go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: security news and commentary

Go to Homepage [0], contents or to navigation menu



EMPLOYMENT SCAM TARGETING COLLEGE STUDENTS REMAINS PREVALENT

Hello fellow passengers. Welcome to college accademics, and today, you need to at least read this PSA entitled E MPLOYMENT SCAM TARGETING COLLEGE STUDENTS REMAINS PREVALENT IC3 January 18, 2017

because while it was covered in 2014, I feel that as the new year turns and tracks along, this will be more prevelant as you are traversing the job market. I am, but yet I don’t use my college account as I did take a class. I’m suspicious of quite a bit of things, and I know that a job is not to ask for money from you. They don’t provide money to you to supply yourself equipment, they supply you with the equipment. Please take this read while you’re traversing this flight today, and do stay safe.

Sincerely,
Your captain

Comments Off on EMPLOYMENT SCAM TARGETING COLLEGE STUDENTS REMAINS PREVALENT

Are schools next in the cyber race?

Hi folks,

Happy new year, and thanks for checking out the blog. My goal during Christmas break was to release a podcast, but I’ve been ill. Hopefully, the podcasts will return soon.

The reason why I’m writing today, is to talk about something I’ve thought about for awhile, but sadly, the 4th day of January, we’re already seeing.

I’m going to be careful, and indicate that I got an E-mail from a school I’ve attended talking about how they are investigating reports of a possible attack.

According to the E-mail, it looks like one campus of the network of various schools around the LosAngeles county was targeted.

Computers and voice mail systems, according to the E-mail and attached PDF, are effected, and no voice mail can be left at the school at this time.

School is going on as normal, and recently started its winter session which started on January 3rd.

As a precaution, the E-mail notifies us that computer experts have gotten involved and will be checking out the entire network to determine what is happening.

They are advising that many computers are possibly infected with ransomware. If you are not aware and you’re coming to the blog for the first time, ransomware is a big time problem, and it locks up your files until you pay money.

Many experts are telling people not to pay unless you have no other choice. I agree with the assessments, I know i wouldn’t pay money to someone who may or may not give me my files back.

According to the attached PDF linked, this detection and investigation started on the 31st of December, and only time will tell on what exactly happened.

I had thought about this as part of my predictions for 2017, which I never wrote because I’ve been sick. It saddens me that we’re starting out the new year on such a note like this. It does not surprise me anymore in regards to things like this.

Do I think other schools are going to be impacted? As large of a network as the school has that I got notified from, it would be possible for other large networks to be impacted at some point.

Hospitals, and other businesses have already felt the brunt of ransomware. Trend Micro has already predicted that ransomware will be a bigger threat as it becomes more prevelant as a weapon for people to be making money.

Do you think your school, or a school you’ve attended will be a target? Why or why not? Please sound off in the comments, and lets discuss this big threat of ransomware.

Hope to have a podcast real soon, thanks for reading!

Comments Off on Are schools next in the cyber race?

The Yahoo Breach, am I effected?

I was so doing my best and not talking the Yahoo! breach that recently made news in december 2016 and this evening, I get an E-mail which is looking very legitament and comes from a yahoo address for communications. While I’m not going to share the E-mail in detail, this is definitely time that we say goodbye to Yahoo! mail. Once I get stuff transfered over to jaredrimer.net that I want, I’ll be removing the account from my PC. I never put it on my phone, and now, I will personally not use the account after I verify that I have everything transfered over that I want.

I had a hunch when I was made aware of another potential breach through my network, and I have some suspicions. The person indicated they did not get an E-mail, but someone else I know did. If I got one, I’m sure they will if their account was a potential target.

This is not the first time I’ve been targeted in one way or another. Remember this article I posted when I was dealing with some serious issues along the network? While indirectly effecting me, it does effect the provider which is me, and the provider I pay which is Ultrahost.

I believe Ultrahost is doing much better in detecting and eraticating issues much quicker than before, and for that I’m happy to see. Sadly, not all providers are aware of the dangers, and as the E-mail sent, more people are being notified. Yahoo has to notify at least a billion users. Thats a lot of users, and its going to take time. Here’s what I wrote about Yahoo! when i saw the news the first time. I didn’t think it was the end. To top it all off, this story delbt with the blind in general as we learned about a hotel chain which blind individuals had visited for the convention. I’m sure if you search hacked or breach on this blog, you’ll find a lot more out there, and we should be aware of whats out there.

