go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: April 2020

Go to Homepage [0], contents or to navigation menu



Nigerian Scammers won’t quit, up 90k per month in 2019

On April 28th, I read an article talking about the Nigerian Scam. In prior posts, I’ve talked about my own experiences about women who have targeted me on twitter, to move to hangouts, to then ask for money or gift cards.

Just because we’re in a crisis, doesn’t mean the scammers really care much. I’m sure that you’ll find plenty of stuff on the net talking about scams and what they’re talking about especially from Phishlabs, who are posting article content about Covid-19 and what scammers are doing.

I’ve published some of these, but not all.

According to this article, that 90k is a monthly total, which means they’ll stop at nothing. The group, according to the article, is “silver terrior.” The group themselves target you through Business Email compromise, which is anothr form of attack, if you’re new to the blog. You can find plenty of blog po0sts from around this and other blogs talking about this attack in more detail.

This group is partially responsible for the 1,163 percent uptick in attacks in the legal and professional services last year alone! If this is any indication of things to come, I expect the numbers to hit the roof this year.

Internet Cases a blog on law and technology is run by someone who was once a part of the now defunked “This Week in Law” show that was once a staple in the twit network. This blog in recent blog posts talked about law, technology, and other aspects of dispute resolution that may be of interest. Recent videos are also posted there. I bring this blog up because it does cover some interesting things that might be of interest to some, and who knows, maybe Evan will have comments posted on something like this.

One of the things that bothers me is that a fraction of the reported numbers comes from one guy alone who is supposedly married and had kids to boot. Fraudsters like this present themselves as legitament business people, yet scamming people out of their hard earned money.

There’s plenty to read on this one, so why not give it a read? Nigerian email scammers upped their game, averaging 90,000 attacks monthly in 2019 is the article, and i’m sure that there will be comment on this one! The comment boards await you. Lets see what they have to say on this one!

Comments Off on Nigerian Scammers won’t quit, up 90k per month in 2019

Another type of extortion attempt? I am not laughing, nor am I convinced

I’ve gotten two of these emails, one at jaredrimer.net and the other at whitecanetravel.com on the 28th. I want people to see this, and tell me if I’m correct. Do you all think this is an extortion attempt? I do, as bugs legitimently coming to me I fix. If I’ve been hacked, I want to know about it so I can fix it. If I can’t, I can get the assistance. You be the judge.

Here is the first form.


Below is the result of your feedback form. It was submitted by
() on Thursday, April 30, 2020 at 01:08:41

Name: Leticia
phone: 479 9456
contact_method: phone
bug: no
additional_bug_info: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.jaredrimer.net and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1HGxLfhnMzPEzWD7YeBwtWUGj3E2Q2YJKE

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I donâ t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, thereâ s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, donâ t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.
comment_or_question: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.jaredrimer.net and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1HGxLfhnMzPEzWD7YeBwtWUGj3E2Q2YJKE

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I donâ t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, thereâ s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, donâ t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 92.223.89.5


Thats nice. You clain you hacked white cane travel and extracted data, but there is no data to be had. jaredrimer.net has no data to be had either, unless you hacked my word press database. If thats the case, you’ll have a lot of spam accounts plus a few legit accounts. WCT does not have any stored data, and any forms that come come via email. I hope you people have fun with whatever you had.

Here’s WCT’s email.
<


Below is the result of your feedback form. It was submitted by
() on Tuesday, April 28, 2020 at 09:12:45

name: Adam
phone: 04.35.62.75.78
method: Both E-Mail and Phone
to: First Available
bug: No
additional_bug_info: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.whitecanetravel.com and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.whitecanetravel.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I don_t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there_s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don_t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.
comment_or_question: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.whitecanetravel.com and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.whitecanetravel.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I don_t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there_s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don_t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:59.0) Gecko/20100101 Firefox/59.0
REMOTE_ADDR: 92.223.89.5


Do you all think this network is stupid? If there is a legitiment bug, I need to know, I’m not scared by my reputation because you fill out the comment form in the bug reporting form trying to scare me. You say not to contact you, but I bet the addresses in both forms I provided are fake. I know the phone numbers provided are definitely fake, so I surmise this is fake. Have fun with whatever data you have, because bugs that come to me get fixed. It is a blatent targeted attempt to extort money, and I want people to see this. I need every dime of my money right now, and I know other people do too. Have fun trying to extort me, because I have things under control. Enjoy!

