The Technology blog and podcast

Phishing web sites are now 3 quarters SSL certificated: any hope?

In no surprise to anyone in this business, Phishlabs has an article talking about the fact that we are now over 3 quarters SSL certificated when it comes to phishing web sites. This means that we can’t rely on the https as part of the URL, like https://www.jaredrimer.net for example.

Usually you can tell it is a phishing site because the domain will not make much sense, like https://www.abmifnt.com for example, or have really long and lengthy URLS that you aren’t expecting to go to.

Some of these phishing sites use short cut services like the one I talked about at one point called cutt.us. Like any service, actors abuse them to get their wares out, and they don’t stop at anything to try and trick each and every one of us in some way or another. If we aren’t careful, we can get bit.

Since 2015, PhishLabs has and continues to track how threat actors abuse HTTPS or SSL certs. In particular, threat actors often use HTTPS on their phishing
sites to add a layer of legitimacy, better mimic the target site in question, and reduce being flagged or blocked from some browsers. 

Last year, threat actors hit a significant milestone in this usage when more than 50% of phishing sites included an SSL certificate. Now, just six months
later, our data suggests that nearly three-fourths of all phishing sites, specifically 74%, now abuse HTTPS.

Just sit there and think about this. 74 percent of sites now use HTTPS and its expected to grow. Because of the stay at home orders, and COVID-19 cases now rising once again across the country, we’re still not done. According to the last paragraph, it says:

Previously, the majority of phishing sites have been on non-free domains. In the past year however, we have seen a year-over-year increase in the use of
free domains. Rather than a threat actor having to access a compromised site or purchase a domain, they can more quickly mobilize their phishing attacks
with a free option.

To read the full article, please feel free to visit Phishlabs and read Abuse of HTTPS on Nearly Three-Fourths of all Phishing Sites by Elliot Volkman for the full details. This can’t be good, and it’ll be a matter of time before we find that all sites will be secured and we have no hope. Thoughts?

Comments (0)

2.95 billion people using social media soon if not already, impersinators taking advantage of brands

According to an article I’ll be linking to, 2.95 billion people are now to be estimated to be on social media. This is quite a large amount of people! It includes possibly every reader that has ever come across this blog, whether they subscribe for updates, a casual reader, an RSS reader, or may find something via search and want us to link to other resources related to that post. Thats quite a lot of people, and actors know this.

While I’m an individual user, with no business name except for my dad’s business name, I don’t have social media for that because I was not asked to do that. But I do have other social media including my own, White Cane Travel, 986 the mix, and the newly created account for Braille2000 LLC. I created the account based on the aspect that I’d be able to assist users of the talking edition via email, social media, or even sms/imessage if people want that.

These other accounts we really need to be careful on, even though the mix is a hobby, Braille2000 is a legitimate business headquartered in Nebraska in the United States. We’ve got a whole category dedicated to the work I’ve done with Braille2000 to help blind transcribers and future blind transcribers like me to do spot checking and correcting based on our knowledge on the rules of the braille code.

I’ve been also thinking about this during my downtime of my up and down days as of late, and while this article may be a little dated, it isn’t so dated. None of the articles I’ll be covering are really outdated, only within the last month or so. Its not going to make or break anything by talking about these after much thought, and I’m ok with that.

While most individuals have been taught to identify suspicious or even malicious content presented via email, threat actors know that when it comes to
social media that is simply not the case. Criminals that use social media to abuse an organization have broad access to an audience focused on socializing
and sharing information, not analyzing Twitter handles or Instagram pages for inaccurate data. These vulnerabilities are appealing to the bad guys and
make it easier to convince the victim that the doctored or unauthorized logo they are looking at is in fact, real. That, along with the level of anonymity
that social media possesses, allows for an easy and well-distributed scam. 

I know that Braille2000 has a logo on its home page, but we do not have a logo on its social media page. The correct twitter account is linked here on this post, and is also linked on the Braille2000 done as a blind person web page that I developed with Bob’s blessing.