If you are unaware of the use of Yahoo! which providers like .co.nz, ATT’s SBC Yahoo! and others, you may want to consider if it is practical ditching the account and service altogether. I’ll be happy to help where I can, please reach out.

Have you been effected? Please sound off in the comments. The boards await you.

Here’s one from the past that may recellect your memory. Have fun digesting this.

Comments (2)

Yahoo and their big breach

Hi folks,

I want to give my thoughts in regards to Yahoo and their biggest breach of many millions of Yahoo accounts. While I’ve read the blogs from my RSS feeds talking about it, and also heard Steve Gibson on a recent Security Now, I left Yahoo a long time ago. While SBC let me link to my Yahoo account years ago, the things on my SBC Yahoo account are staying, but I haven’t really used that address for communication purposes in years.

Ever since I got jaredrimer.net, I slowly got things away from SBC. There are a few lists I’m on with Yahoo and SBC, one is an oldies list I look at occasionally, NBP’s E-mail list, the Clippers E-mail list, and the Los Angeles Kings E-mail list. I’ve moved everyone else over to my domain for contact.

This was done because I’m not at home checking E-mail, and SBC was not one of the addresses by choice I did not put on my phone. There are several addresses I have not put on my phone, but the important ones I have.

This was a decision i had made long before news of the Yahoo breach ever came to lite. Its recommended to abandon the account, and for the most part, I have, except for these E-mail lists which people can have.

What will the Yahoo breach do to people? Yahoo hasn’t been doing much as far as I’m aware for years. Yahoo news is still around, but even KNX has changed the way their site runs with a blog format and other video and app options through CBS.

What is really sad about this breach is that it is a two year old breach now coming to lite. If I can, I’m going to try and get these newsletters on my lists account over on jaredrimer.net and forget SBC Yahoo altogether. Next time newsletters come around, I’m going to start changing things around here.

I know that Yahoo doesn’t just power SBC global, what are other providers doing that can link their addresses to Yahoo? What are you doing with your yahoo account now?

Please sound off in the comments. The boards await you.

Comments Off on Yahoo and their big breach

IOS 9.3.5

Apple Vis posted news about IOS 9.3.5 being released today. It has security fixes for three zero-day vulnerabilities. Steve Gibson also posted a tweet.

Here are two tweets.


Steve Gibson: Apple recently pushed an “emergency” update for all iOS devices. It has been used against “targeted victims”, but could see wider use now. 3 hours ago from TweetDeck
Steve Gibson: Anyone seeking background info about the Apple 0-day patches before next week’s Security Now! podcast, please see: http://bit.ly/2bsgUTC 2 hours ago from TweetDeck


Stay safe.

Comments Off on IOS 9.3.5

Patch Tuesday

Shaun did a good job on posting about Patch Tuesday, but there are two articles that I saw in regards to the subject. Got Microsoft? Time to Patch Your Windows is the first, and Brian gives some basics. The second, August Patch Tuesday: Nine Bulletins, Five Rated Critical from Trend Micro. Both bhave good points, and both should be read. Your thoughts are welcome.

Comments Off on Patch Tuesday

Targeted, now what?

Hello folks,

Disclaimer: I thought I’d take this opportunity to talk about something that happened, but yet, users have seen this type of thing before. If this doesn’t interest you, you may skip it. It

may be technical, but yet, people might be interested in this.

You’ve probably gotten warnings from your browser that the site you’re trying to visit may not be safe. This is a true story, and one that happens all the time. Do you really know what the behind

the scenes things go on so if it is something not supposed to be there, you can meraculously come back to the site after some time?

My provider E-mailed with some information that needed immediate attention across the network. I usually make sure the accounts have good passwords that match the password generator scale and I

always try to advise that the passwords on the accounts at the meter’s score of 100. I forwarded the report to someone who can handle what it had to say, because I personally did not maintain

this domain.

At the same time, a company entitled phishlabs contacted the individual with simular reports, and the person had no idea what was happening.

Without going into detail on the report, the average user needs to know that web browsers today, especially chrome and firefox, have mechanisms in place to let the user know if a website is

phished, hacked, or taken over.

