go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: January 2017

Go to Homepage [0], contents or to navigation menu



Adobe and Apple to Outpace Microsoft in 2017 Vulnerability Discoveries. So What Now?

Several days ago, I read an article entitled Adobe and Apple to Outpace Microsoft in 2017 Vulnerability Discoveries. So What Now?

The question is sitting right here, and that is pretty much now what? I do feel that Windows will still be a large target, and of course people are moving away from Windows and using other operating systems and other technologies. As people do this, the people creating all the malware and viruses will migrate to these platforms and we’ll be still fighting this.

TThe thing we must do is try to keep up with what people are releasing for bug fixes, and of course, remember to do our best to only install things we’re looking for.

Brian Krebs posted something very interested I read as part of his blog roll, and I think we should talk about that. It is his Krebs’s 3 Rules… and it is a great read.

  • Krebs’s Number One Rule for Staying Safe Online: “If you didn’t go looking for it, don’t install it!”
  • Krebs’s Rule #2 for Staying Safe Online: “If you installed it, update it.” Y
  • Krebs’s Rule #3 for Staying Safe Online: “If you no longer need it, remove it.”

All of these are good rules and Brian goes in to detail on each of these and he has links to various things we can use. I can’t vouch for anything here, but if you are blind or visually impaired and have used the tools listed here, please comment on whether they are accessible. If we all play a part, we all can help keep the net a safer place.

Thanks for reading, and stay safe.

Comments Off on Adobe and Apple to Outpace Microsoft in 2017 Vulnerability Discoveries. So What Now?

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

Hello folks,

I just read today an interesting article entitled: Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed and this caught my attention because of the fact that these databases may have been used for something. I’m not too familiar with Mongo DB, but It think it may be similar to what SQL databases do for software like WordPress which is used for blogs like mine. I did get E-mailed that the blog was auto updated, and I do like that feature when its available. I wish it would just upgrade like that all the time, but major releases we must do. I do my best to keep my softare on my site up to date, and I think it is a good idea we do this. Even the plug ins we use must be updated to fix holes.

This goes back to what I have said in my last post about Windows and Shaun’s opinions that indicate that it is the same old shit and it is. Sadly, the reason why the podcast had not been updated much in 2015 was because this is all we saw. Sadly, realizing that this is a never ending battle, we must push on and talk about our experiences where applicable when a breach occurs.

This is why I started blogging when I’ve gotten notified abvout a breach like the Yahoo! breach and of course the first potential situation of Ransomware where I attended a shchool with these two posts. I even gave my thoughts on tech and politics to top it off.

I think that sharing information and talking about our experiences are good and in no way am I bashing this post dealing with the ongoing patch tuesday.

I feel like sharing articles and opinions like the main title of the post will highlight and put out good things, and may help people find things they may be interested in. If you’ve used Mongo DB, I’d love to learn more about it, as I am not too familiar with it, so seeing this was facinating. Thoughts?

Comments Off on Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

This month’s patch Tuesday postings

Hello folks,

While Shaun covered his thoughts on the patch Tuesday problems, I do want to go ahead and give you some postings of articles from Trend Micro and Krebs On Security. Instead of bashing what we must do now to protect ourselves, be happy that companies are patching and trying their best to make their software as secure as possible.

We need to remember that writing software is hard. We can tell users to ditch Adobe, move to Lynux, use the Mac, don’t bother with antivirus, and other aspects of things that are opinion, and I don’t mind that, but we must remember that people come to get information and opinion, and just saying that its no good isn’t solving the issues we must face.

It did not impress me to have to post about the school district paying $28,000 to get their files back, but this is where we are. While I plan to let Shaun post and give his opinion, we need to understand that this is our world today. Nothing is safe anymore, and I will do my best to give you revelant articles of interest like the two linked. Keep the opinions coming, and lets see how we can do this together.

