The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
I saw this article in the Sans security newsletter about this guy who supposedly sent a tweet with an image to cause a seizure. This is fucked up. US man held for sending flashing tweet to epileptic writer is the article. This is absolutely rediculous for someone who is a writer to send someone else a writer something you know can cause irrepairable damage. I don’t understand why you would knowingly do this. 10 years in jail? This can’t be enough to repair any damage this guy dhas to go through to get his life back especially if the seizure left him in a state where he needs more help than normal. Wow.
On February 15, 2017: a company called ATPC (the Alternate Text Production Center) was hit with a ransomware strain. The E-mail that was sent to me indicated multiple things that I would like to highlight in this ever important effort on continuing education on the epidemic.
- First, they had backups of everything that was currently set to be produced. While clients uploaded files through a protocol called FTP, the company did have a policy in place about this access they needed to change after this epidemic.
- Next, the notice was very straight forward in what happened, steps they took to mitigate the attack, and what they were doing to make sure that it didn’t impact them like this again.
Here is a baseline of what they said.
- The FTP server had files up there, and the policy indicated that it was for short term storage. These files are small, even though they were books to be sent in braille or electronically to customers.
- They made sure all files were backed up in multiple locations so if a file they needed to send either in braille or electronically was infected, they had clean copies. This was the most important step in this process. If you have read Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows you will know that most companies have no choice. Just look at this LAVC update that I posted after my first post on that which asks Are schools next in the cyber race? I really think this step was important.
- They sent out a notice to their customers. This is very important as you want them to know that you know about the issue, and what you’re doing about it. They don’t want to find out after the fact. LAVC called and E-mailed us, and even braught in experts which advised they should pay. LAVC is a lot larger than ATPC, but ATPC notified their customers and prevented that whole mess.
The points I’ve made and links to the articles should highlight that ATPC has done the right thing, and they are a small business. I don’t think there is any other way of doing this without having to pay like LAVC did, and that took out their Internet and phone systems. While a few files were lost, they were easily retrieved elsewhere. This is a perfect case of something that went wrong, and the perfect solution to a very complex systematic problem of keeping us safe.
Each ransomware case is different, but hopefully, we can learn from this textbook case. Thoughts? Get in touch.
More information: Alternate Text Production Center
I’ve just gotten a chance to read this article from Sans E-mail that talks about whether or not we understand a lot of whats going on today and how to protect ourselves. While I believe education is the key, constant understanding and reading of articles like the one show here will keep you in tact. Check this one out.
On the 3rd of March, this article entitled Phishing with Wildcard DNS Attacks and Pharming was posted. This was interesting because of the fact that we are learning a new term. According to Wikipedia: Pharming is the deceit of a web site where a cyber attack is done to make the site go somewhere else. Here is the paragraphs talking directly about Pharming from Wikipedia. To learn more, please click through.
“Pharming[a] is a cyber attack intended to redirect a website’s traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as “poisoned”. Pharming requires unprotected access to target a computer, such as altering a customer’s home computer, rather than a corporate business server.
The term “pharming” is a neologism based on the words “farming” and “phishing”. Phishing is a type of social-engineering attack to obtain access credentials, such as user names and passwords. In recent years, both pharming and phishing have been used to gain information for online identity theft. Pharming has become of major concern to businesses hosting ecommerce and online banking websites. Sophisticated measures known as anti-pharming are required to protect against this serious threat. Antivirus software and spyware removal software cannot protect against pharming.”
If this is true, what type of things can we as citizens do to be able to protect ourselves from this new threat? We’re going to have to explore this together and see what types of things we can do.
- While this isn’t fullproof, make sure you’re on the site you want to be on before entering any type of data. If you want to go to PayPal, make sure PayPal is in its URL, and not redirected to somewhere else.
- If the site is supposed to be secure, make sure the URL says htttps and not http. Especially when logging in to sensitive places.
- Make sure you know if the web site is to go somewhere else by a redirect. Most sites don’t redirect to offsite URL’s.
On that last point, I have a redirector for a sub domain to point directly to an HTML site on the same site. I also had a sub domain pointing directly to my blog at livejournal, but i show you where it is going, instead of hiding that fact. This way, the user can question me about that, and I can tell them its safe.
What other thoughts do you have? Get in touch.
I know I may be posting things that were posted in the past, but I found this article entitled Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows that was sent in a newsletter that I’m subscribed to. The library should be commended to the fact that they did not pay the demands of the hackers, and were able to get their data back from backups. I believe this is how it should go. I’m curioius on your thoughts on this one, even though its older, its still relivant.
I read this article entitled Kids and Internet Safety: How Parents Should Have ‘The Conversation’ and there are some takeaways here.
“Threats are everywhere
U.S. households are filled with more devices than ever before. Recent research conducted by Trend Micro found that nearly 30 percent have three or more smartphones, around a third have two or more tablets and close to half have two or more computers in their household. These are your gateway to the internet. But they can also be a doorway for malicious attackers to enter your virtual world, and that of your children.
Why is this important? Because you are ultimately responsible for your child’s safety online, just as you are in the real world. And those cyber threats aren’t going away anytime soon. In fact, we found that two-thirds (65 percent) of American families have had their home PCs infected with a virus or piece of malware. Over a third (36 percent) have lost files or had them damaged, and 13 percent have had passwords stolen. The repercussions are potentially serious, ranging from identity and financial fraud to ransomware which can lock the entire family out of their devices and render all your personal data useless.
What’s more, there are specific online threats to children to be mindful of. Over a third (34 percent) of U.S. respondents claimed their children have viewed inappropriate content online. And 8 percent said they kids had suffered at the hands of cyberbullies. Unfortunately, bullying is as old as mankind, but in the cyber world taunts and threats can be far worse as the offenders feel they are hidden by a blanket of online anonymity. That 8 percent figure is likely to be far higher in reality, as many victims will choose not to report cyberbullying.”
There’s more to this article, but this needs to be talked about. Even the kids I know are starting to have time restrictions placed on the use of devices. Check this article out.
I read this article entitled Ransomware for Dummies: Anyone Can Do It and this is so true. I’ve never got in to bitcoin at all, and honestly, I don’t know how accessible it would be, but seeing that bitcoin is even hard to buy, I’m surprised how lucritive this actually is. I still remember the story I heard on NPR I believe it was, where someone was forced to travel 200 miles in a storm to get money to pay to get their files back. While they missed their deadline, the people said they paid, and released their files. This definitely should be something to read. Thoughts?
I saw two articles from Last Pass recently, and it seems as though the bug is repaired. Two Security Bulletins: SHA-1 Collision Attack and Cloudflare Incident posted on the 24th and Alerts for Cloudflare Sites in LastPass Security Challenge which was posted on the 27th of this month. Lastpass can be trusted on getting this type of information out accurately, and I trust that the issue has been fixed and nothing is at risk unless it is cached. Check these out.
Update: Fixed a broken link for the first story. Also, this was discussed on SN 601. Sorry about that!
I saw this article on Herbie’s facebook. The world’s first braille smartwatch is on its way to buyers is the name of the article. According to Herbie, its about $300 and this does sound interesting. Check this one out.
I saved a link to a video, which unfortunately, I can’t download. How To Avoid Becoming the Next Big Phishing Headline is the article, and it should be checked out. The video is free to watch.
Comments Off on How To Avoid Becoming the Next Big Phishing Headline
This is only some of what I’ve been reading in the tech world this past week.
How to Bury a Major Breach Notification February 21, 2017 Krebs On Security
The Healthcare Underground: Electronic Health Records for Sale February 21, 2017 Trend Micro
RAMNIT: The Comeback Story of 2016 February 20, 2017 trend micro
Shooting Gallery: A Breakdown of Phishing Targets in 2016 February 21, 2017 Phishlabs
Fake apps, fake games: An update on gaming malware February 23, 2017 Trend Micro
Hope you’ll find something of interest to read.
Comments Off on Some of what I’ve been reading this week
Hello folks, I was tipped off to this Roger posting entitled What we’ve been up to: Project Fika and it talks about Rogertalk closing March 15, 2017 in exchange for a business platform called Fika. I know from reading the release here that it will include video and other business related things to get things done, similar to whats already out there. Sometimes, companies need to focus their attention to things that make money, as they need to stay afloat.
I liked roger for its security aspect within the app. While I was told they use straight mp3 files when using something like IFTT, the app itself was garnered very secure, and this is because no telephone numbers were ever needed. The thing I don’t like about whats app is the fact you need to associate your number, and unless the number is in everyone’s contacts, everyone sees this information. I do not personally want to give my cell phone number out publically, although i have done it occasionally for people having whats app, I only announced it once, and left it at that.
This must have been a hard decision for the company, although, people may have complained too much about things the blocking feature should’ve taken care of, so they got tired of it. The blind community wine too much when we have something good a company is offering, but it would not surprise me if it was both, a company decision, driven by false abuse compalints solved by people complaining aabout name calling, etc. which people are doing in this community.
Roger, you’ll be missed. Sorry to see you go.
Comments Off on Roger talk: What we’ve been up to: Project Fika
Some of the articles are already here, but here are some of the other things I’ve read as of late.
- Who Ran Leakedsource.com? Krebs on security
- This site as I was just curious what was there now, says it is down for maintenance or unavailable. I read Kreb’s article earlier on Feb 15, and it is a good one. I didn’t cover this in news notes, for the next upcoming podcast, however, Krebs always does a good job with these. Guess we’ll find out more later.
