go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

Finally got to read this one: ISP’s charge too much, and I agree with this article linked

Hello folks,

Michael in Tennessee sent me this article titled ISPs claim broadband prices aren’t too high—Biden admin isn’t buying it from Ars Technica.

My story is this. While I started at my current location at $50 for the first year, I now pay $63 for the same service. I’ve not bothered to change because the cable companies want to charge me $5 just for WIFI. What I get includes WIFI, and I have stuff connected already so there isn’t any reason for the moment to change.

I’m going on my third year at this location, and when I saw that AT&T charged me $63 I called to ask. I never get a bill notification, so I don’t know when the bill is ready. The rep said that the price went up $3.

After my first year, the price went from $50 to $60. That’s now $13 higher in two years. Its definitely gone up, and I hope it doesn’t go up much more, or I’ll have to tell them I can get it cheaper. Even paying the $49.95 is cheaper, but they advertise at $44.95 plus $5 for WIFI. That turned me off.

I think this article should be read, it is definitely worth the discussion. How much has your internet gone up since you started paying for it? Let’s discuss!

Comments (0)

One hacking tool, trickbot, was built on old malware code

We know that Trickbot, the pervasive malware that targeted tons of different agencies for many years is probably now among the dying as its code writer is probably done for, thanks to a recent arrest we covered as part of last week’s notes and also covered on the blog.

Today’s article is entitled: Trickbot indictment demonstrates how one hacking tool built on older malware which comes from Cyberscoop.

The story starts with a film company who was affiliated with scammers who built Trickbot indictment demonstrates how one hacking tool built on older malware. This is the first time I’ve heard of Trickbot indictment demonstrates how one hacking tool built on older malware, but we do know that Trend Micro and other publications covered Trickbot like their life depended on it.

I would too, if the malware was built in such a way that it caused lots of havoc, and I may have covered my thoughts on some of the articles in the past. You can search the blog, and see if we have or not, that’s the beauty of having a blog, isn’t it?

According to the article, Dyre perpetrators were never formally charged, but this article says that Dyre was a banking trojan. This means that it waited for you to go to your bank site and then stole your credentials as you entered them in to the official site. Crooks then went in using your credentials and cleaned you out. The bank said that it was authorized because it was authenticated, even though it was not you.

Getting your money back in these instances was hard, because the bank saw your account logged in, and it was their word verses yours.

After Dyre supposedly died, Trickbot was born, and it pretty much did the same thing.

The episode exemplifies how cybercriminal groups can evolve and, drawing on old hacking tools, haunt U.S. organizations for years to come. And, as Joe Biden prepares to press Vladimir Putin on Russia-based ransomware gangs, the Dyre-TrickBot evolution offers another example of the long tail of lax law enforcement in Russia.

While I see and understand the president of Russia’s position, the fact is, the actors who are supposedly in Russia are violating the law elsewhere, and Russia must help out to apprehend these actors to show that “crime does not pay.” The fact is, Russia is relaxed, there aren’t laws broken there so we don’t care if they cause millions of dollars in damage elsewhere, it isn’t our problem. That’s what they are saying, and I don’t need to put that in quotes because it can be left up for interpretation.

There are lots of links within this article, so please feel free to go and read this if you’re interested in the story behind this massive piece of malware which is more than likely done now.

Again, the article is titled Trickbot indictment demonstrates how one hacking tool built on older malware so feel free to comment on this one for any podcast you wish, or even discuss it on the blog. The boards await you!

Comments (0)

This week in security news, news ending June 11, 2021

There’s lots in the news this week, and lots dealing with the Ransomware issue that we all need to be aware of.

Just in the list by Trend Micro alone for their digest, there are a lot of news stories dealing with Ransomware and with great reason. It is now one of the biggest problems besides Phishing that we have to deal with. Makes administrators jobs quite difficult, especially when some may not have seen these types of things.

I’d love to see what an email looks like that would contain ransomware without the ransomware of course.

In no way am I asking people to send it to me, because our systems could block it which is good, but I do want to see what it looks like so I can be aware of what to look for as a user, and a teacher.