Comments Off on This month’s patch Tuesday postings

patch grind day

Hi all.
Yes its patch grind day.
Its not patch tuesday because that would honor all the patches.
And I am not in a honoring mood.
So we start with the respectable to the entirely fucked over.
1. codecguide klite meta 12.78 is out.
2. new versions of adobe flash and adobe reader are out.
In addition I had a lot of issues getting the latest updates as the update pages for get.adobe.com likes to refresh all day long and you can’t seem to allow it through script because it does this.
Even with noscript off, its impossible.
I was able to get flash fine but today it took me several tries to get the latest adobe reader from their ftp server.
3. ms nondates.
Yes non dates.
The only actual update is an important dos attack on lsass.exe and you need to recieve special data its unclear how you would actually recieve this however.
The other 2 I won’t mention at all.
In one case, elivation of privilage and a few other things.
In both cases you need to open infected files.
Ie click something, ie social enginiering.
In other words, if you are smart and don’t click these are not even needed.
You will get them in your roleup anyway.
In win10 the most critical issue is that if you incert input devices of a same time they wouldn’t work and now they do.
Supprise, supprise, there are issues.
If you use 2 moniters for a 3d program the system will just go screwy.
Thanks microsoft.
There is another little issue but still.
Teamtalk is at 5.2 stable.
There are a few more extras like that.
I was happy things didn’t take as long to get but as usual I am not impressed with the shit microsoft is putting out why don’t they try to be creative.
You will have noticed I left the edge and ie updates out of the article.
This is because there are always edge and ie updates as well as flash updates in win10.
My responce is big fucking wow!
In the latest insider it looks like there are some regressions in performance and also the fact edge again doesn’t work.
Which is why I say I am happy I use 7 and not fucked up 10.
In fact 10 seems more screwed as it goes on.
Eventually I will have to use it but till then well.

Comments Off on patch grind day

further to the cardless password story

Hi.
I just read further to this that hackers for cardless password transactions are using the fake sms trick again.
You do have to go to a fake site to get your stuff harvested.
The only good news out of this is they are using the same old tricks again.
Sms hacks are one of the easiest and oldest way to get users, most of us should be wized up to this nusence.
Its just one more thing to delete.

Comments Off on further to the cardless password story

comments on the blog and something interesting

Hi.
Well today I read somewhere that hmd in china has aquired nokia.
The new nokia 6 has a 16 mgeapixel on the back and an 8 on the front 4gb ram, 64 gb internal storage by default.
Fingerprint scanner and the latest android os.
Its only in china though which is a pitty, its described as mid range.

On another topic pg13 published this link

So you want to get a virus, what happens if you run this file, what will happen.
If you are curious and want to click that attachment now you can.
Well figuratively.
These guys do it just for fun in a controled environment I think they use a vm.
If you have listened to pg13 they are humorous guys anyway.
They always do everything including the bad endings of games and laugh at them till they burst.
They tried this once before, but for whatever reason their live server malfunctioned and nothing was ever recorded.
Now they are doing it again and this time they have a file.
Ofcause this is being done with online participation through their live irc chat and twitter feeds so users can chime in and see what whatever does what.
I know we usually talk about being secure but if you like me
want to blow off a bit and wander why bother, this will both tell you how dangerous a bit of malware can be but also enjoy the funny side of it as they trash a vm.
A vertual machine or vm for all readers that don’t know is a vertual image of an os so it can get destroyed and created at will if you have the image for it.
It can also be backed up easily so you could back it up, then destroy it.
I am not sure if they are using another physical or a vm but they use vms all the time.
Its also worth noting that they are not in the same studio, both are in different places and communication is via nv remote or other remote software and the teamtalk chat client.
So there are some artifacts but for the most part it sounds like they are just there and its in 3d audio to.
I have not listened to the file as of yet only downloaded it but I will be listening to see what they do.

Comments Off on comments on the blog and something interesting

Stolen Passwords Fuel Cardless ATM Fraud

On the 5th of January, i read this article from Krebs entitled Stolen Passwords Fuel Cardless ATM Fraud and I think this is an interesting article. I don’t think we have cardless transactions for cash that I am aware of, but this should be something to be aware of. This is the first I’m hearing of cardless cash transactions where you get cash without presenting a card that would be tied to an account.

Comments Off on Stolen Passwords Fuel Cardless ATM Fraud

An update on the school situation with ransomware

Hi folks,

I just got updated within the last hour in regards to the school situation I posted two days ago. To reread that post, please read Are schools next in the cyber race? for my thoughts.

