The Technology blog and podcast

Domains being hijacked? Its quite a challenge to prevent it

Hello,

I recently read an article that I thought we should talk about. Krebs on security is reporting that a domain was hijacked even though the registry lock to prevent transfers was on. I’ve never heard of the provider that was mentioned in the article, but if this is a warning sign, this could happen to anyone. The article aasks the question: Does Your Domain Have a Registry Lock? I would urge all of you to give this one a read. This is something I definitely not seen before, but I want to pass this along.There is a video attached to this one too.

Comments (0)

Assignment 17: I passed!

Hello everyone, yesterday after writing the first post, I got my report back. There are three errors that were in my assignment.

• A contraction (groupsign) error
• Two quote errors

The quote errors are up for interpretation. I understood it to be one way based on the text, and I’m looking for clarification on this because of how the narative of the problem occurred. Be that as it may, I passed!

As I discussed in my prior post on 17 Braille2000 as it currently stands played a very crucial role on my work. While I got four brailleouts, I was able to still check the formatting, and even check other aspects that I could only do with braille.

At some point, I’ll do a full write up on assignment 17 which will include audio, as I’ve done to date with the rest of the assignments.

I’ll also get clarification on 18 and how I understand it to be done.

Are there any questions about B2K and how it may help you check work? The Braille2000 team is here to help you. Please go either to the Braille Transcription as a blind person web page and select contact, or you may go to the Braille2000 web site directly and find contact info for Bob.

We look forward in serving you for your needs in regards to B2k, and if this is any indication of what you’d like to do, we want to help. Only you can make the decision on what you need, but we can definitely help answer questoions if this intrigues you. Thanks so much for reading, and make it a great day!

Comments (0)

Security Now, podcast 750

Security Now, released podcast 750. Twit.tv’s sn page and the RSS for you here.

Below, find the stories talked about.

---

SN 750: The Crypto CurveBall
?Tuesday, ?January ?21, ?2020, ??6:41:14 PM
This Week’s Stories:

• iPhones join Android in being a Google account security key.
• How much “substantive assistance” did Apple provide in the Pensacola investigation?
• A brand new serious Internet Explorer 0-day
• Giving Windows an additional Edge
• FBI says nation-state actors breached a US city government and a US financial entity by exploiting Pulse Secure VPN servers.
• Critical new Windows Remote Desktop Gateway (RD Gateway) remote code execution vulnerability
• SQRL for Drupal
• Microsoft issues security update to fix “CurveBall” vulnerability
  Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Comments (0)

Assignment 17 has been submitted for grading

4 braille copies later, lots of time understanding what is wanted, I believe that the assignment is finally ready for grading. The purpose of this blog post is to describe how I put this assignment together. I’d like to thank Bob for sending me the text, so that I have it.

First, I took the text, and put percent codes where I thought they needed to be. For example: I used the percent code %pn=1|10 which started the page numbering for the assignment. This is a brand new percent code to have page numbers that are hyphenated. Next, I used the usual percent codes for formatting which include %3-1 and %1-3 in spots. Braille copies indicated that I need to continually change things, and my mentor gave me prompts on what may be wrong without giving me the answers.

I continued to ask questions to understand what was needed. I definitely got confused on one part where it said to use list format, but also said to use cell 5 runover 5 (5-5) for the footnotes. That understanding and clarification is crucial to this assignment, and I’m not going to give any answers to how it should be done as there may still be an issue.

I also used simulated braille to have the note separation line that is discussed. I was unclear if every note needed a line or just the first one, so that was confusing to me. While I kept reading the book, trying to understand what is required, it left some very interesting questions.

I’ll have more on this assignment on a full write up through jaredrimer.info once the assignment is graded. For now, know that this uses lots of different formatting, and a full understanding of what is required is definitely important.

Braille2000’s talking edition played a crucial part, as I was able to check the formatting based on what I wanted, and how I understood the assignment. Each time I changed something, I checked its formatting carefully, then got a braille out of that copy to determine whether I was reading it correctly.

Initial versions did not understand the new symbols I’ve never seen until now for dagger and double dagger. B2K was updated to handle this in import.

I think thats all for now, but I wanted to take an opportunity to talk about my experience to date and how I used B2K for this as well as various percent codes.

Comments (0)

Another suspect arrested, charges out for a year

Cyber Scoop is reporting that a meth suspect got picked up a year after charges were filed/. Another Methbot suspect, Sergey Denisoff, arrested more than a year after initial charges is the article.