>What is Phishing? Webopedia Definition (Accessed August 4, 2016) The page describes the act of sending an E-mail falsly claiming to be

an established entity who’s soul purpose is to scam the user. The user would be directed to a site, usually by E-mail, to get information to be used in identity theft, or other type of criminal

activity the scammer wishes to use it for. For more information, please click through for the full definition word for word.

The Jared Rimer network can’t confirm if any type of E-mail was ever sent to the potential page or pages that the report found, and it was interesting what the report had to say. Both Firefox and

Chrome reported mid week of the particular week in question the site being a problem, even after the webmaster cleaned the server of the offending information.

Look at this as cleaning your computer of unwanted programs or data you no longer need. Webmasters need to follow these reports if gotten, to make sure their site is clean for visitors like you

who come to it to get information, purchase things, or seek information that you may want that the site offers.

What was interesting about this whole thing, the control panel was also flagged, and to this day, I am baffled why a control panel, which a website operator has access to, would be flagged. The

control panel is similar to the Windows control panel where you have various options to set up various items such as accessibility controls, displays, and other aspects of the operating system.

The web site panel has options to set up and maintain various aspects of the site such as blogs, E-mail, and maybe a shopping cart platform. Each site is going to be set up differently, and that

makes it unique.

From what I am able to understand, the control panel was flagged based on the IP address, but once things got cleaned, that warning was removed.

According to the ticket created with us: along with giving us effected URL’s, talked about safe browsing. The safe browsing

initiative is Google’s project and I think it is a good one today. The URL talks more about the project and how things have grown. I do like the idea of what they are doing, even if it is

intrusive, it is helpful in the end.

That portion of the E-mail as part of the ticket says: “Safe Browsing is a service provided by Google that enables applications to check URLs against Google’s constantly updated lists of suspected

phishing and malware pages.

Google uses automatic algorithms and user feedback to compile lists of sites that may be dangerous. The two major types of dangerous pages on their lists are phishing pages and malware pages.

You are required to respond to this ticket, however your great source of assistance at this point would be Google themselves. We encourage you to obtain a Google Webmaster Tools so you can manage

your sites there. You may obtain this account at the following URL by clicking the red “SIGN UP”
link at the top right. ”

The account holder in question saw the same thing, but how did they get there? The site in question did not have any type of PHP file, and so, just like cleaning your computer by removing files,

we removed the offending files.

Sometimes, at least in the old days, files would not be deleted unless the machine was rebooted. Viruses were left in memory on the PC, so cleaning them with antivirus needed a reboot. Just like

the home computer, a web server has for its user, an antivirus program. I am personally not familiar with the web server version, but it was not giving us much help in identifying any issue,

although I bet if we ran it, it may have.

There have been dodgy hosts who would leave sites up, even after getting complaints of such content on them. Several recent aarticles I’ve read indicate that Phishing is on the rise, and it does

not matter if you’re large or small. One such article is entitled: The Reincarnation of a Bulletproof Hoster

(aug 3, 2016) which talks about how a hosting provider practically did nothing about any reports it got and their eventual shut down. The provider in question than changed names, and even they

went so far as to have different names under their identity, thinking they couldn’t be tracked.

One of the things I usually do is to ask my users what they’re going to have on their sites before I sign them up and give them an account. Its always a good idea to clean your computer once in

awhile, and for us webmasters, a good idea to check on sites and make sure they’re behaving themselves.

One thing we did on the effected account was to change the password on it. My question would be, how did the files come back online if the password was changed? Could they have gotten in another

way? I don’t think we’ll know, although someone is still looking for things that are well long gone.

The reason why I had asked was because after we changed the password, I was alerted to the files being back on our server. A virus could do the same thing, put things back for it to run after it

was cleaned. It does this by knowing what was deleted and it went to get what was missing again. After some further discussion, we think we were doing it the wrong way. There should be a

specific way to do this type of clean up.

This is what I sent my client. I removed the site name as it doesn’t matter. “We have a security alert in regards to (site removed) that needs immediate attention.  The 4th through 6th links in

the report, followed by the 9th through 12th.  You may need google webmaster tools to help you.  Please let me know when this is resolved. ”

I took the time to be specific on what URL’s where the issue was. They were strange files, not ones that I’ve ever seen on any site, and on top of it, the report came in that a brand new site

along the network was also targeted with the same material. I’m quite confused.

