go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: May 2020

Go to Homepage [0], contents or to navigation menu

Another breach, this time, a home food chef delivery service

If you think the airlines are exempt, I also read an article talking about a home chef service that suffered a breach.

Home Chef food delivery service confirms breach, two weeks after stolen data went for sale is not what you want to have happen. Confirming a breach after it went for sale is the worst thing any company can do. If you learn about it afterwords, I can see that as a mistake, but if you knew, and you didn’t publish until afterword, then that isn’t good.

The number of customers that were effected by this breach are unknown.

The group that seems to be attributed to this hack is only known as Shiny Hunters. I think I’ve covered them once before, but even I don’t know much about them.

“We recently learned of a data security incident impacting select customer information, including names and emails, as well as limited customer account
information and encrypted passwords,” the company said in a statement. “We are taking action to investigate this situation and to strengthen our information
security defenses to prevent similar incidents from happening in the future.”

You are?

The company did not answer questions seeking clarification about when the breach occurred, how many of its users are affected and whether the stolen information
is being used for illicit purposes.

In the company’s defense, they may not know if the info is used ilicitly, but not disclosing how many customers may not be that good for them.

There are many companies like this one that deliver ingredients to be able to cook meals. One company who advertised on Twit at one point is Blue Apron. I’ve never heard of a problem like this with them, and I bet they have many customers they deliver ingredients to.

I shouldn’t be surprised that a company like this was breached, eventually all companies will, but the fact we don’t have a number in this case makes me a little concerned for other companies like this.

Comments (0)

Another Airline, another breach

While I’ve been under the weather, I ended up reading about yet another airline that suffered a breach. This time, Easy Jet, A U.K. airline, alerted authorities under the European laws. The number this time is a staggering9 million, small comparitively speaking. This number is no laughing matter, because the information taken includes travel information and email contact info.

Email contact info is not a surprise, as even with other breaches like the Capital One breaches of late, email address information was taken. I know, because one of the breaches Capital One had I was notified about. I’ve also had other problems, but it wasn’t Capital One’s problem, it was other problems.

Mistakes happen, but when are we oing to learn tht personal information is no sneezing matter to lose? Getting travel information can tell a criminal a lot on where someone is going so they can go and raid the victim’s house or place of business.

Easy Jet is not the first airline to have a serious problem, and I’m sure they won’t be the last. EasyJet announces breach impacting 9 million people is the article that I’ve read on this topic, this can’t be good.

Comments (0)

Judge rules Capital One must hand over Mandiant’s forensic data breach report

I’ve been monitoring the events of the Capital One breach that took place by the eledged suspect Page Thompson. In the article I’m using as my blog post, the judge has told Capital One to produce the report that the well-known security firm named in this article did on their network and other aspects of business.

This could be a good thing because we can learn as a whole what went wrong, and maybe we can all learn how to make ourselves better to even inside attacks although Page wasn’t a Capital One Employee. If you remember, Page was a former employee of Amazon, but that didn’t give her the right to access information that was not hers.

Want to read more? Judge rules Capital One must hand over Mandiant’s forensic data breach report is the article, and I hope that you find it of interest. Thanks so much for reading!

Comments (0)

Have a Mac? This article might be for you

While I’ve not been blogging much, I’ve been reading, and I’ve continued to look for items that may be of interest. I don’t really get a Mac article so when I saw this Mac article, I knew that people may be interested in it. It comes from Trend Micro who has products for the Mac to protect yourself from the nastys of the Internet.

Think you’re untouchable because you have a Mac? You were at once untouchable, but actors are targeting a wide variety of platforms and your Mac computer is no different. Keep in mind that each person is going to be different on how they use their Mac, and your instincts will tell you whats safe and what isn’t safe.

The debate of whether to use products like Trend Micro or any other company that can protect you by alerting you or blocking the suspicious behavior is up for debate. While the article I’m linking to indicates that you should install such software, the choice is yours. The tips within this 21-step protection article does include installing something but you need to start with basic computer work as well. This includes removing software that is problematic, out of date and unused software that could be abused, just to name a few.

To read all of the Ideas Trend Micro has about how to keep your mac safe, please read 21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac as a starting point, keeping your own needs in mind of course.

Comments (0)

windows 10 2004 is out with a few warnings

Hi windows 2004 is out for those that want to manually update to it.
Firstly, the latest amd drivers that work with windows 10 are available here.