Comments Off on Another type of extortion attempt? I am not laughing, nor am I convinced

Getting Extorted again? Lets discuss

On the 29th Brian Krebs penned another article in the serious series asking about whether you’d fall for phone scams. People will stop at nothing to get what they want, in this case, access to some serious cash. In this case, some smart thinking did not lead to the loss of money if I remember correctly.

I’m almost doing a double take thinking about this because we now can’t rely on our contacts to answer the phone.

In a long time post entitled The 19-Year-Old Blind “Little Hacker” Gets 135 Months in Federal Prison For “Swatting” tells the story about a teenager who started using technology to spoof telephone numbers. I had been caught in that war because he targeted someone I knew, someone I was dating, and had access to anything he wanted.

In another similar article Here’s something to ponder: a con man turned cybersecurity pro has tips another con is interviewed and I read all of the books in the particular series.

The posts I link too here link to other similar stories and experiences, and Brian links to the prior posting in this series which I also blogged about nd talked about in my last podcast. I don’t think this will slow down any time soon, but it is something to think about.

Have you been targeted in phone scams? Have any thoughts? Comment right here.

Read more: Would You Have Fallen for This Phone Scam?

Comments Off on Getting Extorted again? Lets discuss

Post mortem, an outage across the network on April 29th

Yesterday afternoon between 3:30 PM and 4 PM US Pacific time, I noticed that we were completely down. I was getting mail issues, and even troubleshooted by putting my phone on LTE to determine if there was a block or if something was going on.

After some investigating, I determined that with ATT wireless and broadband, I was not able to access the web sites at all.

I put in a ticket, and determined that one of the people at the company could access the main web site just fine, while another staff member also on ATT could not access the network.

Since I have access to a VPN thanks to this contribution blog post I connected to it and was able to send out mail and continue working.

A little after 9 PM, my phone was able to connect to the network, since it was not connected to VPN so I switched back to my network.

what can we learn?

Sadly, when calling ATT at 5 PM, the guy who assisted me said it was the provider. I couldn’t trace root because it timed completely out after the second hop leaving ATT’s network. They indicated that they were outside the network, but I doubt it. I can’t completely prove it, but working in this industry for many years, providers blame each other when there is an outage.

To make this interesting, I’ve been getting email about a potential hack and tarnished reputation. One hit one of my sites on the 28th, and one hit another on the 30th. I can learn that there is extortion attempts, and I’m not fooled. More on the tech blog about that later on today.

I did learn that all of ATT across the country was effected by this outage and everything looks to be OK now.

Effected by the outage? What was your experience? Please contact me through my tech address at tech at menvi dot org and let me know. One person indicated while I tweeted out updates that they were able to access the site they’re on just fine. Lets work together so we can fix problems like this.

Make it a great day.

Comments Off on Post mortem, an outage across the network on April 29th

Tech podcast 344 is now out

Hi all,

The RSS feed has the program. When this posts, I’ll get mixcloud updated with the show. I have not done mixcloud in quite awhile on any show so don’t fee bad.

On this show, its going to be quite interesting. Lots of non-covid-19 things here. I do have webinars, and other topics I can bring up, so we’re not going aywhere yet.

Below, please find the show notes, and I hope you enjoy the program!


Welcome to podcast 344. On this podcast, we’ve got quite a bit for you.

  • We’ve got news notes of varying kind.
  • I demo and talk about something I recently learn on the iphone thanks to Michael in Indiana.
  • I talk about Kreb’s article about moving money and how one can get duped. Krebs on Security: When in Doubt: Hang Up, Look Up, & Call Back which is also talked about on the tech blog.
  • Getting forms in a different language than you speak? We got two applications at MENVI which we are now not going to process based on advise given to us.

I hope to have another podcast really soon. Thanks for listening to this one, and make it a great day

Comments Off on Tech podcast 344 is now out

Paay Misconfiguration Leaves Transaction Data Exposed

Another breach, this time at an unlikely source. Paay Misconfiguration Leaves Transaction Data Exposed is the article and I’m absolutely shocked! This is a credit card processor who made this mistake with several million now at risk although no credit card info thank god. We see this misconfiguration way too much, and they claim it happened during a transition period? I can practically buy that except if I were to do this, I’d make sure that it was done correctly even if it was temporary.

I’d say comment, but I’m sure we’ve heard the same drill but the boards await you.