What should we do?

First, as an internet user, be careful when you see these warnings. You definitely don’t want to get infected with whatever the browser may be telling you. If you know the person who runs the

site, I would contact them by phone if possible to let them know of the issue. There may be an address they can give you to send an E-mnail of the page in question you’re seeing. If you proceed

with caution, look for things that are familiar such as a contact form to send an E-mail. Chances are, the provider has contacted them and they may have delbt with it, and if so, they’ll tell you

to tell the browser its safe. That sends a report off to Google or Mozilla who will reinvestigate the page and make the correction accordingly.

If you’re visiting the site for the first time, and you see it, there are a couple of things. First, you could have mistyped the URL, doublecheck that and try again. If you still see the message,

you can proceed with causion, or you may chose to leave it alone and possibly come back later. The who is directory can have information on who to contact if the registrant allows that to be

public.

Webmasters, I would take these reports seriously. According to the initiative’s page, Google will mark pages in search results that it is not safe, which could hurt you. Be vigilant in your site

by making sure you go up to the computer hosting it and looking from time to time to see if something doesn’t belong. That is usually your first clue. I would also get a Google Webmaster tools account and put all the sites you run on it. Then, if you are attacked, they’ll be E-mailing you and you’ll know whats up.

The Google Webmaster tools will have you put up a file which is pretty much harmless, but they need it for verification only. You upload this file to the root of your directory and forget about

it.

The various tabs of the google webmasters panel will show you errors, security alerts, and other things that might be of interest to fix.

Questions? Please feel free to reach out via E-mail or comment. I hope that this has been of use to you, and maybe you’ll find it of interest.

Comments (2)

Pokemon Go

Hello folks,
Apple Vis has an app directory entry for Pokemon Go which they put as inaccessible. I totally get the reason for putting apps on their site that isn’t accessible so that the community who searches or finds it is aware of the fact the app will not work for those of us who are high partials, or rely on voiceover as a whole. I like the fact they are doing this work. In the comments, they mention that they have contactd the developers to include us as disabled people within their app, and I like this idea as well. Don’t get me wrong, the fact that this work to include us is great. The thing that bothers me about this game is the real world issues that the sighted community have had.

According to what I have heard on Security Now, although I have not heard the whole episode, Pokemon Go had some permission issues which got corrected. If that isn’t bad enough, Pokemon Go, Real World Risks of Apps (Trend Micro) (July 11, 2016) and I wanna be the very best, that no one ever was, (Los Angeles Metro’s the Source) (July 12, 2016) which raises some concerns. If this is true, and people can be around people’s protperty, and they see one of these things as they’re walking around, they go in to someone’s yard, or other parts of the property they aren’t supposed to be, this can be a big problem. While us disabled people wouldn’t necessarily be doing that, the fact we use devices to help us walk, and detect things, as well as other odds and ends, pose a bigger problem. Using a cane, and a phone, the way I understand it needing to be, may pose other issues for the disabled population.

I do not know if it is a good idea for this particular game to be accessible. To be fair, I do think if possible, all games should be accessible and those who want to play it will. I have not really gotten in to pokemon, but I am understanding the work that people should do if they would like to play it, and I’m sure some disabled people including some blind people would love to play this game. I’m curious on what others may think about this topic. The blogs are open. Thanks for reading!

Comments Off on Pokemon Go

Rosen Credit Card Breach May Affect Attendees of Recent NFB Conventions

Hi folks,
Here we go in the breach department, this one courtesy of Blind Bargains. They are reporting a chain of hotels which have been hosting the NFB convention reported a breach. Rosen Credit Card Breach May Affect Attendees of Recent NFB Conventions (Blind Bargains March 15, 2016) is the item you need to read. There is a link to a statement from the company in this article. Since this effects quite a lot of blind people, I think this will be posted to multiple categories within this blog. Please take this seriously, even though you may not have been effected.

Comments Off on Rosen Credit Card Breach May Affect Attendees of Recent NFB Conventions

Philmore is at it, again

Well, it seems as though Philmore Productions, the makers of Philmore Voice mail, and the depleted Net by phone are at it again.  Apparently, on December 29, 2015: the company apparently put out personal information about a customer which included how many messages in one box, billing dates, when they paid, and who knows what else.  While billing dates and messages in ones box may not be considered personal information, add it all up, and you have something you can use to harm someone by reminding them they don't do this timely, or that timely, and make them miserable.  We've talked about this often on our blog and podcast on keeping information private.  

We already know that Philmore  productions can't seem to  keep their database in control of their network.  Now, the revelation of the company now giving out information about things most companies wouldn't talk about is coming to light.  You think by now that Philmore Productions would not want to be part of the problem, and the JRN was looking to get a box to put our podcast up specifically, but now, we won't be doing any such thing.  

Whatever happened to the customers Philmore was going to get after he saw that mytelespace was offline?  Did they not go over there? Why? Because mytelespace administration does not divulge anyone's personal information.  One admin may do a show and do what he wants on his show, but he does not give out personal information on his show since taking this role.  This is the last straw, and people should wonder what other info this company may put out about people.  

You'll ask "I didn't hear anything, so why should i care?"  You have a great question.  You should care because the info may be yours, because he holds on to info long after you have left as a customer.  Philmore Productions does not recycle data like most companies do when customers leave.  When I signed up for a box some years ago, he still had my credit card info, and i haden't been there for years.  Now, it'll be some more years before i ever decide to go back. 

A user did confirm to the network that this took place and it was a couple of Philmore Productions customers.  We are not going to divulge who, but it is now confirmed as of the late evening of the 31st.  The Jared Rimer network is saddened by this and was hooping for a turnaround.  Philmore has a lot to say for themselves, and we are not picking sides.  This is not right, and needs to change immediately.  What other security issues are there we don't know about?   What should we expect out of this small company in the accompanying year?  I expect users are going to get breached big time this year over there, and the company will have to pay.  They will pay big time this next year.  

Do you have any thoughts?  Feel free to comment here.  

Comments Off on Philmore is at it, again

2015 Year in Review

Hi folks,
As 2016 has gotten started, I read before the new year an article entitled year in review and it is quite interesting. I am wondering what you think will be the big issues of 2016. Here is mine in no particular order.

  • We will see more targeted breaches where people will have to do something to have something done. E-mail will be sent, and phishers may just send them to their own bank page to enter the info with the web site of the bank compromised. The bank doesn’t know this, and everyone who uses the web may be compromised. It’ll start slow, but I think phishers know they can probably pull this off.
  • We’ll see lots more spam than we ever have before. We’ll get so much spam with stuff we didn’t ask for, even trying to get ourselves removed from said lists will be a bigger problem. These spam messages may ask for info to get us removed more than an E-mail address.
  • As blog posts across the blog have said, I think we will be hit with more apps we can’t trust. I don’t download every app I see, and if I don’t go looking for it, I definitely don’t download it. You just don’t know what you’re going to get.
  • SMS is going to pick up. Recently, got a message through e-mail to SMS saying something about money to paypal or other bank, and it was laced with HTML code to make it look like it would be displayed in a browser. I didnt respond, but we’ll be inidated with those and claiming to click on links which could infect our phones.
  • I continue to watch the breach aspect, and small businesses will be targeted this year as indicated by other predictions. We will be asked for more personal info to do basic tasks in the coming years, and people will hand it over.

Maybe my predictions are way out there, but I’m basing it off of what I read, and my thoughts. Maybe the major breaches will be all, and nothing else, but I will put it out there so people can comment on them and let me know their thoughts. Please use the comment system if you can, so we can have a dialogue. You can also E-mail me, and who knows, we may talk about your comments on the podcast. Thoughts?

Comments Off on 2015 Year in Review

Hospitals and security

On December 10, 2015 or there abouts, I read and sent around two articles about the health care industry and their security. Lets just say it isn’t the best. Part 1 and Part 2 can be found by clicking on the links. Long of the short of it, we are not terrible, but we’re 5th but yet we have a lot of issues with data getting out. If I understood both articles right, 5th in the breach category above retail, education, and other categories means something is done right, but everyone can improve. Check out these articles. We’re going to be live taping on Sunday for a podcast talking about this. Leave your thoughts in the comments, and if they’re good, we’ll use them in the podcast.

