{"id":31521,"date":"2024-07-21T12:05:52","date_gmt":"2024-07-21T19:05:52","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=31521"},"modified":"2024-07-21T12:05:52","modified_gmt":"2024-07-21T19:05:52","slug":"sb-2024-07-21","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2024\/07\/sb-2024-07-21\/","title":{"rendered":"Security Bits \u2013 21 July 2024"},"content":{"rendered":"<h1>Feedback &amp; Followups<\/h1>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 Kaspersky officially announce they are leaving the US \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/kaspersky-is-shutting-down-its-business-in-the-united-states\/\">www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/kaspersky-offers-free-security-software-for-six-months-in-us-goodbye\/\">Kaspersky offers free security software for six months in U.S. goodbye \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Google are not the only company losing the battle against malicious ads ATM: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware\/\">Facebook ads for Windows desktop themes push info-stealing malware \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Watering hole attacks against developers continue (attacker victims in a place they naturally come):\n<ul>\n<li><a href=\"https:\/\/thehackernews.com\/2024\/07\/trojanized-jquery-packages-found-on-npm.html?m=1\">Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2024\/07\/60-new-malicious-packages-uncovered-in.html\">60 New Malicious Packages Uncovered in NuGet Supply Chain Attack \u2014 thehackernews.com\/\u2026<\/a> (PowerShell\/.Net packages)<\/li>\n<\/ul>\n<\/li>\n<li>A real-world example of why we advise users to get rid of unsupported devices, especially routers: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-apt40-hackers-hijack-soho-routers-to-launch-attacks\/\">Chinese APT40 hackers hijack SOHO routers to launch attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>ATM, it seems Apple are winning the cat-and-mouse game against grey-hat cybersecurity companies like Cellebrite: <a href=\"https:\/\/www.macobserver.com\/iphone\/newer-iphones-running-ios-17-4-may-be-immune-to-cellebrite-at-least-for-now\/\">Newer iPhones Running iOS 17.4 May Be Immune To Cellebrite, At Least For Now \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<h1>Deep Dive \u2014 The Confused CloudStrike &amp; Microsoft Kerfuffles<\/h1>\n<p>From an American view two significant outages happened overnight on one night, and in case it wasn\u2019t confusing enough, they were not entirely disconnected.<\/p>\n<h2>The First Outage \u2014 Microsoft Azure US Central<\/h2>\n<p>Things started to go wrong when Microsoft pushed a configuration change to one of the regions in their global cloud network, it just happened to be the one serving much of the United States (<em>Central US<\/em>).<\/p>\n<p>This change caused the VMs powering this region to respond to connectivity glitches to their backend storage by rebooting rather than pausing, so the available compute power in the region plummeted and it wasn\u2019t enough to meet demand.<\/p>\n<p>This had two effects:<\/p>\n<ol>\n<li>Some of Microsoft\u2019s first-party services in the region became overloaded, Teams &amp; Xbox Live in particular seem to have been causing people to complain.<\/li>\n<li>Some of the services Microsoft sell to corporations became overloaded, particularly the <em>Power Platform<\/em> which is used to power business logic in the cloud with server-less functions (really cool tech actually)<\/li>\n<\/ol>\n<p>Microsoft seem to have been able to deal with the first problem pretty quickly by migrating the Teams service for US customers to different regions, but that added latency and probably stressed those regions so the service was likely sluggish for a while.<\/p>\n<p>By the time I woke up in Ireland, the Teams issue looked to be under control, but the Power Platform was still orange on the service health dashboard.<\/p>\n<p>For context, like with the leader in the field, Amazon Web Services (AWS), Microsoft offer Azure services in multiple geographic regions, and when you provision something you choose not only a primary region but the level of resilience you want to pay for. The scale starts at none and goes up to full geo-redundancy with resources mirrored in different parts of the world.<\/p>\n<p>American corporations using the Power Platform Customers who chose to take the risk and save money with lesser resilience would have had problems running their business processes, causing outages.<\/p>\n<h2>The Second Problem \u2014 The Bad CloudStrike Update<\/h2>\n<p>As morning dawned on the other side of the world a new problem emerged. Some Australians and New Zealanders arriving into their offices found their Windows PCs &amp; Servers stuck on Blue Screens of Death, and reboots didn\u2019t help \u2014 MEEP!