go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu



Here’s some of what I’ve been reading of late

hi all,

Here’s what I’ve been reading of late that people might find of interest.

  • Financial Cyber Threat Sharing Group Phished (Krebs on Security) This article was of interest because the financial industry has control of our money and allows us to either spend what we have, or go broke, depending on our own financial situation. They don’t have a say so on how we spend our money, but money is printed and the whole bit so we have it available. The fact that anyone in any sector can be phished shows how vulnerable the human mind is. It just takes one mistake to have an issue.
  • Nuance Communications says NotPetya attack has cost it $92 million since June (Cyberscoop) I selected this one for the blog because we all know who Nuance Communications is. They are the ones who gave us some voices for our access technology and other products. The fact they’re in other businessesdoesn’t surprise me. The fact they got hit with ransomware or malware doesn’t necessarily surprise me either, because we just don’t know who will get hit with these things today. What gets me is the amount of money lost by such an attack. 92 million dollars to lose is a big amount for a company and the original story before I read it had a figure of almost 100 million. My only questions is how they come up with these numbers. I’m not saying they’re wrong, but I’m asking how they can figure out that it is 92 million, 98 million, or even 100 million if thats what they could’ve lost. If they spent that much, I could see that in records, but I believe the number was 92 million lost in potential sales, and that, I’m wondering about.
  • Android still has issues, and this Cyberscoop article might be of interest to you. New Android malware steals user data, records audio and incurs phone charges is the article, and is something to be aware of.
  • In the what the hell department, I saw this article from Cyberscoop entitled Big banks want to weaken the internet’s underlying security protocol and I was like what the hell? What are they thinking? Read this and submit your comments.
  • Trust certificates is the way SSL works. In a very shocking article, Cyber Scoop is reporting that 23,000 certs were recently revoked in an article Trustico revokes 23,000 SSL certificates due to compromise and I just had to shake my head.

There’s plenty more on my twitter feed that might catch your attention. Let me know your thoughts.

Comments (1)

The Feds Can Now (Probably) Unlock Every iPhone Model In Existence

Oh boy. Here we go. What do you all think?

Sources say iPhone X and iPhone 8 can already be unlocked via Israeli company Cellebrite, one of America’s favorite contractors.

Source: The Feds Can Now (Probably) Unlock Every iPhone Model In Existence

Comments (3)

Mandatory data breach reporting starts for small business

Just read this article entitled Mandatory data breach reporting starts for small business and I want to make sure that users who come across this blog are aware of the new changes. One of the things that it says that is of importance deals with fines after a breach if notification is not made. One number that comes out is 360,000 and the other is 1.8 million dollars respectively.

Don’t get caught in this. I try to make sure people have their information protected the best I can. I’m based in the United States, and we don’t have a say so when our information gets taken. I think this should be something adopted no matter where you live, as it can be something we can all learn from what Australia is doing.

Here is a portion that might be of use from this article:


“Severe consequences

Small businesses have been warned the consequences of a data breach can be severe; from financial to brand and reputational damage, Paul Gracey, director
of printing systems for HP South Pacific says.

“Security threats are evolving every day. Due to reduced effectiveness of firewall protection, every device on an organisation’s network is at risk, and
unfortunately printing and imaging devices are overlooked and left exposed.”

Security blind spots threaten to unhinge small business owners, such as visual hacking (where confidential data is read directly from a device’s screen
without permission), he says.

Over half of the respondents flagged ‘‘employee carelessness’’ as a significant security threat to their business, with concerns not just over the behaviour
of staff when outside the office, but external threats such as visual hacking, Gracey says.

“Think about the number of times you’ve opened your work laptop on the train or bus, only to catch someone looking over your shoulder.”

Visual hacking is a problem for small business. figure
Visual hacking is a problem for small business.
Visual hacking is a problem for small business. figure end

The not-so-humble printer is increasingly becoming the entry point of choice for hackers, and as SMBs remain focused on security software, hackers are
looking to printers as the easy way into a business.

