go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

sections menu

fine menu sezioni pagina

A Task force out there to help try to curve Ransomware

Hello folks,

I read this article that came out on Krebs on Security that talks about a task force and an 81 page report that hopes to have some idea on how to curve the ransomware problem we’ve faced in quite large numbers.

The linked article links to a Wall Street Journal report that the Department of Justice also formed their own task force to try and curve this problem. Also, according to the article, the DOJ calls for strategies that target the entire criminal ecosystem. We need to send a message to say what the Shadow has said in every program. That is: “Crime does not pay.” I like that saying and I hope that this pays off.

According to Emsisoft, a security company, almost 2400 U.S. based governments, healthcare and schools were targeted in 2020 alone.That’s a lot! We’ve covered a lot of school coverage as of late, and I think I might have said something about this when I found out that a college I had attended for free classes was effected by Ransomware.

Find something in the article you want to bring up? Task Force Seeks to Disrupt Ransomware Payments is the article, and do give it a look!

Comments (0)

Post-Mortem report: 986themix.com had an unexpected outage

At roughly 6 PM US Pacific Time, the Jared Rimer Network was called in regards to a web site outage from the person who runs and pays for hosting for 986themix.com. Below, we’ll detail what we found, the steps to resolve the problem, and information on how to contact the network for further questions.

What happened?

We aren’t completely sure what happened. We were getting download requests to the main site and the files were strangely named. The JRN doesn’t understand how this could be the case when the site was visited several days prior by the network in curiosity of something else they saw.

What did you find?

What we found were multiple .htaccess files located on the server.

Apache Configuration: .htaccess

Some of the files were located in user specific directories for podcasts that are hosted on the mix. The link we provide you is to Mozilla’s developer site where they talk about this file in more detail, so please check it out if you’re interested in what these files are and what they can do. Its a very powerful thing, but something that can possibly damage your web site.

The .htaccess files were dated from February 28th to today at 9:36 am. While I don’t understand the .htaccess file in full, what I can tell from each of them was that there was some redirect happening, where I don’t know. Some even had cpanel things in it that had a statement of not deleting those lines.

How many files were found?

I think there were about a half dozen of these files or so with varying similarities of what I described above.All of them had different time stamps however.

What did you do?

After determining that none of us who manage the web site wrote these files, or even have the knowledge of writing said files, I felt it safe on deleting these files as clearly they were redirecting somewhere and causing the browser to download strange files. No web site should ever ask you to download strangely named files. All files being downloaded off the Internet needs to be clearly marked as to what it is and placed on a page or clearly indicated in communication with intended recipients.

Per policies marked by our provider, files may not be left on our server without being linked.. This can be loosely taken though, because if you’re sending a link to a file to someone, you’re sending a link.

After I deleted all of these files, I instructed the owner to change the password to the account, as I thought that it was a possibility that someone got in through the control pannel and uploaded these files through the file management interface.

The site should now be up and operational at this time.

Who should I contact for questions?

Please contact the Jared Rimer Network’s Jared Rimer at 818-921-4976 or text/whats app 804-442-6975. Please use this contact and bug reporting form for email communication.

Thank you for your continued support. We’re as safe as possible under these circumstances. We hope that this doesn’t happen again. If it does, rest assured that the JRN will take the necessary steps to fix the problem quickly and efficiently.

Comments (2)

Most Americans are at risk, thanks to Experian

Experian hasn’t really learned their lesson when it comes to keeping information safe. Within the article I’ll be linking to, I just have to laugh at what they say once Krebs on Security contacts them about what I’m going to talk about.

Apparently, a researcher, who is also a sophomore at a university in New York, found that needing a student loan had to be done so he did some research in to what might meet his needs. One of the lenders used an API provided by Experian to do automatic FICO credit score lookups on their web site.

The API had no authentication what so ever. Readers who come here probably know what happens next, right?

“We have been able to confirm a single instance of where this situation has occurred and have taken steps to alert our partner and resolve the matter,” Experian said in a written statement. “While the situation did not implicate or compromise any of Experian’s systems, we take this matter very seriously. Data security has always been, and always will be, our highest priority.”

What’s laughable is: … “we take this matter very seriously. Data security has always been, and always will be, our highest priority.”

Data Security has always been your lowest priority, and you get our information from who knows where, because you buy it. Us consumers do not deal with you directly, but you deal with lenders like the one you shut off, because your API is not secured and authenticated.

The researcher was also shut off and he wasn’t doing anything wrong but trying to help you fix a weakness in your supposed product.

For the full story, read Experian API Exposed Credit Scores of Most Americans for all of the details on what is going on over there. I’m sure my readers will find this of interest.

Comments (0)

Its time to get your windows update on

This month, we’ve got less patches than we have had in the last year alone. Microsoft is only giving us 54 different patches, but the majority are considered critical.

Windows will update on its own schedule, so make sure when it prompts you to restart, that you save your work and let it do its thing.

Its been reported to me that on slower networks, multiple reboots may occur because it doesn’t have everything, and I suppose that may be normal.

13 of the 54 were submitted via Trend Micro’s ZDI program.

Of course, I’ll link to both articles here on the blog for those who want to take their gander on what they want to read.

Pick the one that suits you, both have similar coverage. Please continue to stay safe!

Comments (0)

Transcribing books, it doesn’t have to be difficult with Braille2000

Before I paste this article, I held this article until some fixes were out which 2.275 fixed.

Since I failed the course, the information here may help transcribe a book, but is in no way deemed correct by standards. My understanding of transcribing a book was good, but I just had too many mistakes. With that said, let’s talk about how you might transcribe a book using percent codes for the majority of the work.

Transcribing books, it doesn’t have to be difficult with Braille2000

percent codes, and B2K itself make it very easy for a blind person

Welcome to another article here on the blog, where this article will talk about transcribing a book using Braille2000 and the percent codes.

You can, of course, use Braille2000 to do all the work within it by changing the style, spacing, and the like, but why do that? The only thing you need to do is the special symbols page in B2K as it is very simple to do and you can remove symbols based on the reading level of the student. For example, if they were brand new, maybe leaving all the symbols would be helpful to the reader, where adults need the minimum discussed in assignment 19.

Remember, assignment 19 is not complete. I may still have things to fix, and I’m not going to give the entire transcription of the assignment either. Rather, I’ll give you portions, and talk about codes as necessary.

The Title Page

The Braille title page is quite interesting in its development. Braille2000 has a code called page fill which will fill the page with the content. In another example I saw, preserving blank lines was used instead of spacing commands like I did. No matter the method you choose, you should always check to make sure it did what you wanted.

