go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: May 2017

Go to Homepage [0], contents or to navigation menu



Android Overlay and Accessibility Features Leave Millions at Risk

OK, this is as bad as it gets for Android, right? While reading the sans newsletter I talked about in my first article for today, I came across this. Sent this to Security Now, and someone else who uses Android that i know. All I can say is that I hope that nobody who is disabled who relies on the disability features like talkback’s screen reader, or any magnification program that might be available got hit with this. This sounds bad. Really bad if someone who is disabled got hit with this.

Researchers warn two features, not flaws, in Android can be used together to open devices up to attack.

Source: Android Overlay and Accessibility Features Leave Millions at Risk

Comments (0)

WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows

Hi folks,

This is quite interesting. I’ve published several longer posts on ransomware through my Vocal posts on this blog, and while I’d love to write about this one, it is definitely something that can speak for itself. We’ve definitely learned quite a lot since last week’s publishing of my longer piece on Vocal. Like I’ve said before, we’ve got to use our heads, as this has to start somewhere, probably with a phish. I don’t believe this was started by someone using Shodan from that location, and spewing the net with port 445 scans and infecting all of that. Luckily, very little was spent on notes although $110,000 is nothing to sneeze at. The article also continues to say that only 250,000 machines and 150 countries. This thing could’ve been worse.

Before I give you the article, Security Now reported that someone was looking to take the domain offline, unleashing this thing to cause more havoc. Not sure if it was successful, but something to keep in mind.

Now, to the article and its link.

But a Chinese-language link doesn’t shoot down theories of the North Korean Lazarus Group’s involvement in the ransomware worm attacks, say language experts at Flashpoint.

Source: WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows

Comments (0)

Target Reaches Breach Settlement: $18.5 Million Fine, Security Controls

Continue: ‘Target Reaches Breach Settlement: $18.5 Million Fine, Security Controls’

Comments (0)

Hard to swallow: 17m user details stolen in Zomato security breach

Oh boy. I just tweeted this for several users, and if this is true, we are definitely lucky in one aspect, but not in the other.

This is 17 million more people who have been breached. The good news is that they used what security experts call salt to add to the hash which from what I understand makes it more difficult to crack the password.

The company is also lucky in that they got the hacker to not sell it, and that they will create a program to better fix the issues that may have been found. Check this article out.

Zomato has become the latest victim of a massive cyberattack, as the details of 17m users are stolen, including email addresses.

Source: Hard to swallow: 17m user details stolen in Zomato security breach

Comments (1)

Serotek’s Position on Microsoft Edge | Serotek

Hi folks, I agree with this, although I’m not a Cerotek customer. I don’t believe that anyone is really supporting Edge, even Window-Eyes, which stopped development, doesn’t work with it as far as I know. I’m also not a 10 user, but this should be shared.

Source: Serotek’s Position on Microsoft Edge | Serotek

Comments (1)

WannaCry, What Is It?

Hi folks, my article WannaCry, What Is It? is now published on Vocal. It even has a world map as of last tuesday of the infection rate. Luckily, the attack has slowed down for now, but we do know there will be copycat variants, and the fact that it has been named means its out there somewhere. I published about that one the other day on the blog. You may find my preliminary thoughts on wannacry on this blog. Vocal has my longer thought process with resources at the end for you to read. I hope you enjoy it!

Comments (0)

Ethics of Self-Driving Cars

This is a very interesting article I found on omni.media, one of many vocal related sites. While looking to see the status of something i published, I came across this. It raises some questions that I think we should discuss. As people with disabilities, what would be some of these answers?

Putting AI behind the wheel raises many questions and concerns, and on the verge of this becoming our reality, we must examine the ethics of self-driving cars.

Source: Ethics of Self-Driving Cars

Comments (1)

The Impact of Ransomware on Non-Profit Organisations

This is a great article in regards to what ransomware is, what you should do, and how to protect yourself. Its a bit lengthy, but not technical at all. If nothing else, people should read this article. Well done.

Source: The Impact of Ransomware on Non-Profit Organisations

Comments (0)

And Now a Ransomware Tool That Charges Based On Where You Live

OK, Here’s something for you all on this blog. Not sure now what to think. If this is the case, my conversation yesterday with someone will make us doomed.