They walk through some sample screen shots and explain what they are. This is only the beginning, lets continue to watch what this will do in the future.

Threat Actors Impersonate Brands on Social Media for Malicious Purposes by Jessica Ellis is the linked article I took that paragraph from, and do read it, I thought it was a very interesting read. Make it a great day!

Comments (0)

Data Leaking, how big of a problem is it?

I’m sure that data has been leaking in some form or another for quite awhile depending on the platform, bugs found, and other factors. According to an article, Twitter and other social media platforms are leaking data that could be sensitive in nature including credit cards, pins, and more.

Phishlabs really covers this well, because when we think of data leak, we think of people underground using services that we don’t have to sell the data mentioned in the first paragraph. According to one paragraph, it says:

The damage to an organization experiencing a data leak on social media can manifest in various ways. Regardless of the nature of what is leaked, as well
as the extent, the bad publicity surrounding the event can have a long-lasting impact. Without a solid reputation that customers feel they can trust, loss
of business and a decline in profit is inevitable. 

According to 2019 numbers, data problems will increase 27.9 percent in the next two years, and now that we’re practically at home, this could be a problem.

There are also expenses that are incurred by data breaches including legal, investigating the matter, and proactive steps to mitigate the problem are just a few items that could hamper a business.

In the article, there are photos of posts both on twitter and facebook of potential leaks. Do you want to read more? Head over to Phishlabs, and read Data Leakage on Social Media: Credit Card Info, Confidential Docs by Jessica Ellis. I think its a great read, and you will want to check it out as the pandemic continues.

Comments (0)

Netwalker strikes and the gang gets paid big

Time and time again, we see institutions and other places of work get targeted in some sort of attack. This time, one of the Universities gets hit in an attack that they then pay 1.14 million dollars to get back data that was encrypted. Backing up a large network is hard, I completely understand that. I’m wondering if it is time for businesses, schools, hospitals, and the like to invest in off site backup solutions so they can recover? I honestly wonder how much it would cost to backup a large network like a school? University of California San Francisco Pays $1 Million to Ransomware Operators after June 1 Attack is the article, and it won’t be the last.

Comments (0)

Online Banking, its been in my thoughts for awhile now

How Secure are you from Online Threats?

This article is not that old, and it has been crossing my mind in the past few days while I’ve been having some phuysical issues going on in my life. While I’m feeling better, I know that other people may not be feeling that great, and we all are pushing through this difficult time in a very crazy year.

One of the things that have not taken a break is the relentless offerings of online stores when you search for specific items like online banking apps. This is not just a problem searching for online banking apps however, but the article I’m talking about does talk about the continued threats out there in relation to the banking apps.

The article comes to us by Phishlabs, the experts in Phishing who have been around a long time now, and we’ve published and talked about many of their articles as of late.

The article is entitled FBI Warns of Growing Mobile Banking App Threats and while it is not that old, it does bring up the reminder that we need to always pass along to new readers coming to the blog.

One big thing you can do to stay away from the bad online banking apps is to search for your specific bank app, or ask your branch to send you a link to the app that corresponds to your operating system. For example, if I were new to the Iphone today and I was a Chase Bank customer, I may ask my Chase Bank rep to have a link sent to my email to the app for the Iphone. I could search Chase Bank in the app store, but there may be other apps that have Chase Bank in their name, and if I were new, I wouldn’t know which app to get. This is because the app may not be developed by Chase Bank, it may be developed by someone who has access to the interface to make it work, but may not work at the bank and its many branches themselves.

Sometimes, when people tell me about an app, I will ask for a link, so I make sure I get the right one. When searching for something to replace the older app for tracking parcels, I carefully looked at each particular item that caught my attention to determine if it would meet my needs. I read the descriptions to determine what it was. Now, you can say: “These apps that claim to be Chase Bank (or enter bank name here) say that it connects to your account and does bank transfers, bill payments, account balance, and the like.”

