go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu



In The Future, Will Your Kids Be Able To Sue You For Oversharing Online?

This article is quite lengthy, but well worth the read. I saw it on twitter today, and its a great read. It has several sides of a particular prediciment that parents get in to, and that is the sharing of their children’s lives. Some parents share everything, others share little or none. I think, that the parent needs to decide if it is something they want to do. According to the article, a French child was able to say something that got their parent in to trouble, but yet, no successful case in the U.S. has come to the courts in regards to children verses child. Will it happen? Maybe. How should we teach parents to make the right choice on what they share?

In The Future, Will Your Kids Be Able To Sue You For Oversharing Online?

Comments (3)

Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

OK, here we go. This aught to get interesting. This is strange.

The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.

Source: Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

Comments (0)

Silk Road 2 Founder Dread Pirate Roberts 2 Caught, Jailed for 5 Years – Motherboard

This is quite interesting. I’m looking at twitter and found this. I never knew who was behind the 2nd part of the silk road, but knew there was a second version of it Very interesting.

Source: Silk Road 2 Founder Dread Pirate Roberts 2 Caught, Jailed for 5 Years – Motherboard

Comments (0)

51 Critical Cyber Bullying Statistics in 2019

On the 12th of March, someone contacted me to share an article with this blog entitled 51 Critical Cyber Bullying Statistics in 2019 and there are a lot of things in there.

Cyberbullying is now defined as online, or offline methods of harassment, where by technology such as SMS, and social media is used.

There is a lot of things in this article that jump out at me, however, the biggest thing to jump out at me is the fact that this problem is not going away any time soon, and children and adults have had this done to them.

As I discussed in an earlier post, I believe that my deletion off of one of the chat lines was a bullish move, but yet, the company behind the telephone line choses to have someone that does this behavior to run it. All of that is their choice, and my participation is not wanted there.

Thats OK, we’ll just have to outsource elsewhere, and I’ve found that place.

I suggest each and every one of you look at this, and please feel free to share it.

Comments Off on 51 Critical Cyber Bullying Statistics in 2019

Patch Tuesday is come and gone, are you patched to the best of your ability?

Are you patched to the best of your ability? Articles around the web talk about patch tuesday in different ways.

I recently went through a reboot to clear up some issues, and I noticed it wanted to update so I let it do it. It took two reboots for it, so let it do its thing.

Cyberscoop also had an article of interest, you can go to their site to see if there is something of interest besides that article.

Comments Off on Patch Tuesday is come and gone, are you patched to the best of your ability?

Equifax is at it again, bad security gone wrong?

OK, so we all know that Equifax had a very big breach. We probably are finding out that it is more targeted than we think, as none of the data is in the underground. We also know that they’re scrambling to get this right because they screwed up. However, I have a very bad feeling, and I read MyEquifax.com Bypasses Credit Freeze PIN and this is not good. They can’t verify you based on info you provide, they don’t ask for the pin which is required once a freeze is put in place, and its just all bad.

Brian does a great job covering this, and I put my thoughts on board 295 on Live Wire, but I also will cover this on the next podcast. This can’t start the year right for the company, can it?

Comments Off on Equifax is at it again, bad security gone wrong?

Thousands of Arizonans hit in Medicaid agency’s data breach

OK, here we go. If you’re in Arizona, please at least read this short article. It is important for you to do so if you receive Medicade from the state. I found this toay on twitter, and I feel that we should pass this along to people who are in this state.

Thousands of Arizonans were affected by a data breach earlier this year that targeted the state’s Medicaid agency, it was announced Monday. 

Source: Thousands of Arizonans hit in Medicaid agency’s data breach

Comments Off on Thousands of Arizonans hit in Medicaid agency’s data breach

Senate panel accuses Equifax of neglecting cybersecurity ahead of 2017 breach

You aught to nbe kidding me, right? 8500 vulnerabilities that weren’t patched in 90 days? Holy crap.

An institutional neglect toward cybersecurity contributed to the massive 2017 data breach at Equifax that compromised sensitive information for

Source: Senate panel accuses Equifax of neglecting cybersecurity ahead of 2017 breach

Comments Off on Senate panel accuses Equifax of neglecting cybersecurity ahead of 2017 breach

Trends from 2018, what can we learn?

This is an article i definitely want to talk about. It is entitled A Look Back at the 2018 Security Landscape and it has some very interesting things in here.

