{"id":32339,"date":"2024-11-24T13:19:13","date_gmt":"2024-11-24T21:19:13","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=32339"},"modified":"2024-11-25T06:44:08","modified_gmt":"2024-11-25T14:44:08","slug":"sb-2024-11-24","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2024\/11\/sb-2024-11-24\/","title":{"rendered":"Security Bits \u2014 24 November 2024"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 \ud83c\udde8\ud83c\uddf3 The scope of the Chinese State-sponsored hack of telcos expands: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/t-mobile-confirms-it-was-hacked-in-recent-wave-of-telecom-breaches\/\">T-Mobile confirms it was hacked in recent wave of telecom breaches \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>A rare leak of what the GreyKey phone unlocking device can do today: <a href=\"https:\/\/appleinsider.com\/articles\/24\/11\/19\/leak-what-law-enforcement-can-unlock-with-the-graykey-iphone-hacking-tool\">Leak: what law enforcement can unlock with the &#8216;Graykey&#8217; iPhone hacking tool \u2014 appleinsider.com\/\u2026<\/a>\n<ul>\n<li>ATM the tools only have partial access to fully patched modern iPhones (no details on what <em>&#8216;partial&#8217;<\/em> means \ud83d\ude41)<\/li>\n<li>Newer phones and OSes remain more resistant than older ones, so if security is important to you, update!<\/li>\n<li>In general, iPhones remain more resistant than Androids<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Deep Dive 1 \u2014 Taking Stock<\/h2>\n<p>As we approach the end of the year, summary reports start to come out. These reports mostly focus on the enterprise, so at first glance, they\u2019re not that relevant to this segment, but if you scratch a little deeper they are. Our security depends on two things:<\/p>\n<ol>\n<li>The actions we choose to take and fail to take<\/li>\n<li>The actions the companies we choose to trust choose to take and fail to take<\/li>\n<\/ol>\n<p>It\u2019s that second one that these reports are relevant to. Something that\u2019s depressingly consistent in these reports is that there is a surprising amount of low-hanging fruit left for attackers to exploit. This is why there are moves on both sides of the Atlantic to try establish cybersecurity baselines.<\/p>\n<p>The concept of baseline is not new \u2014 we already them for sector of the economy like financial &amp; healthcare, and for government agencies. In an ideal world, there would be a spectrum of baselines and every company and organisation that processes customer data would fall somewhere on that spectrum. No one would get away without at least <strong>some<\/strong> baseline responsibilities. Nothing like that is on the cards yet, but there are new baselines in various stages of rollout on both sides of the Atlantic, and they&#8217;re expanding the net.<\/p>\n<p>The specifics vary wildly, but if you zoom out, the kinds of organisations that are finding themselves having to prepare for new or expanded mandated baselines of some kind include:<\/p>\n<ul>\n<li>Government contractors<\/li>\n<li>Critical infrastructure providers (energy, water, communications etc.)<\/li>\n<li>Educational institutions<\/li>\n<li>Organisations holding a lot of personal data<\/li>\n<\/ul>\n<p>One particularly broad-reaching idea that is gaining traction in Europe is the idea of making software vendors liable for damage caused by negligence on their part. Every software license I&#8217;ve ever read includes a clause forcing users to disclaim all rights to compensation for damages. The proposed laws would make those clauses unenforceable throughout all of Europe. In effect, this would put a baseline of not being <em>&#8216;negligent&#8217;<\/em> on all software vendors doing business in Europe. It would seem sensible in this kind of world for regulators to release or endorse some kind of <em>best practices<\/em> like those put out by various organisations already as a working definition of what you need to do not to be negligent.<\/p>\n<p>What has all this to do with end of year reports? Well, those report illustrate why there is so much momentum towards baselines these days \u2014 clearly, the free market alone is not succeeding is delivering even a reasonable cybersecurity baseline.<\/p>\n<h3>The Most Exploited Vulnerabilities of 2023<\/h3>\n<p>The first <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa24-317a\">report<\/a> that caught my eye is a joint report by the relevant national security agencies in the so-called <a href=\"\">Five Eyes<\/a> \ud83c\udde6\ud83c\uddfa\ud83c\udde8\ud83c\udde6\ud83c\uddf3\ud83c\uddff\ud83c\uddec\ud83c\udde7\ud83c\uddfa\ud83c\uddf8. This report lists the vulnerabilities most often used by attackers in successful attacks on enterprises in 2023.