go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu



UK Conviction Arises out of Trend Micro and NCA Partnership

I read this morning an article entitled UK Conviction Arises out of Trend Micro and NCA Partnership and I always love stories like this. It proves that crime does not pay, even if it crosses borders which the Internet does. Krebs also writes articles detailing arrests as well, but I’ll cover that separately after its read. Thanks for checking out the blog, and for participating in the podcast if you chose to download it and write comments.

Comments Off on UK Conviction Arises out of Trend Micro and NCA Partnership

Patch Tuesday is here

Patch Tuesday is here, and so are articles in regards to what is in them. This Trend Micro article entitled January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre tells us about some of the issues and describes the two biggest bugs talked about now. Of course, we can’t forget the Krebs coverage of patch tuesday with his article this month entitled Microsoft’s Jan. 2018 Patch Tuesday Lowdown iws just that, a rundown, including links to other coverage on the blog. On the 3rd of January, our contributer, Shaun Everess, sent me this PC World article entitled Meltdown and Spectre FAQ: How the critical CPU flaws affect PCs and Macs and it does go in to some detail on the latest two major issues. I’m still confused about these two flaws, but it doesn’t appear to just be an Intel issue from what I’m hearing. This article from F-Secure which I read did help some. Some Notes On Meltdown And Spectre is the article from these guys. Trend Micro also has an article entitled When Speculation Is Risky: Understanding Meltdown and Spectre – TrendLabs Security Intelligence Blog and thats the first article I read on this issue. We’ll continue to monitor this one, and any other issues that we have been made aware of.

Comments Off on Patch Tuesday is here

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind was sent to me by my dad. I could see the benefits of this device and have played with the one at my home a little bit. I do have the app on my phone, but I haven’t really played with it. This was an interesting story, hope you all read it.

Comments Off on Why Amazon’s Alexa Is ‘Life Changing’ for the Blind

Swatting, is this a big problem?E

Hi all,

I want to go more in depth with the following, but would like to post this for now. There are two articles through Krebs on Security, and even the news has covered this. First article is Kansas Man Killed In ‘SWATting’ Attack and the second is <a href=”Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes. I’m a little surprised that this type of activity is still going on today, especially with all of what is happening with the big time breaches.

KNX even mentioned this in a news story through a segment during the 1 PM PT hour in a segment called More In Depth. Suspect In Fatal Swatting Hoax Appears In LA Court, Will Not Fight Extradition so this means he’ll go to Kansas to be charged with murder or another crime depending on what they want to do.

Swatting is not normal, and I mixed up my words this evening talking to someone that lives here, and I am not going to mix it up for the article. Here is what Wikipedia says about Swatting. In the KNX report I heard this afternoon during the news segment I told you about above, the gentleman involved had a way to have his number look like he was in the state. Then he called someone and reported the incident. This whole thing started in an online forum, and another gentleman was giving the one who did it the wrong adress. The gentleman who did this feels bad a guy died, and said he’d rather do bomb threats instead of direct swatting.

Krebs on Security did a great job covering this in both stories I’ve linked above.

The KNX segment was also interesting, the news anchor asked what can be done. The guy interviewed did say that this was tricky, because you don’t nbecessarily call 911, they just call the emergency number and use a service to make it look like you’re in the state. Here are my thoughts.

First, get the telephone number of the caller. I’m not sure what number this guy gave, but when getting the number, call the number back if possible. The reason for the number being called back is simple. If someone other than the original caller answers, you know there is nothing up. In a real emergency, you’d be able to hear something going on. With the callback method in a non-emergency situation, you have time to figure out if this is real or fake. Seeing that the caller gave a number in the area, and not his own, you’d either get a disconnected number or you’d get someone else.

If the gentleman called 911 from a state bound number, than you can’t call back, you’d have your tools handy to tell where the call was coming from. You could use that data, and background noise, to determine if something was going on. If there was a hostage situation, you definitely in my opinion not be calm like the reports indicate.

Always make sure that the information you are given is correct. I’m sure emergency services already does this, but it isn’t a bad idea to say so here.

Do you, the reader, have any thoughts on this? Do report your thoughts.

Comments Off on Swatting, is this a big problem?E

With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously –

On December 21, 2017: I read this article entitled: With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously – and it is definitely concerting. I’m wondering if this is going to be part of the bigger picture of predictions of 2018? I’ll write a post, and publish it when its ready. I just don’t think its going to get any better, but only time will tell.

Comments Off on With 1.4 Billion Stolen Log-Ins on the Dark Web, it’s Time to Take Password Management Seriously –

This can’t be good: Equifax or Equiphish?