Gracey explains that smart printers can retain sensitive information and are often excluded from risk assessments. “Small businesses need to ask what data
they have, where it’s kept and where it is being used,” he says.”


If nothing else, we know no matter the business, nobody is prepared. Lets have a discussion on what we can do to start the process of doing the best we can, even though a lot of it is out of out of our hands.

Comments Off on Mandatory data breach reporting starts for small business

More Russia news in regards to metaling in our election

Hi all,

On an earlier post, we linked to a news article with a link to news in regards to Russia’s involvement in the United States Election. I’d like to take this opportunity to give you a couple of more articles that may be better to read.

I hope that these articles may help to shed the light on the serious problem that we had in the elections. We’ll of course keep you up to date when we learn more, as social media, and other aspects of technology was used.

Comments Off on More Russia news in regards to metaling in our election

Robert Mueller charges 13 and one company for interfeerence

Read Robert Mueller’s indictment of 13 Russian nationals for election meddling is the story dealing with the potential issue of the elections and how they were messed with. It does link to another page, and the article here is quite short. I downloaded the video that was found on you tube, and you can get to Special Counsel Mueller’s video by using this link to go there. Thanks so much for listening and participating.

Comments Off on Robert Mueller charges 13 and one company for interfeerence

Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

This is the update on the equifax deal that has been going on. I saw a retweet but this comes from Sans via the registor in the UK.

Pwned credit-score biz quietly admits more info lost

Source: Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

Comments Off on Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc • The Register

First ‘Jackpotting’ Attacks Hit U.S. ATMs

I read this one entitled First ‘Jackpotting’ Attacks Hit U.S. ATMs and I thought this was very clever. I’ve never heard of this being done until I saw this. The next article here talks about an arrest from this, so we’re starting to see that crime does not pay just like the shadow says.

Comments Off on First ‘Jackpotting’ Attacks Hit U.S. ATMs

Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US

In the great news department, we get two things in one. Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US is the name of the article by Brian Krebs. In it, Brian talks about an arrest after someone had ATM’s delivered to his home, as well as when he got picked up, he had drugs too. Nice combination. Brian goes in to detail about this one. Nice going, here’s your sign. Hope you have a good time telling everyone what you did.

Comments Off on Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US

Have you started the process of filing taxes? Do it soon for 2018

Just saw this article from Krebs entitled File Your Taxes Before Scammers Do It For You which was dated today. Have you started to do your taxes and get them ready for filing? If not, do look to see if you’re ready to do so. The criminals are waiting or not waiting for you. Thanks for reading.

Comments Off on Have you started the process of filing taxes? Do it soon for 2018

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

I also came across some good news, something we need to pass along in this crazy world. I don’t remember news this good coming at the beginning of the year. In the wake of all of the news on the two major tech issues effecting different computer chips, we come across the great news in Canada. Canadian Police Charge Operator of Hacked Password Service Leakedsource.com which got a comment on a quoted tweet saying “oh boy.”

At the time of posting, this web site, hosted through cloudflare networks, indicate that the DNS can’t be resolved in an error message I’ve never seen: error 1016.

Since the operator has been arrested, we know that this can’t be good as this site, according to the article, had the ability of telling you whether your email address was part of a potential breach. Helpful, definitely, but to get the password associated with any breach, you needed to pay.

This is how someone can get caught, no? The guy involved was using PayPal for his payment gateway, and they have to follow the laws in each country in which they operate to turn over info if requested for investigation.

If I see any other news on this one, I’ll be sure to pass it along.

Comments Off on Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter

This was posted on the 15th from Krebs oon Security, and I saw it on the 17th. The article is entitled Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter. I just had a hunch that his comments in Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes which was posted on Krebs on the 2nd of January would come and bite him. He said that bombing would be better than the full swat. The book has been thrown at this guy with invluntary manslaughter.

