go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu



IOS 11.4 is now out

Hi all,

This apple vis article talks about IOS 11.4. Some interesting new features we have. I’ll see about getting my phone updated. Please feel free to talk about this one and let me know what you think.

Comments (0)

Meltdown and spector are not done, what’s next?

In news I read today, Meltdown and Spector are not done yet. From Cyberscoop, we have an article I’m passing along Tech giants reveal new variant of Meltdown and Spectre vulns and I’m curious on what Security Now has to say about it. This can’t be good in the long term. You’d think the patches were a start to this, but people aren’t done trying to pick these vulns out. The A.J. Sunday Retreat talks about the Meltdown and spector as we knew it, but now, there is more than we know. This aught to get very interesting.

Comments Off on Meltdown and spector are not done, what’s next?

Did you know that Android is vulnerable? Research shows its not getting updated

In a recent article we learn that android is not all that secure because they aren’t getting updated. On the flip side, IOS and PC’s are just as bad, although PC’s don’t have to worry about it that much if you use it responsibly. No one is updating their Android devices, new data shows is the article, and you’re ready to click through to read it at your convenience. Let me know your thoughts.

Comments Off on Did you know that Android is vulnerable? Research shows its not getting updated

Confucius is now back, did you think it was dead?

In an article entitled Confucius Update: New Tools and Techniques, Further Connections with Patchwork – TrendLabs Security Intelligence Blog and this is quite interesting. This is the beginning I think of a bigger problem we’ll have to fight.

Comments Off on Confucius is now back, did you think it was dead?

Running a government site? You should be ashamed of yourself for this: especially if you’re the pentagon

So I recently read an article on Cyberscoop that talks about the government, more specifically, the pentagon. You’d think that security is important when it comes with the government, however, they have proven not to care that much. Pentagon’s websites need better security, Wyden says is the name of the article, and this can’t be a good sign. Self signed certs is not the way to go now a days. You need an authority to sign certs. Check the article out, let me know your thoughts.

Comments Off on Running a government site? You should be ashamed of yourself for this: especially if you’re the pentagon

If you live in California, you’ll want to read this

Hi all,

While perusing the tech news of the feeds I subscribe to, Cyberscoop was the one that wrote up a story dealing with a California Breach. The article Hackers steal PII and payment info of thousands of California residents in company breach was posted May 21, 2018 and its something we Californians need to be aware of. This can’t be good. I have a very bad hunch that this is only going to get worse, and sadly, there is nothing we can do as a whole to stop it except to not do business online. Sometimes, thats the best thing, because we want services only available online. I’m not saying that we should completely stop, but with all the breaches coming, how can we learn how to protect ourselves? This is not going to be good, but I hope that we can find a solution. Thoughts?

Comments Off on If you live in California, you’ll want to read this

IOS and Mac updtates now ou

Hi all,

This blog post from Apple Vis indicates that there are IOS and Mac updates. Mainly security patches, but nothing huge if you’re running a 7 or below. The fixes for IOS is dealing with iphone 8 specifics.

Comments Off on IOS and Mac updtates now ou

Here’s some of what I’ve been reading of late

hi all,

Here’s what I’ve been reading of late that people might find of interest.

  • Financial Cyber Threat Sharing Group Phished (Krebs on Security) This article was of interest because the financial industry has control of our money and allows us to either spend what we have, or go broke, depending on our own financial situation. They don’t have a say so on how we spend our money, but money is printed and the whole bit so we have it available. The fact that anyone in any sector can be phished shows how vulnerable the human mind is. It just takes one mistake to have an issue.
  • Nuance Communications says NotPetya attack has cost it $92 million since June (Cyberscoop) I selected this one for the blog because we all know who Nuance Communications is. They are the ones who gave us some voices for our access technology and other products. The fact they’re in other businessesdoesn’t surprise me. The fact they got hit with ransomware or malware doesn’t necessarily surprise me either, because we just don’t know who will get hit with these things today. What gets me is the amount of money lost by such an attack. 92 million dollars to lose is a big amount for a company and the original story before I read it had a figure of almost 100 million. My only questions is how they come up with these numbers. I’m not saying they’re wrong, but I’m asking how they can figure out that it is 92 million, 98 million, or even 100 million if thats what they could’ve lost. If they spent that much, I could see that in records, but I believe the number was 92 million lost in potential sales, and that, I’m wondering about.
  • Android still has issues, and this Cyberscoop article might be of interest to you. New Android malware steals user data, records audio and incurs phone charges is the article, and is something to be aware of.
  • In the what the hell department, I saw this article from Cyberscoop entitled Big banks want to weaken the internet’s underlying security protocol and I was like what the hell? What are they thinking? Read this and submit your comments.
  • Trust certificates is the way SSL works. In a very shocking article, Cyber Scoop is reporting that 23,000 certs were recently revoked in an article Trustico revokes 23,000 SSL certificates due to compromise and I just had to shake my head.

