go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: March 2019

Go to Homepage [0], contents or to navigation menu



Patch Tuesday is come and gone, are you patched to the best of your ability?

Are you patched to the best of your ability? Articles around the web talk about patch tuesday in different ways.

I recently went through a reboot to clear up some issues, and I noticed it wanted to update so I let it do it. It took two reboots for it, so let it do its thing.

Cyberscoop also had an article of interest, you can go to their site to see if there is something of interest besides that article.

Comments (0)

Equifax is at it again, bad security gone wrong?

OK, so we all know that Equifax had a very big breach. We probably are finding out that it is more targeted than we think, as none of the data is in the underground. We also know that they’re scrambling to get this right because they screwed up. However, I have a very bad feeling, and I read MyEquifax.com Bypasses Credit Freeze PIN and this is not good. They can’t verify you based on info you provide, they don’t ask for the pin which is required once a freeze is put in place, and its just all bad.

Brian does a great job covering this, and I put my thoughts on board 295 on Live Wire, but I also will cover this on the next podcast. This can’t start the year right for the company, can it?

Comments (0)

Thousands of Arizonans hit in Medicaid agency’s data breach

OK, here we go. If you’re in Arizona, please at least read this short article. It is important for you to do so if you receive Medicade from the state. I found this toay on twitter, and I feel that we should pass this along to people who are in this state.

Thousands of Arizonans were affected by a data breach earlier this year that targeted the state’s Medicaid agency, it was announced Monday. 

Source: Thousands of Arizonans hit in Medicaid agency’s data breach

Comments (0)

Tech podcast 308

Tech podcast 308is out. Ground zero has an update, and we’ve covered some articles as well.


On this podcast, Ground Zero is closing. Why? Hear why in a segment. Satelites, can they be hacked? An article is very interesting, yet its not common. Michael in Indiana has an update on Vorail. Equifax is back in the news, and its not good. Finally, the 2018 trends from Trend Micro and their findings, something caught my attention about them. I hope you enjoy the program.

Comments (0)

Senate panel accuses Equifax of neglecting cybersecurity ahead of 2017 breach

You aught to nbe kidding me, right? 8500 vulnerabilities that weren’t patched in 90 days? Holy crap.

An institutional neglect toward cybersecurity contributed to the massive 2017 data breach at Equifax that compromised sensitive information for

Source: Senate panel accuses Equifax of neglecting cybersecurity ahead of 2017 breach

Comments (0)

Ground Zero has been closed

Hello everyone,

This is an important announcement that I am passing along to you. On an earlier podcast, I talked about two systems that I have been on. The first is Livewire. The second is Ground Zero.

Today, March 10, 2019: Live Wire’s Amadeus announced that he is closing Ground Zero.

Instead of giving you the full announcement via text, I invite you to call the phollowing phone number: 631-686-8600 for the entire details. The message takes a couple of minutes to play, and I’ll endeavor to see if I can play the full announcement on my podcast.

If you had a box on both systems, please use your box on Live Wire.

If you had a popular bulletine board, Amadeus says that he’ll move it over for you.

Thanks for your support of reading the blog, and seeing what I have to offer. I’ll have more soon.

Comments (0)

Security Now, podcasts 701-704

Here are the announcements about podcasts 701-704 of one of my favorite podcasts Security Now.

RSS here

Security Now (MP3)

Subscribe to this podcast using
Live Bookmarks
 Always use Live Bookmarks to subscribe to podcasts.
Subscribe Now
Go to Security Now (Audio)

Security Now (MP3)
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics
in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

Comments (0)

Time change

Hello,

The blog has been updated with the correct time as we just changed time in the united States.

Comments (0)

Trends from 2018, what can we learn?

This is an article i definitely want to talk about. It is entitled A Look Back at the 2018 Security Landscape and it has some very interesting things in here.

Phishing has gone up 269 percent. That is a huge jump, and I have a hunch that it won’t get any better, will it?

Social engineering has also been in cybercriminals minds as they are using fraudulent addresses to get at their victims.

The good news is that Ransomwhere is declining, but it is still an issue for companies. I predicted that this was going to be a continuing increase, and I’m glad I’m wrong on this.

To take its place, buisness email compromise is on the rise, and that may be the upcoming trend this year. This could be just as bad as the ransomware that was once so common.

The program vulnerability landscape is also increasing. I don’t remember what the final number Steve mentioned in one of the final security now’s of 2018, but it was in the thousands for the CVE index. Trend Micro’s zero day program will continue to be busy as well as other bug bounty programs.

Is there anything else that they missed that yoou noticed? I’m curious on what you think. Thanks for reading!

Comments (0)

BEC is back, should we blame the employee?

I recently read this article entitled Don’t Blame Employees who fall for a BEC scam! and it is an article by Trend Micro. They have some great points, one of which is education. How are your average non-technical people to understand what to look for if they don’t know? While common sense is at play, we can’t fault them when they are in a hurry and think that it looks legit. We must train on the signs on what looks real and what looks fake. The fakes always have some sort of mistakes in its message, and it definitely doesn’t have the words of the domain, in the address, or within its URL’s if it does have links to log in somewhere.