The E-mail indicates that they paid $28,000 and got a key which so far has unlocked files necessary. They did this after the investigation indicated that they had a high probability of getting things restored. The E-mail does not say how long it will take but a process is in place.

Ransomware is an interesting thing, where backups are a necessity as paying may not be a good thing. The criminals know this,, so they offer chat and other business like services and in most cases, will deliver on their promise after payment is made.

It interests me the portion of the E-mail that states that failure to pay would result in loss of data. I believe that if there were backups, you wouldn’t need to pay any kind of money, and a school should do their best in making sure that backups are stored somewhere.

There are services out there like Carbonite which will back up a computer for a low price, or for larger networks, a bit of a higher price could be paid.

They are saying there are several thousand files to unlock, and it will take time.

Hopefully, none of the other computers along the network of schools in this district were effected and it was the only school. The link to the PDF was the same link i read and talked about from the prior post.

If you have any thoughts, lets talk about this one. Do you think backups would have been good? How could a large network like this do something like this without paying again if they are targeted again.

I’m wondering if someone clicked something, maybe by accident, that installed whatever ransomware family they got? What are your thoughts?

Comments (2)

technology and politics, my thoughts

Hi folks,

I saw an article from krebs on security in regards to some stuff dealing with the Russians and the potential hacks that were reported in the news that he didn’t cover.

While his article links to some stuff, he indicates there are no clear signs that he could find that indicate that Russia was directly involved in our elections, but anything is possible. The article is entitled The Download on the DNC Hack and is a great read.

I think over time, policy makers will have to get involved in this debate on the Internet of things and other internet issues where policy can be made to protect our interest on being as secure as humanly possible, but yet, make it illegal for the numerous things that are going on now a day.

I am hopeful that at some point, we can have people doing the work they do on finding vulnerabilities which is already going on, and yet, people who do distructive things get penalized because they caused harm.

There are two types of hacking. The first is white hacking where its done for fun, no harm is done, and things are properly disclosed and patches can be developed.

The second is black hat hacking, where people hack, make distructive programs, and at some point, people will get hurt if they are not already.

I’m only on chapter 5 on the book I posted here dealing with Stuxnet, and if this is the way things are going, I can imagine someone will get hurt because they will stop at nothing. The ransomware epidemic at hospitals and other companies are only the tip of the major problem, and that is responsible disclosure if you get in to a network.

When i grew up, the Internet was fun. We did not have these big time breaches like what has happened the last few years. The DNC, the RNC, and other major sites have been impacted by the stories of the past year, and reports indicate its only going to get worse.

What are your thoughts on this? Can government get involved where tech companies and government work together to make things work and government understand how dangerous some of what is happening can effect every day business?

I really don’t understand why government thinks its ok to develop something like stuxnet to disrupt business, when once it goes out on the net, thats the end of it, you have no control. Control starts at what you’re building.

Please leave your thoughts in the comments, and lets start talking.

Comments Off on technology and politics, my thoughts

Holiday Inn Parent IHG Probes Breach Claims

InterContinental Group is the next hotel chain to be potentially breached. Holiday Inn Parent IHG Probes Breach Claims is the article from Krebs and it was posted on the 28th of December.

I am starting to wonder what the difference iis between the desk where you check in and pay your money for the room, and the areas of the hotel where you can buy gadgets and other things they might sell. Why is only one portion of the hotel getting targeted?

It seems to me that if you really want to get data, the data would be at the main desk, would it not? Thats where the majority of the money is being put, correct?

I know when I last stayed at a hotel, I just told the restaurant to bill it to my room. I felt confident that way, and I didn’t have a problem. They approved over $400 to my card, even though the stay was $371 or maybe a little more. They said it was to cover any extra charges like TV, or other incidentals. For some reason, I just didn’t feel right billing for a meal or a snack separate, I just wanted one charge at the hotel, and I was happy that they could accommodate me in this way.

In the coming year, I am feeling like the hotels will even be targeted more. I’m not sure exactly how, but it may go as far as the front check in desk. I hope I’m completely wrong, and I only saw this one article in regards to this latest breach, and only time will tell on what is going to happen next.

Like I said in my prior article, at some point, our president and legislators will have to step in and start a process where hacking to get data and personal information needs to be made illegal. I’m not exactly sure how it should be done as of yet, but the process needs to start somehow. I’m happy to see legislators probe companies of big breaches to determine the scope of the problem, and thats a great start. I wonder if there is anything else they can do?

Please have your comments in the blog, and I’ll be in touch with you all soon.

Comments (1)

comments on the posts this week

Hi jared.
Well for the first article, hackers and hacking will be used for everything including elections, its human nature.
Will it be a problem, not more so than usual, ie, people still rob banks and cause murders no matter what we do it will never ever die.
Will this hacking hospitals be a problem, probably if we don’t get our a into g and move it where it needs to be.
In the long term it will be another procedure we will have to deal with sometimes we get lucky, but we probably won’t be lucky, will people get hurt, my question is when people rob a bank there is a chance someone will get hurt this is no different its the curse on tech.
2. the school thing.
I am unsure what to think but at university, my brother and several in his class got a major virus, it was easy to kill but the dammage it did required another hijack tool to be run to get rid of the program that was trying to install all the time, and with this done, there was dammage to some drive locations and I had to get something to fix that.
Universities are a prime way to get infected people leave and loose their usb flash drives all the time so my brother tells me.
While setting up for some classes I got to talk to one of their tech admins.
They were certainly all over security, mostly prevention not removal.
I asked so what if you get a virus, his responce, was, well every summester we reformat all computers.
And every year we refresh ane reformat older backups to.
Why I asked.
He then said that with so many computers if ever a virus got in and it often does, tracking it is impossible because to much ground to cover.
I don’t see much we can do about this.
With the cloud being used, the only thing I can think of is making sure no one can take usb sticks or drives into university and bann their use.
This includes the teachers and admins unless allowed by request or something.
Certainly if students stopped bringing them in they would never get lost.
Universities and school are always big target though thats never changed and has been round since before the net.
What is interesting is you got an email about it.
If I was a hacker that is one way I’d deliver ransomware at someone.
I mean send an email as admin and say, that we have been hacked and to open a page explaining it.
Load the ransomware in the background.
And once loaded do whatever.

Comments (1)

Are schools next in the cyber race?

Hi folks,

Happy new year, and thanks for checking out the blog. My goal during Christmas break was to release a podcast, but I’ve been ill. Hopefully, the podcasts will return soon.

The reason why I’m writing today, is to talk about something I’ve thought about for awhile, but sadly, the 4th day of January, we’re already seeing.

I’m going to be careful, and indicate that I got an E-mail from a school I’ve attended talking about how they are investigating reports of a possible attack.

According to the E-mail, it looks like one campus of the network of various schools around the LosAngeles county was targeted.

Computers and voice mail systems, according to the E-mail and attached PDF, are effected, and no voice mail can be left at the school at this time.

School is going on as normal, and recently started its winter session which started on January 3rd.

As a precaution, the E-mail notifies us that computer experts have gotten involved and will be checking out the entire network to determine what is happening.

They are advising that many computers are possibly infected with ransomware. If you are not aware and you’re coming to the blog for the first time, ransomware is a big time problem, and it locks up your files until you pay money.

Many experts are telling people not to pay unless you have no other choice. I agree with the assessments, I know i wouldn’t pay money to someone who may or may not give me my files back.

According to the attached PDF linked, this detection and investigation started on the 31st of December, and only time will tell on what exactly happened.

I had thought about this as part of my predictions for 2017, which I never wrote because I’ve been sick. It saddens me that we’re starting out the new year on such a note like this. It does not surprise me anymore in regards to things like this.

Do I think other schools are going to be impacted? As large of a network as the school has that I got notified from, it would be possible for other large networks to be impacted at some point.

Hospitals, and other businesses have already felt the brunt of ransomware. Trend Micro has already predicted that ransomware will be a bigger threat as it becomes more prevelant as a weapon for people to be making money.

Do you think your school, or a school you’ve attended will be a target? Why or why not? Please sound off in the comments, and lets discuss this big threat of ransomware.

Hope to have a podcast real soon, thanks for reading!

Comments Off on Are schools next in the cyber race?

« Newer Posts

go to sections menu


navigation menu

go to sections menu