For the title page, the assignment mentions the 5 different parts of the page, and how it needs to be done. Sample title pages are given based on different criteria but the concept should be learned. I found that doing the title page took some work, as the simulated print gave a bunch of information about the book that is to be transcribed in part and the student needs to take the concepts learned and put it in to a proper title page.

I had the concept down, but questions arose because I am not affiliated with an organization and it said that it needed to be a certain way. I’m not giving any answers, and again, I’m not even graded, but I hope that the info given may be of value.

What does it look like?

Let’s take the concept of the title page and put it in to practice. The following is the way I decided to do the title page for this assignment.

%pagef %bn=t1
%list
THE HOUSE
The History of the House of Representatives
%space
Robert V. Remini
%space
Published by Smithsonian Books in association with HarperCollins Publishers.
New York, NY
Copyright © 2006 Robert V. Remini and the Library of Congress.
Further reproduction or distribution in other than a specialized format is prohibited.
Transcription of:
ISBN-10: 0-06-088434-7
ISBN-13: 978-06-088434-5
%space
Transcribed 2020 into Unified English Braille by Jared Rimer
Woodland Hills, CA
%space
In 16 volumes
Volume 1
Braille pages t1-t2, p1-p8, and 1-13
Print pages i-vi and 1-b5

Some of the information you will need like the number of print and braille pages may be unknown. When I first created the title page, I created it this way.

%pagef %bn=t1
%list
THE HOUSE
The History of the House of Representatives
%space
Robert V. Remini
%space
Published by Smithsonian Books in association with HarperCollins Publishers.
New York, NY
Copyright © 2006 Robert V. Remini and the Library of Congress.
Further reproduction or distribution in other than a specialized format is prohibited.
Transcription of:
ISBN-10: 0-06-088434-7
ISBN-13: 978-06-088434-5
%space
Transcribed 2020 into Unified English Braille by Jared Rimer
Woodland Hills, CA
%space
In 16 volumes
Volume 1
Braille pages t1-x, p1-x, and 1-x
Print pages i-vi and 1-5

I may not remember exactly how I did it, but this sample will illustrate what it may be done like if you were to do it. Note also that I used the list percent code, as it needs to be in 1-3 format or first list format. I also learned from Bob that I can put multiple percent codes on a line, but when I did it, I had the percent codes on each line. Some codes like %space I would put on one line, but others seem to be OK.

You’re welcome to play around with these types of examples and see what works for you, each person is going to be different. Remember, if you used preserve blank lines (pbl) you can press enter for your blank line and enter again to type and your line will be kept. After the title page, turn off PBL with pbl=off so that you can have your formatting preserved. In the RTF, I pressed enter when typing so that I had a blank line so I can find paragraphs easier when proofing. Remember that you can also format your file based on structure, but as a blind person, I find percent codes much easier like the above for the title page.

Special Symbols Page and Transcribers Notes

Some transcriptions need a special symbols page and a Transcribers Notes page. This assignment does not have a transcribers notes page, but has a special symbols page. In RTF, the Special Symbols page was created by putting a mark in place on a page so that the page was in place. I simply typed that this is a mark for special symbols. Remember! You want to remove that text before inserting the special symbols at the end of your project. If you were to do the transcribers notes, insert a page for that, and you can even fill that in using RTF if you know what you’re going to do. For example, if the transcription removes photos, it needs to be put on the transcribers notes page. More information is available in lesson 19 about formatting the transcribers notations page, so I won’t cover it here except to say you can put a page in place for that.

On the special symbols page, I also set the running head for the book for this assignment. This is important, because then you don’t have to worry about that later.

What does this look like?

Below, I set the running header for the book, and put my place marker in place for the Special Symbols list to be done in B2K at the end of all of the proofing.

%page
%runhead
THE HOUSE
%space
This page will be reserved for the special symbols page.
%page

%page tells B2K to creat a new page. %runhead on a line of its own is very important. The following paragraph is used for the header, so if I wanted the running head to say The History of the House of Representatives, I’d have to put that on its own line. You can learn more about setting a running head and appropriate measures to take in assignments 17-18 of the Transcription Course. The %page at the end of my text is used to tell B2K to move on to the next page. Because I didn’t put any page number indication, it assumes T2. If I needed a Transcribers Notations page, the %page would have it go to t3.

Changing Pages

In this portion of the book, we already established the new page, but we switch from Transcribers pages to Preliminary pages. We also establish print page numbers. This is simple to do in Braille2000 using percent codes in this portion, because the next section is more books by the Author.

%h4> How is this done?
%hr>
%pn=i-ii
%bn=p1
%hr>

That’s it! I set the print page number for the roman numeral pages and the preliminary page numbers. That is as simple as it goes. Until its changed again, this format will stay in place.

Dedication page

The dedication page is simple. You can put it in paragraph or list, and I chose to do this in paragraph.

What does it look like?

There are two aspects to this portion. First I need to tell Braille2000 to move to the next page, then set the next page.

%page
%np
%space
%indent
For my children: Elizabeth, Joan and Bob

I use %indent here, but you could use %3-1 to do the same thing. %space told B2K to leave the necessary blank line between the running head and the paragraph.

Table of Contents

This is the fun part of B2K because this whole thing can be automated. Because the lesson requires this very lengthy table of contents to be done in 16 volumes, even though you’re essentially transcribing only 5 pages of the entire book, I really had fun learning the intricacies of doing this. If you were wanting to type this out, its easy to do.

First of all, we have another print page, because there is a page change roman numeral 7 within the table of contents, and the rules indicate that all back pages should be accounted for even though they don’t appear in print. That is OK, we did the print page setup before, so I just set the new page set instead of %np as shown above.

What does this look like?

Let’s show you the print page change before we talk more about the contents itself.

%page
%pn=iv-v

This code indicates that we’re skipping roman 4 and going to 5, and the next sequence I.E. a5 will be used when it changes pages automatically. We didn’t change braille page numbers, so whatever preliminary page we’re on will continue.

The Table of Contents

This is the exciting part. There is a code you need to set called table of contents otherwise known as TOC for short. After that, you need to use the tab key to discern the text from the page numbers. Whether you space the last word or you just tab, it should be fine. As long as the Table of Contents tag is there you’ll be set. Braille2000 can be used to do this by doing some other settings, but as long as you check your work afterword to make sure you have what you need set correctly, you’ll be fine.

Make sure you review the rules on Table of Contents pages, as it stipulates you need to use listing format based on the headings of the book. Heading 1 is 1-3, heading 2 3-5, etc. The way I’ve learned how to do this is the %list tag which is shown above for the title page.

For illustration purposes, we’re only going to give you the first volume. Remember, you can use the center tag where appropriate for volume numbers and the like, and I would assume that PBL would be useful as there are spots where blank lines are necessary. Look at assignment 19 for complete details.

What does this look like?