<\/p>\n<p>It wasn&#8217;t all Windows computers, just some, and after some initial confusion, the pattern soon became clear \u2014 it was Windows devices protected by the Enterprise AV product Falcon Strike from the very well-regarded Cybersecurity experts CrowdStrike.<\/p>\n<p>Falcon Strike is a cloud-first real-time AV product driven by AI that uses lightweight local agents which stream their telemetry up to the cloud and get high-frequency updates pushed down to keep the protection as current as possible. Because all the agents stream their data to the cloud in real-time, CloudStrike can use AI to learn about attacks as they happen, and quickly send rules to all their other clients, theoretically nipping even novel attacks in the bud very quickly.<\/p>\n<p>You can see why this product is popular with large enterprise customers \u2014 unlike more traditional AV which is great at protecting against known threats and very poor at protecting against newly emerging threats, this is architected to give good protection against even the most novel attacks. Novel attacks first emerge against valuable targets, so the bigger a company is, the more appealing a product like Falcon Strike looks!<\/p>\n<p>A subtle but important point to note is that there is a trade-off here. All updates need testing before they go out, but that adds lag to the process, and the whole point is that the system should be really reactive. The way you balance this is with a massive bank of virtual machines running a wide array of tests in an entirely automated way. In theory, your test suite should cover every possible configuration in use in the real world, but it simply can&#8217;t, so there will be gaps.<\/p>\n<p>These kinds of systems tend to follow the power law statistical distribution, so small errors affecting a few customers are massively more probably than big errors affecting lots of customers, but sometimes you get unlucky!<\/p>\n<p>At this stage, I don&#8217;t think we know enough to understand how something got through testing that affected so many customers, but one worrying piece of anecdata is that this is not the first time this year an entire OS family seems to have been affected \u2014 there were bugs crashing two different flavours of Linux earlier this year. They just didn&#8217;t get the same kind of press because they didn&#8217;t have the same scale of impact.<\/p>\n<h3>Why is Recovery so Slow?<\/h3>\n<p>CrowdStrike figured out the root cause pretty quickly, and they revoked the problem update, but that only stops more machines from being knocked out, it does nothing to bring the dead machines back!<\/p>\n<p>To compound the problem, it can&#8217;t be fixed remotely or automatically because the fix is to boot the device into safe mode, delete a single file, and then re-boot. In a corporate environment, most users don&#8217;t have local administrator rights on their PCs, so they literally can&#8217;t fix the problem themselves, they have to wait for some from IT to physically restore their device.<\/p>\n<p>Having said that, servers should be easier to restore because most are virtual these days, and any company being run in an even reasonably responsible manner will have daily if not hourly snapshot backups they can roll back to. But, and office with servers and no PCs is still not a very functional place!<\/p>\n<h3>One Final Connection Back to Microsoft<\/h3>\n<p>In case there wasn&#8217;t already enough confusion between Microsoft&#8217;s part in the day&#8217;s drama and CloudStrike&#8217;s part, one of the services Microsoft sell to enterprise customers is virtual desktop PCs. You run your actual work PC in the cloud, and use a thin client to access it from anywhere, even a web browser. Companies manage these virtual PCs like they were physical, so, they will push out AV tools to them like they would any other PC, including FalconStrike in some cases, so, Microsoft reported that many of their cloud desktops also got stuck into infinite reboot loops because of the CloudStrike bug.<\/p>\n<h2>A Sting in the Tail \u2014 Cybercriminals try to Cash In<\/h2>\n<p>As always happens when something nasty gets headlines, cybercriminals are targeting companies with fake <em>&#8216;fixes&#8217;<\/em> from CloudStrike that are actually malware \ud83d\ude41<\/p>\n<p>This is timely reminder that this same kind of dynamic is in play each time there is any kind of bad news, be it a natural disaster, an accident, or a war, baddies will try to exploit the situation for profit.<\/p>\n<h2>Can we Learn any Lessons from all this?