Police in New York City this month arrested Sergey Denisoff on charges that he allegedly helped members of the Methbot ad fraud crew by setting up dummy web pages where other conspirators could direct illegitimate traffic. Members then charged U.S. advertising companies for access to visitors who didn’t actually exist.

This is becoming more of a problem now, and I don’t know what the solution is on dealing with this. There’s more to this article, and it was a very interesting story, but we can’t fight this alone. Add networks are being bilked out of money with schemes like this, and I don’t believe this is the first time this has happened and it won’t be the last.

You might be interested in this one, thanks Cyberscoop for reporting on this.

Comments (0)

There’s an iphone 11 location issue

Hi all,

I don’t remember if we covered an iphone 11 issue which Krebs on Security is updating us on. Apple first indicated that this particular issue was not a concern because it was supposed to be used in countries with specfific situations. I honestly don’t remember much about the original case, but the next version of IOS will have a switch for phones to check if its communicating with another phone or needs to. Thats all I remember. I did read this article, and was trying to think about how to write it, but its confusing to me. The updated article Apple Addresses iPhone 11 Location Privacy Concern updates you, and gives you a linkback to the original story. I honestly didn’t think there was much of a problem since we’re in the states and location sharing is sort of the norm and if its turned off, it isn’t used. That is the gist of what this new potential switch, found in betas, is for.

Comments (0)

Breach at online chain, takes credit cards, CVV, and magecart is to blame

Today, OI read an article about a breach at a children’s retailer who was bilked out of credit card data, CVV, and potentially more. You’d think this type of story came from Krebs on Security, but it didn’t. This story came from Cyberscoop. Children’s apparel company Hanna Andersson discloses data breach is the name of the article, and its the first of its kind for this year.

I’m not sure if other children’s stores were hit, although Target of 2014 sells everything including children’s clothing. This outfit sells pajamas of different kinds A Magecart-style attack was put on this web site, and of course we’ve talked about magecart before and how difficult it is to defend from.

The exposed data included payment card numbers, expiration dates, and CVV codes, along with customers’ names, billing addresses, and shipping addresses. Law enforcement officials recently told executives at Portland, Oregon-based Hanna Andersson that there was evidence of a breach, Edwards said.

I’m not sure if this will be the last timne we see this, because Magecart is so pervasive once embedded in websites.

I’m wondering if we’ll see more types of this sort this year? Only time will tell.

It is unclear how many customers were affected by the incident. While it doesn’t appear that every customer who visited the website during the two month
period was victimized, Edwards said, the company is notifying anyone potentially affected. It is also offering customers a year of credit monitoring and
a $1 million “insurance reimbursement policy.”

If you are effect by this breach, watch your statements for any type of unauthorized charge. Even the small ones can be trouble if you know you didn’t do it. They start small, and then get larger, so please make sure to do this.

The company didn’t respond to comment before press time.

Hanna Andersson is known for selling pajamas, some of which are themed around popular Disney movies. The breach shows that, regardless of the end product
being sold, anywhere on the web that houses financial data is a potential target for criminals.

Hanna Andersson’s letter to customers did not identify any suspects who may be behind the breach.

There are other types of links leading to other things that might be of interest, so please read the full article.

Thanks so much for reading, and make it a great day!

Comments (0)

Use WordPress database? Better update it!

We do not use this plug in on the blog, but saw this article via Twitter called: This WordPress vulnerability could let hackers hijack your entire site and it talks about a plug in called word press database. It allows someone to manage the database, but the vulnerability makes the entire web site disappear if the hacker wanted. Read the entire article on this one, it sounds pretty serious enough.

Comments (0)

Chromebooks and the blind

Hello,

I’ve answered this on mhy tech board, board 295 on Live wire. I’m posting this mainly to get some insight. How many people on here have used a Chrome book and if so, what are its accessibility features? With no hard drive for storage, you can’t install anything like NVDA or Jaws, and I’ve heard everything is in the cloud. With no experience in this field of computing, I’m seeking someone who has used one and can give some guideance.

I mentioned that everything is cloud based, I.E. Google Drive, and the like. You can’t install anything like NVDA and Jaws, and I believe the person is blind.

If anyone has used it, comment here, or contact me at:

• E-mail/imessage tech at menvi.org
• Text/whatsapp 804-442-6975
• hangouts: jrimer 2010 at gmail.