Sure, you’ve got a case, but I try to look at whether it has the name of the bank if it was a banking app, or a developer name that would be a typical name. of a person. Looking at reviews helps, but I wouldn’t necessarily rely on reviews, as some people do write negative reviews and trash the company or people behind it. They can be a sign that you’ve stumbled on a bad app however, so I would use this as a guide to help you, not just the only thing out there.

There are two types of app-based threats to be cautious of, the first being banking trojans disguised as common apps such as games or tools. These mobile
banking trojans are designed to lay dormant until the user’s legitimate banking app is launched. At that point, these trojans overlay the real banking
app with a fake login screen that steals credentials. The trojan transfers the user to the legitimate banking app after the username and password have
been entered so that they are not alerted to the scam
 
The second type of mobile banking threat consists of apps that impersonate real financial institutions. These fraudulent applications are widely available
in official and unofficial app stores, with the FBI’s report noting 65,000 have been detected in 2018 alone. If downloaded, these apps act as a legitimate
login page only to steal the user’s credentials and obtain security codes texted to the mobile device. 

This is why I say that we should utalize everything we have which includes the app descriptions, possible reviews, and even who is developing the app. Maybe the banking apps have their name on it instead of the developer themselves. For example, if I were using Chase Bank, I’d look to see if Chase Bank is named as the developer. The official apps are also listed on the web site of the banking institution, so look there to see if there is a link to it on the web site.

Have you been bitten by this problem, and how did you deal with it? Let’s discuss this and let’s see what strategies you use! I look forward in hearing from you. Remember, if 2018 only had 65,000 apps, what did 2019 have? It could be much higher than these numbers, and this year may be higher with the stay at home orders and the use of online banking because branches have limited hours. Don’t be fooled!

I’m going to leave you with one paragraph near the end of the article.

According to the FBI, more than 75% of Americans used mobile banking apps in some form in 2019. With new factors such as the pandemic moving the population
to socially distance rather than interact physically with their financial institutions, that number will only rise. Enterprises need to be proactive in
their efforts to monitor for these threats and have procedures in place to efficiently identify and action those that are malicious.

Comments (0)

WWDC, it went virtual, and a lot is out there

As I’ve stated, I’m trying to catch up on blog posting, and the recent news has been on WWDC, Apple’s June event. While i taped a podcast with Blind Bargains, they were delayed with WWDC and its big this year.

First, I went to see what Apple Vis had on the topic. Not disappointing me, they did, and it is very detailed. WWDC 2020: New Software and Fresh Chips is the blog post and mehgcap, the author of the blog, did a great job on this one. It is very detailed, and hey! I really like the idea of the car key idea. We won’t be using it, but I happen to agree that it is a cool feature! We’ll have to see how it works in practice.

Next, Blind Bargains has two items that is of value. They cover some voice over specific IOS stuff in their blog post entitled #WWDC: VoiceOver Gains New Image Description Capabilities among other Changes. Their other item is Blind Bargains Qast 211: WWDC Goes 2 11. While I was penciled in for 211, Its OK to be put off as this event is a big event and the podcast linked here has tons of links to various other pages around the web that might be of interest.

I hope this is of value to you, and thanks so much for reading the blog!

Comments (0)

Jaws, June 2020

Its been awhile since I’ve been blogging, and I hope to change this. The following is a blog post talking about the new updates to Jaws and the section we take from is from the June 2020 section of the web page. For complete details, go to the what’s new in Jaws Screen Reading web page where you can check out what is new in 2020 and get incremental updates like this one, April, and other updates that you may have missed.

Enhancements in JAWS 2020.2006.12 (June 2020)

The following is a list of improvements made between the April 2020 release and the June 2020 update.
To download the latest release, visit the Downloads web page.
You must be logged on as an administrator to install this software.

Updated Braille and Text Viewers

For many years, the JAWS Braille Viewer has been a very helpful tool for visually displaying on screen, the textual representation of exactly what JAWS
is outputting on a refreshable braille display. This is very useful for sighted instructors, script writers, and testers who do not read braille or have
limited or no access to an actual braille device. The Braille Viewer represents the number of cells on the currently connected braille display. For example,
if a Focus 80 or Focus 14 is connected, you will see 80 or 14 cells on the screen. If a physical display is not in use, the Braille Viewer will represent
a 40 cell display including status cells.
In JAWS and Fusion 2020, we have made several much needed updates including improved support for displaying contracted braille, the ability to show braille
text as well as the actual braille dot patterns, and a visual connection so a sighted person can see which dot patterns are used to represent characters
and words. We have also added Layered keystrokes to simulate display panning which will really benefit sighted script writers.
To activate the Braille Viewer, navigate to the Utilities menu in the JAWS main window, open the Braille and Text Viewer submenu, and select Enable Braille
Viewer. You can also now press the new layered command INSERT+SPACEBAR, followed by V, and then B to toggle the Braille Viewer on or off. The following
braille navigation commands are also available after pressing INSERT+SPACEBAR, V:

• Pan left: LEFT ARROW
• Pan right: RIGHT ARROW
• Prior line: UP ARROW
• Next line: DOWN ARROW

The popular Text Viewer utility has also been brought over to JAWS and Fusion. This will be a welcome addition especially for those who previously used
MAGic.
The Text Viewer displays a continuous line of text across the top or bottom of your screen. It provides clarity and ease of reading by allowing you to
work in a live application while referencing normalized text in the Text Viewer window. You control the text formatting (font styles and colors) that displays
in the window so that it is easier for you to read documents, e-mails, Web pages, and more. This is very useful when you encounter text that is difficult
to read because of its formatting, varying sized text, and contrasting colors used in the application.
The text shown in the Text Viewer window follows your navigation within Windows. For example, if the cursor is moved, the text at the cursor position displays
in the Text Viewer window. Likewise, if you navigate with the mouse, the text that comes in contact with the mouse displays in the Text Viewer window.
When used in Fusion, Text Viewer eliminates the need to adjust the magnification level of the screen when trying to follow along with what Fusion is reading.
This is especially helpful when reading with Say All (INSERT+DOWN ARROW).
To activate the Text Viewer, go to the Utilities menu in the JAWS main window, open the Braille and Text Viewer submenu, and select Enable Text Viewer.
You can also press the new layered command INSERT+SPACEBAR, followed by V, and then T to toggle the Text Viewer on or off. The Text Viewer also provides
easy right and left line panning keystrokes. After pressing INSERT+SPACEBAR, V to enter the Braille and Text Viewer layer, press CTRL+RIGHT ARROW or CTRL+LEFT
ARROW.
The Braille Viewer/Text Viewer is a visual only option and the PC focus does not move to this window. Once activated, it will automatically start whenever
JAWS or Fusion is restarted. The Braille and Text Viewer window resizes your application windows to avoid covering anything someone may need to work with,
and when closed, the windows go back to full screen. You can place the windows on the top or bottom of the screen as well as customize the font, point
size, and the background and foreground colors for displayed text. The Braille and Text Viewer even works in a multiple monitor setup. To configure these
options, go to the Utilities menu in the JAWS main window, open the Braille and Text Viewer submenu, and select Settings.
Note: Fusion must be running in Full Window Mode in order to use the Braille and Text Viewer. If a user switches to Lens or Split View while the Braille
or Text viewer is active, it will be suspended until you return to Full Window magnification.

New Option to Keep Wireless Speakers and Sound Cards from Clipping Speech When JAWS or Fusion Begins Speaking

Many modern Bluetooth headphones and speakers as well as some onboard sound cards shut down when no audio is received in order to conserve battery. JAWS
now includes a new option, which when enabled, keeps these devices awake by constantly playing silence. You will not hear anything, but your device will
remain active, resulting in more consistent speech. To enable this feature, open Settings Center (INSERT+6) on the number row, press CTRL+SHIFT+D to load
the default settings, and search for “Avoid speech cut off when using Bluetooth headphones or some sound cards.”
Note: The battery of your headphones/speakers could drain faster if you choose to turn on this feature. This option is also not available if the Audio
Ducking feature is enabled which lowers the audio volume of programs while JAWS speaks.