Malware is designed to charge more for victims in countries with a higher cost of living, Recorded Future says.

Source: And Now a Ransomware Tool That Charges Based On Where You Live

Comments (0)

IOS 10.3.2 is now out

Hi all,

We’ve been talking about security lately. I heard during Security Now that IOS 10.3.2 was released along with other apple releases. They fix some bugs. If I can find some more information in the coming day, I’ll make sure to post more. I’m going to update my phone to it now, and we’ll be in touch.

Comments (0)

After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit

OK folks, welcome to another post here on the blog. As Trend Micro predicted, we have a new ransomware based on wannaCry. After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit is the name of the article. It does follow suit by having the same type of thing where ms17-10 is concerned, if they didn’t find anything else. Here is a portion of that article in which it explains a little bit of what this is.

“Contrary to recent news citing UIWIX as WannaCry’s new—even evolved—version, our ongoing analysis indicates it’s a new family that uses the same Server Message Block (SMB) vulnerabilities (MS17-010, code named EternalBlue upon its public disclosure by Shadow Brokers) that WannaCry exploits to infect systems, propagate within networks and scan the internet to infect more victims.

So how is UIWIX different? It appears to be fileless: UIWIX is executed in memory after exploiting EternalBlue. Fileless infections don’t entail writing actual files/components to the computer’s disks, which greatly reduces its footprint and in turn makes detection trickier.

UIWIX is also stealthier, opting to terminate itself if it detects the presence of a virtual machine (VM) or sandbox. Based on UIWIX’s code strings, it appears to have routines capable of gathering the infected system’s browser login, File Transfer Protocol (FTP), email, and messenger credentials.”

I’m still unsure really about this server message block and what it does, but criminals are going to take advantage of this for some time to come. Why? Because, as we’ve learned, patching is not as easy as it seems to be. We can tell people to patch, but patching can take anywhere from a month, to 6 months.

I really think that is too long, and even we were surprised on the fact that Windows XP and server 2003 were even patched, from this last outbreak, but Microsoft thought it to be a good idea because of how wide spread this problem is.

I’m not going to dwell on this issue, as patching should be a first resort on fixing a vulnerability once a patch is successfully created and made available, but systems as we learned must go through testing in the larger world, and if programs break that run on these systems, then the system can’t be patched.

According to Ransomware: What Are the Bad Guys After and How Do I Stop Them? they want to cause as much damage as possible, whether it is monitary, or whether it is physical. They want to hurt you at the worst possible time, when files matter to you. Backing up is the first step, and making sure your stuff is backed up on a regular basis.

e article WannaCry & The Reality Of Patching will go in to detail on why patching is becoming a problem today.

I’ll have my longer article out, but wanted to get some more information out now while it is still fresh.

Thoughts? Please give us a holler on the comment boards.

Comments (0)

showdan, what part does it have?

So I know its a little late to add it to the article being worked on with images and the like, but I did find something interesting out in regards to Wannacry that I thought was interesting. There is a search engine out there called shodan, and I’m not even sure of its spelling. From what I understand of this site, it is similar to Google, but yet, it populates all of the machines with open ports, among other things. Whatever this site is, it also does port scanning, where you can ask it who has a certain port open. Instead of phishing, I saw something that said the people involved searched for machines with port 445 open, and infected that way. I’m still thinking the possibility of a phish is still there, but anything is possible.

shodan

Comments (0)

Wannacry, an update

Hi folks,

I’m here to give everyone an update, although i just wrote a longer article linking to sources and other thoughts in regards to this big time ransomware, Wannacry. I didn’t cover everything, because I still want to see what Security Now has to say although I caught part of it. I’ve seen reports like North Korea having a part in this, and we know that Microsoft now patched XP and other operating systems that were vulnerable which they normally wouldn’t, but this was bad. As soon as the article is done and posted, you’ll get a link, as if I gave it now, its in rough draft form now and links wouldn’t work unless I took the painful time to do this. For now, there’s tons of media coverage on this, maybe some speculation, but we definitely know more than we did on Friday. I’m still in shock.