This Week in Security News June 11, 2021 has the list of articles they have collected, and we’ll be posting stuff we’ve found that will make it in to news notes for our next technology podcast, program 48 of the Security Box.

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Trend Micro’s forward look into the lasting impact of COVID-19 on security. Also, read expert opinions on how banning ransomware payments might create new crises.

We have a webinar from the folks at Sans that asks the question. I’ve not heard it yet, but I did tape it. This aught to get interesting on where I put this program once I hear it. I believe it should be heard.

Comments (0)

We’re now running on full SSL redirect, here’s what I’ve found

Michael in Indiana has asked us why we are not running on “forced redirect to SSL” and I honestly thought that our control panel provider cpanel was to do it for us.

Honestly, I think they’re right, giving us the choice on whether we want it or not. The bad news is that my testing shows that it now comes from my server’s IP when we receive forms now, protecting your IP which may not be a bad thing. I think though it is my provider making a change and not an SSL issue because of the fact that one site is not SSL protected yet.

Searching Google for SSL and redirecting web sites popped up this cpanel video which was very well described by the person who made it. I’ve turned on SSL redirect for MENVI, this site, jaredrimer.net and the mix so far.

Once I fix one of my other domains, I’ll be testing this to determine whether I can still utalize the domain for that purpose, or if I need to include other instructions.

I want to pass this along to people so they are made aware of this in case they don’t already.

Thanks Cpanel for giving us the opportunity on following guidelines that are best practices today. You guys are awesome!

Comments (0)

Its time for patch Tuesday, 50 vulnerabilities this month and some good news to share this time

Hello folks and welcome to patch tuesday week and I think we’ve got some excellent news coming out of Redman this week.

First, Krebs and Trend Micro are both reporting that Internet Explorer will be retiring this month on June 15th. If you’re still using IE, its time to change, because now it won’t be supported any longer.

More good news is that we only have 50 patches across the variety of Microsoft software to fix, 6 of which are being exploited now, and several reported through the ZDI program.

CVE-2021-31985 and CVE-2021-31978 were the two vulnerabilities reported, at least one affect Defender.

Want to read the entire article of whats new? There are two to choose from, so please pick the one you want.

Want to comment? Feel free.

Comments (0)

The Security box, podcast 47: Security is our theme with lots of stuff in regards to it

Download TSB047_2021-06-09.mp3 from SendSpace

Above is the link to today’s program which we started a little earlier than usual to account to taking an appointment today which worked out for me. While we had no comments, that is OK, you’re welcome to contact me any time.The file is 89.1mb.

Here are the show notes for everyone to read, with links to the stuff we covered.

See you next week!

Welcome to the security box, podcast 47. On this podcast, we’re going to talk about Security. A video which I found on Ted Talk’s youtube channel will lead this discussion. We’re also going to talk about an article from Lastpass talking about protecting your business from data breach trends. It talks about something we’ve talked about, supply chain attacks. Speaking of supply chain attacks, Jennifer talks about our top story from our show notes, and we’ll address any concerns from that as well. We’ll have news, notes, questions, comments and more. Want to leave a message by phone? Call 602-887-5198 to do so. Thanks so much for listening!


News Notes

  • FBI blames REvil gang for JBS ransomware hack as global meat supplier gets back to work Cyberscoop
  • Fujifilm shuts down computer systems following apparent ransomware intrusion Cyberscoop
  • Vulnerability in VMware product has severity rating of 9.8 out of 10 Ars Technica
  • Q1 2021 Threat Trends & Intelligence Report Phishlabs
  • Q1 2021 Threat Trends & Intelligence Report Phishlabs
  • Latvian national charged with writing notorious Trickbot malware
  • Tokyo Olympics organizers’ data swept up in Fujitsu hack: report Cyberscoop
  • SIM swapping victim alleges T-Mobile failed to stop $20,000 cryptocurrency scam Cyberscoop
  • Comments (0)

    Don’t Click! This definitely looks like a scam, asking for credit card or payment info

    Check this one out. The blog will put the URL as a clickable link, don’t click or press enter on the link.

