.reuters.com\/\u2026<\/a> (including Apple, Google, Facebook, Twitter &amp; TikTok)<\/li>\n<li>&#x1f1fa;&#x1f1f8; The US Federal Trade Commission (FTC) has declared the user-hostile <em>&#8216;click to subscribe, call to cancel&#8217;<\/em> dark pattern illegal \u2013 it must be as easy to unsubscribe as it is to subscribe \u2014 <a href=\"https:\/\/www.macobserver.com\/link\/ftc-news-media-illegal\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.cyberscoop.com\/banks-36-hours-reporting-rule-cyber-incidents\/\">Banks must report major cyber incidents within 36 hours under finalized regulation \u2014 www.cyberscoop.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; <strong>A Cautionary Tale:<\/strong> The Belfast Health Trust in Northern Ireland offers us all a timely reminder to be careful about the things we throw away \u2014 the trust donated a filing cabinet to a local charity shop without emptying it first, this was a big mistake because it contained files marked <em>Strictly Confidential<\/em> that contained personal contact details for senior staff, and, most embarrassingly of all, a risk assessment report investigating how to better protect patient data! You need to protect all your files, paper and digital! \u2014 <a href=\"https:\/\/www.belfasttelegraph.co.uk\/news\/northern-ireland\/hundreds-of-sensitive-belfast-health-trust-files-found-in-desk-bought-at-charity-shop-41080034.html\">www.belfasttelegraph.co.uk\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything up-beat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li>&#x1f3a7; The EFF&#8217;s <em>How to Fix the Internet<\/em> podcast is back for a second series \u2014 <a href=\"https:\/\/www.eff.org\/how-to-fix-the-internet-podcast\">www.eff.org\/\u2026<\/a><\/li>\n<li>&#x1f3a7; The podcast <a href=\"https:\/\/wondery.com\/shows\/business-wars\/\">Business Wars<\/a> has recently finished a 7-part series on the whole fascinating crypto story \u2013 the rise of Bitcoin, the rise and fall of Mt. Gox, the sordid story of the Silk Road, and much more! Here&#8217;s a link to the first episode: <a href=\"https:\/\/overcast.fm\/+LnJcCcx2A\">Business Wars: Crypto Wars 1 | Generate Coins \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">&#x1f3a7;<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x2757;<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4ca;<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f9ef;<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> &#x1f642;<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4b5;<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4cc;<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f3a9;<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. Pegasus\/NSO Group: Apple Lawsuit Goes After Spyware Firm NSO Group \u2014 tidbits.com\/\u2026 Apple Digital IDs: Apple delays iOS 15&#8217;s driver&#8217;s license support until &#8216;early 2022&#8217; \u2014 www.imore.com\/\u2026 Reporting from CNBC reveals details of Apple&#8217;s [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":19030,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[219,170,2002,50,569],"class_list":["post-24858","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-godaddy","tag-hack","tag-intel","tag-security","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2019\/08\/security_bits_logo_400px_no_alpha.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/24858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=24858"}],"version-history":[{"count":4,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/24858\/revisions"}],"predecessor-version":[{"id":24863,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/24858\/revisions\/24863"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/19030"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=24858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=24858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=24858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}