Comments (0)

Window-Eyes to JFW path plan

I’m saddened by the news of Window-Eyes closing. This is official word from former GW Micro Employee Aaron Smith.


Thank you for being a valued member of the GW Micro and Window-Eyes family. We regret to announce that sales of Window-Eyes have ended in the United States and Canada. Users outside of the United States and Canada should contact their local distributor for options. We are committed to our customers and will honor existing product purchases and software maintenance agreements, and we will continue to provide technical support to end users that have purchased Window-Eyes or a support package.

All users who are currently using Window-Eyes can continue to use the software indefinitely; however, as the Windows® operating system and/or applications change over time, Window-Eyes may not function adequately for your needs.

We understand how important a screen reader is to you and are offering JAWS® for Windows 18 as a replacement. We are committed to providing a smooth transition and will honor existing Window-Eyes product purchases and software maintenance agreements (SMA), as follows.

· End users that paid for and are current with Window-Eyes 9.x will be converted to JAWS 18 at no charge.

· If you are using an earlier version of Window-Eyes, you can purchase an upgrade to JAWS 18.

· If you are using the free version of Window-Eyes you can continue to use it. While there is not an upgrade path from the free version, if you are interested in purchasing JAWS, please contact our sales team at 800-444-4443.

· Existing Window-Eyes SMAs will be rolled into the JAWS SMA program for end users that migrate to JAWS.

Learn more about the migration options and pricing by visiting http://www.gwmicro.com/window-eyes/migrate.

To make this process as easy as possible, we ask you to complete a simple web form that will go directly to our sales team, who will then contact you with an authorization code for JAWS 18, or request additional information if necessary.

Requests for upgrades must be submitted at http://www.gwmicro.com/window-eyes/migrateform or by phone at 800-444-4443 by July 31, 2017.

Note, the free Window-Eyes Offer for Users of Microsoft Office version is not part of the conversion program.

If you have any questions please call us at 800-444-4443 or email us at orders@vfogroup.com.

Aaron Smith

VFO™ | Enterprise Compliance

11800 31st Court North, St. Petersburg, FL 33716

T 727-803-8000 x 6208 F 727-803-8001

ajsmith@vfogroup.com

www.vfogroup.com

VFO Logo, Innovating in Accessibility Our Brands, Ai Squared, Freedom Scientific and Optelec

The information contained in this communication is confidential, may constitute inside information, and is intended only for the use of the addressee. It is the property of VFO™. Unauthorized use, disclosure or copying of this communication or any part thereof is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by return email, and destroy this communication and all copies thereof, including all attachments.


For membership options, visit http://lists.window-eyes.com/options.cgi/news-window-eyes.com/jrimer2002%40sbcglobal.net.
For subscription options, visit http://lists.window-eyes.com/listinfo.cgi/news-window-eyes.com
List archives can be found at http://lists.window-eyes.com/private.cgi/news-window-eyes.com

Comments (0)

I published pod 257, it seems to have gone missing

Hi all,

I did some checking, and I remember putting together a podcast numbered 257. Somehow, it never made it up on the site. I apologize about it, and I’ve uploaded it on the RSS feed. I could’ve sworn I uploaded within a day of me me putting it places. Here are the notes about that cast.


On this podcast, we talk about a variety of stuff including ransomware, and I have some segments asking for comment on what we should cover. Hope to hear from you!


I wonder if it got removed somehow during a time where issues were occuring on the network? Its possible, so I’ll just rerelease it and sorry for the trouble!

Comments (0)

Podcast 258 is finally here

OK, podcast 258 is finally here. RSS is here.


Hello folks, welcome to the tech podcast. I’m Jared Rimer, and its been busy. I started writing for a site called Vocal, and wrote two tech specific articles for the site. The first is: How Can We Defend Against Ransomware? Omni.media May 10, 2017 aand the second is ATPC Hit with Ransomware, Does Not Pay omni.media April 25, 2017 which got a ton of hits. I’ve also been busy writing short things for the blog here and the one I’m focusing on right now which is generating some interesting comments is A new ransomware wannacry (wanna cry) which is generating comments on how to solve this problem. Its not easy to fix, and we may never fix it, but that post is generating some interesting thoughts. One article I want to bring to your attention as it could be interesting for tech is Bullying, Is This Just a Disability Problem? longevity.media May 2, 2017 because it does talk about a couple of books that I had read, in regards to this issue. First, is this a disability problem? What can we do to curb this? Ransomware has a segment on this podcast too. Hope you’ll enjoy the show, and we’ll have another cast soon.