%toc
%list
%center %tnl Volume 1 %tnr
Prologue 1
%space
1. Inaugurating a New Government, March-April 1789 9
2. The First Session of the 1st Congress, March-September 1789 24

New rules introduced recently indicate that transcribers notes (%tnl %tnr) need to be in place for volume numbers since it is text not in the print copy. Honestly, I’d rather have it the old way, its more cells and is completely unnecessary! Be that as it may, I’m learning this for the first time, and so to pass, I must include these. In the print, there is a tab between the prologue and page 1, the first chapter and page 9, and the final chapter of the volume set on page 24.

Let us show you what volume 16 looks like as this is very important to do at this point. Because the table of contents rules indicate that if you have a page number on the right side, it could be confused with the braille number, so B2K will move things down automatically. There are other things I’ve learned that are necessary too, but I’m not going to give you everything, just the understanding that this is capable of being done. Let’s show you volume 16 as I understand it.

%center %tnl Volume 16 %tnr
Index 593
%toc=off

Notice the %toc=off command? It should be used to indicate that you’re not dealing with table of contents entries in cases where you may press the tab key and type a number which is part of the regular text. This completes the preliminary pages, lets move on!

Text pages

The text pages are pretty simple. There are codes for indention like %indent and if lists come up like %list to tell Braille2000 how to handle certain things. Things like bullets, font attributes, and the like are handled with the processing of the file, but you can use %center for centering or %head for a heading. If subheadings are used, use %subhead for a cell-5 or %subhead7 for a cell 7. These are level 2 or 3 headings. While these are the typical, there are times to do other specific like %7-7 when doing attributes for example.

%pager

Remember that we had set a running head for all these pages? %pager suppresses the running head and it appears on the next braille page. We also need to change page numbering altogether, as numeric page numbers are used throughout the book.

%h5> How is this done?

This is done with several codes. First, we set the new page with no running head, then the page numbering as shown below.

%pager
%pn=1
%bn=1

I then decided to use a heading for the Prologue which runs for many pages but we are only transcribing the first 5 pages of print. We also by rule, need to rewrite the title of the book as required for the first page of any volume of braille.

%center THE HOUSE
The History of the House of Representatives
%head
Prologue
%indent

The indent tag is basically telling B2K that I want indented paragraphs. From now on, I hit two returns, and it has the knowledge unless otherwise stated, this is normal braille paragraphs.

The United States House of Representatives is regarded by many as the finest deliberative body in human history. A grand conceit, to be sure. But one that is not far from the mark. It is an extraordinary instrument for legislating the will of the American people. Through an electoral process it regularly absorbs fresh blood and fresh ideas so that it can reflect popular needs and demands. Every one of its members from 1789 to the present–over ten thousand individuals!–has been elected. Not one has been appointed. It has been said many times that the United States House of Representatives is the “people’s House,” and as such it has endured for more than two centuries.

Any history of this institution should begin with a reminder that many of the traditions and practices of the American system of government originated in Great Britain, a country ruled by a monarch and a two-house Parliament: the House of Lords and the House of Commons. As England expanded its empire into the New World in the seventeenth and eighteenth centuries and colonies of transplanted settlers were established, the king, or corporate or individual entrepreneurs who subsidized the colonization, appointed governors to represent their will and execute their instructions. To assist them in their responsibilities, these governors chose advisory councils of distinguished residents and over time allowed them to offer suggestions by which the colonies could be administered.

As you can see, if I put those paragraphsin place, it would both be indented based on the above tag. Since we have a page turn within the text, in several places, we can easily add the next page code (%np) anywhere I want a new page. If its in the middle of a paragraph, I can put it right in the text, and if needed, a separator line for the page is put in place. If not, it puts it in the appropriate place without you having to count pages. Where the page change happened to start a new paragraph, I put the tag on a line of its own.

More particularly, in 1619, the stockholders of the company that maintained settlers in what was the colony of Virginia in North America %np ordered the governor to summon two landowning representatives from each of the small settlements in the colony to meet in Jamestown. These representatives were told to provide advice only. Twenty-two men gathered in a tiny church and forthwith ignored the company’s instructions and enacted a series of laws for the colony against gambling, drunkenness, idleness and the breaking of the Sabbath. The House of Burgesses, as it came to be called, then adjourned. But, by its action, this house gave notice that it was prepared to go its own way and assume authority to legislate on matters that it regarded as beneficial for the community. It demonstrated a degree of independence that would be repeated many times in the future by other colonial legislative bodies. When, in 1639, the king instructed the Virginia governor to summon the Burgesses together each year, he was simply acknowledging what had been going on for quite some time. Nonetheless, final authority in the colony still rested with the governor and his council of prominent planters.

In that paragraph, you see that we have the %np right after a word, and we just kept on writing.

… funded and governed by a proprietor or by stockholders in a company, but ultimately most of them evolved into colonies under royal control with a governor and one or two houses of appointed and elected officials. Legislative assemblies, representing the people, became an integral part of the governmental operation.
%np
As the number of immigrants to the New World increased and the frontier moved steadily westward, the colonists became increasingly detached from the Mother Country. Far from England, they lacked regular direction from a ruling body in London, and they needed laws by which they could thrive in a hostile environment–where Native Americans regularly thwarted their efforts to obtain additional land. Thus, the settlers relied on their local assemblies to address their concerns. The colonies had no real representation …

In this subtext, I took a portion of a prior paragraph, and the beginning of the next paragraph with its page change. I didn’t complete the paragraph, but you can see how easy it is with these examples that it can be pretty easy to do your own book There are plenty of codes to help you, and we’re always available to answer any questions about this, or any other aspects of Braille2000 as it can be very complex at first glance.

Comments (0)

The Security box, podcast 43: 2 topics of interest as well as news notes and more

Welcome to another Security Box program folks, I’m happy I’ve gotten some time to get this to you.

The program lasts about 104 minutes and you’re welcome to participate as well.

We’ve got a dial in number right in to my live wire box. Its 623-263-8934. Press the topion to leave a voice message if you wish to do so, or check out any of the programming I’ve got up there.

Here is the 96.02mb file for you to go and download it if you can’t use the rss feed.

Here are the show notes for everyone with links to the various topics and news items for this program.

Welcome to the Security box, podcast 43. On this edition of the podcast, we’ve got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We’ll have news, notes, your questions comments and any catch up from any older podcasts.

Topics

>

Sans News Bites

We hope you enjoy the program as much as we have bringing it together for you. See you next week!

Comments (0)

John … what’s your name now … is now back in the news

John Davies, AKA John Bernard, AKA John Cavendish is back in the news through Krebs On Security. This post reminds us of the three part series which we covered back on podcasts 10, 12 and 14 of the Security Box. Now, in news notes of the upcoming podcast 43, we’re going to have to bring him up again although it’ll definitely be news notes related as the podcast is booked.