Other Changes

• When connecting to a remote computer using remote access software (Remote Desktop, Citrix, VMware Horizon, or Amazon WorkSpaces), JAWS and Fusion can
now get its remote authorization from a license installed locally on the remote computer if it is running a work station operating system like Windows
10 Professional. For example, you have a JAWS Professional license with remote access authorization on a Windows 10 computer at your office which you sometimes
connect to from home using Remote Desktop, but you only have a Home Annual license with no remote authorization on your personal computer. When you establish
a remote connection between your home and work computers, as long as you are running the June 2020 release or later of your Freedom Scientific software,
JAWS will use the license on your work computer to enable the remote access flag.
If connecting to a remote computer running a server operating system like Windows Server 2019 which supports multiple user connection, JAWS and Fusion
will continue to only use the license on the client or a Freedom Scientific network license server for authorization.
• To address reported issues with removing ILM timed licenses, new options have been added to the License sub menu located in the JAWS Help menu. Select
Remove current activation to remove the JAWS activation key or select Remove all products activation to remove any activation keys for JAWS, Fusion, ZoomText,
or MAGic installed on your computer. If you perform a full install of the June 2020 update or later, a new Remove all products ILM activation shortcut
is also added to the Utilities folder.
• Beginning with the June 2020 release, if you perform a clean install, the option to send anonymous usage data as you use JAWS and Fusion is now enabled
by default. If you install as an update, you will be asked if you want to turn this feature on if it is not already enabled. Having this feature on is
necesary to use certain features such as Picture Smart. See our
Anonymous Data Collection Policy
for more information about what we collect.
• When installing JAWS, ZoomText, or Fusion, there is now a link to view the End User License Agreement on the Freedom Scientific website.
• In Excel, resolved a customer reported issue where JAWS was not reading as expected in the Sort By combo box.
• Removed the Stock Quotes Research It lookup source as this information could no longer be retrieved due to significant changes to the NASDAQ website.
• Pressing ENTER no longer turns off Forms Mode in edit fields. Forms Mode now only deactivates when focus moves away from an edit field when using Auto
or Semi-Auto or when you press ESC or the PC Cursor command (NUM PAD PLUS or CAPS LOCK+SEMICOLON).
• The option to have JAWS and Fusion announce nesting levels for list items in web-based editors like Google Docs is now enabled by default to be consistent
with Microsoft Word. If you do not want to hear this information when reading bulleted or numbered lists, open Quick Settings (INSERT+V) and turn off List
Nesting Level Announcement.
• Improved JAWS indication of ARIA group names for check boxes and list items.
• Resolved an issue using JAWS with the about:config page in Firefox which allows you to configure advanced preferences or experimental features.
• Addressed an issue where button labels were being announced twice when using INSERT+B to read the contents of some dialog boxes.
• Addressed a reported issue where JAWS was not announcing indentation in the Visual Studio Code application.
• Added a new JAWS dictionary entry for TPGi.

That’s it. Feel free to read the web page linked at the top of this post for full details and links, and thanks for reading!

Comments (0)

Uber pushing in to on demand transit options

I was sent this article in regards to Uber pushing in to on demand transit options for people. While it is in a testing environment, Tech Crunch indicates that this isn’t the first time for this ride haling company. Uber pushes into on-demand public transit with its first SaaS partnership is the article. Lets see how this goes.

Comments (0)

Fileless attacks, they’re becoming real

I’ve seen some articles in regards to something called fileless attacks. This is a type of attack that doesn’t use any files, it uses the operating system to do its dirty work. I’m not too familiar with this type of thing, I understand the concept, so I’ll just let you read Netwalker Fileless Ransomware Injected via Reflective Loading which is just one of many articles you can find on the subject. Be safe out there.