Comments Off on Hospitals and security

We’re sorry: we’ve been breached, here’s credit monitoring

Hi folks,
I don’t know about you, but I’m sick and tired of these breaches. I don’t think they prove anything. According to Krebs on security a source I look at to keep up with the breach notifications, we’re pretty much seeing a story of one breach a week. I don’t know about you guys, but I think its time to take a stand. Today, I just got a letter from Washington saying that I am one of I don’t know how many people who are potentially breached as part of the Office of Personel Management. On top of that, I remembered where I was signed up before with the last breach, and somehow, the parent company was breached by purchasing a third party contractor or something, from what I remembder. I wonder what, if anything, normal citizens can do to tell these agencies, how important, safeguarding our personal information is.

When I had my customer list through my PC only, I stored it on a database only I had access to. Now, that has shifted to freshbooks who is behind a username and password, and I trust because I’ve not heard of a single incident of identity issues, although, every issue I’ve encountered has been resolved. None of it was a loss of customer data, and none of the people who pay me through the platform, have notified me that they have done anything wrong.

Credit freezes are difficult when you are not making much money. Each credit bureau charges $10 to freeze and unfreeze your credit. This means you’re paying $30 per freeze and $30 per unfreeze. These charges can be difficult and I don’t think it will stop thieves from taking the stuff to begin with. According to Brian, this can prevent new credit lines, bank accounts, and other things that could harm your credit, and in that case, I support it. However, is that the only solution? I believe companies should be held accountable on protecting our most sensitive information such as SSN’s, drivers liscence, and other information that could harm us. Our name and E-mail address may be important, however, its only the beginning. If an agency has to store other info such as SSN, drivers license, and other identifiable info, my honest opinion, don’t store it online. Store it offline, and back it up somewhere such as a trusted service that will keep it safe.

I know if I had to keep my customer database safe, Sendspace may be a good option, because even if you had the free version, the files are not linked unless you publically link to them, and no public directory can be made unless you do it via folder. The route of your account is secured, and even an outsider can’t access that without logging in to the account. If you didn’t want to use that, you could use something like Carbonite which does charge a lot, but you can back up everything. There are other services I’m sure, that could keep your stuff safe.

I don’t expect everything to be 100 percent secure, but I do think personal info that could get you in to trouble should not be easily changed, and if it does need to be changed, phone is the only way, with multi-factor authentication such as SSN, and a security code only used to talk to a representative. I’m only contemplating right now, maybe other people have information that could be of use.

I honestly don’t know what major companies could do, since we are moving toward an online world, but daily or weekly breaches won’t get us anywhere.

If you have any thoughts, E-mail me, or comment through the blog. We’ll be talking about this on podcast 230. Thanks for reading!

Comments Off on We’re sorry: we’ve been breached, here’s credit monitoring

Philmore Productions, whats happening?

Hi folks,
Now its time to reveal what is going on in the Philmore Productions world. In podcast 211, now on the audio RSS, you will learn how a small business such as Philmore can get away with not backing up their database of customer billing information. It turns out, a customer was on the line with me discussing other projects, when the call came in. Not surprising, Philmore Productions thinks it is OK to call a customer at any time of the day or night. The fact that his database was not backed up in months really complicates things in light of recent breaches in the public news such as Target, Michaels, and others. Its not all bad news, because on this podcast, we talk about the good things of this company as well.

I don’t like talking about bad things about a company, but security is one of the topics of this podcast. Philmore Productions should be ashamed of their actions, and hopefully can learn before it is too late. Is it too late? Only time will tell.

Just like the Blue Cross Breach, which impacts more than Philmore ever will get, Philmore will quickly have to learn what is exceptable in the business world in protecting personal information such as credit card number, address, etc. in his database. The JRN and said customer who reported the issue to the JRN, don’t know what type of information is within the database. Philmore was well aware of the target breach, per our last podcast with them. I’m sure that people will be interested in the said podcast, and of course, since we don’t know what happened, we hope the company will let his customers know the truth before it is too late. Were you effected by the issues at Philmore Productions between the 9th of April and today? The JRN would like to hear from you. Send us an E-mail by finding out our E-mail address on the blog and contacting us that way. We hope that this can be a lesson well learned.

Comments (2)

ai squared statement on security

Hi folks,
As some of you know, GW Micro apparently got hacked. This happened after they joined with AI Squared. We see stories in the news about breeches all the time, but this is an apparent breech against an assistive technology company. AOI Squared is asking for your help, and they released this statement today. If you know anything, please contact them.