    Are you kidding me? I clicked to look and it asks for a name and payment information such as credit card or debit card. This has got to be a scam. The fact they’re sending it from one of my network’s IP addresses is full of it too. I contacted the provider about it, but they were asking about what code I was running and whether I have captcha which I don’t. I tried to implement one, but it didn’t go far.

    Here you all go. Don’t click! They used HTML and the blog will put it in a clickable link.

    Below is the result of your feedback form. It was submitted by () on Wednesday, June 09, 2021 at 18:43:35

    Name: Marcoplusa
    phone: 89457248477
    contact_method: both E-mail and phone
    bug: no
    additional_bug_info: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
    Detail: Official bank site/url] Official bank site Official bank site
    comment_or_question: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
    Detail: Official bank site/url] Official bank site Official bank site

    submit: Submit comment or question to the Jared Rimer Network

    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Edg/83.0.478.37

    Comments (0)

    podcasts and rss

    This started with me upgrading my brouser from old waterfox which has had issues lately back to firefox.
    I descovered that in chromium and firefox rss just didn’t work at all.
    Currently there are several options.
    1. install or get a portable version of waterfox 20.08 or firefox below version 64 so firefox 52 will work.
    If you use all windows from windows xp through to 8 of course you can use internet explorer.
    The issue is of course that microsoft is retiring internet explorer next year so no dice with that.
    We will cover the addons I use.
    Note, this does not cover rss feeds for subscription.
    If you have chrome you may use this.
    or this
    Just add to chrome as you would an extention by selecting add to chrome and the add to chrome button that will pop up then close and reopen your rss.
    This is shoyu rss and atom preview.
    pronounced show you rss and atom preview.
    The link is this.

    A note to this addon.
    After adding this in chrome/edge /brave/ whatever other rss you have, your feed will open in a new tab.
    When you close the tab it will have a spare window which you must close.
    I don’t know why that does that but it works.
    For firefox
    go to addons.mozilla.org and search for rss then I want my rss.
    Link is
    I want my rss does what it says, it will actually display the rss as you are used to in the same window and it will work.
    To add an extention to firefox, select add to firefox link somewhere on the page, under the addon heading then hit alt a several times till a checkbox for private windows appears, check or uncheck as you want then hit ok then close and reopen.
    Small note.
    These are not rss apps, this tutorial doesn’t cover rss readers, news agrogaters, or podcatchers.
    This is to simply restore the lost functionality for reviewing feeds.
    I don’t subscribe to feeds or casts rather I download indevidual files.
    In the case of chromium this will render the rss feed as a standard webpage and not a pile of junk.
    With firefox you won’t be needing to download and save the rss file or anything like that.
    To be honest I don’t understand why the removal but oh well thats progress I guess.

    On the subject of articles, I have been reading a lot of them over the week.
    Like a lot of places the local hospital or rather one of the country’s hhealth services got ransommwared.
    The person that got this on their system clicked a link in an email.
    We can assume this person was probably expecting something rather than being dumb and clicked in error because this trick is old as the hills.
    Systems are still being restored but its not that easy.

    In other news using an app and taking down encripted networks, the fbi was able to arrest several gangsters and bust several gangs world wide which is a win.
    Sadly, as is the case, there is probably another attack vector out there.
    No panic just yet but now the fbi has an app to handle the encripted networks, it means that everyone’s network could potentially be gotten into.
    The method or rather idea is now live and the fbi can’t really stop someone else using the same concept to get control of who knows what.
    Last night a glitch appears to have caused a lot of the net to shut down for an hour due to an issue with a large cloud previder though they are not saying anything.

    I will continue to read things.
    Please note, when adding posts the latest wordpress puts it in a category called general updates and announcements.
    Please uncheck this because if you don’t the post will not appear at all.
    On another small note if you are a sighted reader please check if the mobile view works, I did doodle with the theme today and it looks ok but either wordpress or the current theme we have.
    Currently there are reports of small letters and elements to close, though there was another issue last year.
    I assume it just works but oh well.