I just read this article entitled Equifax or Equiphish? and I’m personally not convinced that a freeze is the answer to all of these issues with Equafax and its continuing issues on letting us know about their breach. The more I read about what they’re doing, the more I don’t want any of what they’re offering.

  • Charging consumers to put a freeze on their file because they didn’t update their software
  • Having everyone sign up for credit monitoring which is fine, but then saying you’re not effected
  • When the breach first occurred, telling people to come back at a certain date but the site doesn’t work
  • Having Experian which I understand they control being part of the data breach problem as they had their own issues

When I first got the letter from the OPM breach, and entered my information that I was given, I talked to an agent. The agent was very nice, and explained who they were, as I had no idea. I know that fingerprints are needed as part of getting a job in some cases, but we do not have any idea on who is offering the service for the company. I’m really wondering if we’re losing control of our information. There will be no way for us to have control of it come the next 5 to 10 years.

Have thoughts? Please feel free to sound off in the comments, and let us know how you have credit checked if you apply for a credit card or loan. This can’t be good.

Comments (2)

Social Media Is Bad for Your Soul

I don’t post a lot on social media myself these days, except what I’m publishing on the web in the wake of articles on vocal. I’ve been interested in interesting tech, and this article I’ve found through the new vocal site 01.media was very interesting. I personally shy away from pictures and posting my every whereabout, although I do occasionally do that. I understand the risks, but i also lock down my facebook for personal reasons, but my twitter I leave open. I don’t post much of what I’m doing anymore, I do post my articles, maybe communicate with someone if I find something interesting, but for the most part, I don’t post a whole lot like I used to. Its just changed, the way we do social media. Check this article out.

The Dangers of Living Online

Source: Social Media Is Bad for Your Soul

Comments Off on Social Media Is Bad for Your Soul

Patch Tuesday for September

Patch Tuesday is here folks, and that means another round of updates and security Fixes. Krebs on Security has an article entitled: Adobe, Microsoft Plug Critical Security Holes which was written on September 13, 2017. Trend Micro has an article entitled: Microsoft Office Zero-Day Vulnerability Addressed in September Patch Tuesday also posted the same day. I am looking to try and get back to blogging some over here, and finally releasing podcast 264 which has been sitting around for awhile. Please be safe.

Comments Off on Patch Tuesday for September

The article on Vocal: my thoughts on the Equafax breach

Hi all,

I posted the article and the sub title reads: Why You Should Be Worried After the Latest Breach. It posts all of the articles and my thoughts from the last few days, as well as some updates from two new articles, one of which I have posted. The site that it is on is called 01.media. That is where their technology articles are going, although some of my other work was moved to futurism, which was rebranded from omni.media’s branch. The article was updated before publication with two new articles in the same fassion I wrote it in. I’d like to thank my editor at vocal.media for her work with this article, and for getting it out quickly. I have others in the works, one will now be worked on, and so I’m happy for that. Thanks for your continued support of my work.

Comments Off on The article on Vocal: my thoughts on the Equafax breach

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

Just read this article today entitled: Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop and I just have a funny feeling that this is going to be much bigger than we think. Vocal is going to put the article out I submitted and I also sent them the article I’m linking here to include within my piece. Once published, I’ll continue to update with new info here, or talk about the specific things in future articles. This can’t go well, and when I went to the web site linked, it said I wasn’t impacted, however, something tells me that this is not necessarily the case. I’ll watch for official word in the mail.

Comments Off on Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

The Equafax breach

Folks,

I’ve been very busy, and I’ve not even had time for podcasts. Last Friday, I was tipped off in regards to the biggest breach we’ve had in history. Here are some of the articles I’ve spotted, I’m sure one of them I’ve not read as of yet. Sadly, this was not a password breach, but something completely different. The number is staggering at 143 million plus. Information is still coming through in regards to this developing story. I’m publishing a longer piece for Vocal’s futurism.media site which was formerly omni.media. In the meantime, I’m going to leave you with some articles for you to read from Krebs on Security and Trend Micro, and Last Pass.