<\/p>\n<p>The report&#8217;s main calls to action are:<\/p>\n<ol>\n<li>For software vendors to adopt a <em>Secure by Design<\/em> approach<\/li>\n<li>For organisations to put better patch management systems in place so they don\u2019t let so many systems stay so unpatched for so long<\/li>\n<\/ol>\n<p>To save you trying to find the relevant bits on a long report, I&#8217;d recommend <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-cisa-and-nsa-reveal-most-exploited-vulnerabilities-of-2023\/\">the reporting from Bleeping Computer<\/a> which includes the list as a nice table.<\/p>\n<p>Looking at the list, my two conclusions are:<\/p>\n<ol>\n<li>Too many organisations are disappointingly slow to patch even the really well-known bugs that make the mainstream news, let alone the less newsworthy run-of-the-mill bugs. The low-lights for me are that top 15 include:\n<ul>\n<li>Log4J which was once a zero-day, but not in 2023!<\/li>\n<li>MoveIT which did start as multiple zero-days in 2023, but there were patches, massive media coverage, and alerts from major CERTs (Cybersecurity Emergency Response Teams) all over the world within hours. It should not have been reacted to slowly enough for it to make this list!<\/li>\n<\/ul>\n<\/li>\n<li>Too many organisations are too slow to patch the absolute most critical stuff like their firewalls, remote access tools, and core systems like collaboration tools from:\n<ul>\n<li>Citrix, CISCO, Fortinet, Barracuda &amp; Microsoft dominate the list)<\/li>\n<li>Pushback from management against downtime and the risk of patching quickly likely plays a big part, but I really don&#8217;t think the risk of <strong>not<\/strong> pathing is properly factored in much of the time<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h4>Links<\/h4>\n<ul>\n<li>The executive summary and links to the full report: <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa24-317a\">2023 Top Routinely Exploited Vulnerabilities \u2014 www.cisa.gov\/\u2026<\/a><\/li>\n<li>Bleeping Computer&#8217;s coverage: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-cisa-and-nsa-reveal-most-exploited-vulnerabilities-of-2023\/\">FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>The 25 Most Exploited Vulnerability Type of 2024<\/h3>\n<p>The second <a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2024\/2024_cwe_top25.html\">report<\/a> that caught me eye is from <a href=\"https:\/\/mitre.org\">MITRE<\/a>, the not-for-profit that manages the critically important <a href=\"https:\/\/attack.mitre.org\">MITRE ATT&amp;CK framework<\/a> that has revolutionised modern cybersecurity tools (a common taxonomy of tactics &amp; techniques used by cyber attackers). MITRE&#8217;s report lists the 25 most exploited types of vulnerability seen between July 2023 &amp; 2024. In other words, what are the most common types of software bugs?<\/p>\n<p>Like with the Five Eyes report, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/mitre-shares-2024s-top-25-most-dangerous-software-weaknesses\/\">Bleeping Computer has a nice summary with a table<\/a>.<\/p>\n<p>Again, my takeaway is how depressingly old many of these vulnerability types are, and how easy they would be to prevent with simple best practices and modern tooling:<\/p>\n<ul>\n<li>Trivial data validation bugs that have been understood for decades still dominate the list:\n<ul>\n<li>Cross Site Scripting is still at No. 1, and its slightly more subtle cousin Cross Site Request Forgery is at No. 4 (up five places since 2023!)<\/li>\n<li>SQL Injection is still at No. 3<\/li>\n<li>Path traversal (letting things like <code>..\/<\/code> sneak into user input that gets translated to a file path or URL) is at No. 5, up 3 places since 2023!<\/li>\n<li>OS command injection is at No. 7, and other generic command injections are at No. 13<\/li>\n<li>Finally, all other generic input validation issues are at No. 12<\/li>\n<\/ul>\n<\/li>\n<li>Despite a wealth of modern memory-safe languages that make a whole raft of bugs impossible, clearly, lots of code is still written in old memory-unsafe languages like C, and without the required software engineering tools designed to compensate for the language&#8217;s well-understood shortcomings being deployed:\n<ul>\n<li>Out-of-bounds-writes (like buffer overflows) are at No. 2, I guess it&#8217;s progress that they&#8217;re down one place since 2023 \ud83d\ude15<\/li>\n<li>Out-of-bounds-reads and Use-after-free error are at Nos. 6 &amp; 8, and they lead to memory leaks like HeartBleed \ud83d\ude41<\/li>\n<li>Code injection (making things like remote code execution possible) is not just still on the list at No. 11 but up a whopping 12 places!