Comments (0)

More Zoom trouble, better get your installer game on

I’m trying to catch up on stuff that I’ve read that is a little back dated, so bare with me a little bit.

You need to get your installing game on, because an article talking about fake installers of Zoom which include some very interesting things that you may not want.

Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools
— by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two malware files that pose as Zoom installers
but when decoded, contains the malware code. These malicious fake installers do not come from Zoom’s official installation distribution channels. One of
the samples installs a backdoor that allows malicious actors to run malicious routines remotely, while the other sample involves the installation of the
Devil Shadow botnet in devices.

This is only the beginning, and Trend Micro has plenty more about this tactic. Its never too late to be aware of this, so I still feel that it is worth passing it long.

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers is the article, and stay safe!

Comments (0)

Social Media leaking sensitive information, something to think about?

This is why I don’t use social media. Yes, I have my twitter, facebook, and even Linked in and they’re nice services. But I don’t hardly post much except for articles like this one and others I am going to read anyway, and even post to this blog when time allows.

Social Media is supposed to be used for sharing information, and they’d love you to share information about your life. According to Phishlabs, they wrote:

Threat actors are using social media accounts to expose and sell data that has been compromised. While information found on many of these platforms has
traditionally been disclosed by enterprises and individuals with intent, cyber criminals are taking information acquired by means of scams and data breaches
and promoting their sale on various social platforms not always monitored by security teams.  

This is the beginning of a very interesting article thats out about how Social Media information can be used for bad. There are bad actors, and I’ve changed the way I use social media, maybe its time to really think about whether its really worth it. According to this article, 1 million sensitive records were leaked last month alone due to breaches. If thats not enough, I don’t know what is.

Social Media Platforms Latest Channels used to Leak Sensitive Data is the article and its a discussion point to have for sure. Thoughts?

Comments (0)

An ad campaign detering cybercrime

In yet another good news piece, the United Kingdom is doing something about detering their citizens from going to cybercrime. In an article from Cyberscoop, this campaign has had some great success.

This article comes from Krebs on Security and was awesome to see.

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically
trojan horse programs and DDoS-for-hire services. The ad campaign follows a similar initiative launched in late 2017 that academics say measurably dampened
demand for such services by explaining that their use to harm others is illegal and can land potential customers in jail.

For example, search in Google for the terms “booter” or “stresser” from a U.K. Internet address, and there’s a good chance you’ll see a paid ad show up
on the first page of results warning that using such services to attack others online is illegal. The ads are being paid for by the U.K.’s National Crime Agency,
which saw success with a related campaign for six months starting in December 2017.

This is only the beginning. If we in the U.S. can do the same, or even other countries around the world, this cybercrime thing may have a chance to go down. It may not be the end all solution to cybercrime, but we should start somewhere.

UK Ad Campaign Seeks to Deter Cybercrime is the article, and I hope this is a starting point to more great news in this space.

Comments (0)

Lets start this week with some good news

As we start another week here on the blog, I want to start with some good news for a change. I know the week here is starting on Wednesday, but I’ve been involved in my next assignment among yesterday sleeping half my day which was not what I wanted to do.

The good news comes in two articles I sent over to my address for future blogging and I thought that the next time I blogged, I’d start with these.

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion is the first story, and while the guy here talked about was picked up, the Mexican Police got a wakeup call with their corruptness. Crime should not pay, and if I had stole 1.2 million dollars, you bet if they came knocking on my door, I’d be arrested. With the recent protests lately, we know that things aren’t necessarily fair, but I think they surely try

I can’t forget a related article to the first one that I should put here, Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office. This is journalism at its best, and I think both of these articles should be read starting with this one, than moving to the first one in this list.

Finally, in the good news department, Cyberscoop continues to report on the fin7 group. Federal officials have arrested another accused FIN7 hacker is great news as the cybercrime activity continues amit the various things going on in the world now a days.