I look forward in hearing from some of you on your experience with this. If you would like to call, please call the number for text/whats app. Thanks for your assistance!

Comments (0)

Trend Micro’s January webinar

This month, Trend Micro will go through the predictions of 2020.

• What threats your organization needs to prepare for in the coming year.
• How to pitch your focus towards what issues matter most to you.
• How protections can be put in place to mitigate the risks these predictions may bring.

John Clay will be hosting this, Here’s a link to sign up and just fill in your info. It may have mine, just overwrite it with yours to sign up.

I’ll do my best to tape this webinar and get it out there. I’ve not forgotten the webinar I said I’d cover, it’ll be coming. Hope to have you join me!

Comments (0)

Another article dealing with January’s patch tuesday

I recently read an article The NSA discovered a severe flaw in Microsoft Windows 10 and I found this one quite interesting. The fact the NSA now wants to have their name on vulnerability fixes is a step in the right direction. I’d suggest this article given a read, because it goes with the others in the set from this blog post and even this blog post covering a Trend Micro article as well. Just another article from a different point of view.

I think this must be the worse vulnerability Microsoft has had to date and it was recently talked about as part of Security Now 749 when it was linked to Krebs article found on the first 2020 patch tuesday blog which is linked here as well. Enjoy!

Comments (0)

Google Play is more Secure than other google stores according to Trend Micro

I just read an article which is number driven, and I covered one of these articles before. This one, from Trend Micro, is entitled Defend Yourself Now and in the Future Against Mobile Malware and its a great article to read. The topic of adware is really driven hone in this article, saying that a lot of apps in the android ecosystem are driven with this type of app.

One of the problems that Android and even IOS may have is that its hard to tell the difference between a fake application and a real one. Staying with the play store and IOS store and not jailbreaking your phone is the best solution, according to the article.

As 2020 is under way, here is what Trend Micro is thinking will be more of a problem.

• More intrusive adware.
• Cryptocurrency mining malware. This will run in the background, eating up your device battery and computing power. Trend Micro noted a 450% increase
in infections from 2017 to 2018.
• Banking Trojans designed to harvest your log-ins so hackers can get their hands on your savings. Our detections of this malware soared 98% between 2017-18.
• These attacks have evolved from simple screen lockers to malware designed to encrypt all the files on your device.
• Premium rate services. Some malware will covertly text or call premium rate SMS numbers under the control of the hacker, thus making them money and costing
you potentially significant sums.
ExpensiveWall malware, for example, was found in 50 Google Play apps and downloaded millions of times, charging victims’ accounts for fake services.
• Information theft. Some malware will allow hackers to eavesdrop on your conversations, and/or hoover up your personal data, including phone number, email
address, and account log-ins. This data can then be sold on the dark web and used in follow-on identity fraud attempts.

Its a good idea to read the section on how you can protect yourself, which includes staying on the official application stores.

Trend Micro blocked over 86 million mobile threats in 2018 and it is looking to grow quite exponentially. This is going to be the norm as people are moving mobile only.

There are a lot more linked things in this article besides what I’ve linked, and I think this is something we should be aware of. Have thoughts? Leave those comments!

Comments (0)

Do you use lastpass? A minimal issue has been found and fixed

Lastpass is reporting today that a small number of users were getting error messages due to an upgrade which they rolled back. This weekend blog update posted today, goe in to detail as much as they have. I feel that this is part of what I was saying within this blog post when we talked about password managers. No password manager is going to be bug free, and this Lastpass update is to notify the entire community what is going on and what they’re doing to fix the issue. This goes for those who may not have noticed like myself. I’m glad to know just the same!

Comments (0)

A very comprehensive password manager review

Hello folks,

I recently got an email from someone at a web site called Consumer Advocate. They have a very nice article which is lenghty that deals with password managers.

I personally use Lastpass, and yes, I do know about the breaches they’ve potentially had, but I feel that they’ve been straight forward with the information they had and what they were able to share.

This article, published on the 17th of January of this year, covers a number of managers I’ve never heard of. Best Password Manager and it is definitely comprehensive.

I want people to check it out, knowing that each manager may not meet your individual needs. While I did get a new phone and I had trouble with Lastpass a little bit, it wasn’t because of my lack of my password, Lastpass didn’t know who I was when I had clear my firefox and it caused issues with the phone not knowing who I was. It was rectified, although the first email didn’t elicite the response I needed.