    Please note if you notice doubled letters my keyboard probably needs cleaning.
    I havn’t done it yet but its something I need to try to actually do.

    Comments (0)

    WWDC was yesterday

    Yesterday, I caught the last hour of the WWDC coverage. Partially, I forgot, but then I remembered a webinar I wanted to attend which I taped to listen to as I got in to other things instead of listening to that.

    Applevis has the coverage in a great blog post called Summary of Apple’s 2021 Worldwide Developers Conference Keynote Presentation and I hope it is of value to you.

    If you watched it, what did you find of interest?

    Comments (0)

    Russia wants you to have a random number generator installed to have secure communication

    I think I’m going to file this under the “I can’t believe I read this crap” department.

    I honestly think its time that we figure how to block out Russia after reading today’s Krebs article entitled Adventures in Contacting the Russian FSB which I just found absolutely appalling.

    Its common practice now to find a majority of web sites under the secure protocol known as https. As discussed with someone who works at Los Angeles Metro that I work with, I talked with him about the Q1 2021 Threat Trends & Intelligence Report which we’ll be talking about on this podcast coming up.

    With that report out of the way, and the article from Krebs, I wonder what you think? Russia basically wants you to install a generator which they say to remove once you’re done, and this is the only way to communicate with them directly securely. According to Brian, they also now have a TOR version of their site which doesn’t have you download anything, and this is supposed to be the government.

    Visit the FSB’s website and you might notice its web address starts with http:// instead of https://, meaning the site is not using an encryption certificate. In practical terms, any information shared between the visitor and the website is sent in plain text and will be visible to anyone who has access to that

    There’s tons of linked stuff here but this has got to be the most interesting article I’ve read in quite awhile. Not that I find articles I read boring, because I subscribe to the source, but this one has got to be quite interesting. Guess I won’t be contacting Russian authorities for anything if I ever needed to. What a joke!

    Comments (0)

    Tech podcast 360: The Anatomy of an attack

    Its been some time since we’ve released a tech podcast, but its time.

    Here is the 66.6mb file for you to get if you don’t want rss.

    I hope to bring more podcasts out, I really need to do it. Here are the show notes for you to read.

    The Anatomy of an attack has been around for quite awhile. I think its within the last couple of years, and I think it is quite important now more than ever. I talk about what has happened with our staple of the box, and how it was an inbound call that started it, but thats not traditionally the case. Listen to this hour long webinar and let’s talk.

    Comments (0)

    The Zero Day Initiative wins top dog again

    I’m not sure if we’ve covered this, but in case we didn’t, Trend Micro has an article about their accomplishment of winning the vulnerability disclosures again. The article is titled ZDI Tops Omdia Vulnerability Disclosures Again and it was an interesting find.

    Of 11 vendors, ZDI disclosed 60.5% of the bugs in 2020. This continued leadership has ensured our customers have the best vulnerability research in the industry backing them up against the use of exploits in attacks coming from malicious actors.

    This is important, as this forces companies to fix their software, and 65 percent is pretty good.

    Digging deeper into the reported vulnerabilities, the ZDI bug bounty program also disclosed the most vulnerabilities in every severity level, critical, high, medium and low.

    This means that venders should be fixing them, even though some may not be so bad. With Trend Micro being the leader in this field to date, they’ve got the knowledge to get stuff done.

    The article goes in to a bunch of detail on what was found in the report, so check it out.

    Comments (0)

    A rerelease of podcast 43 show notes

    I meant to do this awhile ago, but I found an error where Sans News Bites included all of the rest of the news. I intended to have multiple covered, but put news in the wrong place.

    This is what I intended to do with the notes. Search the blog for podcast 43 of the security box for a downloadable link or go to the rss feed to get your copy.

    Here are the corrected notes.

    Welcome to the Security box, podcast 43. On this edition of the podcast, we’ve got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We’ll have news, notes, your questions comments and any catch up from any older podcasts.



    Sans News Bites

    Other News

    We hope you enjoy the program as much as we have bringing it together for you. See you next week!

    Comments (0)

    A rerelease of podcast 41’s show notes for the security box

    Hello folks,

    For some reason, I’ve decided to go through podcasts and finding slight errors in the show notes. This time, I found it in news notes where I didn’t put the proper list tag on one of the items.

    If you need a link to download, you can search the blog, or go to the rss feed to pick up a copy.

    Here are those corrected show notes.

    Welcome to the Security Box, podcast 41. On this edition of the podcast, we’re going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We’ll have news, notes and more.


    Both of these articles are from Krebs on Security and while they’re a bit old, you can’t deny that it is worth talking about. Company aught to be ashamed of themselves.

    A bit of sad news:

    🙁 Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years.
    Security Now! researchers know of Dan’s discovery of a critical weakness in the DNS servers at the time.
    He will be missed.

    News Notes

    Comments (0)

    A new BARD express is out

    In the better late than never department, although I’m not too far late.

    This should already be out already, go to BARD for the link. I have forgotten about this address for email lists, I’m not way too late for it though.

    BARD Express will be released the week of May 31st. This version will be supported by Windows 8.1 through 10.X operating systems. Screen readers supporting this latest update of BARD Express are JAWS for Windows 2018 to the most current version and NVDA 2017.1 to the most current version.


    • Within the Installation Type section, Private is now the default choice, and Public is the second choice, which will help keep users from mistakenly installing BARD Express on a shared
    • computer.

    • The font size of the Getting Started guide has been increased to 16 point for better viewing.
    • The Previous Downloads list can now be organized by Type, Subject, or Author, just like the Bookshelf.
    • Previous Downloads, Recently Added, and Most Popular Downloads will now display 100 titles at a time by default.
    • The keyboard shortcut Control + S can now be used to quickly navigate to the Search Field from within Search, the Book Details screen, or from anywhere within BARD Express (excluding the
    • menu bar).

    • All shortcut key combinations will be spoken by the screen reader and will be shown on braille displays. Focus now lands on the first book or magazine title in both the Bookshelf and Wish
    • List.

    • The Okay button is now the default action any time the Enter key is pressed from within the Library Information dialog.
    • A Cancel button has been created to enable a search to be canceled from within the Search menu. Pressing the Escape key will also cancel a search.
    • The Author label is now announced when a user tabs through the Book Details. If a user clicks on the name of an author, BARD Express will bring up a list of books on BARD by that author.
    • While in the Filter utility, a user can tap the letter S to jump directly into the Subject List.
    • Preferences that have been changed by users will carry over to newer versions of BARD Express when updating via the auto-updater.
    • Verbosity is reduced when NVDA speaks the status of checkboxes. NVDA now says, “Checkbox checked,” if a user has upgraded the screen reader to version 2020.4.
    • Screen readers now speak a notification when switching between Standard and Advanced modes when using the keyboard command Control+L.

    Bug fixes:

    • JAWS now correctly reports the status of the radio buttons in the Filter utility when first letter navigation is used to move from All to Fiction and Nonfiction.
    • Subscription status is now correctly reported by screen readers in Browse by Series and in Browse Magazines.

    This should be found on NLS’s BARD page when you log in, or through its auto updater. Since I don’t use it, I don’t know how to access it, but check its menus. The email came from the BARD support list which I’m a member.

    Comments (0)

    Are you a T-mobile customer? Better read this one

    So, the article title I used asks a simple question. Are you a T-mobile customer? I know of at least one, and I’m sure I’ll either get comments on the blog, whats app, or the comment line at 602-887-5198. Looks like their security is lax, as we learn about an article titled SIM swapping victim alleges T-Mobile failed to stop $20,000 cryptocurrency scam which came from Cyberscoop.

    A woman noticed her phone stopped working back in 2020, and it was later found out that T-mobile customer service was tricked on changing the control of the account to an unknown fraudster. The fraudster then got access to their coinbase account, and drained $20,000 in crypto currency. There’s more to the story including links to articles and the like. Better give this a read if you’re at this company.