<\/li>\n<li>Null pointers leading to app crashes are also still on the list, though they&#8217;ve dropped nine places to No. 21<\/li>\n<li>Even a trivial problem like the good old integer overflow is still on the list at No. 23, though thankfully down nine places<\/li>\n<\/ul>\n<\/li>\n<li>Leaky security controls are still a big problem, which implies to me there is not enough penetration testing being done by vendors:\n<ul>\n<li>Improper authentication, improper privilege management, and improper authorisation are at Nos. 14, 15 &amp; 18, with the latter two up by seven &amp; six places!<\/li>\n<li>Exposure of sensitive data to unauthorised actors, i.e. data leaks to software or people, is at No. 17, up a whopping 13 places. I guess that helps explain why we still have so many data leaks \ud83d\ude41<\/li>\n<li>Missing authentication on critical function rounds out the list at No. 25, thankfully down five places<\/li>\n<\/ul>\n<\/li>\n<li>Hardcoded credentials are still a thing in 2024 \ud83e\udd2f \u2014 though they are down at No. 22, and have fallen 4 places<\/li>\n<\/ul>\n<h4>Links<\/h4>\n<ul>\n<li>The original report: <a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2024\/2024_cwe_top25.html\">2024 CWE Top 25 Most Dangerous Software Weaknesses \u2014 cwe.mitre.org\/\u2026<\/a><\/li>\n<li>Bleeping Computer&#8217;s coverage: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/mitre-shares-2024s-top-25-most-dangerous-software-weaknesses\/\">MITRE shares 2024&#8217;s top 25 most dangerous software weaknesses \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Deep Dive 2 \u2014 Some Interesting Security Announcements at Microsoft Ignite 2024<\/h2>\n<p>Microsoft&#8217;s equivalent of Apple&#8217;s big WWDC event is their annual <a href=\"https:\/\/ignite.microsoft.com\/en-US\/home\">Ignite<\/a> event, and <a href=\"https:\/\/ignite.microsoft.com\/en-US\/sessions\">Microsoft Ignite 2024<\/a> ran from the 17th to the 23rd of October.<\/p>\n<p>From a cybersecurity point of view, the biggest news was the new high-level initiative to boost Windows security and resiliency.<\/p>\n<p>One of the obvious inspirations for this new security and resiliency push was the infamous CroudStrike outage over the summer. Two announcements in particular are clearly direct responses to that incident:<\/p>\n<ol>\n<li>Microsoft officially announced that they are working with cybersecurity vendors to add the needed APIs to allow 3rd-party security tools to run outside of the kernel (like they already can on macOS &amp; Linux). This work is happening through the <em>Microsoft Virus Initiative<\/em>.<\/li>\n<li>Windows 11 is getting a new recovery tool that lets admins remotely fix computers that fail to boot (like those afflicted by the CrowdStrike bug!)<\/li>\n<\/ol>\n<p>The focus wasn&#8217;t entirely on preventing a next &#8216;CrowdStrike&#8217;. There were some other nice announcements too:<\/p>\n<ol>\n<li>Windows 11 is getting a new <em>Admin Protection<\/em> feature:\n<ul>\n<li>When local admins log in, they run as regular users, but have the power to elevate to Admin when needed \u2014 massively reducing the damage malware can do without tricking the user or exploiting a bug for privilege escalation<\/li>\n<li>User experience is Apple-like \u2014 Windows Hello to authenticate admin actions<\/li>\n<\/ul>\n<\/li>\n<li>HotPatch (kernel updates without reboots as we have on Linux, but not yet macOS) is now in test on the latest insider builds of Windows 11<\/li>\n<li>Microsoft is testing new APIs to allow Paskeys stored in 3rd-party apps to be used for Windows Hello (like FaceID) \u2014 partners include 1Password \ud83d\ude00<\/li>\n<\/ol>\n<h3>Links:<\/h3>\n<ul>\n<li>Microsoft&#8217;s blog post in Windows Security and Resiliency \u2014 <a href=\"https:\/\/blogs.windows.com\/windowsexperience\/2024\/11\/19\/windows-security-and-resiliency-protecting-your-business\/\">blogs.windows.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2024\/11\/microsoft-launches-windows-resiliency.html\">Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-shares-more-details-on-windows-11-admin-protection\/\">Microsoft shares more details on Windows 11 admin protection \u2014 www.bleepingcomputer.com\/\u2026<\/a> <\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/windows-quick-machine-recovery-lets-admins-remotely-fix-unbootable-devices\/\">New Windows 11 recovery tool to let admins remotely fix unbootable devices \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-now-testing-hotpatch-on-windows-11-24h2-and-windows-365\/\">Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365 \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-testing-windows-11-support-for-third-party-passkeys\/\">Microsoft testing Windows 11 support for third-party passkeys \u2014 www.bleepingcomputer.com\/\u2026<\/a> (working with 1Password and others)<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Patch Tuesday as been and gone:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-november-2024-patch-tuesday-fixes-4-zero-days-89-flaws\/\">Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Apple patch just about everything\n<ul>\n<li><a href=\"https:\/\/appleinsider.com\/articles\/24\/11\/19\/apple-releases-security-updates-for-ios-1811-ipados-1811-macos-1511\">Apple releases security updates for iOS 18.1.1, iPadOS 18.1.1, macOS 15.1.1 \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/apple-fixes-two-zero-days-used-in-attacks-on-intel-based-macs\/\">Apple fixes two zero-days used in attacks on Intel-based Macs \u2014 www.bleepingcomputer.