“Involuntary manslaughter usually refers to an unintentional killing that results from recklessness or criminal negligence, or from an unlawful act that
is a misdemeanor or low-level felony (such as a DUI).”

findlaw.com

I blieve but don’t remember correctly at the moment, but the article mentions an 11 year sentence if convicted. Wonder if this guy had any idea he was going to get caught? Technology companies that provide services to spoof your number are compeled to comply with an order for information, especially when someone gets hurt, or in this case, accidentally killed.

This guy will join the ranks of the people who think they can’t get caught. They think they won’t get caught.

I hope you’ve got some time to think about this one, and may you learn a lesson about human life and what it means to be one.

Comments Off on Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter

UK Conviction Arises out of Trend Micro and NCA Partnership

I read this morning an article entitled UK Conviction Arises out of Trend Micro and NCA Partnership and I always love stories like this. It proves that crime does not pay, even if it crosses borders which the Internet does. Krebs also writes articles detailing arrests as well, but I’ll cover that separately after its read. Thanks for checking out the blog, and for participating in the podcast if you chose to download it and write comments.

Comments Off on UK Conviction Arises out of Trend Micro and NCA Partnership

Patch Tuesday is here

Patch Tuesday is here, and so are articles in regards to what is in them. This Trend Micro article entitled January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre tells us about some of the issues and describes the two biggest bugs talked about now. Of course, we can’t forget the Krebs coverage of patch tuesday with his article this month entitled Microsoft’s Jan. 2018 Patch Tuesday Lowdown iws just that, a rundown, including links to other coverage on the blog. On the 3rd of January, our contributer, Shaun Everess, sent me this PC World article entitled Meltdown and Spectre FAQ: How the critical CPU flaws affect PCs and Macs and it does go in to some detail on the latest two major issues. I’m still confused about these two flaws, but it doesn’t appear to just be an Intel issue from what I’m hearing. This article from F-Secure which I read did help some. Some Notes On Meltdown And Spectre is the article from these guys. Trend Micro also has an article entitled When Speculation Is Risky: Understanding Meltdown and Spectre – TrendLabs Security Intelligence Blog and thats the first article I read on this issue. We’ll continue to monitor this one, and any other issues that we have been made aware of.

Comments Off on Patch Tuesday is here

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind was sent to me by my dad. I could see the benefits of this device and have played with the one at my home a little bit. I do have the app on my phone, but I haven’t really played with it. This was an interesting story, hope you all read it.

Comments Off on Why Amazon’s Alexa Is ‘Life Changing’ for the Blind

Swatting, is this a big problem?E

Hi all,

I want to go more in depth with the following, but would like to post this for now. There are two articles through Krebs on Security, and even the news has covered this. First article is Kansas Man Killed In ‘SWATting’ Attack and the second is <a href=”Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes. I’m a little surprised that this type of activity is still going on today, especially with all of what is happening with the big time breaches.

KNX even mentioned this in a news story through a segment during the 1 PM PT hour in a segment called More In Depth. Suspect In Fatal Swatting Hoax Appears In LA Court, Will Not Fight Extradition so this means he’ll go to Kansas to be charged with murder or another crime depending on what they want to do.

Swatting is not normal, and I mixed up my words this evening talking to someone that lives here, and I am not going to mix it up for the article. Here is what Wikipedia says about Swatting. In the KNX report I heard this afternoon during the news segment I told you about above, the gentleman involved had a way to have his number look like he was in the state. Then he called someone and reported the incident. This whole thing started in an online forum, and another gentleman was giving the one who did it the wrong adress. The gentleman who did this feels bad a guy died, and said he’d rather do bomb threats instead of direct swatting.

Krebs on Security did a great job covering this in both stories I’ve linked above.

The KNX segment was also interesting, the news anchor asked what can be done. The guy interviewed did say that this was tricky, because you don’t nbecessarily call 911, they just call the emergency number and use a service to make it look like you’re in the state. Here are my thoughts.

First, get the telephone number of the caller. I’m not sure what number this guy gave, but when getting the number, call the number back if possible. The reason for the number being called back is simple. If someone other than the original caller answers, you know there is nothing up. In a real emergency, you’d be able to hear something going on. With the callback method in a non-emergency situation, you have time to figure out if this is real or fake. Seeing that the caller gave a number in the area, and not his own, you’d either get a disconnected number or you’d get someone else.