There’s plenty more on my twitter feed that might catch your attention. Let me know your thoughts.

Comments (1)

The Feds Can Now (Probably) Unlock Every iPhone Model In Existence

Oh boy. Here we go. What do you all think?

Sources say iPhone X and iPhone 8 can already be unlocked via Israeli company Cellebrite, one of America’s favorite contractors.

Source: The Feds Can Now (Probably) Unlock Every iPhone Model In Existence

Comments (3)

Mandatory data breach reporting starts for small business

Just read this article entitled Mandatory data breach reporting starts for small business and I want to make sure that users who come across this blog are aware of the new changes. One of the things that it says that is of importance deals with fines after a breach if notification is not made. One number that comes out is 360,000 and the other is 1.8 million dollars respectively.

Don’t get caught in this. I try to make sure people have their information protected the best I can. I’m based in the United States, and we don’t have a say so when our information gets taken. I think this should be something adopted no matter where you live, as it can be something we can all learn from what Australia is doing.

Here is a portion that might be of use from this article:


“Severe consequences

Small businesses have been warned the consequences of a data breach can be severe; from financial to brand and reputational damage, Paul Gracey, director
of printing systems for HP South Pacific says.

“Security threats are evolving every day. Due to reduced effectiveness of firewall protection, every device on an organisation’s network is at risk, and
unfortunately printing and imaging devices are overlooked and left exposed.”

Security blind spots threaten to unhinge small business owners, such as visual hacking (where confidential data is read directly from a device’s screen
without permission), he says.

Over half of the respondents flagged ‘‘employee carelessness’’ as a significant security threat to their business, with concerns not just over the behaviour
of staff when outside the office, but external threats such as visual hacking, Gracey says.

“Think about the number of times you’ve opened your work laptop on the train or bus, only to catch someone looking over your shoulder.”

Visual hacking is a problem for small business. figure
Visual hacking is a problem for small business.
Visual hacking is a problem for small business. figure end

The not-so-humble printer is increasingly becoming the entry point of choice for hackers, and as SMBs remain focused on security software, hackers are
looking to printers as the easy way into a business.

Gracey explains that smart printers can retain sensitive information and are often excluded from risk assessments. “Small businesses need to ask what data
they have, where it’s kept and where it is being used,” he says.”


If nothing else, we know no matter the business, nobody is prepared. Lets have a discussion on what we can do to start the process of doing the best we can, even though a lot of it is out of out of our hands.

Comments Off on Mandatory data breach reporting starts for small business

More Russia news in regards to metaling in our election

Hi all,

On an earlier post, we linked to a news article with a link to news in regards to Russia’s involvement in the United States Election. I’d like to take this opportunity to give you a couple of more articles that may be better to read.

I hope that these articles may help to shed the light on the serious problem that we had in the elections. We’ll of course keep you up to date when we learn more, as social media, and other aspects of technology was used.

Comments Off on More Russia news in regards to metaling in our election

Robert Mueller charges 13 and one company for interfeerence

Read Robert Mueller’s indictment of 13 Russian nationals for election meddling is the story dealing with the potential issue of the elections and how they were messed with. It does link to another page, and the article here is quite short. I downloaded the video that was found on you tube, and you can get to Special Counsel Mueller’s video by using this link to go there. Thanks so much for listening and participating.

Comments Off on Robert Mueller charges 13 and one company for interfeerence

Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

This is the update on the equifax deal that has been going on. I saw a retweet but this comes from Sans via the registor in the UK.

Pwned credit-score biz quietly admits more info lost

Source: Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

Comments Off on Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

First ‘Jackpotting’ Attacks Hit U.S. ATMs

I read this one entitled First ‘Jackpotting’ Attacks Hit U.S. ATMs and I thought this was very clever. I’ve never heard of this being done until I saw this. The next article here talks about an arrest from this, so we’re starting to see that crime does not pay just like the shadow says.

