The Technology blog and podcast

---

Comments (0)

Sans News bites for May 20, 2022

This past Friday’s Sans news bites is quite interesting, as it talks about Microsoft bringing an emergency patch to fix something that didn’t quite make it. There may be some other very interesting news that might be of value to you including VmWare patches for those who use it, Jupiter plug-in fixes and India security guidelines.

For the full newsletter, Here’s a link to it and do feel free to comment on things that might be of interest to you.

Thanks for reading!

Comments (0)

A little back dated, Trend Micro has news on Avos Locker

Now I realize why I kept this article around, we’re going to talk about the two ransomware cases that affected hospitals, but AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell has some information maybe the other article doesn’t have about this particular problematic program.

At one poibnt, this affected an Antivirus product called Avast, but they are quoted within the article to indicate that it is an older driver that they don’t use.

Fot those who are interested in this, please feel free to check it out. Thanks so much for reading.

Comments (0)

Russia now taking out satelites

Well, in a bit of a back dated article, it seems like Russia is part of the cyber probblem all along. US and its allies say Russia waged cyberattack that took out satellite network was written some time back, and was sent to our list on the 11th of this month.

Its a little back dated, but worth the read. I can definitely agree with some of what it says, including the fact thtat we didn’t do much about their 2015-17 attacks which even took out the electric grid.

This is still what I fear as part of this war. I still fear that they can and willif they want to attack a bunch of infrastructure which could make it difficult in some parts of the world.

This article was definitely interesting. I honestly don’t know if our sanctions are even working or having any effect on things. I don’t even know the solution.

Comments (0)

A second healthcare company targeted, leave our health care system alone!

OK,

I saw this oin our Security Box list, and I’m about fed up! This topic will be our main feature of podcast 96 this coming Wednesday, and it wouldn’t surprise me if we decide to have a few choice words for these guys.

While I’m not surprised of this news, I remember one group clearly stating that health care was off limits, and they went back on their word as discussed at that time. That’s why we can’t take anything they say for granted.

The article today is titled Ransomware group strikes second U.S. health care system in the last two months which is heavily linked full of information and even talks about the two known deaths because of ransomware.

AvosLocker, a prolific ransomware group that was the subject of a recent joint FBI and U.S. Treasury Department warning, claimed this week that it had hit a Dallas-based nonprofit Catholic health system with more than 600 facilities across four U.S. states, Mexico, Chile and Colombia.

McKenzie did not comment as they were the first to be targeted.

The article continues:

Katy Kiser, CHRISTUS Health’s director of communications, told CyberScoop Friday that the company’s IT staff learned of “unauthorized access” in one of its regions — which the company refers to as “ministries” — sometime in early May. The company is working with cybersecurity professionals to assess the situation, she said, but so far it appears to be “limited” and said the attack “didn’t impact patient care.”

You don’t think patient records are at risk, but you really don’t know. Its what you know at the moment. If I were in these shoes, I would say that we are not sure if patient care is affected, or whether the data is at risk, but if we find out that it is, we’ll send notification immediately.

There’s plenty more, please check out the complete article for all of the details. Thanks so much for reading!

Comments (0)

Have you updated IOS yet? Mac? Apple Watch? Maybe its time

Have you updated your apple products lately? Within the past week, Apple released IOS 15.5 and related Mac, Apple Watch, TV and other product releases.

Apple Releases iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, and HomePod Software 15.5 (Apple Vis)

But now, Mac and Watch have an emergency patch just like the phone did last month with IOS 15.4.1. Komando.com: Time to update! Apple’s emergency patch fixes zero-day vulnerability in Macs, Apple Watches has all of the details that are known and what is affected by the update.

Instructions are also given on how to update your product(s) so make sure you check it out.

Thanks so much for reading, participating, and learning with us.

Comments (0)

The Security box, podcast 95: Crypto interesting news, a 9.8 CVSS on big IP appliances, and what will be coming up in the coming weeks on the podcast

Hello all,

Welcome to another edition of the podcast. The RSS feed is getting updated throughout the network with the program.

While I wrote in the initial text notes that would’ve been posted to the blog that Windows Update would be covered, we didn’t cover it and I already edited those notes.

There are a lot of things that I’ve marked from the list that we can talk about and I’ll be trying to blog quite a bit within the coming days, so stay tuned on what we have.

You say you don’t have RSS? That’s no problem! Download this 93.86mb file by right clicking and selecting save target or save link as.

For those using keyboards, hit your context menu or hift+f10 and select save target or link as.

Now, without any further ado, here are the show notes for all!

---

Hello everyone, welcome to the security box, podcast 95. On this program, we’re going to talk about one vulnerability that affects big internet appliances at a CVSS score of 9.8.

We’ll see what else comes up including some Crypto news and things posted to our list and what type of order it’ll all be in.

The main article we’ll be covering is titled Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating which comes from Ars Technica..

Ars is probably not going to be the only one covering this, there will be others out there too.

The JRN hopes you enjoy the program, and thanks for listening!

---

Contact info is given throughout the program, tech information can be used as well. Thanks again!

Comments (0)

Patch Tuesday, the late edition

Sunday May 15th seemed to be time to reboot, and others within the computer industry will have, or will be rebooting for application of Windows Update this month.

Our usual source, Krebs on Security, has the article titled Microsoft Patch Tuesday, May 2022 Edition for your perusal.

The most urgent for this month is CVE-2022-26925 which is a CVE talking about a weakness in the windows security component where a central component is concerned. This is known as the “Local Security Authority.”

“This allows attackers to perform a man-in-the-middle attack to force domain controllers to authenticate to the attacker using NTLM authentication,” Wiseman said. “This is very bad news when used in conjunction with an NTLM relay attack, potentially leading to remote code execution. This bug affects all supported versions of Windows, but Domain Controllers should be patched on a priority basis before updating other servers.”

The last time we had a problem like this, we talked about something called PetitPotam
.

Security Now, podcast 829 (show notes)

Seven of the flaws fixed today earned Microsoft’s most-dire “critical” label, which it assigns to vulnerabilities that can be exploited by malware or miscreants to remotely compromise a vulnerable Windows system without any help from the user.

There’s plenty more. We even see in other email, Microsoft Releases May 2022 Security Updates which was sent to us by email. The JRN has not read this yet, but ill do so and try to keep up on these.

If you’ve not patched, pay attention to windows, it’ll be calling you very soon if it hasn’t already.

Comments (0)

21 million records exposed in a data breach

Komando.com is reporting a massive 10gb of data on rougly 20 million or more people from several different VPN providers. The article is titled Records for 21 million VPN users leaked online – Check your data now <//a>

It talks about the VPN providers who are affected and no, I don’t use them. While they recommend Express VPN, the one I use, there are plenty out there and so do your homework.

Check this article out for the complete dtails.

Comments (0)

We have a CVSS of 9.8 and we’re talking about it this next week

Hello folks,

Hello folks,

There are several sources that will talk about a serious vulnerability of 9.8 on the scale.

One of the articles we’re going to use for the podcast is an Ars Technica article titled Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating.

Sans News Bites for May 13th also covers this and other things including Windows Update which we’ll cover separately.

This is definitely something people should be aware of, even if we aren’t affected directly.

The program will air this Wednesday through the independent channel and broadcasted on Friday on Blue Streak Radio on Fridays at 8 am CT.

The program on Wednesday will be at 11 am PT, 1 PM CT.

For the schedule on the independent channel, please check the mix’s schedule page under the heading for the channel.

Hope to see you there!

Comments (0)

The Security box, podcast 94: EDR’s real and fake

There is a think called EDRs, which stand for emergency data requests.

On this podcast, we’re going to talk about this and anything else that the people want to talk about.

Here is the 99.28mb file for those who don’t have RSS feed.

Below, please find the show notes.

---

Welcome to podcast 94 of the security box. On this edition of the program, we’re going to talk about emergency direct requests (EDR’s) as there are now actors out there that will use Fake EDR’s for getting what they want.

There are two articles, both which I read.

• Twitter may have given user’s private data to a ransomware hacker, who then ran a researcher offline Cyberscoop
• Fighting Fake EDRs With ‘Credit Ratings’ for Police Krebs on Security

I read the Krebs article first, and some time later, I found the Cyberscoop article which was quite interesting.

Besides that, we’ll be seeing what others have read, although I’ve been working and not blogging much between podcasts.

I hope that you enjoy the program as much as we are putting it together, and thanks for listening!

Comments (0)

No Free or cleaning apps that are known to be bad for me: Never heard of most on this list set

As I check in with Kim Komando’s newsleters this one talks about free programs that do more than apparently scan your phone for bad things.

The article this time is called These free antivirus and cleaning apps are putting your phone at risk – Delete them now

Most of these apps on these lists I’ve never heard ofBetter check your phones for these, amd be aware of what is out there.

Comments (1)

Apps collecting data on our kids: check out this article

I’m a little bit behind, so I am deciding to catch up a little bit.

The article I’m going to write about today is titled These apps collect the most data on your kids and it comes from one of Komando’s newsletters.

There are five apps listed that are goods for kids. Besides the good ones, there are the ones listed that are bad too.

I think I’ll have to put this under NCSAM even though it isn’t october because it is protecting our kids and that should be as much as possible.

I hope that you find this article of interest, and make it a great day!