If the gentleman called 911 from a state bound number, than you can’t call back, you’d have your tools handy to tell where the call was coming from. You could use that data, and background noise, to determine if something was going on. If there was a hostage situation, you definitely in my opinion not be calm like the reports indicate.

Always make sure that the information you are given is correct. I’m sure emergency services already does this, but it isn’t a bad idea to say so here.

Do you, the reader, have any thoughts on this? Do report your thoughts.

Comments Off on Swatting, is this a big problem?E

With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously –

On December 21, 2017: I read this article entitled: With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously – and it is definitely concerting. I’m wondering if this is going to be part of the bigger picture of predictions of 2018? I’ll write a post, and publish it when its ready. I just don’t think its going to get any better, but only time will tell.

Comments Off on With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously –

This can’t be good: Equifax or Equiphish?

I just read this article entitled Equifax or Equiphish? and I’m personally not convinced that a freeze is the answer to all of these issues with Equafax and its continuing issues on letting us know about their breach. The more I read about what they’re doing, the more I don’t want any of what they’re offering.

  • Charging consumers to put a freeze on their file because they didn’t update their software
  • Having everyone sign up for credit monitoring which is fine, but then saying you’re not effected
  • When the breach first occurred, telling people to come back at a certain date but the site doesn’t work
  • Having Experian which I understand they control being part of the data breach problem as they had their own issues

When I first got the letter from the OPM breach, and entered my information that I was given, I talked to an agent. The agent was very nice, and explained who they were, as I had no idea. I know that fingerprints are needed as part of getting a job in some cases, but we do not have any idea on who is offering the service for the company. I’m really wondering if we’re losing control of our information. There will be no way for us to have control of it come the next 5 to 10 years.

Have thoughts? Please feel free to sound off in the comments, and let us know how you have credit checked if you apply for a credit card or loan. This can’t be good.

Comments (2)

Social Media Is Bad for Your Soul

I don’t post a lot on social media myself these days, except what I’m publishing on the web in the wake of articles on vocal. I’ve been interested in interesting tech, and this article I’ve found through the new vocal site 01.media was very interesting. I personally shy away from pictures and posting my every whereabout, although I do occasionally do that. I understand the risks, but i also lock down my facebook for personal reasons, but my twitter I leave open. I don’t post much of what I’m doing anymore, I do post my articles, maybe communicate with someone if I find something interesting, but for the most part, I don’t post a whole lot like I used to. Its just changed, the way we do social media. Check this article out.

The Dangers of Living Online

Source: Social Media Is Bad for Your Soul

Comments Off on Social Media Is Bad for Your Soul

Patch Tuesday for September

Patch Tuesday is here folks, and that means another round of updates and security Fixes. Krebs on Security has an article entitled: Adobe, Microsoft Plug Critical Security Holes which was written on September 13, 2017. Trend Micro has an article entitled: Microsoft Office Zero-Day Vulnerability Addressed in September Patch Tuesday also posted the same day. I am looking to try and get back to blogging some over here, and finally releasing podcast 264 which has been sitting around for awhile. Please be safe.

Comments Off on Patch Tuesday for September

The article on Vocal: my thoughts on the Equafax breach

Hi all,

I posted the article and the sub title reads: Why You Should Be Worried After the Latest Breach. It posts all of the articles and my thoughts from the last few days, as well as some updates from two new articles, one of which I have posted. The site that it is on is called 01.media. That is where their technology articles are going, although some of my other work was moved to futurism, which was rebranded from omni.media’s branch. The article was updated before publication with two new articles in the same fassion I wrote it in. I’d like to thank my editor at vocal.media for her work with this article, and for getting it out quickly. I have others in the works, one will now be worked on, and so I’m happy for that. Thanks for your continued support of my work.

Comments Off on The article on Vocal: my thoughts on the Equafax breach

Older Posts »

go to sections menu


navigation menu

go to sections menu