Breach at Equifax May Impact 143M Americans September 7, 2017

Equifax Breach Response Turns Dumpster Fire Sep 8, 2017

What the Equifax Breach Means for You

The Equifax Breach: What You Should Know September 11, 2017

Ayuda! (Help!) Equifax Has My Data! September 12, 2017

http://blog.trendmicro.com/equifax-breach-example-good-communications/
Equifax Breach – an Example of Good Communications

Comments Off on The Equafax breach

Anthem reports 18,500 members involved in new data breach

Continue: ‘Anthem reports 18,500 members involved in new data breach’

Comments Off on Anthem reports 18,500 members involved in new data breach

Screen reader usage, part 4 is now up

After a long break due to me changing editors, I’m now presenting part 4 of my screen reader usage series. Go get the article by going to this link. Instead of trying to gague keystrokes that I honestly don’t remember, I took a different approach to this article. I talked about how the keystrokes are completely different, and how, when using multiple technologies such as Windows, IOS, Mac, and the various readers, how keeping all of this remembered is the key. I didn’t do any keystroke posting here, as I don’t use the mac on a regular basis. I’m hopeful that people will be finding this article of interest. Thanks for reading, and I’m sure I’ll have more soon.

Comments Off on Screen reader usage, part 4 is now up

This month’s patch Tuesday

This month’s windows updates

Hello all, this month has seen quite a number of fixes, and if you’ve not been around, this is definitely something to read. Trend Micro of course has a great roundup entitled July Patch Tuesday Addresses Critical Vulnerability in Microsoft HoloLens which was an interesting read. I did not know much about this product, but there is other stuff besides that one. Of course, we can’t forget about Kreb’s coverage with Adobe, Microsoft Push Critical Security Fixes which is a good read as well. Lets stay as safe as possible.

Comments Off on This month’s patch Tuesday

Microsoft’s New iPhone App Helps Blind People ‘See’ | Time.com

Continue: ‘Microsoft’s New iPhone App Helps Blind People ‘See’ | Time.com’

Comments Off on Microsoft’s New iPhone App Helps Blind People ‘See’ | Time.com

Screen reader series

Hello folks,

Its been quite a busy time of me writing lately. It didn’t help that the person that helps me was away, but things are back on track. I’m curious on your thoughts on my screen reader series. I’ve had the first two published on omni. Part 1 was published on the 8th of June, and part 2 was published on the 9th. I hope you all enjoy the articles.

Comments Off on Screen reader series

Android Overlay and Accessibility Features Leave Millions at Risk

OK, this is as bad as it gets for Android, right? While reading the sans newsletter I talked about in my first article for today, I came across this. Sent this to Security Now, and someone else who uses Android that i know. All I can say is that I hope that nobody who is disabled who relies on the disability features like talkback’s screen reader, or any magnification program that might be available got hit with this. This sounds bad. Really bad if someone who is disabled got hit with this.

Researchers warn two features, not flaws, in Android can be used together to open devices up to attack.

Source: Android Overlay and Accessibility Features Leave Millions at Risk

Comments Off on Android Overlay and Accessibility Features Leave Millions at Risk

WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows

Hi folks,

This is quite interesting. I’ve published several longer posts on ransomware through my Vocal posts on this blog, and while I’d love to write about this one, it is definitely something that can speak for itself. We’ve definitely learned quite a lot since last week’s publishing of my longer piece on Vocal. Like I’ve said before, we’ve got to use our heads, as this has to start somewhere, probably with a phish. I don’t believe this was started by someone using Shodan from that location, and spewing the net with port 445 scans and infecting all of that. Luckily, very little was spent on notes although $110,000 is nothing to sneeze at. The article also continues to say that only 250,000 machines and 150 countries. This thing could’ve been worse.

Before I give you the article, Security Now reported that someone was looking to take the domain offline, unleashing this thing to cause more havoc. Not sure if it was successful, but something to keep in mind.

Now, to the article and its link.

But a Chinese-language link doesn’t shoot down theories of the North Korean Lazarus Group’s involvement in the ransomware worm attacks, say language experts at Flashpoint.

Source: WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows

Comments Off on WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows

Target Reaches Breach Settlement: $18.5 Million Fine, Security Controls

Continue: ‘Target Reaches Breach Settlement: $18.5 Million Fine, Security Controls’

Comments Off on Target Reaches Breach Settlement: $18.5 Million Fine, Security Controls

Hard to swallow: 17m user details stolen in Zomato security breach

Oh boy. I just tweeted this for several users, and if this is true, we are definitely lucky in one aspect, but not in the other.

This is 17 million more people who have been breached. The good news is that they used what security experts call salt to add to the hash which from what I understand makes it more difficult to crack the password.

The company is also lucky in that they got the hacker to not sell it, and that they will create a program to better fix the issues that may have been found. Check this article out.

Zomato has become the latest victim of a massive cyberattack, as the details of 17m users are stolen, including email addresses.

Source: Hard to swallow: 17m user details stolen in Zomato security breach

Comments (1)

« Newer PostsOlder Posts »

go to sections menu


navigation menu

go to sections menu