<\/h2>\n<p>Let&#8217;s start easy, does the Azure region outage teach us anything? To be honest, nothing new, we&#8217;ve seen this before with Amazon, Google, and Microsoft cloud services. It doesn&#8217;t happen often, but entire regions do sometimes go down. This is why all these providers offer resiliency as a feature.<\/p>\n<p><strong>When companies choose to accept a higher risk of failure to save money, the risk is real.<\/strong><\/p>\n<p>Moving on to the CloudStrike event, I don&#8217;t see a clear-cut answer.<\/p>\n<p>You might assume the lesson is not to rely on one vendor for all your AV, but that&#8217;s a terrible idea. To have any chance of running an effective cybersecurity operation you need a unified platform. Yes, having all your eggs in one basket is a risk, but having a total hodge-podge is actually worse. Instead of a low risk of a really spectacular outage, you&#8217;ll suffer lots of smaller incidents very frequently, and you&#8217;ll struggle to contain them. Your cybersecurity team will spend all their time firefighting and filing breach reports, and your reputation will suffer. Better to have a small chance of being one of many many companies affected at the same time when everyone knows it&#8217;s not your fault, but the vendors!<\/p>\n<p>You might assume CloudStrike must be some kind of fly-by-night operation, but they are extremely well respected. The reason they are used by so many such big companies is that they are one of the best, and that&#8217;s a reputation they&#8217;ve earned over many years of hard work.<\/p>\n<p>I&#8217;m a little concerned that it seems they had warnings their testing systems were leaky a few months back, so it&#8217;s possible they deserve some criticism for not reacting to those warnings better, but it&#8217;s equally possible they are very busy re-architecting things behind the scenes, and that there are changes in the pipeline already. We have much too little information today to draw any conclusions about whether or not CloudStrike were in some way negligent. Expect to learn much more in the future because it seems inevitable that CloudStrike will need to publish a detailed incident report on all this once they&#8217;ve had time to gather all the facts and do the needed analysis to engineer an appropriate response.<\/p>\n<p>For now, my advice is to ignore anyone who tells you that the blame for this is in any way clear. That&#8217;s a sign of someone who just doesn&#8217;t get that this is a tradeoff all the way down:<\/p>\n<ol>\n<li>You need a rapid response, and you need testing, the more you test, the slower your response<\/li>\n<li>You need a single cybersecurity platform to be able to run an effective operation, but that makes you vulnerable to a catastrophic failure<\/li>\n<\/ol>\n<p>Maybe this is a good argument for allowing your users to choose their end-user OS as long as it&#8217;s supported by your cybersecurity platform, and you allow your sysadmins to use multiple server solutions as long as they too are supported by your platform.<\/p>\n<h2>Links<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/major-microsoft-365-outage-caused-by-azure-configuration-change\/\">Major Microsoft 365 outage caused by Azure configuration change \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide\/\">CrowdStrike update crashes Windows systems, causes outages worldwide \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/stackdiary.com\/crowdstrike-took-down-debian-and-rocky-linux-a-few-months-ago-and-no-one-noticed\/\">CrowdStrike took down Debian and Rocky Linux a few months ago and no one noticed \u2014 stackdiary.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-windows-365-cloud-pcs-stuck-restarting-after-crowdstrike-update\/\">Microsoft confirms CrowdStrike update also hit Windows 365 PCs \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/thehackernews.com\/2024\/07\/cybercriminals-exploit-crowdstrike.html?m=1\">Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware \u2014 thehackernews.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><strong>Context:<\/strong> CloudStrike&#8217;s review on Gartner \u2014 <a href=\"https:\/\/www.gartner.com\/reviews\/market\/endpoint-protection-platforms\/vendor\/crowdstrike\/product\/crowdstrike-falcon\">www.gartner.com\/\u2026<\/a> (~4.8 out of five on all metrics)<\/p>\n<\/li>\n<li>\n<p>There were some humorous responses:<\/p>\n<ul>\n<li>XKCD released an unusually topical comic: <a href=\"https:\/\/xkcd.com\/2961\">CrowdStrike (2961) \u2014 xkcd.com\/\u2026<\/a><br \/>\n<img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/crowdstrike.png\" alt=\"We were going to try swordfighting, but all my compiling is on hold.