A note that when installing before restart removing the following tasks will make the software not do stupid things.
start dvr, start cn, modify link update, and all tasks with amd in their titles.
We don’t need to ever interact with the amd software but the amd software likes to change our keyboard shortcuts like the replace shortcut.
Next nvidia.
Its worth noting that the g force experience aint that accessible either and neither are their web detections.
I know some users with version 385 or 384 of the software installed, but that is with a really old card and maybe its time to update it.
Now note if you have 354 or lower and thats the last version you can ever have, then it may actually be time to update that card.
If you got that card for something its now a liability because due to issues with windows your system may screw up.
The easiest solution is to pull and throw it away and get another one or update the driver to the latest you can if you actually can do it.
I know microsoft will probably fix it but if you run 354 of the software then you are running really old software.
There are other issues in this update.
However if you don’t use more than 1 network adaptor at a time, or more than 1 bluetooth device at a time, or have a thunderbolt dock or even if you do, don’t use it then you won’t have a problem.
I actually don’t use bluetooth on my laptop its easier to plug a cable in.
There are issues with some synaptics and conexant devices, and issues with some system files in older drivers.
For older drivers update if you can or replace those devices or wait for a fix.
If you have synaptics or conexant devices that handle audio, then don’t bother.
The last 2 issues have to do with intel and vr and something to do with a mouse and gaming which don’t apply to us blind people.
The only issue I have noticed is that when starting windos the network does not immediately power and you need to wait a couple minutes after login for it to actually do what its supposed to do.
As always, www.dropbox.com has an update www.dropbox.com/release_notes will get you there then click on the latest stable.
You will not lose any settings, my only caution is if you update via media creation you will have to reinstall all your optional languages and features you had on.
Doing it via windows upgrade wizzard means you only have to install the newer features.
After updating you may get a large store apps update to.
As usual notebook manufacturers will have to catch up.
At least intel has fixed my 4th gen system so driver update works again.
As for the issues bar the ones I mentioned, the only issue that may be about is my bluetooth with realtech on my ryzen5 2nd gen workstation which I don’t use.
The network issue is a bit annoying but if I turn off all my updaters on nvda on startup it will not be a problem.
There is a small update to install after everything goes up to from windowsupdate.

And now a note on installs.
On the 2 laptops, my amd unit with realtech and amd and the intel 7th gen unit, I found installing took a while.
On the amd I used the media creation tool and the setup would stay at a percentage for a while and slowly rize.
After that you restarted 3 times and slowly things would go up on each restart.
After updating updates things would restart and then things would just work.
The only issue I had was my amd drivers needed a couple reboots to get up and running.
On the intel, everything just ran with the same as the amd, intel with intel all the way for most stuff anyway using the upgrade assistant.
On the 4th generation system, my dad’s one from 2013 I think it was 2013 the last bios is 2015 but latest drivers are 2016 so I get confused.
This one rappidly wemt up and up, with a few stoppages but seemed to just role with it.
During update of windows the system rebooted at least 3 to 4 times before finally allowing me to check the progress of the update at at least 70%.
On updating, windows needed to reboot a couple times to get settled but seemed ok after that.
Performance wize, with cortana off on the systems I guess there is a bit more.
On my amd and the 7th generation I have not noticed anything muchh.
On the 4th gen things seem a little faster.
On all systems there are a couple seconds where things take to start and shutdown but not that bad it eventually sorted itself out.
Over all I am happy with this update.
One major thing is that I havn’t needed to change any settings or even look at them because even my file associations are in tact.
I have cleaned all the stuff I don’t need but everything works and its fine.
See you later.

Comments (0)

State unemployment is being ridden, states have it all wrong

In a great Krebs piece, Brian talks about the massive uptick in unemployment fraud that is taking place across the country as the governors across the country had once ordered shutdowns of the states due to the covid-19 pandemic. While a study mentioned to me indicated that the shutdown has no correlation on the spread of the virus, we’ve definitely tried to do the best we can. I don’t have a link to this study, but suffice it to say, we were damned if we didn’t shut it down, or we were damned if we did.