John still finds marks for his continuing due dilligance fees with no promises of delivering the promised money for companies to do the projects they say they need the money for.

The article in part talks about the source that came to Brian with all of the latest.

“I just sat in on a call and John’s voice is unmistakable,” said the broker, who asked to remain anonymous. “He stumbled on the beginning of the call trying to remember which last name he was supposed to use. Immediately they go back to the standard script about the types of deals they are looking for. They want to be minority investors in private transactions and they are industry agnostic.  Their deal sizes are investments in the $5-20 million range, they prefer to not use big 4 firms for due diligence, and they have some smaller firms they use which are better suited for smaller investment deals.”

The article continues:

The source forwarded me some correspondence from Hempton Business Management, and I noticed it was sent from a Mariya Kulykova. This is interesting because Mr. Bernard’s personal assistant in Ukraine was a Mariya Kulikova (Ms. Kulikova deleted Bernard’s former companies from her LinkedIn profile shortly after last year’s series).

The company’s website says Hempton has been around since 2017, but the domain name was only registered in late November 2020. There is no information about who runs or owns the company on its site.

He elluded authorities numerous times and he knows what he’s doing.

The article talks about Hempton , what a shelf company is, and more.

Investment Scammer John Davies Reinvents Himself? is the article, make sure you do your due dilligance.

Comments (0)

‘Jugular’ of the U.S. fuel pipeline system shuts down after cyberattack

I did read this on Saturday thanks to the little wigit page and what it provides. This is still a developing story, but yet something to watch, as there are still questions that need to be answered.

Continue: ‘‘Jugular’ of the U.S. fuel pipeline system shuts down after cyberattack’

Comments (0)

wordpress logins unavailable for the moment

Hi all.
This is a notice to say that wordpress logins for those that give a damn are not available for the moment because of an issue with 2step authentication.
The long and short is, that when I try to activate 2step and run wordpress 2step, ie I login to a site with it, it acts like it is working but I never get my sms code unless I try several times then eventually I will get a code, 2 times if I am lucky, 10 or more if not.
Every time it doesn’t work I need to wait a couple minutes till it resets.
I have been doodling with a few software packages mainly the wordpress packages themselves for windows from wordpress itself, and noticed this.
Wordpress app couldn’t even recieve any authentication till I pulled one from the web then using it for the app.
No idea if its me or wordpress itself but I have sent automatic general a request on the internals of the authentication system.
The only reason I had it on apart from the obvious is jetpack engine, wordpress logins and recommended security settings.
But if its being semi rood right now I just can’t justify having it on if it refuses to send me the number for no reason I can see.
I am conciddering a shut down of the registration system currently in place and if this is not addressed in the next few months that may lead me towards this eventuality.
We havn’t had any more users in the last 6 months or so coming in.
And if security on wordpress site continues to break like this it may be easier to abandon registration possibly and well as the current security subsystem currently in place.
Thats obviously something I don’t want to happen but lets see how that works.
Currently and for the forseeable future no wordpress logins will be allowed so if you want to post you must register the usual way.
I am unsure if I will ever turn on 2step unless that is they fix it.
I do hope they can fix it but if they don’t then they don’t I guess.
I should make a song and dance but the old world has ended and these are covid times.
So I’ll just turn it off and forget about till its sorted or I get an explanation.
At the moment there isn’t an issue with the software on either end but if I don’t get the code then well who knows.
The other way I guess is to start setting app passwords for various catigries of things.
I don’t give a damn about app passwords but I only need 1 for my brouser, and everything else will just work.
Later thats it for now

Comments (0)

Bugs in Exim are documented, time to patch

As reported in Sans News Bites for this week, I found an article also on this from Cyberscoop. Its entitled Qualys researchers uncover 21 bugs in Exim mail servers and should be read.

Researchers have found 21 unique vulnerabilities in Exim, a popular mail transfer agent, some of which would allow hackers to run full remote unauthenticated code execution against targets, the Qualys Research Team announced Tuesday.

Having remote code execution is pretty bad and it looks like it isn’t just versions talked about through Sans and other articles.

If we’re running 4.94.1 or earlier, we really need to get a move on or write our support people. I’ll write some highlights for the show notes and we’ll bring this up for discussion.

Comments (0)

Sans News bites, May 7, 2021

As predicted, Sans News Bites is covering the Exim news that I recently read about and will be making sure to fully blog about.

If you don’t get Sans News bites, than here is the link to this one where there are links and commentary on many topics including a WordPress plug in update. This is going to get interesting, and the headlines are going to be read out loud for the podcast. I’ll link to the same link in our show notes for this episode.

Comments (0)

Podcast catchup: links to podcasts 38-42 of the security box

Hello,

since I’ve decided to go ahead and have the podcasts as links, there are podcasts that are not linked.

I’m going to link them here, feel free to download them!

We have full show notes for all of the programs, let me know if you need a copy by sending me an email to tech at menvi.org. Thanks for reading, more soon!

Comments (0)

Feds shut down web site for vaccine info, site peddled malware and the like

I saw an article yesterday which I read, and I think this is a good topic to bring up on a podcast. If you now go to the web site talked about in the article, you’ll be greeted with a message from the government which means that they took control over the web site.

This website is called “Freevaccinecovax.org” and instead of collecting information from people to then turn around information to benefit them, the site took that info instead. They used this information for phishing, or even deployed malware on the victim’s machine or even network if they wanted to.

Threat post has the story, Feds Shut Down Fake COVID-19 Vaccine Phishing Website let’s discuss.

Comments (0)

Perpetrating vaccine hysteria to get people to click

I just got the following via my contact form through jaredrimer.net. I believe I call this false because they are linking to a bunch of google drive links which are not linked here on the blog.

Whoever filled this out filled out both sections of the form with the same information, and the news I’ve heard through Indiana news indicated nothing of these things this perpetrator is trying to portray. I pass this along so if you see something similar in your email, you’re aware of it.

Now, please find below the ruler, the contact form I received. I’ll have more analysis after the ruler that ends the form.

