{"id":32063,"date":"2024-10-13T11:21:18","date_gmt":"2024-10-13T18:21:18","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=32063"},"modified":"2024-10-13T11:21:40","modified_gmt":"2024-10-13T18:21:40","slug":"sb-2024-10-13","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2024\/10\/sb-2024-10-13\/","title":{"rendered":"Security Bits \u2014 13 October 2024"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 More consequences for past misdeeds:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/t-mobile-pays-315-million-fcc-settlement-over-4-data-breaches\/\">T-Mobile pays $31.5 million FCC settlement over 4 data breaches \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/legal\/marriott-settles-with-ftc-to-pay-52-million-over-data-breaches\/\">Marriott settles with FTC, to pay $52 million over data breaches \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Two notable developments in the big CUPS vulnerability on Linux:\n<ul>\n<li>Researchers at Akami Security have found a little sting in the tail \u2014 exposed vulnerable servers can be used to amplify distributed denial of service (DDoS) attacks \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/recently-patched-cups-flaw-can-be-used-to-amplify-ddos-attacks\/\">www.bleepingcomputer.com\/\u2026<\/a> (exposed machines now need to be patched not just to protect themselves from takeover, but stop them being recruited for use in DDos attacks on other internet users)<\/li>\n<li>The storied security researcher Marcus Hitchins has released a Python script to scan your IP range for devices running vulnerable versions of CUPS \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/software\/new-scanner-finds-linux-unix-servers-exposed-to-cups-rce-attacks\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Another Patch Tuesday has been and gone, with 5 zero-days fixed by Microsoft this time \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-october-2024-patch-tuesday-fixes-5-zero-days-118-flaws\/\">www.bleepingcomputer.com\/\u2026<\/a>, <a href=\"https:\/\/krebsonsecurity.com\/2024\/10\/patch-tuesday-october-2024-edition\/\">krebsonsecurity.com\/\u2026<\/a> &amp; <a href=\"https:\/\/isc.sans.edu\/diary\/rss\/31336\">isc.sans.edu\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-releases-ios-ipados-18-0-1-with-security-updates-other-0-1-bug-fix-updates\/\">Apple releases iOS, iPadOS 18.0.1 with security updates; other &#8220;.0.1&#8221; bug-fix updates \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks\/\">Mozilla fixes Firefox zero-day actively exploited in attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/itunes-for-windows-gets-a-security-update\/\">iTunes for Windows Gets a Security Update \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/draytek-fixed-critical-flaws-in-over-700-000-exposed-routers\/\">DrayTek fixed critical flaws in over 700,000 exposed routers \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Android users need to keep an eye out for firmware updates from their vendors and apply them ASAP because Qualcomm have just patched critical flaws in the firmware for chips used in many smartphones \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/qualcomm-patches-high-severity-zero-day-exploited-in-attacks\/\">Qualcomm patches high-severity zero-day exploited in attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Users can&#8217;t apply the patch directly, it has to come via their vendor, so again, any Android phone not under active patching can&#8217;t be used safely!)<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>The Internet Archive has been compromised, and 31M usernames and passwords have been breached (the data has been incorporated into Have-I-Been-Pwned), a lot of creators chose to proactively upload their content to preserve it, so many in our community could be affected \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/internet-archive-hacked-data-breach-impacts-31-million-users\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 Reporting from the WSJ claims that the Chinese government broke into the <em>back doors for the good guys<\/em> US cellphone companies were forced to install to facilitate lawful data requests \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/24\/10\/08\/china-backed-hackers-broke-into-us-telecom-wiretap-portals-that-law-enforcement-uses\">appleinsider.com\/\u2026<\/a>\n<ul>\n<li>This story is the perfect illustration of why the idea of <em>back doors for the good guys<\/em> in End-to-End Encryption is fundamentally flawed \u2014 <a href=\"https:\/\/daringfireball.net\/linked\/2024\/10\/07\/china-calea-back-door-hack\">daringfireball.net\/\u2026<\/a><\/li>\n<li>In-depth explanation by Peter Strzok during the Cleanup on Aisle 45 Podcast of how this breach was achieved and the implications. <a href=\"https:\/\/overcast.fm\/+ABAd8HfRbF8\/28:35\">Episode 194 | Biblical Profit Potential starting at 28:35<\/a> Warning: this is a left-leaning political podcast.