A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, a syndicate known for stealing approximately
$1 billion from its victims in the United States.

According to court documents obtained by CyberScoop, Denys Iarmak has been charged with conspiracy to commit computer hacking, accessing a protected computer
to commit fraud, intentional damage to a protected computer, access device fraud, conspiracy to commit wire and bank fraud, wire fraud, and aggravated
identity theft.

This ois just the beginning of this article, and I think it definitely needs to be read. This can’t be the only good news we find. Found something I should talk about or blog? Send an email and get in touch!

Comments (0)

Question, is the infrustructure of water and power the next to be attacked?

Lets start this post with a question. If you’re a first time reader of the blog, how many of you have ever thought of your water supply or your electricity being cut off because of what you find out later to be a cyberattack? We know this has happened a few years ago, but it isn’t common.

I have a hunch that this will end up changing. As people start to go back to work, even in the midst of the ongoing pandemic, attacks will continue on all types of infrustructure from IT specific attacks to hospitals and more.

I’m really saddened by the fact that they could not keep their word on not attacking the hospitals. I think I called that one and its absolutely sad.

What do you think will happen? Will the electric grid and power supplies be next and for longer periods?

Israeli official confirms attempted cyberattack on water systems is the article dealing with the news of the potential unsuccessful attack. My hunch is that its coming, and I don’t think the power companies are prepared. The water companies are not prepared. It’ll be a matter of time.

Comments (0)

Corona Virus attacks found to be spear phishing in nature: Indian company only part of the problem

While I try to catch up as I sent myself articles I thought would be relevant, a Google study indicates that spearphishing attacks are now the act of Indiana “hack for hire” firms being a part of the ordeal.

I’m sure that we’ve had dealings with different types of companies with differing experiences. Most of the time, we’re treated well, sometimes not so much. But if you’re any type of company that hires people to do any type of phishing, I believe you need to restructure the company.

There are many types of phishing, and you can learn about those. Not all of the phishing is called phishing, so be aware of terms like BEC attacks, Spearphishing, and other less terms in the phishing relm.

I did find the article quite interesting in regards to this Indian company, but I’m sure that there are other companies that could be engagaging in this type of behavior.

Want to read more? Google finds Indian hack-for-hire firms exploiting coronavirus fears via spearphishing schemes is the article that I read which links to other stuff, so why not give it a look. Maybe you can get something out of it that’ll spark your interest.

Comments (0)

Last Week in Security News: news ending May 30, 2020

Where has the week gone? With several things I was supposed to do which I had to bow out of, to the protesting on the streets, to just being tired, I did read some of the news that is mentioned in this past week’s list. The biggest thing that caught my attention which I read was the article dealing with the Mac and trying to secure it the best way you can for your needs.

We all know that the Cyber Criminal element has changed, going from attacking the work infrustructure to the home infrustructure since people are now working in this capacity now. The other thing that catches my attention that I did not read is an article that the red cross is a part of asking the cyber criminals to stop attacking our hospitals, and urging the cybersecurity field to come together to help which they have.

Articles here and elsewhere have indicated that the criminals said they would not attack our hospitals during the crisis, but I had thought that they were just saying that to make themselves look good. Indeed, they have not stopped, and it shows.

Is there anything you want me to talk about that I didn’t highlight? Please feel free to send me an email, and I’ll be sure to hear what you have to say. Thanks for reading as always.

This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers is the article that you need to read.

Comments (0)

Another breach, this time, a home food chef delivery service

If you think the airlines are exempt, I also read an article talking about a home chef service that suffered a breach.

Home Chef food delivery service confirms breach, two weeks after stolen data went for sale is not what you want to have happen. Confirming a breach after it went for sale is the worst thing any company can do. If you learn about it afterwords, I can see that as a mistake, but if you knew, and you didn’t publish until afterword, then that isn’t good.