Below is the result of your feedback form. It was submitted by () on Wednesday, May 05, 2021 at 19:37:31

Name: Percy
phone: 03525 95 66 51
contact_method: both E-mail and phone
bug: yes
additional_bug_info: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/1rcMJCIcovq6irpRqG8WH9CfiPvU5StY_?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1Dzpq9Or5YiaC1dCjrZLWLBmEdNOEmJeA?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/185voD3JpfqT0Mv0mK4G_H8T4JJQjzC_h?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/15W69ki3JpKjKcJ12biI9gQke4ggyJMta?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1sPnfAOF7uBTHbRFTBc5T_7mG0MTNrVIS?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/162StvFISP1q_qboiG6DrsuoZJC0uNnvF/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1sdB1F4N8lStj5me8mKYDixse1zdtlbRJ?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/1XrxCzR5H6XF0au3XaxetTSLVEyFnJhGc?usp=sharing

Vax Fake Videos and Deaths:
https://drive.google.com/drive/folders/140SjULX6cP4_qMj2GRor0Nb42UBCt4ad?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man
comment_or_question: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/15qhTeGgfxz2wFJNv54lpc3OHRT0OxB8X?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1USOoIV2jQrXEkqza6_bVQ3OvKA5taP9X?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/16NrE63dTZduOtYMmaS3Ao41s0MmnWv-v?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/1NyDIkSK1VrD_fbjEB5ohk3nefFcXdUZF?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1FjTBIarbl4ACjWnIP5A7e-y0LlhP8LSv?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/1T7ttih2mx73e1GzMT9ixBxNUqwhjzWhH/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1vdxr743t8uFzJ4Jw74idY3RqFqmcUcsq?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/193UIIgV105QH1EEUzLPPjh6ZNihBd9d8?usp=sharing

Vax Fake Videos and Deaths:

https://drive.google.com/drive/folders/10YTwUbW2YZIHgJPOn-xAyusjXi-bVquD?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/42D0C6
REMOTE_ADDR: 77.93.25.153

I know there are some complications that could arrise by the vaccines, but your pharmacist or person giving you the shot will discuss those things. People who have talked to me about what has happened tell me everything from being tired to nnauseousness as side effects. They usually last a day or two from what I’m told, so this is trying to get people to click and possibly get infected.

77.93.25.153 has been reported to abuse IP and is a fixed line service. At this time, there are three reports. All of them deal with hacking attempts. When I report this, I’ll be reporting this as email spam and indicate the potential for false news about the vaccines to scare people to click.

  • ISP JSC Balticom
  • Usage Type Fixed Line ISP
  • Hostname(s) balticom-25-153.balticom.lv
  • Domain Name balticom.lv
  • Country Latvia
  • City Riga, Riga

These can be filled out by anyone anywhere in the world. And also notice the googlemail address. There is no googlemail, it redirects to gmail.

Comments (0)

The Security box catchup, podcasts 41 and 42 show notes

Hello all,

After some technical difficulties and my decision on giving you download links, we’re happy to bring you the backlog of show notes and links to the last two podcasts.

First, let’s go ahead and get the links out of the way.

Now, let me bring you the show notes for podcast 41 which was last week’s podcast. Starting with this podcast, we’re only linking to the articles, as my notations are read to assist me in the discussion anyway and has caused problems with the show notes for the main RSS feed.

Welcome to the Security Box, podcast 41. On this edition of the podcast, we’re going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We’ll have news, notes and more.

Topics:

Both of these articles are from Krebs on Security and while they’re a bit old, you can’t deny that it is worth talking about. Company aught to be ashamed of themselves.

A bit of sad news:

🙁 Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years.
Security Now! researchers know of Dan’s discovery of a critical weakness in the DNS servers at the time.
He will be missed.

News Notes

Now, let’s bring you today’s program and its show notes. I’m sure that we’ll have some comments, and I’ll be sure to ge the rss will be updated with today’s program. I hope you enjoy..

Welcome to the security box, podcast 42. I think I’ve got two very interesting topics. One of these topics is the ongoing saga over at Experian. We know they had a big time breach, but do we really know what else is going on at the company? Brian has the entire details. Finally in the topic department, we know Ransomware has taken a big toll during the pandemic and there is no slowing down in that department. According to Cyberscoop, demands are higher by 43 percent so far in 2021. We’ll talk about it. I’ll also give you some news and notes, although it may be dated. Your questions and comments are always welcome, so please get in touch! I hope you enjoy the program as much as I have putting it together!

Topics

We used to put all of the notations within the file, but I’ve decided against that unless people want me to do that. I’ve heard nothing, so I’m reverting back to linking to the articles, and letting people decide on what interests them.

News Notes

In another blog post, I’ll link to podcasts 36-current for everyone in a list without any additional show notes. I hope that you guys enjoy, and thanks for listening!

Comments (0)

9 devices and technologies that will be going away comment

Hi all.
Well the article to this can be found at the link below.

9 Devices and Technologies That Will Soon Be Obsolete


I personally think articles like these are potentially dangerous.
Microsoft and others are trying to go passwordless for example.
First is my comment then my analisis on it.

To be honest I will have to disagree with you in some respects but not others.

1 wired headphones.

I agree, generally not for everyone.

But as a gamer and audio person, I actually use my wired sets on my studio gear including laptop.

I have portable wired units I use on my digital recorder.

My gripe about wireless/bluetooth are the delays and battery usage.

This will probably get better but for now nothing beats an expensive studio set while at home.

I don’t use headphones while on the go otherwise but am thinking about the frames stuff.

Being blind I shouldn’t have my ears blocked with things anyway.

  1. you are probably right with cameras period.

Most everyone uses digital cameras on their phones.

  1. hard drives.

Not sure, certainly I like running things locally as well as on the cloud.

I am a home user, and admin person, so a lot of my stuff is on the drive.

Sure internal drives on laptops will be harder and harder to get so eventually workstation desk units may be the way.

However I don’t see myself storing all my audio, video, and stuff online.

Price wize, you can’t get more than 1tb personal anyway.

I can still buy hdds of 4tb or more cheap enough.

What may happen is that ssd units will drop down and maybe that will be the future maybe.

As for drives sitting about I agree, my 1-4gb flash sticks do sit about, but I usually use 8, 16, 32, and 64 gb drives on a regular basis, well while thats not daily I wouldn’t go without them.

The net isn’t going to always be accessible or accessible at any fast speed.

In some rural areas thats really bad and if you are remote well.

I remember when I had a 128gb laptop only before I got a workstation with duel drives.

I was able to do everything online but take away the net and my laptop became fucking useless!

Now for those that work in business as a primary thing, do banking and email maybe, but net speeds don’t match up to uploading terabytes of info and dragging them about.

Yeah you can and some do this, but even on a fast connection you could be waiting for weeks for a backup, though granted hdds can and have gone bad I’d still trust my multiple offline storage solutions over online any day.

The next is who’s data is it.

According to some, its whoever’s server your stuff is on and can be used for well anything you can imagine.

At any rate all that digital music etc, some is streamed sure but for those that have a subscription in the cloud thhats not really your’s, I mean you have the right to access it but its not really yours.

Analog watches, maybe bar specialised things like braille.

Phones hmph not sure.

I like a physical keyboard and a home button, touch is something I will eventually have to embrace but not yet.

Passwords.

Yeah, nice try, but I will always trust a password over anything else, unless we get microchipped like sweeden I am unsure.