<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddea\ud83c\uddfa <a href=\"https:\/\/thehackernews.com\/2024\/10\/eu-court-limits-metas-use-of-personal.html?m=1\">E.U. Court Limits Meta&#8217;s Use of Personal Facebook Data for Targeted Ads \u2014 thehackernews.com\/\u2026<\/a>\n<ul>\n<li>Under Article 5(1)(C) of the GDPR data used to target ads can&#8217;t be retained indefinitely, but Meta (and others) have been doing just that, and that now has to stop<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.cultofmac.com\/news\/california-governor-vetoes-ai-safety-bill\">California governor vetoes major AI safety bill \u2014 www.cultofmac.com\/\u2026<\/a>\n<ul>\n<li>Could have been the first major AI regulation in the US, and set a new baseline like the CCPA<\/li>\n<li>Vetoed not because there is not a problem to be solved, but because this was not a good solution (<strong>Editorial by Bart:<\/strong> I agree with many of the points made in the veto statement, basing the law on model size not risk was the wrong approach)<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2024\/10\/google-joins-forces-with-gasa-and-dns.html\">Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale \u2014 thehackernews.com\/\u2026<\/a> (information sharing to make blocking of malicious domains more effective)<\/li>\n<li>Some nice little security enhancements from Microsoft:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-overhauls-security-for-publishing-edge-extensions\/\">Microsoft overhauls security for publishing Edge extensions \u2014 www.bleepingcomputer.com\/\u2026<\/a> (makes it harder to impersonate legitimate developers and sneak malware into trusted plugins)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-defender-now-automatically-detects-unsecure-wi-fi-networks\/\">Microsoft Defender adds detection of unsecure Wi-Fi networks \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Paid personal &amp; family subscriptions only)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-deprecates-pptp-and-l2tp-vpn-protocols-in-windows-server\/\">Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server \u2014 www.bleepingcomputer.com\/\u2026<\/a> (<strong>Editorial by Bart:<\/strong> more dangerous legacy protocols going away \ud83c\udf89 \u2014 a podcast I listened to, (before they podfaded) jokingly referred to PPTP as <em>Point to Point Toilet Paper<\/em> to mock its insecurity \ud83d\ude00)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li>A great overview of all the various security protections in modern Macs, and a big-picture explanation of how they work: <a href=\"https:\/\/appleinsider.com\/inside\/macos\/tips\/how-macos-protects-your-data-from-malware\">How macOS protects your data from malware \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Just Because it&#8217;s Cool \ud83d\ude0e<\/h2>\n<aside class=\"small-aside\">Stories that are not important, that don&#8217;t require you to do anything, and that you don&#8217;t even have to worry about.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 Some ingenious policing, and a perfect illustration of just how much of a scam cryptocurrency is: <a href=\"https:\/\/thehackernews.com\/2024\/10\/fbi-creates-fake-cryptocurrency-to.html\">FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Bart:<\/strong> \ud83c\udfa7 <a href=\"https:\/\/overcast.fm\/+AAmUeTYmv8c\">Irish History Podcast: Emily Anderson- The Forgotten Irish Bletchley Park Code Breaker \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\uddfa\ud83c\uddf8 More consequences for past misdeeds: T-Mobile pays $31.5 million FCC settlement over 4 data breaches \u2014 www.bleepingcomputer.com\/\u2026 Marriott settles with FTC, to pay $52 million over data breaches \u2014 www.bleepingcomputer.com\/\u2026 Two notable developments [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[6793,6795,6794,201,2060,50,569],"class_list":["post-32063","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-cups","tag-draytek-router","tag-internet-archive","tag-linux","tag-malware","tag-security","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32063","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=32063"}],"version-history":[{"count":1,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32063\/revisions"}],"predecessor-version":[{"id":32064,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32063\/revisions\/32064"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=32063"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=32063"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=32063"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}