{"id":34059,"date":"2025-06-22T15:35:04","date_gmt":"2025-06-22T22:35:04","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=34059"},"modified":"2025-06-22T15:35:04","modified_gmt":"2025-06-22T22:35:04","slug":"sb-2025-06-22","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2025\/06\/sb-2025-06-22\/","title":{"rendered":"Security Bits \u2014 22 June 2025"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>Greyware spyware from Pegatron continues to be abused: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/graphite-spyware-used-in-apple-ios-zero-click-attacks-on-journalists\/\">Graphite spyware used in Apple iOS zero-click attacks on journalists \u2014 www.bleepingcomputer.com\/\u2026<\/a> (This all happened a few months ago, and the zero-day was patched back in February 2025)<\/li>\n<li>\ud83c\uddec\ud83c\udde7 More bad news for beleaguered 23andMe: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/uk-fines-23andme-for-profoundly-damaging-breach-exposing-genetics-data\/\">UK fines 23andMe for \u2018profoundly damaging\u2019 breach exposing genetics data \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddec\ud83c\udde7 WhatsApp have filed to give evidence in support of Apple in their battle to save iCloud Advanced Encryption in the UK \u2014 <a href=\"https:\/\/www.bbc.com\/news\/articles\/cgmjrn42wdwo\">www.bbc.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/appleinsider.com\/articles\/25\/06\/19\/tiktok-ban-delayed-another-90-days-to-september-17\">TikTok ban enforcement delayed another 90 days to September 17 \u2014 appleinsider.com\/\u2026<\/a> (Still zero legal basis for this, Apple, Google, Oracle &amp; Akami still taking a huge risk obeying)<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-june-2025-patch-tuesday-fixes-exploited-zero-day-66-flaws\/\">Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws \u2014 www.bleepingcomputer.com\/\u2026<\/a>, <a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32032\">isc.sans.edu\/\u2026<\/a> &amp; <a href=\"https:\/\/krebsonsecurity.com\/2025\/06\/patch-tuesday-june-2025-edition\/\">krebsonsecurity.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware\/\">Hackers exploited Windows WebDav zero-day to drop malware \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Fixed by the updates)<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-secure-boot-flaw-lets-attackers-install-bootkit-malware-patch-now\/\">New Secure Boot flaw lets attackers install bootkit malware, patch now \u2014 www.bleepingcomputer.com\/\u2026<\/a> (you just have to patch Windows to protect yourself)<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>Beware of Discord invite links, a flaw in their design is being used to spread malware \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/discord-flaw-lets-hackers-reuse-expired-invites-in-malware-campaign\/\">www.bleepingcomputer.com\/\u2026<\/a> (The danger is to anyone clicking on a malicious invite link, not to owners or members of Discord communities)<\/p>\n<\/li>\n<li>\n<p>\u26a0\ufe0f <strong>ASUS Users:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/asus-armoury-crate-bug-lets-attackers-get-windows-admin-privileges\/\">ASUS Armoury Crate bug lets attackers get Windows admin privileges \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<blockquote><p>\n  &#8220;Armoury Crate is the official system control software for Windows from ASUS, providing a centralized interface to control RGB lighting (Aura Sync), adjust fan curves, manage performance profiles and ASUS peripherals, as well as\u00a0download drivers and firmware updates.&#8221;\n<\/p><\/blockquote>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-steals-1-million-cockli-user-records-in-webmail-data-breach\/\">Hacker steals 1 million <strong>Cock.li<\/strong> user records in webmail data breach \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Privacy-focused free mail provider)<\/p>\n<\/li>\n<li>\n<p>\ud83c\uddfa\ud83c\uddf8 \u26a0\ufe0f <strong>Current &amp; Former Customers:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/old-atandt-data-leak-repackaged-to-link-ssns-dobs-to-49m-phone-numbers\/\">Old <strong>AT&amp;T<\/strong> data leak repackaged to link SSNs, DOBs to 49M phone numbers \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<ul>\n<li>An interesting illustration of how newer breaches can <em>enrich<\/em> less broad earlier breaches<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 Example of a new trend in cybercrime attacks, cybercriminals seem to be switching focus from the healthcare to insurance industries in the US: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/aflac-discloses-breach-amidst-scattered-spider-insurance-attacks\/\">Aflac discloses breach amidst Scattered Spider insurance attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/appleinsider.com\/articles\/25\/06\/18\/16-billion-logins-discovered-across-exposed-datasets-but-dont-panic\">16 billion logins discovered across exposed datasets, but don&#8217;t panic \u2014 appleinsider.