    Comments (0)

    We’ve got an arrest on the trickbot malware

    Hello folks,

    I did some reading today and saw that we have an arrest of a Latvian national who is charged with writing the Trickbot malware botnet.

    We know that this malware was very prolific and caused a lot of havoc through the years. I’m so happy to see this news, I could just copy the article and post it as mine, except that it is not my article so I can’t do that.

    The article comes from Cyberscoop and it was posted on the 4th.

    What I think I’ll do is quote the first two paragraphs of this article which gives a little bit of what the malware is, who was arrested, and a little bit about the suspect. This is awesome news!

    U.S. prosecutors have charged a 55-year-old Latvian national with helping develop the infamous malicious software known as TrickBot, which has defrauded
    countless people while infecting tens of millions of computers worldwide.

    The defendant, known as Alla Witte, was arraigned in a federal court in Cleveland on Friday after being arrested in Miami in February, the Justice Department said. She is accused of being part of a criminal organization that operated in Russia, Belarus, Ukraine and Suriname, and which infected the computers of hospitals, schools, public utilities and government agencies in the U.S.

    The article has linked material as well, but it goes in to a lot more detail on what the suspect wrote, and describes Trickbot and what it was used for. I’ve covered a lot of this through Trend Micro’s coverage, and they don’t have this.

    One paragraph says:

    Witte is charged with 19 criminal counts, including with conspiracy to commit computer fraud and aggravated identify theft.

    This is the most important part of the article which I can’t leave out.

    Want to read the entire article? Here it is. Latvian national charged with writing notorious Trickbot malware is its title, and enjoy this great news!

    Comments (0)

    This week in Security news, news ending June 4, 2021

    Trend Micro has their news of the week out, and as usual, they archived an article dealing with the meat company JBS.

    Besides that, they covered Dark Side, the actors who were blamed for the attack on the colonial pipeline.

    There is even an article about a report and 5g infrastructure and problems that could arrise from that.

    There’s plenty more, so go on over and read it if you want. Let me know what intrests you!

    Comments (0)

    Attack on meat supplier came from REvil, ransomware’s most cutthroat gang

    Michael in Tennessee sent me this one. It covers REevil more in detail and covers some of its past. If you haven’t been aware of who they are, you should take a look at this one.

    Criminals use high-pressure tactics to extort victims.

    Source: Attack on meat supplier came from REvil, ransomware’s most cutthroat gang

    Comments (0)

    Think we have password problems? Lastpass says they’re only the beginning

    Lastpass runs through some research that was done by Spycloud, and I guess I can say that I’m not surprised by the result.

    Headings within the article include:

    • 2020 introduced dangerous data breach trends 
    • Risky password behavior made businesses vulnerable in 2020 
    • Hashing algorithms can protect PII data, but they have limitations 
    • A business password manager helps businesses reduce cybersecurity risk 
    • Protect your business from these data breach trends with strong password management 

    I guess the biggest think you shouldn’t be surprised about is the password. One of the paragraphs we’re going to really highlight in the discussion for the next podcast should probably not be much of a shock to my readers if you’ve read things similar before.

    Sometimes employees used weak passwords that are incredibly easy to guess or crack. According to Spycloud’s research, the password ‘123456789? was found
    over 3.6 million times in data breaches. Another popular password, unfortunately, was “password” itself. It showed up 1.2 million times. 

    Are you surprised by this set of numbers? Has it gone down maybe? You be the judge. Are you using such passwords?

    These password trends should serve as a warning to businesses. The average person, if exposed just once, will ultimately be included in eight to ten breaches, three to four of which could take place within a given year. An employee could easily put business data at risk by re-using passwords across multiple accounts, including their work accounts. Case in point: 
    150,000 security cameras at a Silicon Valley security company were hacked earlier this year because a single password was compromised. 

    There’s plenty more in this article, do feel free to click through and read this one.

    Comments (0)

    Older Posts »

    go to sections menu

    navigation menu

    go to sections menu