Comments Off on First ‘Jackpotting’ Attacks Hit U.S. ATMs

Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US

In the great news department, we get two things in one. Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US is the name of the article by Brian Krebs. In it, Brian talks about an arrest after someone had ATM’s delivered to his home, as well as when he got picked up, he had drugs too. Nice combination. Brian goes in to detail about this one. Nice going, here’s your sign. Hope you have a good time telling everyone what you did.

Comments Off on Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US

Have you started the process of filing taxes? Do it soon for 2018

Just saw this article from Krebs entitled File Your Taxes Before Scammers Do It For You which was dated today. Have you started to do your taxes and get them ready for filing? If not, do look to see if you’re ready to do so. The criminals are waiting or not waiting for you. Thanks for reading.

Comments Off on Have you started the process of filing taxes? Do it soon for 2018

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

I also came across some good news, something we need to pass along in this crazy world. I don’t remember news this good coming at the beginning of the year. In the wake of all of the news on the two major tech issues effecting different computer chips, we come across the great news in Canada. Canadian Police Charge Operator of Hacked Password Service Leakedsource.com which got a comment on a quoted tweet saying “oh boy.”

At the time of posting, this web site, hosted through cloudflare networks, indicate that the DNS can’t be resolved in an error message I’ve never seen: error 1016.

Since the operator has been arrested, we know that this can’t be good as this site, according to the article, had the ability of telling you whether your email address was part of a potential breach. Helpful, definitely, but to get the password associated with any breach, you needed to pay.

This is how someone can get caught, no? The guy involved was using PayPal for his payment gateway, and they have to follow the laws in each country in which they operate to turn over info if requested for investigation.

If I see any other news on this one, I’ll be sure to pass it along.

Comments Off on Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter

This was posted on the 15th from Krebs oon Security, and I saw it on the 17th. The article is entitled Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter. I just had a hunch that his comments in Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes which was posted on Krebs on the 2nd of January would come and bite him. He said that bombing would be better than the full swat. The book has been thrown at this guy with invluntary manslaughter.

“Involuntary manslaughter usually refers to an unintentional killing that results from recklessness or criminal negligence, or from an unlawful act that
is a misdemeanor or low-level felony (such as a DUI).”

findlaw.com

I blieve but don’t remember correctly at the moment, but the article mentions an 11 year sentence if convicted. Wonder if this guy had any idea he was going to get caught? Technology companies that provide services to spoof your number are compeled to comply with an order for information, especially when someone gets hurt, or in this case, accidentally killed.

This guy will join the ranks of the people who think they can’t get caught. They think they won’t get caught.

I hope you’ve got some time to think about this one, and may you learn a lesson about human life and what it means to be one.

Comments Off on Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter

UK Conviction Arises out of Trend Micro and NCA Partnership

I read this morning an article entitled UK Conviction Arises out of Trend Micro and NCA Partnership and I always love stories like this. It proves that crime does not pay, even if it crosses borders which the Internet does. Krebs also writes articles detailing arrests as well, but I’ll cover that separately after its read. Thanks for checking out the blog, and for participating in the podcast if you chose to download it and write comments.

Comments Off on UK Conviction Arises out of Trend Micro and NCA Partnership

Patch Tuesday is here

Patch Tuesday is here, and so are articles in regards to what is in them. This Trend Micro article entitled January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre tells us about some of the issues and describes the two biggest bugs talked about now. Of course, we can’t forget the Krebs coverage of patch tuesday with his article this month entitled Microsoft’s Jan. 2018 Patch Tuesday Lowdown iws just that, a rundown, including links to other coverage on the blog. On the 3rd of January, our contributer, Shaun Everess, sent me this PC World article entitled Meltdown and Spectre FAQ: How the critical CPU flaws affect PCs and Macs and it does go in to some detail on the latest two major issues. I’m still confused about these two flaws, but it doesn’t appear to just be an Intel issue from what I’m hearing. This article from F-Secure which I read did help some. Some Notes On Meltdown And Spectre is the article from these guys. Trend Micro also has an article entitled When Speculation Is Risky: Understanding Meltdown and Spectre – TrendLabs Security Intelligence Blog and thats the first article I read on this issue. We’ll continue to monitor this one, and any other issues that we have been made aware of.

Comments Off on Patch Tuesday is here

Older Posts »

go to sections menu


navigation menu

go to sections menu