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/no-the-16-billion-credentials-leak-is-not-a-new-data-breach\/\">www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<ul>\n<li>No websites have been breached, these are passwords stolen from users by malware<\/p>\n<\/li>\n<li>\n<p>Excellent conclusion in the article:<\/p>\n<\/li>\n<\/ul>\n<blockquote>\n<p>&#8220;Basic internet and password hygiene can go a long way in thwarting criminals. And while some of this can take time to set up, once it&#8217;s all running, you should never have to think of a username or password again, even when there is a breach.&#8221;\n<\/p><\/blockquote>\n<\/li>\n<li>Meta are expanding their passkey support to their mobile apps (Android &amp; iOS) \u2014  <a href=\"https:\/\/thehackernews.com\/2025\/06\/meta-adds-passkey-login-support-to.html\">thehackernews.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/technology\/linux-foundation-unveils-decentralized-wordpress-plugin-manager\/\">Linux Foundation unveils decentralized WordPress plugin manager \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Important for the community given the chaos being caused by Automatic&#8217;s on-going legal battles with WPEngine)<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/duckduckgo-beefs-up-scam-defense-to-block-fake-stores-crypto-sites\/\">DuckDuckGo beefs up scam defense to block fake stores, crypto sites \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p>More technical debt being paid down by Microsoft to boost security:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-365-to-block-file-access-via-legacy-auth-protocols-by-default\/\">Microsoft 365 to block file access via legacy auth protocols by default \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Will break older 3rd-party apps and integrations that have not been upgraded to OAuth2)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-to-remove-legacy-drivers-from-windows-update-for-security-boost\/\">Microsoft to remove legacy drivers from Windows Update for security boost \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Slow phased plan, should avoid user issues)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li>Very well structured article: <a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-hacked-what-to-do\/\">What to Do If Your Mac Was Hacked \u2014 www.intego.com\/\u2026<\/a> (One to bookmark and hope you never need!)<\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Allison<\/strong>\n<ul>\n<li>Bart&#8217;s <a href=\"https:\/\/www.lets-talk.ie\/blog\/?p=83355\">Let&#8217;s Talk Photography episode 141 entitled, &#8220;Alt Text, do it for You!&#8221;<\/a> <\/li>\n<li>Bart walks you through his journey from knowing about Alt Text to dipping his toes in to fully embracing the writing of them as a way to improve his photography. I didn\u2019t get the premise going in, but it makes perfect sense.<\/li>\n<\/ul>\n<\/li>\n<li><strong>From Bart:<\/strong>\n<ul>\n<li><a href=\"https:\/\/xkcd.com\/3101\">XKCD 3101: Good Science<\/a><br \/>\n<img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/good_science.png\" alt=\"Good Science\" title=\"If you think curiosity without rigor is bad, you should see rigor without curiosity.\" \/><\/li>\n<li>\ud83c\udfa7 How AI can make education better by training <strong>human<\/strong> teachers rather than replacing them: <a href=\"https:\/\/overcast.fm\/+AA5IlChJZg8\">Revisionist History: How AI Assistants Can Transform Education \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li>\ud83c\udfa6 A remastered version of Steve Jobs&#8217; famous commencement address: <a href=\"https:\/\/stevejobsarchive.com\/exhibits\/stay-hungry-stay-foolish\">Stay Hungry, Stay Foolish \u2014 stevejobsarchive.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. Greyware spyware from Pegatron continues to be abused: Graphite spyware used in Apple iOS zero-click attacks on journalists \u2014 www.bleepingcomputer.com\/\u2026 (This all happened a few months ago, and the zero-day was patched back in [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[50,569,2003],"class_list":["post-34059","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-security","tag-security-bits","tag-vulnerabilities"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34059","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=34059"}],"version-history":[{"count":1,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34059\/revisions"}],"predecessor-version":[{"id":34060,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34059\/revisions\/34060"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=34059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=34059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=34059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}