Have you had any signs of this before? What did you do?

Comments (0)

Technology podcast 307 is now out

Tech podcast 307 is now out on the RSS feed. I’ll be updating mixcloud later.

Braille Transcription
Philmore Productions
News notes

These are the items that are in the podcast. Enjoy!

Comments (0)

Think of satellites as big, vulnerable IoT devices, researcher says

When I read the article entitled Think of satellites as big, vulnerable IoT devices, researcher says I really had to sit and think about this a bit. I didn’t even think when I read this article that satelites were even connected to the Internet. It would make sense seeing that we have the international space station, and they can do work on it unmanned. This is something that can definitely be thought about, CyberScoop did a great job on this article.

Comments (0)

Here’s some great news: 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000

Hello everyone,

Its time for some good news. 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000 is the latest in the good news department. I’m very happy to see this, now lets see if the sentence will teach them how to not use services for evail, and thoughts are welcome.

Comments (0)

These scammers claim to have videos of your most private moments

I believe I’ve covered this from time to time, but in an article These scammers claim to have videos of your most private moments and I think I’ve covered this in other articles.

The article talks about how they’ll tell you that they have pictures and videos of you doing certain things, and want you to pay up or get exposed. As I’ve stated before, this particular deal has some tell tail signs.

  • Do you have a camera?
  • If you do, at the time of the email, were you doing something with that camera?
  • Do you know if your camera is patched with the most up to date software that you were aware of?
  • Do you know if there is a way for the camera to auto shut off, and do you know if it can be viewed from the outside?

I’d be asking questions, and as I said, the emails I’ve gotten were latenight, when I was in bed. Growl!

Please check the article for ideas on what else you can do. I bet there are some ideas that I haven’t covered.

Comments (0)

What has been read as of late

Hello all,

Its been a long time since I’ve posted articles, and I really thought it would be good to post on some of what I’ve read that might be of interest to you.

This isn’t an exhaustive list, and of course I’m well behind, so some may be old. For that, I’m truly sorry about that, but I really need to get reading by the looks of it.

There has been lots of talk about the DNS infrustructure in an article entitled A Deep Dive on the Recent Widespread DNS Hijacking Attacks which was penned by Brian Krebs on the 18th of February. This article, while late, is probably still timely to read, because I have a hunch that this will not be going away any time soon. This may be the future of attacks coming soon, after all other methods have been exhausted.

I don’t see a lot of Mac news, but I did see this one from Trend Micro. They have lead the way in making sure people are protected, but I’m honestly not sure about the accessibility of their Mac product. I haven’t used the windows product as of late, but MSE is all the blind are recommended to use. Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability is the article in question. A mac user? Blind or disabled? Tried it? How have you faired with it?

Blind Eagle, a new APT group, poses as Colombia’s Cyber Police to steal business secrets posted on cyberscoop, really did something for me, and I still want to talk about this one on the podcast. What really set this apart for me was the following short paragraph.

The most recent attack outlined in the research occurred on Feb. 14. The phishing email appeared to come from the Colombian National Civil Registry, and
was aimed at the National Institute for the Blind.

Why in the world would anyone want to go after a blindness institution? What did the institute do to the group to cause them to go after them? Blindness related agencies do not have the money to be able to defend from you, because they don’t make a whole lot. No wonder it is called blind eagle. Wow!

Next, the health industry has continued to take a hit with an article I saw and intend to talk about as well. U. of Washington Medicine learned it exposed info on 974k people after a patient found their data on Google was penned on CyberScoop and this can’t be good. Seems like this is an ongoing trend, and now the info is out on a search engine.

In the good news department: Russian hacker accused of creating NeverQuest malware pleads guilty and Third suspect in Methbot, 3ve case to plead not guilty after extradition from Malaysia have been published on Cyberscoop and a step forward. We also have Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison posted to Krebs. Great news and again, a step forward. I love to see such stories.

Finally, we continue to see breaches, and I think if nothing else in the bad news department: Payroll Provider Gives Extortionists a Payday was posted to Krebs. Guess the payroll provider really wants to pay, don’t they?

I don’t want to post every single item, this post could get lengthy, but this is just some what I’ve read as of late. Anything from here catch your eye? Let me know!

Comments (0)

The technology podcast, podcast 306

Hi all, I’ve neglected to let you know on the blog about podcast 306’s publication. Its up on the RSS feed and livewire/ground zero for those on there.


On this podcast, we’ve got braille transcription, talk on articles of varying degrees, and does anyone have any common sense?


It was posted on the 23rd of February.

I’m usually pretty good at making sure that the blog gets updated, don’t know why I didn’t do this then. Oopse!

Comments (0)

Whose Line Is It? When Voice Phishing Attacks Get Sneaky

The topic of phishing and more specifically voice phishing is not new, but this is clever. I know I’ve not posted to the blog as of late, and I’m back to change that.

Going through twitter, I found this article, and I think it worth the read. Always something new to learn.

Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.

Source: Whose Line Is It? When Voice Phishing Attacks Get Sneaky

Comments (0)

go to sections menu


navigation menu

go to sections menu