{"id":6197,"date":"2015-09-08T06:24:41","date_gmt":"2015-09-08T10:24:41","guid":{"rendered":"https:\/\/kasperskydaily.com\/uk\/?p=6197"},"modified":"2019-11-22T10:12:56","modified_gmt":"2019-11-22T10:12:56","slug":"security-week-36","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/security-week-36\/6197\/","title":{"rendered":"Security Week 36: jailbreak theft, farewell to RC4 and holes in routers"},"content":{"rendered":"<p>Our lives will be smooth once PCs are embedded into our brains. Text messages will be replaced by \u2018mentalgrams,\u2019 whispered to us subtly by our inner voice. Has a bright idea just popped into your head? Share it with your friends via a brainwave! Recall your wife\u2019s groceries list for just $2.99.<\/p>\n Why would they stick a 5V and 12V outputs to someone\u2019s head? I don\u2019t know, seriously!\n<p>Then immature bio-discreet interfaces will stream data at the rate of terabytes per minute to the computers (which will be, essentially, display-less smartphones), leaving the function of searching the entirety of the background noise for sense and need for more powerful processors of the future.<\/p>\n<p>In simple words, the brand new iPhone 164 will know everything about you. Google, which will have lived through 34 rebranding campaigns and 8 restructuring efforts, will store and process this data in its data centers which will occupy over 2% of the Earth\u2019s surface. Only then, when this technology breakthrough is a bit more mature, will they think of securing those immense volumes of data.<\/p>\n<p>Unfortunately before this data is secured, it will probably hit the black market. Only then we would finally think of what data we collect and store and how.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">How direct neural interfaces work and how it refers to data security <a href=\"http:\/\/t.co\/UZ9H7CmZQX\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/UZ9H7CmZQX<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/594214205894463489?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 1, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>This is bound to happen later. Speaking of today, I wonder whether anyone cares about how much user background a collection of gyroscope data would reveal. Security research frequently lags behind the commercial technology, and tech designers would rarely give a second thought about security when creating their gizmos.<\/p>\n<p>In today\u2019s digest of the last week\u2019s key news will cover software and devices of today, which have been available to millions of users for some time. Once again, the rules of the road: every week <a href=\"http:\/\/www.threatpost.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Threatpost<\/a>\u2018s team handpicks three important news stories, which I offer commentary. All previous editions can be found <a href=\"https:\/\/www.kaspersky.com\/blog\/tag\/security-week\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a>.<\/p>\n<h3>A Trojan steals data from jailbroken iPhones<\/h3>\n<p><a href=\"https:\/\/threatpost.com\/keyraider-malware-steals-certificates-keys-and-account-data-from-jailbroken-iphones\/114473\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">News<\/a>. Palo Alto Networks <a href=\"http:\/\/researchcenter.paloaltonetworks.com\/2015\/08\/keyraider-ios-malware-steals-over-225000-apple-accounts-to-create-free-app-utopia\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">research<\/a>. Short <a href=\"https:\/\/www.kaspersky.com\/blog\/ios-greatest-hack\/9714\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">explanation<\/a> of who should worry.<\/p>\n<p>Not all reports on leaks or bugs are easily explained in human terms, yet this one is. In China, a rogue iOS app was found; it sneaks into communications between a smartphone and Apple\u2019s servers and steals iTunes passwords. The malware got busted because it attracted too much attention: many users started to report theft from their iTunes accounts (for the record, the bank card is tied by a dead knot to an Apple account and the only thing you need in order to pay for Angry Birds is a password).<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">KeyRaider <a href=\"https:\/\/twitter.com\/hashtag\/Malware?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Malware<\/a> Steals Certs, Keys &amp; Account Data From Jailbroken <a href=\"https:\/\/twitter.com\/hashtag\/iPhones?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#iPhones<\/a>: <a href=\"http:\/\/t.co\/RKlDhcJc1m\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/RKlDhcJc1m<\/a> via <a href=\"https:\/\/twitter.com\/threatpost?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@threatpost<\/a> <a href=\"http:\/\/t.co\/IZ90PMfRXx\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/IZ90PMfRXx<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/638431344297648128?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">August 31, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Cool, right? Wrong! The attack concerned only jailbroken users. Independent researchers from China who attributed themselves to WeipTech have accidently broken into the cuplrits\u2019 C&amp;C server and found over 225,000 user credentials (amazing how many people are into jailbreaking), including username, password and the device\u2019s GUID.<\/p>\n<p>The malicious app is side-loaded from Cydia, an alternative iOS app store. Then it embeds itself into communications between the device and Apple servers, following the good old Man in the Middle method and redirects the hijacked data to its own server. And now \u2013 the icing on the cake: the malware uses a static encryption key, \u2018mischa07\u2019 (FYI: in Russian \u2018Misha\u2019 stands both for pet form of name Michael and for \u2018<a href=\"https:\/\/en.wikipedia.org\/wiki\/Misha\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">bear<\/a>\u2018).<\/p>\n<div id=\"attachment_6198\" style=\"width: 1034px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194907\/security-week-36-FB.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-6198\" class=\"wp-image-6198 size-large\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194907\/security-week-36-FB-1024x1024.jpg\" alt=\"\" width=\"1024\" height=\"1024\"><\/a><p id=\"caption-attachment-6198\" class=\"wp-caption-text\">Mischa07 steals iOS users\u2019 passwords<\/p><\/div>\n<p>It remains unclear whether that \u2018Mischa\u2019 managed to earn a fortune on the KeyRaider attack. Still, the morale here is that a jailbroken iPhone is even more susceptible to attacks than an Android device. Once the robust iOS protection is compromised, it turns out that no other protection means are in place and anyone can do, basically, anything.<\/p>\n<p>It\u2019s a common flaw for all robust systems: on the outside, powerful firewalls and physical means of protection are deployed at the perimeter, the system itself is disconnected \u2013 all in all, the system is a fortress. But on the inside, it represents a mediocre Pentium 4 PC running Windows XP, which was last patched back in 2003. But, in this case, what if someone has infiltrated the perimeter?<\/p>\n<p>The question pops up with regard to iOS: what could happen if a simple and operational root exploit emerged? Does Apple have a Plan B? Might this prove Android has an advantage, after all, since it presupposes the chance to be hacked and the developers act respectively?<\/p>\n<h3>Google, Mozilla and Microsoft (even earlier) will bid farewell to RC4 in 2016<\/h3>\n<p><a href=\"https:\/\/threatpost.com\/google-mozilla-microsoft-to-sever-rc4-support-in-early-2016\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">News<\/a>.<\/p>\n<p>Last week\u2019s installment of Security Week (the one where we discussed the man-on-the-side DDoS attack on GitHub) we concluded that using HTTPS is blessing both for a user and a web service owner. That remains so, besides the fact that not all HTTPS deployment are good for your health \u2013 moreover, some of them, which employ ancient encryption methods, are even hazardous.<\/p>\n<p>To cite a couple of examples, let me remind you of the role of SSLv3 in the <a href=\"https:\/\/threatpost.com\/new-poodle-ssl-3-0-attack-exploits-protocol-fallback-issue\/108844\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">POODLE<\/a> attack and, basically, everything, which employs the RC4 encryption. If SSLv3 has just turned 18 and can enjoy a lot of adult things now, RC4 dates back to as long ago as 1980s. With regard to the web, it\u2019s hard to know for sure that the use of RC4 results in a compromised connection, per se. Earlier Internet Engineering Task Force admitted that theoretically attacks on RC4 are likely to be soon performed in the wild.<\/p>\n<p>By the way, here\u2019s the result of a recent <a href=\"https:\/\/threatpost.com\/new-rc4-attack-dramatically-reduces-plaintext-recovery-time\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">research<\/a>: a downgrade from any robust encryption to RC4 allows one to decrypt cookies (which means to hijack the session) in just 52 hours. To succeed, one needs to hijack some cookies, bearing in mind the likely outcome, and then bruteforce the website, thus enjoying higher probability of success. Feasible? Yes, considering several variables. Was it used itw? No one knows. In Snowden\u2019s files there were <a href=\"http:\/\/www.theregister.co.uk\/2013\/09\/06\/nsa_cryptobreaking_bullrun_analysis\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">allegations<\/a> that intelligence services are able to crack RC4.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194904\/security-week-36-kitten.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-6201\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194904\/security-week-36-kitten-1024x682.jpg\" alt=\"security-week-36-kitten\" width=\"1024\" height=\"682\"><\/a><\/p>\n<p>Well, the news is positive: a potentially vulnerable encryption algorithm has not even been cracked (at least not on the global scale) before getting blocked for good. Even now, the case is quite rare: for Chrome, it constituted only 0.13% of all connections \u2013 however, in absolute numbers, it\u2019s helluva lot. The RC4 burial is officially celebrated from January 26 (for Firefox 44) to the end of February (for Chrome).<\/p>\n<p>Microsoft also plans to ban RC4 early next year (for Internet Explorer and Microsoft Edge), due to <em> impossibility to tell apart a mistakenly induced TLS 1.0 fallback of a RC4 website from a man-in-the-middle attack.<\/em><\/p>\n<p>I cannot help but spoil this optimism with a bit of skepticism. Such upgrades would usually impact either laggy, godforsaken websites or proven critical web services which are not that easily changed. It\u2019s highly probable that early next year we will witness vivid discussions about someone being unable to log into a sophisticated web banking tool after the browser update. We\u2019ll live, we\u2019ll see.<\/p>\n<h3>Vulnerabilities in Belkin N600 routers<\/h3>\n<p><a href=\"https:\/\/threatpost.com\/cert-warns-of-slew-of-bugs-in-belkin-n600-routers\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">News<\/a>. <a href=\"http:\/\/www.kb.cert.org\/vuls\/id\/201168\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">CERT Advisory<\/a>.<\/p>\n<p>I genuinely love news about router vulnerabilities. Unlike PCs, smartphones and other devices, routers are likely to remain forgotten in dusty corners for years, especially if the router functions uninterruptedly. So, no one would even bother to know what happens inside that little black box, even if you deployed brand new OpenWRT-based custom firmware, especially if you are not a power user and your router was set up for you by your network provider.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">.<a href=\"https:\/\/twitter.com\/certcc?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@CERTCC<\/a> Warns of Slew of Bugs in <a href=\"https:\/\/twitter.com\/belkin?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@Belkin<\/a> N600 Routers \u2013 <a href=\"http:\/\/t.co\/70EfVwxIS0\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/70EfVwxIS0<\/a><\/p>\n<p>\u2014 Threatpost (@threatpost) <a href=\"https:\/\/twitter.com\/threatpost\/status\/638453733962174465?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">August 31, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>With that in mind, a router has a key to all of your data: whoever would be able to get into your local file sharing platform, hijack your traffic, swap your web banking page for a phish page, or embed undesired adverts into your Google search results. It\u2019s possible, once someone breached into your router through a single vulnerability or, which is even more likely, through a vulnerable default configuration.<\/p>\n<p>I would have liked to affirm that I update the router firmware at once as soon as the new version is out, but that\u2019s not true. My best shot is in once every six months \u2013 solely thanks to built-in browser notifications. I used to update my previous router more frequently \u2013 only to battle constant glitches. For some time, my own router was susceptible to a remote access <a href=\"https:\/\/threatpost.com\/root-command-execution-flaw-haunts-asus-routers\/110276\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">vulnerability<\/a>.<\/p>\n<p>Five solid security bugs were found in Belkin routers, including:<\/p>\n<p>\u2022 Guessable transaction IDs when sending requests to the DNS server, which, in theory, would allow to replace the server when, for instance, calling server for the firmware update. Not a big deal, though.<\/p>\n<p>\u2022 HTTP used by default for critical operations \u2013 like requests for firmware updates. Spooky.<\/p>\n<p>\u2022 The web interface not protected by password by default. With this bug, anything can be replaced, however, provided the attacker is already inside the local network. Level of spookiness \u2013 medium.<\/p>\n<p>\u2022 Password-enabled authentication bypass when accessing the web interface. The thing is that the browser notifies the router whether the latter is logged in, and not vice versa. Just replace a couple of parameters in the data fed to the router, and no password is required. Level of spookiness \u2013 76%.<\/p>\n<p>\u2022 CSRF. Once a user is lured into clicking on a specially crafted link, an attacked is able to tamper with the router\u2019s settings remotely. Spooky as hell.<\/p>\n<p>Alright, they found a series of holes in a not-so-popular-here router, big deal. The problem is that not many folks are into hunting bugs in routers, so the fact the vulns were found in Belkin does not mean other vendors\u2019 devices are secure. Maybe their time will come. <a href=\"https:\/\/threatpost.com\/?s=router\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">This selection of news<\/a> proves the state of things is very, very poor.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Default credentials on home routers lead to massive DDoS-for-hire botnet \u2013 <a href=\"http:\/\/t.co\/2SbvLcwcvu\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/2SbvLcwcvu<\/a> <a href=\"http:\/\/t.co\/20O0GWwVOt\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/20O0GWwVOt<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/598462812961255424?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 13, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>So, what\u2019s the takeaway? One has to protect their local network hard as they can, even with the available toolset: protect the web interface by password, not use WiFi through WEP, as well as disable WPS and other unused features like FTP server and telnet\/SSH (especially external) access.<\/p>\n<h3>What else happened?<\/h3>\n<p><a href=\"https:\/\/threatpost.com\/in-wake-of-cyberattacks-u-s-readies-sanctions-against-china\/114481\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">America<\/a> is planning\u00a0to impose sanctions on China due to their massive cyberespionage campaigns. This was one of the most popular news of the week, yet it has its peculiarities: it will have no impact whatsoever on cybersecurity or threat landscape, in any case \u2013 just politics and nothing more.<\/p>\n<p>Routers are not the most vulnerable devices ever. Baby monitors and other \u2018user-friendly\u2019 devices are <a href=\"http:\/\/www.pcworld.com\/article\/2979714\/despite-reports-of-hacking-baby-monitors-remain-woefully-insecure.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">even worse<\/a>. Absence of encryption and authorization and other bugs are in the plain sight.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Who is to blame for \u201chacked\u201d private cameras? <a href=\"https:\/\/t.co\/WItQAZKAbU\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/WItQAZKAbU<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/webcams?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#webcams<\/a> <a href=\"http:\/\/t.co\/k7LcRXH6vX\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/k7LcRXH6vX<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/535838818780594177?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 21, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>A new method of <a href=\"http:\/\/www.7xter.com\/2015\/08\/hacking-facebook-pages.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">hijacking<\/a> group pages on Facebook was found; the blame is on the Pages Manager app. The vulnerability has been patched, and the researched received a bug bounty award.<\/p>\n<h3>Oldies<\/h3>\n<p>The Andryushka family<\/p>\n<p>Those are very dangerous resident \u2018ghost\u2019 viruses. They plague COM and EXE files (except COMMAND.COM), when launching the infected file (in catalogue search) and from launching its TSR copies (when opening, executing, renaming, etc.). Andryushka-3536 converts EXE files into COM (here refer to the VASCINA virus). The virus is deployed into the middle of the file, with the part of the compromised file, where the virus writes itself into, encrypted and written to the end of the infected file.<\/p>\n<p>They deploy counter registers in Boot sectors on hard drives and, depending on the value of the counter register, are able to corrupt several sectors on the C:\/\/ drive. During the process, they play a melody and display the text on the monitor:<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194902\/security-week-36-andryushka.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6202\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/09\/05194902\/security-week-36-andryushka.jpg\" alt=\"security-week-36-andryushka\" width=\"400\" height=\"141\"><\/a><\/p>\n<p>They also include the text: insufficient memory. They employ a sophisticated method of working with ISRs: they preserve a part of int 25h handles in their body, and overwrite their own code (int 21h call) in the available space. When int 25h is called, they restore the int 25h handler.<\/p>\n<p><em>Quoted from \u201cComputer viruses in MS-DOS\u201d by Eugene Kaspersky, 1992. Page 23.<\/em><\/p>\n<p><em>Disclaimer: this column reflects only the personal opinion of the author. It may coincide with Kaspersky Lab position, or it may not. Depends on luck.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information security digest: the greatest iOS theft, farewell to RC4 cipher, multiple vulnerabilities in routers<\/p>\n","protected":false},"author":53,"featured_media":6200,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2026],"tags":[14,1122,1089,1150,274,1121,1123,1124,1125,1095,529,268],"class_list":{"0":"post-6197","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-apple","10":"tag-belkin","11":"tag-digest","12":"tag-ios","13":"tag-jailbreak","14":"tag-keyraider","15":"tag-mischa07","16":"tag-rc4","17":"tag-routers","18":"tag-security-week","19":"tag-threats","20":"tag-vulnerabilities"},"hreflang":[{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/security-week-36\/6197\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/security-week-36\/5931\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/security-week-36\/6124\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/security-week-36\/6776\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/security-week-36\/6559\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/security-week-36\/8794\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/security-week-36\/9727\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/security-week-36\/4852\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/security-week-36\/6119\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/security-week-36\/8827\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/security-week-36\/8794\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/security-week-36\/9727\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/security-week-36\/9727\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.uk\/blog\/tag\/apple\/","name":"apple"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/6197","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/users\/53"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=6197"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/6197\/revisions"}],"predecessor-version":[{"id":17866,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/6197\/revisions\/17866"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media\/6200"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=6197"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=6197"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=6197"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}