Because the different governors across the country and the world chose to shut down their area of responsibility to curve the spread, fraudsters are not stopping because we are. In one case sited in this article, one state paid out $8,000 if not more to multiple accounts not belonging to anyone in that state! Are there not checks and balances to make sure money goes to their citizens who file properly? I think Brian’s article fits this best. Riding the State Unemployment Fraud ‘Wave’ is the article title and link to this very interesting story. What do you think of it? Lets discuss, as payments are being electronically dispursed now a days, it isn’t all paper checks anymore.

Comments (0)

xLast Week in Security News, news ending March 23, 2020

Hello all,

I’ve been dealing with some issues here health wise so sorry about the lack of posting this week. When I feel I’m getting better, I’ve got a setback but today I’m feeling better.

This post deals with the blog that was posted last week for Security News that Trend Micro writes up each week. Also, not covered at the beginning of this week, a webinar I got notified an hour prior and I attended and taped. More on that later.

Smart Factories may be our next target. The lead post is part 1 of a potential series, and it looks to be a good one.

Not surprising, another covid-19 lure, this time, something called node.js is the vector and it has a low detection rate. It has something to do with the fact that it could have a fileless component with it, which is part of the problem.

One article this week talks about a group called Shiny Hunters. Shiny Hunters seems to be mentioned as part of many different breaches as of late.

Net Walker deals with filess detections I may have misspoke about something else that had it, but this one does have it, and that can be worrysome.

This is only some of what is in this article. Find something that you want to talk about? Get in touch! This Week in Security News: New Bluetooth Vulnerability Exposes Billions of Devices to Hackers and Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers is the article, and thanks for reading! I’ll be playing catchup for awhile throughout the next several days.

Comments (0)

Podcast 345, Cat fishing, Cat Phishing, and Parcel Tracker

Welcome to the technology podcast, podcast 345. On this program, Parcel Track, Catfishing, and Catphishing. Hope you enjoy the program!

Welcome to podcast 345 of the technology podcast series. This time, no covid-19 material as I have quite something different lined up for this podcast. I’m sorry its taken this long to release, I’ve not been feeling well, but the wait is worth it, as you’ll see.

  • What type of app do you use to track your packages? Just before podcast 344’s release, I had a hair, and decided to go searching for a replacement. Parcel Track was found and demoed. Some things including notification fixes were pushed out after the recording, the basic demo will give you an idea on what it is about and how it works. In the first segment, I talk about what I had used before, and introduced Parceltrack. The second segment was the demo itself.
  • Have you heard of terms such as catfishing or catphishing? Yes, thats awesome! I have but not really looked up what it meant until I found a Cyberscoop article talking about a well known figure that does cybersecurity work in the government who was impersonated. I did some looking up, and what I found was quite interesting. Both spellings of fish (phish) are used in this and it was quite facinating. Read the featured post for May 20th, Catfishing, Catphishing, what are they? for more on this, and it links to the Cyberscoop article.

Contact information is available for everyone at the end, and I hope you enjoy the program as much as I have bringing it together for you! Thanks so much for listening md feel free to reach out.


Comments (0)

This Service Helps Malware Authors Fix Flaws in their Code

I read this article which I’m using as the title of the blog post. The article is entitled This Service Helps Malware Authors Fix Flaws in their Code and it amused me. It talks about software that is used for bad being full of holes. That wouldn’t necessarily surprise me. The article goes in to a service that is run to do just that. People pay for code reviews, then its published after the fix is in place. For more, read Brian’s article It was quite interesting.

Comments (0)

Lesson 18 is passed

After three attempts, assignment 18 is passed.

I would’ve gotten it after one or two if my questions were answered appropriately, but between Braille2000 helping me out as it has since 13 with making sure I got the information i thought it should be, to my braille outs now provided by Bob, I’ve got this one.

Assignment 19 time, here I come. I’m to turn it in no later than 30 days, and thats OK. I hope that I can pass the first time and then figure out how I’m to certify. Now, the fun really begins.

Thanks B2K for your dedication.

Comments (0)

Apple Releases iOS 13.5 and iPadOS 13.5 With Exposure Notification API and Face Mask Detection for Face ID

On May 20, 2020: Apple released a new version of IOS which includes the Ipad. Looks like several different things are fixed in regards to this that we’ll want to take note of.