The podcast is about an hour. Some of the articles and things may be of interest, but the ransomware topic is definitely becoming big now. Hope to have more podcasts out soon.

Comments (0)

Window-Eyes potentially going away, again?

Hey folks,

I’m seeing tweets again about Window-Eyes going away, again. I checked some sources like AI squared’s site, even Freedom Scientific’s site, as I saw something saying that the product guy from FS is saying they’re killing it. In my article giving out accurate information I want to make sure I receive it from the right channels. Twitter can be good for news, but anyone can tweet saying things such as Window-Eyes isn’t being developed, JFW will be given to over 400 of us who have been long time Window-Eyes users for free, the whole bit.

I highly doubt that VFO will give all of us JFW if Window-Eyes were to go away. I don’t know where someone is getting that information, JFW is very expensive.

As I notated back in that article which delbt with the AI certificate issue, the cert is good for a long time yet, so why kill Window-Eyes and leave people paying for another reader they have never used?

I personally have used Jaws, my opinion of it doesn’t matt4er. I know how to use it, and I have used it. I grew up with Window-Eyes and products from GW Micro for many many years.

I go so far back, they even developed a program called word and braille talk for the apple I believe it was. I’m not against JFW at all, it just isn’t something I would prefer to use on a daily basis unless of course my job, or my change of operating system or something else unforseen moves me away from Window-Eyes and to another product.

I am hoping to hear more, and when I do, I’ll be sure to publish the release like i’ve been known to do.

Comments (6)

A new ransomware wannacry

Hello folks,

I don’t know how I can turn this in to a longer article, so I’ll post it to my blog and leave it at that. I joined the Sans group with a webbinar in regards to this new threat called Wanna Cry. This article from Krebs on security entitled U.K. Hospitals Hit in Widespread Ransomware Attack was posted on the 12th of May. As Brian covered, he mentioned what this was, and the fact that not only were the hospitals hit with this, but so was a telephone company. Sans’s webbinar last night said there were at least 56,000 different infections at one point, just by doing scans, nothing more. They made it clear that they never accessed any machines, just did scans.

Sans indicates that while this was bad, its only going to get worse. USCERT has a writeup entitled Indicators Associated With WannaCry Ransomware which was posted yesterday as well. The SMB system I’m not too familiar with, but this can hit even with patched systems. We’ll keep our eyes and ears open for more.

Comments (4)

May 9ths Security Now program

Here we are again, another Security now episode which will air on the mix and I feel ashamed for being so behind. I’ve got plenty to listen to for my ride home tomorrow as I have other comitments to attend to. You may listen tomorrow at 5 central in the afternoon through the mix, or go to the security Now feed to pick up your copy.


SN 611: Go FCC Yourself May 9, 2017, 7:11 PM
Security Now (MP3)
This week Steve and Leo discuss much more about the Intel ATM nightmare, Tavis and Natalie discover a serious problem in Microsoft’s built-in malware scanning technology, Patch Tuesday, Google’s Android patches, SMS 2-factor authentication breached, Google goes phishing, the emergence of ultrasonic device tracking, lots of additional privacy news, some errata and miscellany, actions US citizens can take to express their dismay over recent Net Neutrality legislation, and some quick closing the loop feedback from our terrific listeners.


I’ll be looking forward in checking out this program. I know I’m behind, and probably a lot to talk about. I have been working on a cast after awhile of not doing one, but I really need to publish podcasts more regularly like i used to. This podcast could definitely give me stuff to talk about. See you all soon.

Comments (0)

How Can We Defend Against Ransomware?

My article on Vocal How Can We Defend Against Ransomware? has been published. On this article, I talk about two different articles and the big uptick in ransomware cases, and there is no sign of slowing down. Criminals find this lucritive, because you need your files, and most people don’t back up, or if they do, it isn’t on a regular basis. The human element must have a part in this, it has to start with it. Please discuss your thoughts.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu