{"id":34349,"date":"2025-08-17T13:57:07","date_gmt":"2025-08-17T20:57:07","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=34349"},"modified":"2025-08-17T13:57:30","modified_gmt":"2025-08-17T20:57:30","slug":"sb-2025-08-17","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2025\/08\/sb-2025-08-17\/","title":{"rendered":"Security Bits \u2014 17 August 2025"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\udfa7 More details on the <strong>Tea<\/strong> leak discussed last time, with reporting of how many women are continuing to use the app, and including new sigunups \ud83e\udd2f: <a href=\"https:\/\/overcast.fm\/+AA4qHoKtAAw\">kill switch: why are women still signing up for tea? \u2014 overcast.fm\/\u2026<\/a> (If any of your friends or family are making this mistake, send them this link!)<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><strong>Microsoft<\/strong> have released their August Patch Tuesday updates, the worst of the bugs is in Server 2025, but there are quite a few critical bugs in regular Windows, so patch ASAP \u2014 <a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32192\">isc.sans.edu\/\u2026<\/a>\n<ul>\n<li><strong>Aside:<\/strong> an interesting suggestion at the end of this reporting that Windows 10 users losing support in 2 months consider Linux Mint, a distro designed to be familiar-feeling to Windows users \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2025\/08\/microsoft-patch-tuesday-august-2025-edition\/\">krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Google have released the August monthly <strong>Android<\/strong> patch, including fixes for some nasty Qualcomm vulnerabilities being actively exploited in the wild, patch ASAP, if you can \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/android-gets-patches-for-qualcomm-flaws-exploited-in-attacks\/\">www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><strong>Proton<\/strong> have patched a vulnerability in their new <strong>Authenticator<\/strong> app (reported on the launch last time), if you installed it, be sure it&#8217;s fully patched \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/proton-fixes-authenticator-bug-leaking-totp-secrets-in-logs\/\">www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><strong>WinRAR Users:<\/strong> if you use WinRAR, make sure it&#8217;s fully patched, a recently patched bug is now being actively exploited by ransomeware gangs and other attackers \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/details-emerge-on-winrar-zero-day-attacks-that-infected-pcs-with-malware\/\">www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p><strong>Plex Users:<\/strong> make sure your server it patched, there is a zero-day under attack \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/plex-warns-users-to-patch-security-vulnerability-immediately\/\">www.bleepingcomputer.com\/\u2026<\/a> (Details still sparse, but Plex are pro-actively reaching out to users of certain server versions warning them to update ASAP, so it must be bad!)<\/p>\n<\/li>\n<li>\n<p><strong>Lenovo Webcam Users:<\/strong> <a href=\"https:\/\/thehackernews.com\/2025\/08\/linux-based-lenovo-webcams-flaw-can-be.html?m=1\">Linux-Based Lenovo Webcams&#8217; Flaw Can Be Remotely Exploited for BadUSB Attacks \u2014 thehackernews.com\/\u2026<\/a><\/p>\n<blockquote><p>\n  <em>&#8220;This allows remote attackers to inject keystrokes covertly and launch attacks independent of the host operating system&#8221;<\/em> \u2014 the security researchers who discovered the vulnerability\n<\/p><\/blockquote>\n<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/us-judiciary-confirms-breach-of-court-electronic-records-service\/\">U.S. Judiciary confirms breach of court electronic records service \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Not clear whether affected individuals and corporations are being informed \ud83d\ude15)<\/p>\n<\/li>\n<li>\n<p>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-leak-allianz-life-data-stolen-in-salesforce-attacks\/\">Hackers leak Allianz Life data stolen in Salesforce attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a> (The risk here is now very real as the data is being shared publicly)<\/p>\n<blockquote><p>\n  Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks.\n<\/p><\/blockquote>\n<\/li>\n<li>Now is a good time to check your status on HIBP: Troy Hunt has added details from a big new <em>&#8216;stealer log&#8217;<\/em> leak he&#8217;s dubbed <em>the Data Troll stealer logs<\/em> to the database \u2014 <a href=\"https:\/\/www.troyhunt.com\/that-16-billion-password-story-aka-data-troll\/\">www.troyhunt.com\/\u2026<\/a>\n<ul>\n<li><strong>Reminder:<\/strong> a stealer log is a collection of usernames and passwords collected by key-logging malware; no company or site has been breached here, and the passwords could be from <strong>any<\/strong> site.<\/li>\n<li>As is always the case with stealer logs, the data is very dirty, so the numbers reported in the media (like 16Bn people!) are nonsense. In Troy&#8217;s sampling, the data is <strong>reduced by about 96% when sanitised<\/strong>.<\/li>\n<li><strong>Editorial by Bart:<\/strong> 4% of a very big number is still a very big number, and I can tell you from first-hand experience that there are a lot of real humans caught up in this!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>A timely reminder to support your less tech-savvy aging friends and family: \ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ftc-older-adults-lost-record-700-million-to-scammers-in-2024\/\">FTC: Older adults lost record $700 million to scammers in 2024 \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<\/li>\n<li>\n<p>Meta has released a direct message for <strong>Threads<\/strong>, but it has no End-to-End Encryption \u2014 <a href=\"https:\/\/daringfireball.net\/linked\/2025\/08\/15\/threads-dms\">daringfireball.net\/\u2026<\/a> (<strong>Editorial by Bart:<\/strong> releasing a new messaging app without E2EE in 2025 is nuts, steer clear of this, don&#8217;t encourage anyone to adopt it!)<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/whatsapp-adds-new-security-feature-to-protect-against-scams\/\">WhatsApp adds new security feature to protect against scams \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/p>\n<blockquote><p>\n  This feature displays a &#8220;safety overview&#8221; context card that includes information about the group&#8217;s creation date, the number of members, potential scam attempts, and instructions on how to control who can add you to WhatsApp groups.\n<\/p><\/blockquote>\n<\/li>\n<\/ul>\n<h2>Interesting Insights<\/h2>\n<aside class=\"small-aside\">High-quality opinion and editorial content recommended by Bart.<\/aside>\n<ul>\n<li><strong>From Allison:<\/strong> <a href=\"https:\/\/petapixel.com\/2025\/07\/30\/a-little-over-50-of-people-can-recognize-ai-images-from-real-photos\/\">A Little Over 50% of People Can Recognize AI Images from Real Photos \u2014 petapixel.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Allison:<\/strong>\n<ul>\n<li><a href=\"https:\/\/tetralogical.com\/blog\/2025\/08\/08\/accessibility-and-the-agentic-web\/\">Accessibility and the agentic web \u2014 tetralogical.com\/\u2026<\/a><\/li>\n<li>\ud83c\udfa6 the moment TV went colour \u2014 <a href=\"https:\/\/www.instagram.com\/reel\/DMtQYciMXJs\/\">www.instagram.com\/\u2026<\/a> (no account needed to view)<\/li>\n<\/ul>\n<\/li>\n<li><strong>From Bart:<\/strong> some fascinating language fun to start, and some insightful thoughts on AI&#8217;s effect on the translation industry to follow: <a href=\"https:\/\/overcast.fm\/+AA5g41BmH20\">Grammar Girl Quick and Dirty Tips for Better Writing: AI\u2019s impact on translators, untranslatable Dutch words, and more, with Heddwen Newton \u2014 overcast.fm\/\u2026<\/a>\n<ul>\n<li>As someone raised Dutch-English bilingual, this was extra fun for me, and I&#8217;m guilty of simply inventing the word <em>howmanieth<\/em> because it&#8217;s so natural to me as a Dutch\/Flemish speaker (everyone understands it so intuitively, I didn&#8217;t realise it&#8217;s not a real English word!)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\udfa7 More details on the Tea leak discussed last time, with reporting of how many women are continuing to use the app, and including new sigunups \ud83e\udd2f: kill switch: why are women still signing [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147,214],"tags":[50,569,2239,2003],"class_list":["post-34349","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-security","tag-security-bits","tag-security-updates","tag-vulnerabilities"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=34349"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34349\/revisions"}],"predecessor-version":[{"id":34351,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34349\/revisions\/34351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=34349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=34349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=34349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}