- This article caught my attention because it talks about web hosting services, and a number of places that have unix as a platform and how actors can take advantage of things to do a number of things to the computer including making it useless for its task.
- These two articles talk about the same thing, and i cover this in my news notes for the upcoming podcast. This is definitely of interest because of the fact that a huge number of devices can be potentially targeted because some aspects of the devices are public facing either by design, or by mistake. For those who don’t know, Shodan is a site similar to google, but they analyse ports and whats out there, where Google indexes web sites in general. The research is interesting, and an eye opener.
- This is a big ransomware headache, and what I read today from this article absolutely scares me. Two things stick out in regards to this article. First, it says it doesn’t toucch the program data, it only encrypts your files. It also says it checks three times for antivirus software. From my understand of reading these articles, ransomware won’t let you do anything else until you pay up, so your antivirus or other security software is useless. I wonder why they did this?
- RDP was talked about on Security Now, I don’t remember exactly what it does, but this definitely sounds bad. Are there better things to do?
- Finally, as we haven’t had enough with this ransomware, and now that the code is out, its only going to get worse. This is the next thing coming, where it can plant more stuff to worry about. This can’t get worse, can it?
If you have any comments on these, fire away. I’ll have more later.
Comments Off on News notes for this week
I read today an article entitled Mirai Widens Distribution with New Trojan that Scans More Ports and it was very interesting how this bot has just morphed in to something that can just cause havoc. Sometimes, releasing source code can be a good thing, but in this case, it is for all bad. This is something probably good for the security community at the time it was done, but now, who knows what else can happen. If we were to defend from this, how would we be doing this successfully?
Comments Off on Mirai Widens Distribution with New Trojan that Scans More Ports
On the 6th of February, Top 10 Spammer Indicted for Wire Fraud was published, and I always love covering news that is great. We need good news after reading about really bad breaches we have no control over. Check out the good news here.
Comments Off on Top 10 Spammer Indicted for Wire Fraud
Hello folks, on February 9th, I saw this post from Krebs on Security entitled Fast Food Chain Arby’s Acknowledges Breach but I honestly don’t remember ever reading anything initial from the blog talking about it. I can’t blame myself because i read so much stuff. There are links to other similar breaches including Wendies which then confirmed the breach two months later. I don’t remember ever eating at the chain called Arby’s, but it would be comparable to something like subway from what I know of it, or similar to a delli.
In any case, this can’t be good for consumers, as if you went back after getting your card replaced, the cycle starts all over again. We know this happened after the target and wendies breaches. It would have been more on wendies than target, but it is still a problem today. As consumers, we need to figure out how we can hold companies accountable for these types of activities. If you have constructive thoughts, I’d love to hear from you.
Comments Off on Fast Food Chain Arby’s Acknowledges Breach
On the 6th of February, I saw this article entitled InterContinental Confirms Breach at 12 Hotels which reminds me of the multiple trump hotel breaches. While this story indicates that trump hotels acknowledged the breaches, I honestly don’t remember this as part of reading them back then. Here is the first story and here is the second one. If you read that there was confirmation, please let me know, as I don’t remember reading that they confirmed anything.
This story also has stories dealing with other breaches the blog covered from the past year. This hopefully will slow down, at least I hope they do, as there are better things to do than cover breaches which is why the podcast slowed down, but since it picked up, we need to be vigelant about this.
This story goes in to detail on what happens, so please take a look.
Comments Off on InterContinental Confirms Breach at 12 Hotels
Shaun sent this article entitled Fashion company’s rude response shock s job applicant on the 27th of January. I’m getting a chance to read this, but there is a difference between a breach and a hack. The fact that the company apologized is a first step on fixing something which should never happen in the first place when looking for a mjob. The applicant, according to the article, had plenty of experience and a finished schooling and deploma to top it all off. That is definitely going to be a public nightmare for this company.
Comments Off on Fashion company’s rude response shock s job applicant
In the catching up department, I remember this story well, in fact, this was one of these stories where great thought was put in to this from what i can tell. How Google Took on Mirai, KrebsOnSecurity goes in to the detail on how this great resource that has tipped me off in to the enourmous breaches we’ve been seeing lately and how i was made aware of them thanks to Krebs. The botnet in question has been covered in great length by Security Now as well as Kreb’s blog. Check out this one.
Comments Off on How Google Took on Mirai, KrebsOnSecurity
Hacker Selling 126 Million Cell Phone Details of “U.S. Cellular” Customers is an interesting story. The update at the bottom says that it isn’t U.S. Cellular data, but if you read it closely, it could be. I’m not going to pay the 500 plus dollars to find out, but it is scary just the same. Wonder if it could be former data, meaning the data comes from customers who may have left for any reason?
Comments Off on Hacker Selling 126 Million Cell Phone Details of “U.S. Cellular” Customers
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
- The tech blog’s pages