Not every device has biometric devices and even if you do have them they are not always acurate to be usefull.

I have family with a lot of issues usin theirs.

We should talk about things that should die.

  1. digital rights management at least for music and maybe books.

That is a good idea but its an accessibility nightmare.

  1. devices with inaccessible interfaces, all this touch is nice but a keyboard is the most accessible or at least some feadback or voice guideance.

  2. copy protection on dvds and everything else.

No idea why producers just don’t sell or put with your video the audio described track in mp3 or something spacifically licenced for the blind.

It would save me cracking my own dvds which I legally brought so I can listen to them or going to dodgy sites putting my system at risk of a reformat, after all they have the material in the first place.

Lets break down the article as I see it though.

1
Corded Headphones
While I see this going away on the mobile side, I wouldn’t give up this just yet.
Audio files like myself like them.
On the pc and places where bluetooth doesn’t exist or is hard to access and to be honest non wireless is always best just isn’t there yet.
Also batteries, and latency can be an issue.
The blind have delays with speech as it is.
Granted if you use a portable device and are not wedded to a workstation a lot more than me I can probably get you, but I do think there will be wired options, maybe not with the 3.5 as much, maybe duel or other.
I can get a bluetooth/wifi set with a detachable cable still and there will always be cheap units.
2
Physical Storage
While I can see this on a business sence where you run everything on the cloud or on a server, as a business user that also is a home user, physical storage has its place, audio, video, and extra stuff being in a separate place is a good idea.
True its harder now to buy laptops with duel drives so eventually it will be a laptop and a desk station or nas or something but still.
At any rate have you ever tried to run a system in a situation where there is no net or slow net?
Fine if you have 100mb to 1gb I guess or higher but a lot still don’t have that or the speed.
Worse, just who does your stuff belong to, in some cases thats the cloud previder.

Do you really want to have all your personal files and everything else you own and make owned by google over the vast amount of stuff they own of yours anyway?
Pluss while they do fail, a few storage devices in different locations are good for backup.
You can backup, I have heard of some people with backup cloud drives, but assuming things don’t crash and you can afford 8tb or somethhing like that its going to take weeks to upload and download your stuff.
Becides with all the protection with books and music locking you into expensive contracts or single devices while its good for business its not generally good for users at home at least not for everything.
And with antivirus software flagging some apps I am happy for the separate storage here though yeah its going to get harder to justify that.

3
Point-and-Shoot Digital Cameras
This I can agree with.
There will always be specialised hardware, I have got the equivilant of a camera in an olympus lsp4 for my digital recording, the issue is that recording still takes up a lot of battery on your smart phone.
And unless you have a way to get things off or have a way to access the net to get it you may have a problem.
At any rate mobile phone rates are really expensive especially if you roam a lot.

4
Analog Watches
Bar braille I can actually agree with this, who’s seen a sightling use a non digital or non smart watch anyway.
Not for a few years I bet.
5
Lightning and USB-C Charging Cables
Same as the storage issue.
Do you know how much legal, non hacked mag safe actually costs, vs a cable?
Cables will never go away, at least not while wireless charging and such costs more than cables.
There is some contravercy that these so called wireless fast chargers dammage batteries, heat them and could potentially cause harm.
The humble cable aint going away, maybe you will get everyone adopting a universal standard like usbc and using that, that would be nice at least.

6
Standalone GPS Devices
As long as you have mobile data and are in range I can agree.
Unless you have lifetime maps your standalone device is going to cost a lot to keep upgraded.
But again this article doesn’t put in to account that outside the net like in the bush your gps may be still your friend.
Stand alone devices may go away but devices will start existing in other things generally.
Cars at least some manufacturers have crappy gps units or their data packs suck.
However outside any major city your mobile whatever is useless away from a cellsite.

7
Passwords
Biometric works with some but not others.
I still see a password as having some place still, either we have a manager or something but a password is still needed as well as 2factor codes and the like.
Not every device has biometric chips, anway how secure are those anyway.
I know in sweeden there are microchipps you get but how secure are those?
However for those that can’t use fingers or well faces especially a mask, not sure how you can go passwordless.

I mean I do on my home system, I don’t need a password to login.
Now if there was a way to log into my bank without my password or username or anything that would really be good but hmmm this may be still to early a concept.

8
The Home Button
I like this as well as keyboarded devices and so do a few other blind people
It just means that if the replacement aint accessible it makes things harder for the blind, granted some have got used to it but while touch is good the best control for the blind anyway will always be a keyboard and a physical button or sequence of buttons.

9
The Apple iPod
Hmph, unsure about that.
Maybe the ipod, but music and your phone and battery life = a problem potentially pluss do enough on your device and you will get a hot device.
At any rate its the smart speaker or something now that is a pod like thing.
The ipod may be on the way out but in some situations portable devices will still be here for a bit.

Comments (0)

The security box, podcast 40: Windows Update and ransomware in the manufacturing industry

The RSS has the updated podcast. Due to little download usage, we are not providing any more links for download.

If you wish to have a downloaded copy and you don’t have RSS, let me know and I’ll upload and have an email sent to you from a service.

At some point, we will disable all download links by cancelling Sendspace but it will not be done right away.

Below, please find the show notes for today’s program.

Welcome to podcast 40 of the Security Box. On this podcast, we’re going to have our main topic that deals with the Windows Updates which you may have been prompted to install. Instead of news notes, I’ll pick a few of the articles and we’ll see what you think about them as I’ll give my thoughts. No full news notes this week, but plenty of content to boot. We hope you enjoy the program, and thanks for listening!

Topic: Windows Updates for April 2021

Windows, like a lot of software, gets updated each and every month. This batch for April has a record high for this year, according to Trend Micro’s write up of the patches.

According to the Trend Micro article, 114 patches were released for April with only 19 classified as critical, 4 were publically known, and one publically exploitable in the wild. 5 Vulnerabilities were submitted through Trend Micro’s Zero Day Initiative program.

We know that the exchange server fiasco has really caused some headaches over at Microsoft. Exchange was dominated by 16 different problems dealing with RPC or Remote Procedure calls. Out of the 16 critical updates for exchange, the majority (12) were flaws in the RPC runtime. The RPC runtime has to do with programming, and not necessarily having to do with user behavior. There were 15 further vulnerabilities that effected the same runtime, according to Trend Micro.

If we haven’t had any trouble with exchange before , we do now. Besides the RPC vulnerabilities, 2 additional CVE numbers were designated. They are: CVE-2021-28480
and CVE-2021-28481. The CVSS score on both of the CVE’s are 9.8.

Its interesting to note that according to the Trend Micro article, both of the CVE’s were credited to the National Security Agency (NSA) and it suggests that both should be patched as soon as system administrators are able to do it.