Comments Off on Paay Misconfiguration Leaves Transaction Data Exposed

Zeus is back under a different name

Zeus Sphinx is back although I know that Zeus itself was dealing with stealing banking credentials. This time, in an article from Forbes, we learn that Zeus has been dormant for years and only is coming back with a document claiming to be a form for getting your payment from your elected government. The government is not contacting you to get your payment info, you have to go to them, and fill out a form online.

Want to learn more? Check out this Forbs article which looks pretty credible. Its entitled Criminals Resurrect A Banking Trojan To Push COVID-19 Relief Payment Scam and lets be informed together. This can’t be good.

Comments Off on Zeus is back under a different name

This week in security news week ending April 25, 2020

There’s going to be a lot in this one, and lots of stories may be of interest to you.

Some of the stories I’ve covered, others I’ve not covered. Did you see anything you want us to talk about on the podcast? Feel free to mention it by sending an email.

Trnend Micro This Week in Security News: Security Researcher Discloses Four IBM Zero-Days After Company Refused to Patch and Trend Micro Integrates with Amazon AppFlow and Mr. Clay does a great job in getting all of this together for you and I to enjoy and learn.

I guess the biggest news is the apple mail bug which I’ve blogged about in a separate post, but you tell me what interests you.

Comments Off on This week in security news week ending April 25, 2020

Is Zoom finally understanding their mistakes?

In an article that talks about Zoom busting their efforts on security, I’m hoping that they are. Being scrutinized in this way is no fun for any company big or small. Microsoft gets this scrutiny every month with Windows.

The security field has mentioned that if the particulars of Zoom were not targeted, other platforms would if people moved to them. For Metro’s sake, I’ve been involved with testing with them Zoom and Teams. Both are accessible and both can be used by people who need telephone access.

Remember, that no matter the platform used for conferencing, you must be vigilent in setting it up with your users and the best practices out there.

Would you like to read more on Zoom’s take on what’s happening? Zoom bolsters software security in latest move to reassure users is the article, and I hope you find it of interest.

Comments Off on Is Zoom finally understanding their mistakes?

two zero days to break in to iphones and pads

I’m glad tha I don’t do a whole lot of opening of mail on my phone. There has been reports of two zero days that can be leveraged by actors to take control of devices. While this may be no surprise to some, I’m surprised that it was able to stay quiet for so long.

The security industry has been poking holes in IOS for awhile now, and something like this going un-noticed may be surprising to some, but not for others.

A zero-day vulnerability in Apple’s Mail application for iOS has been used to target high-profile victims around the world for more than two years, according to ZecOps research published Wednesday.

The flaw, which ZecOps uncovered through conducting a routine digital forensics and incident response investigation, is triggered by sending emails that consume a “significant amount” of a device’s memory. From there, hackers could gain access to email accounts via Mail, gaining the ability to leak, modify, or delete emails.

If the attackers want to cause additional harm and gain further access to victim devices, it “would require an additional infoleak bug [and] a kernel bug afterwards,” the researchers write in a blog that details their findings.

ZecOps assesses with “high confidence” that individuals at a U.S. company in the Fortune 500, managed security service providers from Saudi Arabia and Israel, an executive in Japan, a journalist in Europe, and a high-profile individual from Germany were among the accounts targeted via the vulnerabilities.

So far from what I remember of the article, we have not been targeted in the states, but don’t let that stop these actors. It wouldn’t surprise me one bit if they did, but it just hasn’t been reported to anyone.

Have you seen this and what do you think? Sound off!

Article: Hackers have been exploiting two zero-days to break into iPhones and iPads is the article, feel free to check it out!

Comments Off on two zero days to break in to iphones and pads

A peruvian botnet wounded, but still operating

On the 23rd of this month, I read a very interesting article in regards to a very large botnet in Peru which was disrupted. While it still mines crypto currency, it can’t get new commands and I’m sure the actors may not be able to get their money but that remains to be seen.

The article came from Cyberscoop, and I did find it quite interesting to read.

Cybersecurity researchers on Thursday said they had helped disrupt the infrastructure behind a botnet being powered by tens of thousands of devices in Peru.

For months, the botnet — an army of compromised computers controlled by an attacker — had grown in strength by quietly infecting devices using USB drives, allowing the attackers to mine thousands of dollars in cryptocurrency. The infections reached the Peruvian public sector and financial institutions, adding urgency to the effort to defang it.

Now, Slovakian anti-virus company ESET says it helped “sinkhole” — or render innocuous — about a quarter of the malicious subdomains used by the botnet.

