{"id":29688,"date":"2023-10-29T16:12:29","date_gmt":"2023-10-29T23:12:29","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=29688"},"modified":"2023-10-29T16:49:14","modified_gmt":"2023-10-29T23:49:14","slug":"sb-2023-10-29","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2023\/10\/sb-2023-10-29\/","title":{"rendered":"Security Bits \u2014 29 October 2023"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>Passkeys continue to roll out:\n<ul>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/google-adopts-passkeys-as-default-sign.html\">Google Adopts Passkeys as Default Sign-in Method for All Users \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/amazon-adds-passkey-support-as-new-passwordless-login-option\/\">Amazon adds passkey support as new passwordless login option \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Deep Dive 1 \u2014 iLeakage<\/h2>\n<p><strong>TL;DR<\/strong> While the threat is real, at least for now, the risk is low for regular users.<\/p>\n<p>A new speculative execution bug has been found, and unlike most, this one can theoretically be exploited remotely. Most speculative execution bugs require the attacker and the victim to share a CPU, so they are only really relevant in multi-customer cloud environments, but this one is different \u2014 it can run entirely within Safari, so it can run from a malicious web page, and data can leak between two tabs sharing the same CPU.<\/p>\n<p>This issue affects all A-series and M-series CPUs from Apple, so basically all iOS devices, and all non-Intel Macs.<\/p>\n<p>There are a few silver linings though \u2014 first and foremost, this is not a quick attack, and it&#8217;s not easy to deploy, so the real-world risk for regular folks is low. However, if you&#8217;re important enough to be of interest to a nation-state, you need to be very concerned about this.<\/p>\n<p>Secondly, Apple have a fix in the works. There is an experimental feature already in Safari on the Mac that can be enabled with a little terminal trickery that prevents code from two tabs sharing the same CPU, and hence, blocks the side-channel. The expectation is that this fix will soon be put live for all Safari users.<\/p>\n<p>Finally, <em>Lockdown Mode<\/em> protects against this vulnerability, so if you&#8217;re important enough to be in the cross-hairs of a nation-state, you should be sure you&#8217;ve enabled that. TBH, anyone likely to be threatened by this attack should already have been running in Lockdown mode, regardless of this latest bug.<\/p>\n<h3>Links<\/h3>\n<ul>\n<li>The most comprehensive writeup I found: <a href=\"https:\/\/www.intego.com\/mac-security-blog\/ileakage-attack-could-let-hackers-steal-passwords-data-from-safari-on-macs\/\">iLeakage Attack could let hackers steal passwords, data from Safari on Macs \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/security\/2023\/10\/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more\/\">Hackers can force iOS and macOS browsers to divulge passwords and much more \u2014 arstechnica.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Deep Dive 2 \u2014 iOS Private WiFi Address Fixed<\/h2>\n<p>Since the iPhone 5, Apple have supported randomised MAC addresses on their wifi cards when phones are scanning for available networks. This means that as you walk about, your iPhone is constantly changing MAC address, so you can&#8217;t be tracked over time.<\/p>\n<p>This feature was not broken and didn&#8217;t need a fix.<\/p>\n<p>Until iOS 14, once you connected to a WiFi network your device would revert to its true MAC address. But, in iOS 14 that changed, when Apple introduced the <em>Private WiFi Address<\/em> feature. With this feature enabled, iOS uses a different randomly chosen, permanent MAC address for each network you join. This means your device does not keep changing MAC within a network, so static DHCP assignments still work, but your device has a different MAC on each network, preventing cross-network tracking.<\/p>\n<p>From the point of view of low-leave network protocols this worked perfectly, but researchers discovered that until iOS 17.1, the true MAC address was leaked by the metadata in a bonjour UDP packet sent by iOS devices when they join a network.<\/p>\n<p>This means that from the point of view of network management tools our phones did appear to be different devices on each network, anyone we shared a network with could have run a network sniffer to find and decode the Bonjour broadcasts from our phones and map our random MAC addresses to our true MAC addresses.<\/p>\n<p>The fact that the MAC address was being leaked within joined networks is not good, but it&#8217;s nowhere near as bad as it would have been if it was leaking while not joined to a network, or, if it was leaking at the lower ethernet or IP levels.<\/p>\n<p>It should be noted that the entire Private WiFi Address feature is a <em>nice to have<\/em>, not a critical security feature, so there&#8217;s definitely no need to lose any sleep over this.<\/p>\n<h3>Links<\/h3>\n<ul>\n<li>The least sensationalist report on the story to cross my radar: <a href=\"https:\/\/ciso2ciso.com\/apple-private-wi-fi-hasnt-worked-for-the-past-three-years-source-go-theregister-com\/\">Apple Private Wi-Fi hasn\u2019t worked for the past three years \u2013 Source: go.theregister.com \u2014 ciso2ciso.com\/\u2026<\/a><\/li>\n<li>Apple&#8217;s support page describing WiFi Privacy \u2014 <a href=\"https:\/\/support.apple.com\/en-ie\/guide\/security\/secb9cb3140c\/web\">support.apple.