The number of customers that were effected by this breach are unknown.

The group that seems to be attributed to this hack is only known as Shiny Hunters. I think I’ve covered them once before, but even I don’t know much about them.

“We recently learned of a data security incident impacting select customer information, including names and emails, as well as limited customer account
information and encrypted passwords,” the company said in a statement. “We are taking action to investigate this situation and to strengthen our information
security defenses to prevent similar incidents from happening in the future.”

You are?

The company did not answer questions seeking clarification about when the breach occurred, how many of its users are affected and whether the stolen information
is being used for illicit purposes.

In the company’s defense, they may not know if the info is used ilicitly, but not disclosing how many customers may not be that good for them.

There are many companies like this one that deliver ingredients to be able to cook meals. One company who advertised on Twit at one point is Blue Apron. I’ve never heard of a problem like this with them, and I bet they have many customers they deliver ingredients to.

I shouldn’t be surprised that a company like this was breached, eventually all companies will, but the fact we don’t have a number in this case makes me a little concerned for other companies like this.

Comments Off on Another breach, this time, a home food chef delivery service

Another Airline, another breach

While I’ve been under the weather, I ended up reading about yet another airline that suffered a breach. This time, Easy Jet, A U.K. airline, alerted authorities under the European laws. The number this time is a staggering9 million, small comparitively speaking. This number is no laughing matter, because the information taken includes travel information and email contact info.

Email contact info is not a surprise, as even with other breaches like the Capital One breaches of late, email address information was taken. I know, because one of the breaches Capital One had I was notified about. I’ve also had other problems, but it wasn’t Capital One’s problem, it was other problems.

Mistakes happen, but when are we oing to learn tht personal information is no sneezing matter to lose? Getting travel information can tell a criminal a lot on where someone is going so they can go and raid the victim’s house or place of business.

Easy Jet is not the first airline to have a serious problem, and I’m sure they won’t be the last. EasyJet announces breach impacting 9 million people is the article that I’ve read on this topic, this can’t be good.

Comments Off on Another Airline, another breach

Judge rules Capital One must hand over Mandiant’s forensic data breach report

I’ve been monitoring the events of the Capital One breach that took place by the eledged suspect Page Thompson. In the article I’m using as my blog post, the judge has told Capital One to produce the report that the well-known security firm named in this article did on their network and other aspects of business.

This could be a good thing because we can learn as a whole what went wrong, and maybe we can all learn how to make ourselves better to even inside attacks although Page wasn’t a Capital One Employee. If you remember, Page was a former employee of Amazon, but that didn’t give her the right to access information that was not hers.

Want to read more? Judge rules Capital One must hand over Mandiant’s forensic data breach report is the article, and I hope that you find it of interest. Thanks so much for reading!

Comments Off on Judge rules Capital One must hand over Mandiant’s forensic data breach report

Have a Mac? This article might be for you

While I’ve not been blogging much, I’ve been reading, and I’ve continued to look for items that may be of interest. I don’t really get a Mac article so when I saw this Mac article, I knew that people may be interested in it. It comes from Trend Micro who has products for the Mac to protect yourself from the nastys of the Internet.

Think you’re untouchable because you have a Mac? You were at once untouchable, but actors are targeting a wide variety of platforms and your Mac computer is no different. Keep in mind that each person is going to be different on how they use their Mac, and your instincts will tell you whats safe and what isn’t safe.

The debate of whether to use products like Trend Micro or any other company that can protect you by alerting you or blocking the suspicious behavior is up for debate. While the article I’m linking to indicates that you should install such software, the choice is yours. The tips within this 21-step protection article does include installing something but you need to start with basic computer work as well. This includes removing software that is problematic, out of date and unused software that could be abused, just to name a few.

To read all of the Ideas Trend Micro has about how to keep your mac safe, please read 21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac as a starting point, keeping your own needs in mind of course.

Comments Off on Have a Mac? This article might be for you

Older Posts »

go to sections menu

---