That means the infected machines will continue to mine cryptocurrency, but they won’t be able to receive more malicious instructions — such as injecting code onto devices— from whoever is controlling the botnet. (ESET said it had no indication that those code injections would happen.) It’s an example of how the fight against a cybercriminal threat is often long and methodical — and heavily aided by the private sector.

I used this antivirus program once, and it was good. Want to learn more? Read the Cyberscoop article: A 35,000-device botnet in Peru is wounded, but still mining cryptocurrency and feel free to leave those thoughts on this one.

Comments Off on A peruvian botnet wounded, but still operating

Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers

On the 22nd, I read this article that talks about senators in the United States asking cyber command and other agencies to do more in regard to the Corona Virus attacks. What about other attacks we’ve seen? The multiple spam messages through contact forms especially those spam that say you can send your advertisement through contact forms? The names I’ve seen on those types of contact forms are definitely spam, with fake phone numbers, and the like, why aren’t we doing more in this field to deter those from sending this type of spam?

If we want to get a handle of Spam and the various types of phishing and other attacks we see on a daily basis, lets go after as much of it as we can. Lets not leave it just for Corona themed spam and phishing.

The article starts out:

A bipartisan group of senators sent a letter to both the Department of Defense and Department of Homeland Security on Monday urging them to take more action to defend the U.S. healthcare sector against hackers that have been exploiting the coronavirus pandemic.

The senators warned that if Gen. Paul Nakasone, the commander of U.S. Cyber Command, and Christopher Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA), don’t take more action to deter hackers, they will continue to pummel the U.S. healthcare sector will continue to get pummeled with coronavirus hacking campaigns.

Again, I’ll ask about why we aren’t trying to do more to stop the massive amounts of spam we get on a daily basis?

Here’s a Corona based message I got in my contact forms.


Below is the result of your feedback form. It was submitted by

() on Wednesday, April 15, 2020 at 09:52:37

Name: Dave Willis
phone: 82712173996
contact_method: both E-mail and phone
bug: no
additional_bug_info: Hello,

We have available the following, with low minimum order requirements – if you or anyone you know is in need:

-3ply Disposable Masks
-KN95 masks and N95 masks with FDA, CE certificate
-Gloves, Gowns
-Sanitizing Wipes, Hand Sanitizer
-Face Shields
-Orla and No Touch Thermometers

Details:
We are based in the US
All products are produced in China
We are shipping out every day.
Minimum order size varies by product
We can prepare container loads and ship via AIR or SEA.

Please reply back with the product you need , the quantity needed, and the best contact phone number to call you

Thank you

Dave Willis
Product Specialist
comment_or_question: Hello,

We have available the following, with low minimum order requirements – if you or anyone you know is in need:

-3ply Disposable Masks
-KN95 masks and N95 masks with FDA, CE certificate
-Gloves, Gowns
-Sanitizing Wipes, Hand Sanitizer
-Face Shields
-Orla and No Touch Thermometers

Details:
We are based in the US
All products are produced in China
We are shipping out every day.
Minimum order size varies by product
We can prepare container loads and ship via AIR or SEA.

Please reply back with the product you need , the quantity needed, and the best contact phone number to call you

Thank you

Dave Willis
Product Specialist

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
REMOTE_ADDR: 84.17.49.197


Here is one claiming to be from a company in New York. Why is the phone number not a New York based phone number? This is Spam and I get similar types like this.


Below is the result of your feedback form. It was submitted by

() on Wednesday, April 01, 2020 at 10:32:07

Name: Amy
phone: 06-30147958
contact_method: both E-mail and phone
bug: yes
additional_bug_info: Hey my name is Amy, I am from Leggings Hut.

Thought I’d let you know that we ship our fitness apparel worldwide directly from New York City.

Fitness leggings and athletic wear for women made with quality soft material.

You will never overpay when shopping with us.

Discover our collection today http://www.leggingshut.co

Thanks and have a great day!
comment_or_question: Hey my name is Amy, I am from Leggings Hut.

Thought I’d let you know that we ship our fitness apparel worldwide directly from New York City.

Fitness leggings and athletic wear for women made with quality soft material.

You will never overpay when shopping with us.

Discover our collection today http://www.leggingshut.co

Thanks and have a great day!

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 162.219.176.251


I really like these.


Below is the result of your feedback form. It was submitted by

() on Monday, March 30, 2020 at 13:27:12

Name: Tessa
phone: 72 481 36 99
contact_method: E-mail
bug: yes
additional_bug_info: Hello!
I can’t complete my order in your store!
Why don’t you setup more stable processing like paypal.com or paymenthub.online?
PayPal.com charges 3%, Paymenthub.online just 0.1% and setup is free.
comment_or_question: Hello!
I can’t complete my order in your store!
Why don’t you setup more stable processing like paypal.com or paymenthub.online?