Comments (2)

The Security box, podcast 93: Earth Berberoka

Here is the 157.76mb file for you to enjoy if you do not have RSS which allows you to go ahead and get the program automatically at your schedule.

It’s been a busy week in the work department, so I have not had a lot of time to blog, but i hope to continue to blog when I can.

This program starts out talking about our Amazon devices and the fact that tey do record everything, although I don’t think it does unless it activates.

Be that as it may, its becomming a topic with write ups by Kim Komando and even a one minute podcast about the topic. I don’t think we should be scared, but at the same time, there are steps you can do to limit how much Amazon has on you. Amazon is the most pervasive of the smart devices according to what I’ve herd.

We also tlak about Earth Berberoka in great detail, and when guests do arrive, I believe they do get just a little scared on what this does.

While I finally got the blog post up, I decided not to go in to a whole lot of detail, leaving you to read and listen to the podcast.

It did air on Friday on Blue Streak Radio and now, its time to make it public for all to download.

As I said, if you are subscribed to RSS, you’ve already gotten it, so feel free to comment on it and let me know your thoughts.

Here are the full show notes I wrote up on the program, and we’ll see you next Wednesday. The topic is one which I’ll be writing about really soon, one I also read last week.

---

Welcome to the security box, podcast 93. We do cover some very interesting topics today including the recent news about our Amazon devices.

blog post

Besides our amazon devices, we’re going to talk as well about an Antivirus program with interesting accessibility isues but also coming with a VPN that can monitor what you’re doing. Maybe a problem much?

Our final topic is a big huge problem which we need to be aware of. The article is titled New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware which is quite interesting and really worth the read.

While it is only targeting gambling sites for now, this thing is packed full of problems and problems which can really cause you not to have a computer if you still have one.

Have comments for the show? Contact details are in the program, and I hope you enjoy!

This program was aired on the Independent channel on May 4, 2020 and was rebroadcasted on May 6, 2020 through Blue Streak Radio. It airs through their network on Fridays from 8 am CT until its conclusion.

I hope that each and every one of you enjoy the program as much as I am bringing it to you, and next week, we’ve got a great topic dealing with emergency data requests. You don’t want to miss it! See you all then!

Comments (0)

Earth Berberoka, who is this group?

Its been over a week since we’ve blogged, and there’s quite a bit read. Let’s strt with the article that sparked this week’s podcast which was quite interesting once people showed up.

I’ll have the blog post on the podcast later, but let’s first talk about Trend Micro’s article on this group.

The article is titled New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware and let me say that this was very well written.

As the podcast moved in to this topic starting in the second hour, I was notating some of this article as discussion points. While the article talks about the fact that Gambling sites are the only ones targeted right now, we shouldn’t be relaxed in this group. We should be aware of the fact that we do have a huge threat here.

One of the biggest threats that this malware can carry is one that can destroy the master boot record, making the computer worthless.

I’m not going to go through every piece of information here, but you can read the article which will answer the question on who these guys are.

There are five different things that are recommended, all of which are good tips. Don’t be fooled when I ask the audience in Clubhouse whether they are good pieces of information. I wanted to see what they would say.

Have you read the article? What did you think? Please sound off in the comments.

The podcast will be posted later.

Comments (1)

Let’s talk a little bit about our Alexa devices

Alexa has recently been the topic of discussion as of late. I don’t really find anything wrong with it, it does what I want, I play a very interesting game, learning different interesting things it can do, and I don’t use it for sensitive things.

I did once tell it to buy what was in my cart, but I do all of my searching using Amazon’s web site or application for IOS.

In one article read, it talks about how Amazon does use our voice data to target advertisements towards us. To me, I don’t pay attention to adds, they’re mainly banners, and even if it was text, if it is not what I want, I don’t go clicking or pressing enter or double tapping on them.

I know that on our shows, we had said that it doesn’t pay much attention until it hears its word, but how do you think it hears its word? By listening all the time. I don’t think all that data is stored, and looking at the voice recording section of my account doesn’t yield any other interaction except for skill interaction or even routine interaction such as my morning update one that got created where i get weather, some good news, what is in my calendar, and even if packages are arriving that day.

Routines are quite interesting and we can do a podcast on it one of these days.

The first article which we’re talking bout is Report says Alexa voice data used to send you targeted ads – How to stop it now which comes from komando.com and talks about research that has been done.

Even though the research is very valuable, me personally, I’m not worried about it only because it has to know what its word is and it must listen for that.

What I’d do is push the bottom button on the third generation models which then turns red. It must be its microphone button. Then, its not listening to anything.

You can follow the article to get other instruction on how to delete your voice data, or limit how long it is available to Amazpon.

Komando.com also has other Alexa things that might be valuable to you, so check it out.

Comments (2)

Older Posts »

go to sections menu

---