Phishing has gone up 269 percent. That is a huge jump, and I have a hunch that it won’t get any better, will it?

Social engineering has also been in cybercriminals minds as they are using fraudulent addresses to get at their victims.

The good news is that Ransomwhere is declining, but it is still an issue for companies. I predicted that this was going to be a continuing increase, and I’m glad I’m wrong on this.

To take its place, buisness email compromise is on the rise, and that may be the upcoming trend this year. This could be just as bad as the ransomware that was once so common.

The program vulnerability landscape is also increasing. I don’t remember what the final number Steve mentioned in one of the final security now’s of 2018, but it was in the thousands for the CVE index. Trend Micro’s zero day program will continue to be busy as well as other bug bounty programs.

Is there anything else that they missed that yoou noticed? I’m curious on what you think. Thanks for reading!

Comments Off on Trends from 2018, what can we learn?

BEC is back, should we blame the employee?

I recently read this article entitled Don’t Blame Employees who fall for a BEC scam! and it is an article by Trend Micro. They have some great points, one of which is education. How are your average non-technical people to understand what to look for if they don’t know? While common sense is at play, we can’t fault them when they are in a hurry and think that it looks legit. We must train on the signs on what looks real and what looks fake. The fakes always have some sort of mistakes in its message, and it definitely doesn’t have the words of the domain, in the address, or within its URL’s if it does have links to log in somewhere.

Have you had any signs of this before? What did you do?

Comments Off on BEC is back, should we blame the employee?

Think of satellites as big, vulnerable IoT devices, researcher says

When I read the article entitled Think of satellites as big, vulnerable IoT devices, researcher says I really had to sit and think about this a bit. I didn’t even think when I read this article that satelites were even connected to the Internet. It would make sense seeing that we have the international space station, and they can do work on it unmanned. This is something that can definitely be thought about, CyberScoop did a great job on this article.

Comments Off on Think of satellites as big, vulnerable IoT devices, researcher says

Here’s some great news: 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000

Hello everyone,

Its time for some good news. 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000 is the latest in the good news department. I’m very happy to see this, now lets see if the sentence will teach them how to not use services for evail, and thoughts are welcome.

Comments Off on Here’s some great news: 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000

These scammers claim to have videos of your most private moments

I believe I’ve covered this from time to time, but in an article These scammers claim to have videos of your most private moments and I think I’ve covered this in other articles.

The article talks about how they’ll tell you that they have pictures and videos of you doing certain things, and want you to pay up or get exposed. As I’ve stated before, this particular deal has some tell tail signs.

  • Do you have a camera?
  • If you do, at the time of the email, were you doing something with that camera?
  • Do you know if your camera is patched with the most up to date software that you were aware of?
  • Do you know if there is a way for the camera to auto shut off, and do you know if it can be viewed from the outside?

I’d be asking questions, and as I said, the emails I’ve gotten were latenight, when I was in bed. Growl!

Please check the article for ideas on what else you can do. I bet there are some ideas that I haven’t covered.

Comments Off on These scammers claim to have videos of your most private moments

What has been read as of late

Hello all,

Its been a long time since I’ve posted articles, and I really thought it would be good to post on some of what I’ve read that might be of interest to you.

This isn’t an exhaustive list, and of course I’m well behind, so some may be old. For that, I’m truly sorry about that, but I really need to get reading by the looks of it.

There has been lots of talk about the DNS infrustructure in an article entitled A Deep Dive on the Recent Widespread DNS Hijacking Attacks which was penned by Brian Krebs on the 18th of February. This article, while late, is probably still timely to read, because I have a hunch that this will not be going away any time soon. This may be the future of attacks coming soon, after all other methods have been exhausted.

I don’t see a lot of Mac news, but I did see this one from Trend Micro. They have lead the way in making sure people are protected, but I’m honestly not sure about the accessibility of their Mac product. I haven’t used the windows product as of late, but MSE is all the blind are recommended to use. Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability is the article in question. A mac user? Blind or disabled? Tried it? How have you faired with it?

Blind Eagle, a new APT group, poses as Colombia’s Cyber Police to steal business secrets posted on cyberscoop, really did something for me, and I still want to talk about this one on the podcast. What really set this apart for me was the following short paragraph.