PayPal.com charges 3%, Paymenthub.online just 0.1% and setup is free.

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 89.187.177.136


I’ve got paypal on my site, its on the donations page. Thats all I offer, so why are you sending this to me? I think I tried to respond and got a mailback for an address unknown.
Best of all:


Below is the result of your feedback form. It was submitted by

() on Saturday, March 21, 2020 at 19:46:28

Name: Delia
phone: 416-943-5074
contact_method: phone
bug: yes
additional_bug_info: Good day

Buy all styles of Ray-Ban Sunglasses only 19.99 dollars today. If interested, please visit our site: framesoutlet.online

Best regards,

The Jared Rimer Network, where everything is listed in one place: contact page – jaredrimer.net
comment_or_question: Hello

Buy all styles of Ray-Ban Sunglasses only 19.99 dollars today. If interested, please visit our site: framesoutlet.online

Best Wishes,

The Jared Rimer Network, where everything is listed in one place: contact page – jaredrimer.net

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 45.152.182.134


There is no address on this network, and they sign the thing as my web site.

There are many more I could submit, but these are examples of what what is out there that people may be getting. I got the sunglasses deal, the multiple covid-19 masks that can be baught in bulk and shipped, but I see this every day!

To read more here is the Cyberscoop article: Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers for you to peruse. Lets see how we can combat all spam, not just the ones targeting hospitals and individuals now. Just a thought!

Comments Off on Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers

When in Doubt: Hang Up, Look Up, & Call Back

Two days ago, I read a very interesting article I’m using for the blog post entitled When in Doubt: Hang Up, Look Up, & Call Back. I’ve also done a talk for the podcast which is in development which doesn’t go in to a lot of detail but tells the story.

In the talk, I don’t give the exact amount of money taken, but there was a lot of money taken and the person in this story got very lucky.

One of the things I’ve always done, especially when I told the story of how I got taken only for a few dollars, was ask questions. I had told the story of a company I don’t do business with anymore and how they asked me for my mother’s maden name. At the time, I was using them for long distance because there was no unlimited long distance. They told me that they wanted to validate the account, and these validations were random.

What happened after that to me was quite interesting. They let me recharge the account in question, but then my information was changed without me knowing it. That’s a problem! Its similar to this story in that thing happened without me knowing it.

The only difference in my case VS this one, was that I was aware of the going ons with my account on a pretty regular basis. In no way am I saying this guy wasn’t knowing, but I tended to check more regularly than probably most. My dad said that I did it too much and that I should wait until my bill comes to do all of this work.

Let me remind users who are coming here for the first time that this practice of waiting till your statement comes is not the best practice now. You should always review your statements, even after you’ve spotted the bad transactions just in case, but it shouldn’t be your only line of defense.

Is there anything else you got out of this article that you want to bring up? Lets talk about it, I’d love to hear what you have to say. There may have been more I wanted to write, but this may spark some discussion if I stopped here. Hoping to hear from you!

Comments Off on When in Doubt: Hang Up, Look Up, & Call Back

Its been confirmed, Mariot suffered another breach

In this blog post posted on April 1 2020 asked the question whether Mariot was breached. On Security Now, podcast 762, Leo Laporte mentioned between segments the news about this, and the blog post that I linked to within this post here. That typically indicates that if mainstream Media like Leo’s network mentions it that its pretty accurate.

I put out the question because I knew that we had already had a breach, and was confused because it mentioned the other breaches within the article that I have linked to within the last blog post. The number mentioned in the segment was 512 million people. Maybe it is time for Mariot and the Starwood brand to hang it up?

The original story came from NBC Miami. It seems pretty credible, however, I really question this. new information coming out if the brand didn’t say anything. This similarly reminds me of Trump Hotels before the third time they got breached when it was linked to other breach acknowledgements so I guess we’ll see what happens.

What do you think? Sound off in the comments! I’d love to hear what you think now that a credible show like Security Now mentioned it in passing.

One comment they made was that the breaches are an every day occurence now, and thts why they didn’t really cover it, but it was mentioned in passing and I’m glad that they did. This is unfortunate. Again, please leave those comments, and I look forward in what people are going to say about this one.

Comments Off on Its been confirmed, Mariot suffered another breach

Android fans, still think you’re safe from compromised apps and problems?