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.macobserver.com\/news\/apple-releases-critical-security-updates-for-macos-and-visionos\/\">Apple Releases Critical Security Updates for macOS and visionOS \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root\/\">Ubuntu Linux impacted by decade-old &#8216;needrestart&#8217; flaw that gives root \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>A timely reminder of the importance of keeping security tools patched: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/security-plugin-flaw-in-millions-of-wordpress-sites-gives-admin-access\/\">Security plugin flaw in millions of WordPress sites gives admin access \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>Security tools tend to be very privileged, so when they have a serious problem like a remote code execution bug or an authentication bypass, the effect is often catastrophic!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>Since many NosillaCastaways use GitHub, beware: <a href=\"https:\/\/thehackernews.com\/2024\/11\/new-phishing-tool-goissue-targets.html\">New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns \u2014 thehackernews.com\/\u2026<\/a> (Malware-as-a-Service offering bulk-targeting of GitHub users)<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/software\/signal-introduces-convenient-call-links-for-private-group-chats\/\">Signal introduces convenient &#8220;call links&#8221; for private group chats \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 The National Do Not Call list seems to be having a positive effect: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ftc-reports-50-percent-drop-in-unwanted-call-complaints-since-2021\/\">FTC reports 50% drop in unwanted call complaints since 2021 \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li><a href=\"https:\/\/appleinsider.com\/inside\/macos\/tips\/how-xprotect-protects-you-from-viruses-on-macos\">How XProtect protects you from viruses on macOS \u2014 appleinsider.com\/\u2026<\/a> (Starts with a deep but approachable overview, then gets <strong>really<\/strong> nerdy including lots of cool terminal commands for peering deep under the hood!)<\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Bart:<\/strong>\n<ul>\n<li>\ud83c\udfa7 Followup from the Euclid image Allison shared last time: <a href=\"https:\/\/overcast.fm\/+AAQwxIl6WhE\">Astronomy Cast: Ep. 732- The Euclid Telescope \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/software\/vmware-makes-workstation-and-fusion-free-for-everyone\/\">VMware makes Workstation and Fusion free for everyone \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/ss64.com\/mac\/\">An A-Z Index of  Apple macOS (bash) commands \u2014 ss64.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/xkcd.com\/327\/\">Exploits of a Mom<\/a> (Drop Tables) on XKCD<\/li>\n<\/ul>\n<\/li>\n<li><strong>From Allison:<\/strong>\n<ul>\n<li>\ud83c\uddec\ud83c\udde7 <a href=\"https:\/\/news.virginmediao2.co.uk\/o2-unveils-daisy-the-ai-granny-wasting-scammers-time\/\">O2 unveils Daisy, the AI granny wasting scammers\u2019 time \u2014 news.virginmediao2.co.uk\/\u2026<\/a><\/li>\n<li>Don&#8217;t understand an XKCD cartoon? Check out <a href=\"https:\/\/www.explainxkcd.com\">explain xkcd wiki<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\uddfa\ud83c\uddf8 \ud83c\udde8\ud83c\uddf3 The scope of the Chinese State-sponsored hack of telcos expands: T-Mobile confirms it was hacked in recent wave of telecom breaches \u2014 www.bleepingcomputer.com\/\u2026 A rare leak of what the GreyKey phone unlocking [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147,214],"tags":[50,569,6830],"class_list":["post-32339","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-security","tag-security-bits","tag-year-end-security-report"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=32339"}],"version-history":[{"count":4,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32339\/revisions"}],"predecessor-version":[{"id":32351,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/32339\/revisions\/32351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=32339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=32339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=32339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}