\" \/><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.cultofmac.com\/863106\/install-bsod-wallpaper-mac-windows-blue-screen-of-death-day\/\">Install this wallpaper on your Mac to celebrate \u2018Blue Screen of Death Day\u2019 \u2014 www.cultofmac.com\/\u2026<\/a><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>\u2757 Action Alerts<\/h1>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Patch Tuesday: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-july-2024-patch-tuesday-fixes-142-flaws-4-zero-days\/\">Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year\/\">Windows MSHTML zero-day used in malware attacks for over a year \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/netgear-warns-users-to-patch-authentication-bypass-xss-router-flaws\/\">Netgear warns users to patch auth bypass, XSS router flaws \u2014 www.bleepingcomputer.com\/\u2026<\/a> (impacts popular gaming routers like the Nighthawk series)<\/li>\n<\/ul>\n<h1>Worthy Warnings<\/h1>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>\n<p>AT&amp;T leaked the call &amp; SMS metadata for all their customers, and hence, all the people their customers called or messaged between the 1st of May and the 31st of  October 2022, and on the 2nd of January 2023 \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2024\/07\/hackers-steal-phone-sms-records-for-nearly-all-att-customers\/\">krebsonsecurity.com\/\u2026<\/a> (Part of the Snowflake breach)<\/p>\n<\/li>\n<li>\n<p>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/rite-aid-says-june-data-breach-impacts-22-million-people\/\">Rite Aid says June data breach impacts 2.2 million people \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<blockquote><p>\n  <em>&#8220;This data included purchaser name, address, date of birth and driver\u2019s license number or other form of government-issued ID presented at the time of a purchase between June 6, 2017, and July 30, 2018.<\/em>\n<\/p><\/blockquote>\n<\/li>\n<li>Three breaches expose users to automated targeted phishing:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum\/\">Email addresses of 15 million Trello users leaked on hacking forum \u2014 www.bleepingcomputer.com\/\u2026<\/a> <\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api\/\">Over 400,000 Life360 user phone numbers leaked via unsecured API \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>If you ever bought anything from Zotac (very popular in the PC gaming sphere), beware that they accidentally exposed all their RMA information to search engines \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/computer-maker-zotac-exposed-customers-rma-info-on-google-search\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Beware, there is a <em>Smishing<\/em> (SMS-based phishing) attack targeting Apple ID, the messages take victims to a fake iCloud login page \u2014 <a href=\"https:\/\/www.macobserver.com\/iphone\/smishing-alert-new-cyberattack-targets-apple-iphone-and-ipad-users\/\">www.macobserver.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> Apple have updated their support document on avoiding being phished: <a href=\"https:\/\/support.apple.com\/en-gb\/102568\">Recognise and avoid social engineering schemes, including phishing messages, phoney support calls and other scams \u2014 support.apple.com\/\u2026<\/a> (worth bookmarking for sharing with friends &amp; family as needed)<\/li>\n<li><strong>Advice from Bart:<\/strong> remember, when entering details on a web page, <em>always look up<\/em> and check the address bar<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Notable News<\/h1>\n<ul>\n<li>\ud83c\uddea\ud83c\uddfa X (formerly Twitter) joins the ranks of companies with preliminary findings against them for breaking the EU Digital Services Act (DSA) \u2014 <a href=\"https:\/\/ec.europa.eu\/commission\/presscorner\/detail\/en\/IP_24_3761\">ec.europa.eu\/\u2026<\/a> (Digital <em>Services<\/em>, not Digital <em>Markets<\/em>!)\n<ul>\n<li>Complaints revolve around the Blue checkmark being misleading, the absence of required advertisement transparency reporting, and the lack of data access for researchers.<\/li>\n<li>Remember <em>Preliminary Findings<\/em> are official accusations, not convictions, the company now gets to offer a defence<\/li>\n<\/ul>\n<\/li>\n<li>Google have been caught with their fingers in the proverbial cookie jar, though in a surprisingly open way: <a href=\"https:\/\/daringfireball.net\/linked\/2024\/07\/12\/google-chrome-system-monitoring\">Google Chrome, Along With Other Popular Chromium Browsers, Grants System Monitoring Privileges to *.google.com Domains \u2014 daringfireball.net\/\u2026<\/a><\/li>\n<li>Google have made their <em>Advanced Protection<\/em> program for at-risk people a little more accessible by allowing users to choose passkeys rather than requiring hardware FIDO tokens \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-advanced-protection-program-gets-passkeys-for-high-risk-users\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>After downplaying the weakness for years, Signal have agreed to start encrypting local copies of chats in their desktop apps making use of OS-level key stores to securely store the keys (i.e. keychain on Macs) \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/signal-downplays-encryption-key-flaw-fixes-it-after-x-drama\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>MacPaw have previewed technology they have developed for real-time on-device phishing detection that promises to be a lot more effective than our existing block-listing approach \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/24\/07\/12\/macpaw-introduces-on-device-phishing-detection-to-boost-macos-security\">appleinsider.com\/\u2026<\/a>\n<ul>\n<li>Making use of the AI hardware on modern chips, they use on-device AI to pre-load link destinations in the background and check if they imitate known brands<\/li>\n<li>This was presented at a research conference, it was not a product demo, so we don&#8217;t know how or when we&#8217;ll get to purchase this, but it looks very promising<\/li>\n<\/ul>\n<\/li>\n<li>Two nice cybersecurity-related announcements from Microsoft:\n<ul>\n<li>Windows Updates will be evolving to give smaller to downloads and make installs more robust: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-announces-new-windows-checkpoint-cumulative-updates\/\">Microsoft announces new Windows &#8216;checkpoint&#8217; cumulative updates \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>All versions of Exchange Online (free services like Hotmail as well as paid offerings like Office365) will support DNSSEC+DANE for inbound email validation \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/exchange-online-adds-inbound-dane-with-dnssec-for-security-boost\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddf8\ud83c\uddec Singapore leads the way, and hopefully, many other countries will soon follow: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/banks-in-singapore-to-phase-out-one-time-passwords-in-3-months\/\">Banks in Singapore to phase out one-time passwords in 3 months \u2014 www.bleepingcomputer.com\/\u2026<\/a> (only phishing-resistant MFA is acceptable now, no more codes users have to type in, whether they be via SMS or an authenticator app)<\/li>\n<\/ul>\n<h1>Palate Cleansers<\/h1>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li>From Allison:\n<ul>\n<li>\ud83c\udfa7 An excellent interview with TikTok creator Sanjana Curtis: <a href=\"https:\/\/overcast.fm\/+AANlarJHvbE\">Clear+Vivid with Alan Alda: Sanjana Curtis- Sprinkling Stardust on TikTok \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li>\ud83c\udfa6 Sanjana&#8217;s Stardust series of videos on astrophysics \u2014 <a href=\"https:\/\/www.tiktok.com\/t\/ZPRoFJ2Sq\/\">www.tiktok.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>From Bart:\n<ul>\n<li>A fascinating (and possibly nostalgic) long read from FastCompany: <a href=\"https:\/\/www.fastcompany.com\/91140068\/how-the-internet-went-mainstream-in-1994\">What the internet looked like in 1994, according to 15 webpages born that year \u2014 www.fastcompany.com\/\u2026<\/a><\/li>\n<li>\ud83c\udfa6 A video of Steve Jobs speaking to the 1983 International Design Conference \u2014 <a href=\"https:\/\/tidbits.com\/2024\/07\/19\/steve-jobss-predictions-from-the-1983-international-design-conference\/\">tidbits.com\/\u2026<\/a> &amp; <a href=\"https:\/\/stevejobsarchive.com\/exhibits\/objects-of-our-life\">stevejobsarchive.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Legend<\/h1>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\uddfa\ud83c\uddf8 Kaspersky officially announce they are leaving the US \u2014 www.bleepingcomputer.com\/\u2026 Kaspersky offers free security software for six months in U.S. goodbye \u2014 www.bleepingcomputer.com\/\u2026 Google are not the only company losing the battle against [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147,214],"tags":[6719,233,50,569],"class_list":["post-31521","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-cloudstrike","tag-microsoft","tag-security","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/31521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=31521"}],"version-history":[{"count":1,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/31521\/revisions"}],"predecessor-version":[{"id":31522,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/31521\/revisions\/31522"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=31521"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=31521"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=31521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}