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Security researchers have released details of un-patched vulnerabilities in popular D-Link wifi extenders after the company failed to respond to their attempts at responsible disclosure, if you have one of these devices you may need to consider turning it off until D-Link issue a fix \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/d-link-wifi-range-extender-vulnerable-to-command-injection-attacks\/\">www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> D-Link customer names and email addresses have also been leaked: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/d-link-confirms-data-breach-after-employee-phishing-attack\/\">D-Link confirms data breach after employee phishing attack \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>ARM have patched the Mali GPU driver used in many Android phones, and Google have seen exploits in the wild \u2013 if you can figure out if you need to patch, and if there is a patch from your vendor, patch ASAP \u2014 <a href=\"https:\/\/thehackernews.com\/2023\/10\/arm-issues-patch-for-mali-gpu-kernel.html\">thehackernews.com\/\u2026<\/a><\/p>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/android-october-security-update-fixes-zero-days-exploited-in-attacks\/\">Android October security update fixes zero-days exploited in attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\n<p>Linux users should be sure they&#8217;re fully patched:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-looney-tunables-linux-bug-gives-root-on-major-distros\/\">New &#8216;Looney Tunables&#8217; Linux bug gives root on major distros \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/gnome-linux-systems-exposed-to-rce-attacks-via-file-downloads\/\">GNOME Linux systems exposed to RCE attacks via file downloads \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Synology DiskStation users need to be sure their NAS devices are fully patched \u2014 <a href=\"https:\/\/thehackernews.com\/2023\/10\/new-admin-takeover-vulnerability.html\">thehackernews.com\/\u2026<\/a><\/p>\n<\/li>\n<li>Microsoft Patch Tuesday has been and gone, with 4 zero-days fixed \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2023\/10\/patch-tuesday-october-2023-edition\/\">krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/30344\">Apple Patches Everything. Releases iOS 17.1, MacOS 14.1 and updates for older versions fixing exploited vulnerability &#8211; SANS Internet Storm Center \u2014 isc.sans.edu\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>There has been a major breach at 23andMe \u2014 at the very least there has been a password stuffing attack that allowed attackers to access both the data from users who re-used passwords, and, users who shared data with those users because if the sheer number of accounts breached, some security researchers are skeptical that there has not been a leak of passwords from 23andMe itself, but there&#8217;s no firm evidence of such a leak \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack\/\">www.bleepingcomputer.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-leaks-millions-of-new-23andme-genetic-data-profiles\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/air-europa-data-breach-customers-warned-to-cancel-credit-cards\/\">Air Europa data breach: Customers warned to cancel credit cards \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Full card numbers, expiration dates, and CVV2 numbers stolen!)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/casio-discloses-data-breach-impacting-customers-in-149-countries\/\">Casio discloses data breach impacting customers in 149 countries \u2014 www.bleepingcomputer.com\/\u2026<\/a> (biggest risk is targeted phishing)<\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2023\/10\/phishers-spoof-usps-12-other-natl-postal-services\/\">Phishers Spoof USPS, 12 Other Natl\u2019 Postal Services \u2014 krebsonsecurity.com\/\u2026<\/a> (Even Ireland&#8217;s <em>an Post<\/em> was included, and Bart got multiple fake SMS messages from this campaign)<\/li>\n<li>There seems to be a spike in malicious Google Ads:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware\/\">Fake KeePass site uses Google Ads and Punycode to push malware \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/malvertisers-using-google-ads-to-target.html\">Malvertisers Using Google Ads to Target Users Searching for Popular Software \u2014 thehackernews.com\/\u2026<\/a> (including NotePad++)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li><strong>A reminder not to expose admin interfaces to the internet, and to always change the passwords from the defaults:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/over-40-000-admin-portal-accounts-use-admin-as-a-password\/\">Over 40,000 admin portal accounts use &#8216;admin&#8217; as a password \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Security Researchers earn over $1M for 58 Zero-days at Pwn2Own \u2013 the iPhone 14 &amp; Pixel 7 survive unscathed, but the Samsung Galaxy S23 was hacked 4 different ways \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-earn-over-1-million-for-58-zero-days-at-pwn2own-toronto\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><strong>A reminder of why we need Passkeys:<\/strong> Security researchers warn that the <em>EvilProxy<\/em> MFA AiTM (Adversary-in-the-Middle) 2FA\/MFA bypass Malware-as-a-Service toolkit is being widely used against US in US companies \u2014 <a href=\"https:\/\/thehackernews.com\/2023\/10\/cybercriminals-using-evilproxy-phishing.html\">thehackernews.com\/\u2026<\/a><\/li>\n<li>A report from the US Department of Homeland Security&#8217;s Inspector General confirms that <em>&#8220;CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data&#8221;<\/em>, i.e. the government used location data collected by data brokers to illegally track people. The report makes 8 recommendations, and DHS has accepted 6 of them \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/23\/10\/06\/secret-service-and-government-agencies-illegally-used-smartphone-location-data\">appleinsider.com\/\u2026<\/a> (CBP is <em>Customs &amp; Border Patrol<\/em>, and ICE is <em>Immigration &amp; Customs Enforcement<\/em>)<\/li>\n<li><strong>A timely reminder to be wary of goods peddled on social media:<\/strong>  A report from the US Federal Trade Commission (FTC) shows Americans lost at least $2.7Bn to social media scams in 2021, and given the reporting rate is known to be low (perhaps as low as 5%), that&#8217;s just the tip of the proverbial iceberg \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ftc-warns-of-staggering-losses-to-social-media-scams-since-2021\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/signal-debunks-zero-day-vulnerability.html\">Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/1password-discloses-security-incident-linked-to-okta-breach\/\">1Password discloses security incident linked to Okta breach \u2014 www.bleepingcomputer.com\/\u2026<\/a> (They spotted the problem straight away and nipped it in the bud before any serious harm could be done)<\/p>\n<ul>\n<li>This relates to a breach at MFA-provider Okta which is likely to have caused issues for many other companies too \u2014 <a href=\"https:\/\/thehackernews.com\/2023\/10\/oktas-support-system-breach-exposes.html\">thehackernews.