Besides that, if you use the Windows Media Video Decoder, there are two vulnerabilities with it. The CVE numbers for these are: CVE-2021-27095
and CVE-2021-28315. They could lead to remote execution if a specially crafted video was sent to you and opened.

Besides these, Trend Micro’s article talks about some important updates which some may want to be aware of. If you use Visual Studio you should look at the Trend Micro article from these show notes, as there are CVE’s for it. For my normal computer users, Visual Studio is used for programming and is not used by the average user.

Key networking components are also effected. Two of these, CVE-2021-28324 and CVE-2021-28325 effect the SMB component, which affects file sharing.

There are several affecting the TCP/IP portion of windows, which deals with routing across the Internet. Two of these lead to denial of service problems, and a third leads to information disclosure. The Trend Micro article should be read to see if you need to worry about these as the CVE numbers are given within it.

Krebs On Security gives highlights and even links to several CVE’s as well as a Microsoft blog post talking about the updates that may affect readers. Both articles are worth the read, especially Trend Micro’s so find the articles and see what is of importance to you.

Topic: Ransomware hitting the Manufacturing Industry: Victims aren’t coming forward

The sectors of business are starting to get hit with Ransomware. Ransomware is defined as malware that is intended to lock up a computer and force people to pay money in the form of bitcoin to get their files back. The ransom notes are usually on the screen and instruct the victim where to go to get help and even have support agents available to answer questions such as where to get Bitcoin from a retailer.

Today’s article was read last week and talked about this now hitting the manufacturing industry. We’ve talked about numerous articles that mentioned how hospitals were affected by ransomware and two or so articles talking about how someone was killed because ransomware affected their care at a hospital and had to be transported some 70 miles away.

The article, written by Cyberscoop’s Sean Lyngaas, starts out with a true story on how Norsk Hydro had to pay 90 to 110 million dollars because production haulted for weeks as they tried to figure out what was happening. Halvor Molland is the senior vice president of communications for the company, and he had to respond to this incident. Its unfortunate that this occurs, but with everything connected in one network, its not a wonder that they got hit. This company isn’t the only one that has gotten effected by this type of thing, look through the tech blog and find ransom articles. You’ll find story after story on companies getting hit.

Norsk Hydro did something that nobody has ever done in this industry. They told their story and did it in vivid detail including releasing video interviews and telling their story of what happened. This is probably the first time we’ve actually heard of someone telling their story and we can get a picture of what they did, what they were doing, and how they were going to fix the problem.

I understand and know that ransomware attacks are mistakes. Someone clicks a link because they believe whatever the email is that they get is real, and that can happen with anybody at any company, big or small.

Even two years later, this candid reporting by this team at this manufacturing company stands out as ransomware continues to plague industries across the world during this aweful time. The actors have taken advantage of the pandemic like its the last thing they can do before the world blows up.

You know what’s sad? Cyberscoop tried to contact many different companies that were compromised by Ransomware in the last 2 and a half years. Nearly all either declined or didn’t respond to the inquiry.

To top it all off, Honeywell, a thermostat company that also endeavors in other things, declined to tell its employees and even us if we are affected by this breach at their facilities since data can be taken through the Internet these days. Honeywell has not said a word to anyone about their potential issue.

There is more, including news on the Honeywell incident which indicated that they did have a problem but it “wasn’t a big deal.” You can read the article as part of these notes for the entire detail. Let’s open it up, and get uyour thoughts!

Comments (1)

The Security box, podcast 39 for April 14, 2021

Welcome to podcast 39 of the Security Box. Looks like we’ve got commentary from the replay of broadcast 38’s airing. We’ll answer any questions from those comments if any, as well as talk about yet another story I read afterword in regards to Facebook and why it might be a good idea to remove your telephone number or use something like Google or Text Now as your number instead of your primary one. We’ll have news, notes, commentary and more. We hope you enjoy the program as much as I have bringing it to you. Thanks for listening!

Topic: More on Facebook, why Brian Krebs deleted his Facebook account

In an article that I read on April 7th, Brian goes in to detail on why he eventually deleted his Facebook account sometime in 2020.

According to the article, a paragraph says:

The phone number associated with my late Facebook account (which I deleted in Jan. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 billion active monthly users.

We know that Facebook has never been trustworthy after any type of incident, and I honestly don’t believe that Mr. Krebs couldn’t be part of the 533 million people affected by the breach. Checking with the site, yours truly isn’t effected either, but I honestly wouldn’t believe it now-a-day especially since news of this is two years old.

The supposed database has been kicking around the Internet Cybercrime community since Last Summer, according to the article. I’ve never seen any of these databases, and with the massive amounts of databases out there and what they contain, who could confirm every piece of data in it? I like what Have I been Poned and what it is trying to offer, so don’t get me wrong when it says that I’m not in there when I put my mobile number in the site to check.

We now learn that the database was put up since June 2020 and include names, mobile number, gender, occupation, city, country and marital status. It includes data for 100 different countries and there is a link to a January 2021 twitter post within the article.

KrebsOnSecurity goes on to talk about what might happen if someone with malicious intent gets ahold of your mobile number. One of the things that could happen is your phone number changing hands, otherwise known as a Sim-swapping attack. This happens because an employee at the store you got service is tricked in to changing the information to the attacker and you don’t find out until you use your phone.

Brian talks about how it is probably time to remove your number from services like Facebook once verification of the account is complete. I’m almost tempted on doing this myself. There is a very interesting paragraph in which I got interested in. It says:

Why did KrebsOnSecurity delete its Facebook account early last year? Sure, it might have had something to do with the incessant stream of breaches, leaks and privacy betrayals by Facebook over the years. But what really bothered me were the number of people who felt comfortable sharing extraordinarily sensitive
information with me on things like Facebook Messenger, all the while expecting that I can vouch for the privacy and security of that message just by virtue of my presence on the platform.

We can’t vouch for a presence of a sensitive message just because we’re on the platform. I’ve never used Facebook or its messenger client for anything secure anyway, but that paragraph is very important.

Are You One of the 533M People Who Got Facebooked? is the question and article title we’re talking about in this segment, do read the article.