Ai Squared customers, assistive technology users, and fellow members of the blind and visually impaired community,

Normally, you hear me talking about the products that Ai Squared produces. Today, I come to you with a completely different message. As you may be aware, in the early morning hours of Friday, January 16th, Ai Squared was the victim of a cyber-attack.

First, we want to be clear about exactly what happened and what data has been exposed.

A user was able to crack an internal password and used that password to gain access to systems in our Indiana office. Through this crack the user was able to upload a modified version of the GW Toolkit used in Window-Eyes App Central. This version of GW Toolkit broadcast some unfortunate messages mainly to users who were automatically updating their Window-Eyes apps. Once we discovered what was happening, we immediately shut down external updates to apps and replaced the hacked version with a fix. Approximate exposure time was four hours and we think the number of users exposed to the messages was minimal.

Unfortunately, the hacker then exploited another password hack that gave them access to one of our databases. The database in question held only partial transaction records for online purchases of Window-Eyes and related products. Since we do not store complete credit card information anywhere in our systems, we are confident that there has been no breach of financial data. In addition we are monitoring our systems for unauthorized use of any previously issued serial number information.

To reiterate, the hacker gained access to the GW Toolkit and a database containing a list of online purchases. We have no evidence that they gained access to financial/credit card data nor did they access our complete customer database.

Here are the steps we’ve taken in the last few days:

We have contacted all the users who have been affected by the intrusion to alert them as to what happened. While we don’t believe they will be adversely affected, it’s our responsibility to let them know what occurred.
We have changed all passwords that have access to any and all of our internal data. We continue to conduct audits to look for other potential security holes.
We have disabled any updates to App Central until further notice.
We have reported this data breach to the appropriate authorities. Rest assured that they are taking this very seriously and have launched an investigation.

On a personal note: As we are all aware, the blind community faces enough challenges to access and employment. These attacks have added to that barrier by disrupting our business and the productivity of individuals affected. We believe that the perpetrator of these attacks is, in fact, a member of our own blind and low vision user community. We call on our community to help bring them to justice. Should you have any information, please email us at tips@aisquared.com before another company in the assistive technology industry is affected. Let’s work together to stop this type of criminal misbehavior in our own community and continue building strong connections among assistive technology users.

Thank you,

Jeremy Curry

Director of Product Management

Ai Squared

Comments Off on ai squared statement on security

More security News and updates for you

Hi folks, in the “no shock” department, I just caught up with Dairy Queen Confirms Breach at 395 Stores which is quite a lock in the amount of information that someone can take from you. One I haven’t read yet, Malware Based Credit Card Breach at Kmart may be the same type of thing seeing that we are still seeing these and will continue to see things like this until the industry changes. In a way, I wish there was something we can do to help ourselves from these types of attacks. Check out these articles and do the best you can.

Comments Off on More security News and updates for you

Security Now for this week

I’ve really neglected the blog, but I want to come in and let you know that podcast 463 of Security Now is a Q and A as well as news and commentary. Leo is out again this week, only 5 questions this week, but lots of news and discussion. We hope you enjoy the show.

Comments Off on Security Now for this week

Security Now podcast 462 is now available

Hi folks,
Security Now is now available. On this podcast, they talk about different things dealing with storage solutions. Click on this link to download it thanks to sendspace. They talk about news as well. One of the things was something Bryan Krebs posted entitled Microsoft Kills Security Emails, Blames Canada and they cover this. Leo is not there, but one of their people do the podcast. Feel free to check this podcast out. Its an hour and 42 minutes in length.

Comments Off on Security Now podcast 462 is now available

Security now podcast 461 is a question and answer and news cast

This link will let you download 461 of Security Now. On it, they cover the news, and they also cover some questions and answers. The program will last you two hours long. We hope you enjoy the podcast.

Comments Off on Security now podcast 461 is a question and answer and news cast

Adobe, Microsoft Push Critical Security Fixes

Adobe, Microsoft Push Critical Security Fixes is the latest in the security patching posts from Brian. Haven’t done one of these in awhile, been neglecting the blog. You should read this one.

Comments Off on Adobe, Microsoft Push Critical Security Fixes

Older Posts »

go to sections menu


navigation menu

go to sections menu