On the 21st of April, I read an article that indicates that more banks are targeted in attacks. Luckily, this is not happening in the United States, yet. The key word is yet because according to the article, the actors just need to change a few things, and the same attack can have the same effect as it is having on these banks.

The problem we have here, is that whatever is happening is stealing the second security measure that people are using to authenticate with the bank. If this factor is SMS based, this may be why. However, if it is app based, then we’ve got a bigger problem.

I’m unclear by the article whether they’re using SMS two-factor or app two-factor. The link that points to secondary factor is a search for two-factor on cyberscoop. Perusing this, doesn’t really tell me whether there is an article I missed about this.

Brazil’s financial sector, which has long grappled with cybercrime, has a new foe.

An insidious Android application is trying to steal users’ login credentials, and their money, by impersonating Brazilian banks, researchers from IBM Security said Tuesday.

If you’re interested in more, please read the Cyber Scoop article which goes in to more detail. This can’t be a good sign, but yet, they’ll stop at nothing to get our data and information during this critical time. The Cyber Scoop article is entitled oid open(window void open(window void open(window void open(window and I hope you enjoy this one. Its only the beginning of something that could hit us at any time around the world if the actors really wanted to.

Comments Off on Android fans, still think you’re safe from compromised apps and problems?

Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting

Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting

I’m going to use the article title I’ll link to from cyberscoop as my article title because I think it is absolutely perfect.

We know that hackers from around the world have gone after many different facets of our government through the years. The article I’ll link to even talks about the Office of Personel Management which I’ve covered on my blog in various forms and I’m sure that OPM will not be talked about lightly in the future.

The two links above are to two articles that mention OPM by name, but OPM on the blog may lead to other non-relevant articles. There may be more I could link, but those two are a start when searching for blog coverage.

You can add this article as a third article, as we have really never heard what really happened there, or at least I haven’t. This can’t be the only major breach within the past 10 years that have lifted sensitive information, but biometrics has not really been lifted before until recently.

With 3-d printing, it can get interesting now, as more people are able to get printers either to test them out, or to actually do things. This article I’ll be linking to does cover this.

Want to read more? check out the cyberscoop article: Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting and do leave your thoughts. The blog is open to everyone, and comments are those of the poster and may differ from administration.

Comments Off on Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting

Linux malware, you bet there is

In a very lengthy article, Trend Micro talks about the internet of things and the Linux operating system. Thought you were safe with all these IOT devices?

By next year, there will be billions of IOT devices out there, according to this article. With the stay at home orders in lots of places, we’ll see how big of a jump this will be.

Trend Micro: Grouping Linux IoT Malware Samples With Trend Micro ELF Hash is the article.

Trend Micro’s new hashing sounds very interesting, and I hope it works out to detect the many malware families out there. Enjoy this read.

Comments Off on Linux malware, you bet there is

Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining

I’m going to borrow this blog post’s title for my own, because this is such an important title. Trend Micro’s lengthy article on this is quite interesting, and maybe its a good thing that I don’t have one of these servers.

I’ll let the article do the talking, because there is so much here. It took awhile for it to be read through speech.

If you had an interest in this topic from the prior article, than we’ll hope you’ll find interest in this article.

Trend Micro: Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining

The key word here is crypto mining, where you can have your resources slowed down.

Comments Off on Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining

The CFAA will have its day in court

The CFAA, otherwise known as the Computer Fraud and Abuse Act, will soon have its day in court. Demand Progress’s own founder committed suicide over charges he illegally downloaded documents even though the documents were made public.

Within the linked article I’ll link to, it talks about that, a Linked in case, and others. Our United States supreme court will hear the case, and it didn’t mention a date.

Would you like to learn more about this? The CFAA will soon have its day before the Supreme Court which was posted on the 20th. I think its worth the read, don’t you?

Comments Off on The CFAA will have its day in court

Last week in security news

Again I’m behind, but I’m not behind by weeks.

Last week in security news braught up some things that are quite interesting. I may have read some, but not all of the items within the news sections, but if there is something you find of value, feel free to check it out.

This Week in Security News: 5 Reasons to Move Your Endpoint Security to the Cloud Now and ICEBUCKET Group Mimics Smart TVs to Steal Ad Money is the article, and I hope you enjoy the wide aray of news.

Thanks for reading as usual, and participating on any podcast discussion by leaving thoughts.

Comments Off on Last week in security news

Older Posts »

go to sections menu


navigation menu

go to sections menu