I did like the idea of phone support, and there is only one company in the list that does this. Maybe 2 if you count the paid version of Roboform which I’ve heard of, and my dad had used.

The guy’s name is Joey who sent this, and we thank him for posting an email to us about this helpful resource for people who might find it of interest.
He wanted me to add it to the post Here’s something to ponder: Should User Passwords Expire? Microsoft Ends its Policy I posted that article in June of 2019 and while I don’t go back and add things like this to that post, a new post would be more helpful. I’m linking back to that piece in this post because I think its still valuable in the discussion. What do you guys think?

Please let me know what you think of the article.

Password managers that are mentioned include:

• DASHLANE
• ROBOFORM
• STICKY PASSWORD
• PASSWORD BOSS
• SPLASHID KEY SAFE

BITWARDEN

None of these i’ve ever heard of except Roboform. Lastpass is mentioned, but one gentleman quoted in this comprehensive article says that if your password manager of choice has been breached, than its not trusted. Lastpass fixed the breaches quickly, and from what I remember and its mentioned in the article, that particular aspect should be recommended. However, the person quoted said they can’t trust them. GRC’s Steve Gibson can, because he’s had insight conversations with the founder of Lastpass who is also named Joe. I’d use whatever you find of value, but i’d read the article anyhow and give these a try. I’m not looking to change at this time, but maybe someone who isn’t using any manager will find this of value.

Comments (0)

Phishing for apples, getting different links

I don’t want to use the same article title for this post as the post Krebs on Security wrote in regards to Apple and their recent Phishing expeditions. I’m not saying that Apple is sending out these emails at all, but I am saying that Apple is now the target of such email sending lately.

According to the article Phishing for Apples, Bobbing for Links apple’s web site is now being utalized to harvest these sites.

I don’t remember if I reported that Michael in Indiana, someone who has published some audio for the podcast as of late, sent me a very interesting email and asked me to look at it. The email in question was definitely a phish, but the web site went to apple’s web site but a very different link. I went to both pages, looking at the URL’s very carefully.

KrebsOnSecurity heard from a reader in South Africa who recently received a text message stating his lost iPhone X had been found. The message addressed
him by name and said he could view the location of his wayward device by visiting the link https://maps-icloud[.]com — which is most definitely not a legitimate
Apple or iCloud link and is one of countless spoofing Apple’s “Find My” service for locating lost Apple devices.

While maps-icloud[.]com is not a particularly convincing phishing domain, a review of the Russian server where that domain is hosted reveals a slew of
far more persuasive links spoofing Apple’s brand. Almost all of these include encryption certificates (start with “https://) and begin with the subdomains
“apple.” or “icloud.” followed by a domain name starting with “com-“.

This is just one paragraph of this article. The post has brackets to hobble the links from being clickable, and I think they’re worth sharing.

• apple.com-support[.]id
• apple.com-findlocation[.]id

apple.com-sign[.]in

• apple.com-isupport[.]in
• icloud.com-site-log[.]in

As people new to the Internet come to this blog to learn, the article mentions that savvy readers know this and normally either check the link to see where they’re really going, or don’t bother clicking.

The problem we as blind people have is that these emails just say verify your account, as the link, and we don’t have any way of verifying the link. To make matters worse, Safari to my knowledge will only show apple.com when we double tap on the link to see where we’re going. This makes it quite hard for us to really verify these links, so I aught to say, check the address. In Michael’s case, the address that it was sent from was completely different than those that apple may use. Also, keep in mind that not all Phishing emails will be alike. They may be still coming riddled with mistakes, non-sensical aspects to evade detection by changing letters in certain words, and other aspects that I may not cover here.

Of course, any domain can be used as a redirect to any other domain. Case in point: Targets of the phishing domains above who are undecided on whether the link refers to a legitimate Apple site might seek to load the base domain into a Web browser (minus the customization in the remainder of the link after the first forward slash). To assuage such concerns, the phishers in this case will forward anyone visiting those base domains to Apple’s legitimate iCloud login page (icloud.com).

The best advice to sidestep phishing scams is to avoid clicking on links that arrive unbidden in emails, text messages and other mediums. Most phishing
scams invoke a temporal element that warns of dire consequences should you fail to respond or act quickly. If you’re unsure whether the message is legitimate, take a deep breath and visit the site or service in question manually — ideally, using a browser bookmark so as to avoid potential typosquatting sites.

This is sound advice, but sometimes the curious get curious. I would say to check the address. In mail, find the name where it says from and look carefully at the address. You can see where it goes without adding it to your contact. When done, double tap done.

Since a lot of people now have iphones and/or android devices and not necessarily a computer, this may be the only way for us to be safe. Thanks Brian for giving us yet another very interesting article to talk about and bring a different way of presenting a different aspect to this phishing problem.

Have any other advice to share? Please leave your comments here, and we’ll be in touch. Thanks so much for reading!

Comments (0)

Security Now from last week

I started doing this last year, and now I’ll try again. Here are the notations of Security Now!

Here is their RSS feed and here is the web page if you wish.

---

SN 749: Windows 7 – R. I. P.
?Tuesday, ?January ?14, ?2020, ??7:18:33 PMGo to full article
This Week’s Stories:

• Windows 7 support dies today, but 1 in 7 PCs are still running it
• Cablehaunt- the remote exploit with the catchy logo that works on ALL cable modems
• US government still wants backdoor access to iPhones
• CheckRain iPhone jailbreak keeps getting better
• How Apple scans your photos for evidence of child abuse
• The sim swapping threat
• Anatomy/timeline of the exploitation of an unpatched VPN bug
• And speaking of patching right away… patch your Firefox browser right now!
  Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

---

Hope this finds some interest on people.

Comments (0)

A search engine for searching for personal info shut down

Hello folks,

In my article posting yesterday, it occurred to me that I didn’t cover something that made the cyberscoop news in a good way. Cyberscoop covers government stuff as well as good news like the article entitled WeLeakInfo, a search engine for breached personal data, shut down and thats a good thing. I’ve never heard of this site, but anything to allow people to search for things that could be harmful like breach info is a good thing.

U.S. authorities have shuttered a website claiming users could scour more than 12 billion records compiled from some 10,000 data breaches to purchase usernames,

Thats a lot of info, and I could see why this web site was shut down. If you were looking to see if your info was out, thats one thing, but to look to see about others so you can use it and use the info to take over other accounts isn’t OK and should not be allowed.

I’m passing this along in the good news category, let me know your thoughts. Should search engines up for people to search whatever you want to, even if that means that people can lose their accounts to others?

Comments (0)

Equifax is back in the news … can’t get a dime

Hello folks,

According to the latest on Equifax, also known as equiphish, they’re now claiming in this article entitled Equifax to pay customers $380.5 million as part of final breach settlement, I doubt that we will ever see a sent of that. For me anyway, I can’t prove that my info is being used or hahs been use for ill gain, so that means I don’t get a dime of this money. While the settlement is great for those who are effected, the reputation of the company is beyond repair. To make things worse, the other credit monitoring services are just as guilty for similar fates but not as bad. I really don’t know what else to write about this, except that I have articles on Vocal covering my thoughts long term.

<
• Equifax breach: Why You Should Be Worried After the Latest Breach 01.media September 15, 2017
• More On the Equifax Breach: Why It’s Time to Keep that Software Up to Date 01.media September 26, 2017

Besides those two, this tech blog search will cover a ton of stuff from podcast notes, to many other articles across the landscape. I want some of that nmoney! Even if I have to put it away elsewhere for my future needs, this is something everyone has been effected from, even if its just news worthy and nothing personal has happened. The fact its out there is damaging enough.

Update:
January 18th, updated the post to fix HTML and some spelling mistakes found.

Comments (0)

Don’t let the vulnerabilities get you down

I read an article entitled Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601 and it was quite interesting. This is going in to more details on one of the worse vulns Microsoft has had, that they need to fix several major versions of Windows. This blog post which was posted several days ago talks about some of the articles I’d not had read and since have, in regards to patch tuesday. The lead article gives more info about the second Krebs article that was posted in the earlier blog post.

Comments (0)

We’ve got a capture, its hopefully the first of many

I meant to write about this, but now I’m thinking about it. Krebs on Security posted a blog post about a capture and I love posting these things. Alleged Member of Neo-Nazi Swatting Group Charged was posted on January 10th and I recently read it within the last couple of days. I found the story enlightening, and I think you might too.

What interested me about this story is that Brian, and/or his family, was eventually targeted in whatever this group was up to. Hopefully, there are more stories like this one this year, its lovely to see!

Comments (0)

Older Posts »

go to sections menu

---