The most recent attack outlined in the research occurred on Feb. 14. The phishing email appeared to come from the Colombian National Civil Registry, and
was aimed at the National Institute for the Blind.

Why in the world would anyone want to go after a blindness institution? What did the institute do to the group to cause them to go after them? Blindness related agencies do not have the money to be able to defend from you, because they don’t make a whole lot. No wonder it is called blind eagle. Wow!

Next, the health industry has continued to take a hit with an article I saw and intend to talk about as well. U. of Washington Medicine learned it exposed info on 974k people after a patient found their data on Google was penned on CyberScoop and this can’t be good. Seems like this is an ongoing trend, and now the info is out on a search engine.

In the good news department: Russian hacker accused of creating NeverQuest malware pleads guilty and Third suspect in Methbot, 3ve case to plead not guilty after extradition from Malaysia have been published on Cyberscoop and a step forward. We also have Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison posted to Krebs. Great news and again, a step forward. I love to see such stories.

Finally, we continue to see breaches, and I think if nothing else in the bad news department: Payroll Provider Gives Extortionists a Payday was posted to Krebs. Guess the payroll provider really wants to pay, don’t they?

I don’t want to post every single item, this post could get lengthy, but this is just some what I’ve read as of late. Anything from here catch your eye? Let me know!

Comments Off on What has been read as of late

Whose Line Is It? When Voice Phishing Attacks Get Sneaky

The topic of phishing and more specifically voice phishing is not new, but this is clever. I know I’ve not posted to the blog as of late, and I’m back to change that.

Going through twitter, I found this article, and I think it worth the read. Always something new to learn.

Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.

Source: Whose Line Is It? When Voice Phishing Attacks Get Sneaky

Comments Off on Whose Line Is It? When Voice Phishing Attacks Get Sneaky

February Ouch newsletter

Sans does a newsletter called Ouch. In February’s issue, they touch on Scams, and one of them talked about in this newsletter I’ve seen multiple copies of. They claim that they hacked my computer, turned on my web cam, and they’d send the video unless I didn’t pay. Problem was, I know i have no web camera on this computer, so good luck with a blank video of whatever you’ve got.

OUCH! Newsletter: Personalized Scams

Comments Off on February Ouch newsletter

December Ouch! December 2018 Newsletter

Hi all, I know I’m late with this, and I’ve got some time to look at some email. I recently came across the December 2018 Ouch! newsletter. This newsletter is entitled Yes, You Are a Target. This is very interesting, because it talks about how criminals can get at you even though they don’t want you

A lot of what the article here I’ll be linking to talks about common sense. Antivirus isn’t necessarily ruled out, however, it is not going to protect you from every single thing.

OUCH! Newsletter: Yes, You Are a Target

Comments Off on December Ouch! December 2018 Newsletter

Alert (AA19-024A)

AA19024a is from the USCERT in regards to the DNS system and how it can be hijacked without your knowledge. This starts with creds stealing, and then moves on to takeover of the domain. This should be checked out, and steps should be taken where appropriate.

Comments Off on Alert (AA19-024A)

Here’s a change: change in court decisions

According to a recent article from Krebs on Security, it is looking like courts in different parts will be handing down harsher sentences for people who do denial of service attacks. Could this be a good thing? I really like the end of the article: “If you can’t do the time, than don’t do the crime.” I don’t remember at this moment if that is the exact quote at the end of the article, but it is going to fit.

According to the article, there are a lot of people who do this type of crime, and the consequences are not enough. They think that the crime should be punished harder because of the impact it has on business and the internet as a whole.

I’d invite you to read the article in full. The article is entitled: Courts Hand Down Hard Jail Time for DDoS and it was written on the 14th of January.

Comments Off on Here’s a change: change in court decisions

Recent articles I’ve read, thoughts are welcome

Hello everyone,

Here are some of the items that I’ve read as of late that may be of interest to readers.

Two articles are of interest to me in regards to Germany. Seems as though they have a massive problem keeping data secure on people who are in Government. I’m hoping that this was a one time thing, and they’ve fixed the issues raised.

The other major article that interested me was the Apple Tech Support scam article that Krebs on Security had. written at the beginning of the year. If you’ve found anything of interest from this list, please feel free to let me know in the comments, or by sending me an email.

Comments Off on Recent articles I’ve read, thoughts are welcome

Older Posts »

go to sections menu


navigation menu

go to sections menu