News Notes and more

  • According to an article found on April 8th and written the day before, shopify let data go and it isn’t as we would think. According to the article, the California man, Tassilo Heinrich, is charged with identity theft and conspiracy to commit wire fraud; while two people outside the United States, were not charged. These other two were located in Portugal and the Philippines, according to the article. I don’t understand why these two outside of the United States aren’t charged, they received stolen data, and could have had the oppertunity of using it. California man indicted for stealing Shopify customer data is the article do give it a read.
  • Think Ransomware is going away? Not so fast! This time, an article talks about emailing customers of the companies that they hack to tell the customer that they got hacked. The purpose of emailing customers is of course to get the company to pay up, although as we know, that doesn’t necessarily mean anything as ransomware gangs are only in it for the money. Ransom Gangs Emailing Victim Customers for Leverage comes from Krebs on Security and is definitely a good read.
  • I blogged about this article on the tech blog, but it never made it in to news notes from what I can recall. Brian Krebs talked about someone who registered the domain krebonsecurity.top and what they’re using it for. I’ll just quote one of the paragraphs outright, it says: “Let’s just get this out of the way right now: It wasn’t me.” The article talks about the Shadowserver Foundation, who has tracked the exchange server attacks and their progress of getting patched or lack there of. According to the article, David Watson, a director of the Shadow Server Foundation Europe, tracked hundreds of unique variants of backdoors that allow the actors to keep access. What was very interesting to me, was the fact that an executable was called krebsonsecurity.exe and Brian talking about this plus the malicious domain made the article worth blogging. I just didn’t have a chance to put it in to news notes till now. Read No, I Did Not Hack Your MS Exchange Server for all of these very interesting details.
  • So there was a breach of a water utility in 2019. Cyberscoop’s Sean Lyngaas wrote this article on a Kansas man who was indicted because of that breach. Wyatt Travnichek is alleged to have done it, as they claim he logged in to Ellsworth County Rural Water District’s computer system
    in 2019 and it was unauthorized access. This unauthorized access lead to a shutdown of the facility in question. He is also charged with causing damage to a computer system. According to a customer service rep, Angela Naegele, said the issue was not effected in the drinking water supply. There is no word on whether he bypassed any security controls. Kansas man indicted in connection with 2019 hack at water utility is the article, go on and check it out.
  • Finally, in the “I can’t believe i heard this article” department, Michael in Tennessee read this article via arstechnica which really started me thinking about this company’s security posture. The company’s name is Q Link Wireless. They apparently had an app that allowed you to enter any customer telephone number which you had to know. After doing this within their application for IOS and Android, the person could see anything they wanted within the account with “no password required.” According to the article, this company known as a “Mobile Virtual Network Operator,” according to the article. They are based in the state of Florida. It provides government and subsidized phones to people who qualify under the lifeline program. They apparently serve at least 2 million customers, according to the article. I suggest you check jaredtech.help as I have a bunch more to say in regards to this story, suffice it to say, they apparently closed this hole by doing it server-side and no communication with any researcher or anyone who reported this to the company. For full reading of this disaster, I give you: No password required: Mobile carrier exposes data for millions of accounts: Q Link Wireless made data available to anyone who knows a customer’s phone number. is what you need to read. Have fun!

We hope you enjoy the program as much as I have bringing it together, make it a great day!

Comments (0)

Why is there “no password required” when accessing accounts? What not to do when setting up accounts for services

I’ve been contemplating this article Michael in Tennessee sent me in regards to a wireless company that thought it would be a great idea to have applications for IOS and Android that allowed people to put in any phone number of a customer and allowing anyone to have full read access to all of the data of the account.

When writing up the news notes, I wrote:

Finally, in the “I can’t believe i heard this article” department, Michael in Tennessee read this article via arstechnica which really started me thinking about this company’s security posture. The company’s name is Q Link Wireless. They apparently had an app that allowed you to enter any customer telephone number which you had to know. After doing this within their application for IOS and Android, the person could see anything they wanted within the account with “no password required.” According to the article, this company known as a “Mobile Virtual Network Operator,” according to the article. They are based in the state of Florida. It provides government and subsidized phones to people who qualify under the lifeline program. They apparently serve at least 2 million customers, according to the article. I suggest you check jaredtech.help as I have a bunch more to say in regards to this story, suffice it to say, they apparently closed this hole by doing it server-side and no communication with any researcher or anyone who reported this to the company.

The sub-titled of today’s article is entitled: “Q Link Wireless made data available to anyone who knows a customer’s phone number.” and I suppose it just fits, doesn’t it?

The article was written for Arstechnica on April 9th, and sadly the last item for news notes. People aught to be ashamed of themselves at this company for thinking this was a great idea.

Q link offers a mobile app called “my mobile account” for both IOS and Android as stated in the notations quoted above as well as within the article which I’ll link here as well.

Besides the app allowing you to see data usage, minutes available, buying minutes, minute usage, text usage and even to buy more minutes or data. It also can display the customer’s:

  • First and last name
  • Home address
  • Phone call history (from/to)
  • Text message history (from/to)
  • Phone carrier account number needed for porting
  • Email address
  • Last four digits of the associated payment card

This is a lot of data for one account, especially when the company had it to where anyone can enter a subscriber’s phone number. Can you imagine what would happen when someone malicious came in and decided that they would take a look around?

According to the article, this wide open access has been available since December of last year, but the article only states since December.

According to a person on reddit, they reported this glaring report to the company with only a “thank you for reporting this to us.” He later reported the same issue twice this year, February and also in April. Then this past thurdday, the app stopped connecting to accounts with a message that says that the number is invalid.

I wonder what they ended up doing? Why did it take this long to fix it? Why didn’t the CEO respond to the reporter’s email(s) when it was braught to his attention?

For the complete write up by DAN GOODIN of Ars, please read: No password required: Mobile carrier exposes data for millions of accounts: Q Link Wireless made data available to anyone who knows a customer’s phone number. for complete details. This is security at its worst. Good job, q link wireless, keep up the great work.

Comments (0)

I love good news, Kansas man indicted in connection with 2019 hack at water utility

I love covering articles like this, especially when charges are filed.

A U.S. grand jury has indicted a 22-year-old man for allegedly hacking the computer system of a rural water utility in Kansas and shutting down processes
that affect procedures for cleaning and disinfecting water.

Angela Naegele, a customer service specialist at the water utility who answered the phone Thursday, said the 2019 incident had no impact on customers’ drinking water. The utility continuously monitors its water quality and safety, Naegele added.

The indictment did not specify whether Travnichek allegedy circumvented any security controls in his alleged break-in. Prosecutors cited the Safe Drinking Water Act, a 1974 law that mandates contamination-free standards for U.S. water systems, in bringing the charges.  

There’s definitely more here including:

Travnichek’s indictment comes two months after another high profile digital intrusion into a water treatment facility near Tampa, Florida. In that incident,
an unidentified hacker used a remote software program to breach the facility’s computer system, and temporarily changed the plant’s sodium hydroxide setting to a potentially dangerous level, according to local authorities.  A plant operator noticed and reversed the change.

This is critical infrastructure we’re dealing with, and people like this guy just don’t care.I’m glad he’s been picked up and charged.

For complete details: Kansas man indicted in connection with 2019 hack at water utility is what you need to read, and enjoy.

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu