{"id":4287,"date":"2025-01-20T09:24:57","date_gmt":"2025-01-20T09:24:57","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4287"},"modified":"2025-01-20T09:38:53","modified_gmt":"2025-01-20T09:38:53","slug":"weekly-security-news-20th-january-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/","title":{"rendered":"Weekly Security News &#8211; 20th January 2025"},"content":{"rendered":"<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\"><\/span> <span class=\"rt-time\"> 6<\/span> <span class=\"rt-label rt-postfix\">mins read<\/span><\/span>\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"4287\" class=\"elementor elementor-4287\" data-elementor-settings=\"{&quot;ha_cmc_init_switcher&quot;:&quot;no&quot;}\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-187cfe6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"48187\" data-id=\"187cfe6\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b29192d\" data-eae-slider=\"4012\" data-id=\"b29192d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d0223af elementor-widget elementor-widget-heading\" data-id=\"d0223af\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Microsoft release security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-7f43574f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"47604\" data-id=\"7f43574f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5416d241\" data-eae-slider=\"2052\" data-id=\"5416d241\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dc00548 elementor-widget elementor-widget-text-editor\" data-id=\"dc00548\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Welcome to this week&#8217;s Security News. We&#8217;ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week&#8217;s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n<p><!-- \/wp:paragraph --><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-4b25e90 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"79668\" data-id=\"4b25e90\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c4c6942\" data-eae-slider=\"3768\" data-id=\"c4c6942\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-619395d elementor-widget elementor-widget-heading\" data-id=\"619395d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-5b1665d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"71844\" data-id=\"5b1665d\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b7eaebc\" data-eae-slider=\"80122\" data-id=\"b7eaebc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8edd1c4 elementor-widget elementor-widget-heading\" data-id=\"8edd1c4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Microsoft Releases January 2025 Security Updates<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2ffde4f elementor-widget elementor-widget-text-editor\" data-id=\"2ffde4f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Microsoft has released security updates to address 159\u00a0vulnerabilities\u00a0in Microsoft products. Six vulnerabilities are outlined below, of which three are critical severity and three others that are actively exploited.\u00a0<\/p><ul><li>CVE-2025-21298 &#8211; Windows OLE Remote Code Execution Vulnerability with a CVSSv3 score of 9.8. Successful exploitation would allow a remote, unauthenticated attacker to perform remote code execution (RCE).<\/li><li>CVE-2025-21307 &#8211; Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability with a CVSSv3 score of 9.8. Successful exploitation would allow a remote, unauthenticated attacker to perform RCE.<\/li><li>CVE-2025-21311 &#8211; Windows NTLM V1 Elevation of Privilege Vulnerability with a CVSSv3 score of 9.8. Successful exploitation would allow a remote unauthenticated attacker to escalate privileges.<\/li><li>CVE-2025-21333 &#8211; Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability with a CVSSv3 score of 7.8. Successful exploitation would allow an attacker to gain SYSTEM privileges. This vulnerability is under active exploitation.<\/li><li>CVE-2025-21334 &#8211; Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability with a CVSSv3 score of 7.8. Successful exploitation would allow an attacker to gain SYSTEM privileges. This vulnerability is under active exploitation.<\/li><li>CVE-2025-21335 &#8211; Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability with a CVSSv3 score of 7.8. Successful exploitation would allow an attacker to gain SYSTEM privileges. This vulnerability is under active exploitation.<\/li><\/ul><p>Affected organisations are encouraged to review Microsoft&#8217;s January 2025 Security Updates and apply the relevant updates as soon as practicable.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-537ee1c elementor-widget elementor-widget-heading\" data-id=\"537ee1c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Active Exploitation of Zero-Day Vulnerability CVE-2024-55591 in FortiOS and FortiProxy<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-655320d elementor-widget elementor-widget-text-editor\" data-id=\"655320d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Fortinet has released a security advisory to address a critical vulnerability in FortiOS and FortiProxy. FortiOS is the operating system for Fortinet products, including Fortinet SSLVPNs and &#8216;Next-Gen&#8217; Firewalls (NGFW). and FortiProxy is a secure web gateway that includes advanced filtering and inspection. CVE-2024-55591 is an &#8216;authentication bypass&#8217; vulnerability with a CVSSv3 score of 9.6. A remote, unauthenticated attacker could send crafted requests to the Node.js websocket module to gain super-admin privileges. Fortinet has advised CVE-2024-55591 has been observed being exploited in the wild. Fortinet products are often internet-facing and have been frequently targeted by attackers within days of disclosure. The NHS England National CSOC assesses further exploitation as highly likely.\u00a0The following platforms are known to be affected:<\/p><ul><li>Fortinet FortiOS 7.0.0 to 7.0.16<\/li><li>Fotinet FortiProxy 7.0.0 to 7.0.19 and 7.2.0 to 7.2.12<\/li><\/ul><p>Affected organisations must review Fortinet PSIRT Advisory FG-IR-24-535 and apply the relevant security updates as soon as practicable. In addition to the mandatory security update, NHS England National CSOC highly recommends organisations perform a compromise assessment using the indicators of compromise (IoCs) provided in Fortinet&#8217;s advisory. If malicious activity is found, organisations must contact the National CSOC as a matter of urgency on 0300 303 5222 or by emailing <a href=\"mailto:cybersecurity@nhs.net\">cybersecurity@nhs.net<\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-89b0421 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"78710\" data-id=\"89b0421\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e5066e3\" data-eae-slider=\"93571\" data-id=\"e5066e3\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f6dccf3 elementor-widget elementor-widget-heading\" data-id=\"f6dccf3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-cf8cb17 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"9189\" data-id=\"cf8cb17\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7214b00\" data-eae-slider=\"23140\" data-id=\"7214b00\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-956f6a8 elementor-widget elementor-widget-heading\" data-id=\"956f6a8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-80f6846 elementor-widget elementor-widget-text-editor\" data-id=\"80f6846\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Cybersecurity researchers have alerted to a new malvertising campaign that&#8217;s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. &#8220;The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages,&#8221; J\u00e9r\u00f4me Segura, senior director of threat intelligence at Malwarebytes. It&#8217;s suspected the end goal of the campaign is to reuse the stolen credentials to further perpetuate the campaigns, while also selling them to other criminal actors on underground forums. Based on posts shared on Reddit, Bluesky, and Google&#8217;s own support forums, the threat has been active since at least mid-November 2024. The activity cluster is a lot like campaigns that leverage stealer malware to steal data related to Facebook advertising and business accounts to hijack them and use the accounts for push-out malvertising campaigns that further propagate the malware. The newly identified campaign specifically singles out users who search for Google Ads on Google&#8217;s own search engine to serve bogus ads for Google Ads that, when clicked, redirect users to fraudulent sites hosted on Google Sites. These sites then serve as landing pages to lead the visitors to external phishing sites that are designed to capture their credentials and two-factor authentication (2FA) codes via a WebSocket and exfiltrated to a remote server under the attacker&#8217;s control. &#8220;The fake ads for Google Ads come from a variety of individuals and businesses (including a regional airport), in various locations,&#8221; Segura said. &#8220;Some of those accounts already had hundreds of other legitimate ads running.&#8221;<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bacf094 elementor-widget elementor-widget-heading\" data-id=\"bacf094\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1b139fd elementor-widget elementor-widget-text-editor\" data-id=\"1b139fd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A new threat actor has leaked configuration files and virtual private network (VPN) information for 15,000 firewall devices provided by security vendor Fortinet. On 15th January, Kevin Beaumont, an independent security researcher, revealed on Mastodon that sensitive information from the FortiGate devices had been made available for free on the dark web. Beaumont said a new hacking group dubbed \u2018Belsen Group\u2019 was responsible for the leak. Security provider CloudSEK confirmed Beaumont\u2019s findings in a new report published on 16th January. The firm said the data dump included FortiGate usernames, passwords (some in plain text), device management digital certificates and firewall rules. Beaumont and CloudSEK researcher, Koushik Pal, said most exposed devices run Fortigate 7.0.x and 7.2.x versions. Belsen Group, which first appeared on social media and cybercrime forums in January 2025, has leaked the data on a Tor website. A CloudSEK spokesperson told Infosecurity that the threat group has likely been around for a couple of years and the exploitation campaign probably occurred in 2022. \u201cBelsen Group may seem new to the forums, but based on the data leaked by them, we can ascertain with high confidence that they\u2019ve been around for at least three years now. They were likely part of a threat group that exploited a zero-day in 2022, although direct affiliations have not been established yet,\u201d CloudSEK noted in its report. Beaumont came to the same conclusions in a blog post he published on 16th January. \u201cThe data appears to have been assembled in October 2022, as a zero-day vulnerability. For some reason, the data dump of config has been released today, just over two years later,\u201d Beaumont said.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-8c0cd60 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"31442\" data-id=\"8c0cd60\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1551a52\" data-eae-slider=\"56608\" data-id=\"1551a52\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-53a0fd9 elementor-widget elementor-widget-heading\" data-id=\"53a0fd9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-2600266 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-eae-slider=\"76299\" data-id=\"2600266\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-464bc12\" data-eae-slider=\"11058\" data-id=\"464bc12\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-92e10a7 elementor-widget elementor-widget-heading\" data-id=\"92e10a7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Cisco Unveils New AI Application Security Solution<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-44137bd elementor-widget elementor-widget-text-editor\" data-id=\"44137bd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"elementtoproof\"><span style=\"color: black;\">Cisco this week unveiled AI Defense, a new solution designed to help enterprises secure the development and use of AI applications. Cisco AI Defense focuses on two main areas: accessing AI applications and building and running AI applications. The first is related to the use of third-party AI apps, which can boost productivity, but they can also introduce risks, such as potential data leakage and malicious downloads. Cisco AI Defense aims to address this by providing full visibility into AI app usage, by offering access control capabilities to restrict access to unsanctioned AI tools, and by providing protection against threats and confidential data loss. As for building and running AI applications, the new solution aims to help enterprises by giving them the tools to discover shadow and sanctioned AI applications, by providing automated testing to validate AI models and identify vulnerabilities, and by providing runtime protection against threats such as prompt injection, DoS attacks, and sensitive data leakage. \u201cCisco AI Defense is a single, end-to-end solution that helps your organisation understand and mitigate risk on both the user and application levels. To accomplish this, it comprises four main components: AI Access, AI Cloud Visibility, AI Model &amp; Application Validation, and AI Runtime Protection,\u201d Sampath added. Cisco says its AI Defense solution is expected to become available for enterprises in March.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cd6b9d8 elementor-widget elementor-widget-heading\" data-id=\"cd6b9d8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">FTC sues GoDaddy for years of poor hosting security practices<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d7951d elementor-widget elementor-widget-text-editor\" data-id=\"7d7951d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"elementtoproof\"><span style=\"color: black;\">The US Federal Trade Commission (FTC) will require web hosting giant GoDaddy to implement basic security protections, including HTTPS APIs and mandatory multi-factor authentication, to settle charges that it failed to secure its hosting services against attacks since 2018. FTC says the Arizona-based company&#8217;s claims of reasonable security practices also misled millions of web-hosting customers because GoDaddy was instead &#8220;blind to vulnerabilities and threats in its hosting environment&#8221; due to its failings to implement standard security tools and practices. &#8220;Millions of companies, particularly small businesses, rely on web hosting providers like GoDaddy to secure the websites that they and their customers rely on,&#8221; said Samuel Levine, Director of the FTC&#8217;s Bureau of Consumer Protection. &#8220;The FTC is acting today to ensure that companies like GoDaddy bolster their security systems to protect consumers around the globe\u201d. According to the FTC&#8217;s complaint, GoDaddy&#8217;s unreasonable security practices included failing to use multi-factor authentication (MFA), manage software updates, log security-related events, segment its network, monitor for security threats (including by failing to use software that could actively detect threats from its many logs), and use file integrity monitoring. The company also failed to inventory and manage assets, assess risks to its website hosting services, and secure connections to services that provide access to consumer data.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\"><\/span> <span class=\"rt-time\"> 6<\/span> <span class=\"rt-label rt-postfix\">mins read<\/span><\/span>Microsoft release security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US&#8230; Welcome to this week&#8217;s Security News. We&#8217;ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week&#8217;s news, then please [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4292,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4287","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.7 (Yoast SEO v27.7) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Weekly Security News - 20th January 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 20th January 2025\" \/>\n<meta property=\"og:description\" content=\"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-20T09:24:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-20T09:38:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News &#8211; 20th January 2025\",\"datePublished\":\"2025-01-20T09:24:57+00:00\",\"dateModified\":\"2025-01-20T09:38:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/\"},\"wordCount\":1560,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/2025-01-20.jpg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/\",\"name\":\"Weekly Security News - 20th January 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/2025-01-20.jpg\",\"datePublished\":\"2025-01-20T09:24:57+00:00\",\"dateModified\":\"2025-01-20T09:38:53+00:00\",\"description\":\"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/2025-01-20.jpg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/2025-01-20.jpg\",\"width\":1200,\"height\":627,\"caption\":\"2025-01-20\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/01\\\/20\\\/weekly-security-news-20th-january-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News &#8211; 20th January 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 20th January 2025 - D2NA","description":"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 20th January 2025","og_description":"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/","og_site_name":"D2NA","article_published_time":"2025-01-20T09:24:57+00:00","article_modified_time":"2025-01-20T09:38:53+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News &#8211; 20th January 2025","datePublished":"2025-01-20T09:24:57+00:00","dateModified":"2025-01-20T09:38:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/"},"wordCount":1560,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/","name":"Weekly Security News - 20th January 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg","datePublished":"2025-01-20T09:24:57+00:00","dateModified":"2025-01-20T09:38:53+00:00","description":"Microsoft release January 2025 security patches, Fortinet under attack, Google Ads stealing credentials and GoDaddy sued in the US..","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/01\/2025-01-20.jpg","width":1200,"height":627,"caption":"2025-01-20"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/01\/20\/weekly-security-news-20th-january-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News &#8211; 20th January 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4287","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4287"}],"version-history":[{"count":8,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4287\/revisions"}],"predecessor-version":[{"id":4297,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4287\/revisions\/4297"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4292"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4287"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4287"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4287"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}