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Microsoft announces plans for the retirement of two legacy technologies often abused by malware:\n<ul>\n<li>VB Script is now deprecated, it will be converted to a <em>Feature on Demand<\/em> before being completely removed from Windows (no firm dates released yet) \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-to-kill-off-vbscript-in-windows-to-block-malware-delivery\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Microsoft are upgrading the Kerberos authentication protocol that powers Windows domains so it can fully replace the deeply flawed and often abused legacy LAN Manager authentication mechanism (NTLM) \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-plans-to-kill-off-ntlm-authentication-in-windows-11\/\">www.bleepingcomputer.com\/\u2026<\/a> &amp; <a href=\"https:\/\/thehackernews.com\/2023\/10\/microsoft-to-phase-out-ntlm-in-favor-of.html\">thehackernews.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> Microsoft is also extending the length of time it retains Office365 audit logs following successful attacks against Office365 tenancies used by western governments by Chinese hackers \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-extends-purview-audit-log-retention-after-july-breach\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Some nice updates from Google\n<ul>\n<li>Google Play Protect gets new AI-driven malware protection designed to protect all Android apps, even side-loaded ones from even the more advanced techniques being used to attack Android these days \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-play-protect-adds-real-time-scanning-to-fight-android-malware\/\">www.bleepingcomputer.com\/\u2026<\/a> &amp; <a href=\"https:\/\/thehackernews.com\/2023\/10\/google-play-protect-introduces-real.html\">thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/google-expands-its-bug-bounty-program.html\">Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/google\/google-chromes-new-ip-protection-will-hide-users-ip-addresses\/\">Google Chrome&#8217;s new &#8220;IP Protection&#8221; will hide users&#8217; IP addresses \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>It&#8217;s been good for a few weeks for the Goodies:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ukrainian-activists-hack-trigona-ransomware-gang-wipe-servers\/\">Ukrainian activists hack Trigona ransomware gang, wipe servers \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/india-targets-microsoft-amazon-tech-support-scammers-in-nationwide-crackdown\/\">India targets Microsoft, Amazon tech support scammers in nationwide crackdown \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/us-doj-cracks-down-on-north-korean-it_20.html\">U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2023\/10\/europol-dismantles-ragnar-locker.html\">Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.cultofmac.com\/834783\/how-to-use-check-in-ios-17\/\">Check In: Every parent should know this essential iOS 17 feature \u2014 www.cultofmac.com\/\u2026<\/a><\/li>\n<li>A nice guide from Apple on buying a second-hand iPhone safely: <a href=\"https:\/\/support.apple.com\/en-us\/HT213680\">If you want to buy a preowned iPhone \u2014 support.apple.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Interesting Insights<\/h2>\n<aside class=\"small-aside\">High-quality opinion and editorial content recommended by Bart.<\/aside>\n<ul>\n<li>An interesting approach being explored for safer AI models: <a href=\"https:\/\/appleinsider.com\/inside\/xcode\/tips\/understanding-agentized-llms-how-to-avoid-making-rogue-ai\">Understanding Agentized LLMs: How to avoid making rogue AI \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/tips\/round-ups\/best-halloween-wallpapers-iphone\/\">Best Scary Halloween Wallpapers for iPhone in 2023 \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/appleinsider.com\/articles\/23\/08\/15\/excellent-newton-documentary-now-on-youtube\">Excellent Newton documentary now on YouTube \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<li>An excellent podcast mini-series on AI from Business Wars: <a href=\"https:\/\/overcast.fm\/+LnJdGg70g\">The Rise of AI: The Next Big Thing \u2013 Episode 1 \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em><\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. Passkeys continue to roll out: Google Adopts Passkeys as Default Sign-in Method for All Users \u2014 thehackernews.com\/\u2026 Amazon adds passkey support as new passwordless login option \u2014 www.bleepingcomputer.com\/\u2026 Deep Dive 1 \u2014 iLeakage TL;DR [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[2079,50,569,4586],"class_list":["post-29688","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-patch","tag-security","tag-security-bits","tag-vulnerability"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/29688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=29688"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/29688\/revisions"}],"predecessor-version":[{"id":29690,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/29688\/revisions\/29690"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=29688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=29688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=29688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}