  • • Temporary banners now correctly disappear after a few seconds.
  • • VoiceOver no longer wrongly reports some blocks of text as being editable text fields.
  • Apple appears to have made some improvements to the bug which prevented websites from inverting colors when both Dark Mode and Smart Invert are enabled.
    Our testing suggests that there are still instances when websites will not invert.

I’ve seen two of the three, and the third I’ve not seen because I don’t use invert colors. This is welcome news, and I’m happy they’ve finally fixed that ugly bug with the notifications not going away. That was strange.

For the full article including links, Apple Releases iOS 13.5 and iPadOS 13.5 With Exposure Notification API and Face Mask Detection for Face ID and thanks applevis for posting this information for the community to have.

Comments (0)

Los Angeles Metro gets rid of Go Metro as official app: endorses Transit App

For a long time, Los Angeles Metro has had their own application which I’ve demoed on this podcast when I first got my iphone and was needing an application to get me my bus. It never seemed right to me, and the interface I felt could use an improvement.

Someone told me about Transit App which I really enjoy. At one point, voice over was doing something strange, and they were willing as a small company to get on skype or some sort of call as I showed them what it was doing. Whatever it was, the problem was fixed.

I’ve demoed Transit App while in transit, and I also have talked about recent updates although I’ve not demoed the recent changes.

What does this have to do with Los Angeles Metro? It has plenty, because at an event I attended, people were asking which app to use, and the Metro representative happened to mention Transit App and not their own. Go Metro, Metro’s application, has not been updated and lacks features like the stop announcements, and the real time data, both Transit App and even Move it has. Move it has stop announcements, but the interface is accessible but confusing at times, and the rating of the real time data of when you’ll get off is not all that great. I also think that moveit, while it does have the same data, has not true realtime data, although I like their stop announcement features.

A recent blog post from Los Angeles Metro caught my attention, and I went to go call one of my contacts yesterday. He was thinking that Metro was going to roll Transit App’s features in to their own, but I had another hunch before I even read the article which I did read.

“The improved app is very timely given the ongoing pandemic as we can no longer rely on transit data from the past,” said Conan Cheung, Senior Executive
Officer in Metro Operations. “There is a new normal in terms of transit demand and Transit gives us the ability to quickly get an impression of how the
system is being used. That, in turn, allows us to quickly make service adjustments when and where needed.”

In the past, Metro developed its own app, which was time and resource intensive. We’re now pivoting to using an existing app that we think already works
great. Ultimately, we chose to work with Transit because the app is well-designed and the trip planner is intuitive and easy to use. We believe Transit
does a great job of taking something that can be confusing by nature —  navigating a complex city via transit — and making it a straightforward experience.

The contract with Transit, which was selected through a competitive Request for Proposals process, costs zero dollars and the partnership is expected to
save Metro $240,000 per year in app maintenance and development costs.

The last paragraph is the key! This move costs nothing, and Metro already provides data openly, so why not recommend something that already works?

As a public agency, Metro is committed to providing open data to the public. If you prefer Google Maps or Apple Maps, for example, the agency is still
pushing our latest data to anyone who wants it.

I’ve tried Google for transit, it was not all that useful to me at all. Never did get it to work. Neither did Apple, although their maps feature got me to the train station from an unfamiliar place, so I mainly use it for that.

Thank you Metro for listening. I’ve been promoting this transit app linked here for awhile now, and never mentioned go Metro. I really like your move.

To read the full announcement from Los Angeles Metro, head over to the source and read the blog: Metro partners with Transit app to making riding and trip planning easier and more accurate. Thanks for reading!

Comments (0)

Catfishing, Catphishing, what are they?

Hello folks,

Today, I want to talk a little bit about something I don’t think we’ve ever covered on any blog or podcast. This is a term entitled catfishing spelled with an F as in the fish you eat. There is also catphishing which is defined with a PH as in the Phishing attempts we’re getting now trying to get information online.

According to Bad romance: catphishing explained they define both of these terms.

You’ve heard or read about some variant of this story before: Girl meets Boy on a dating website. Girl falls in love. Boy claims he does, too. Girl is
excited to meet Boy soon. But at the last minute, Girl finds out that Boy (1) had an accident and broke a hip; (2) has a very sick relative he needs to
look after; (3) is going away to a secluded place to “find himself”—you’re not the problem, he is, right?; or (4) (through a helpful and mournful friend)
is dead.
Suddenly suspect, Girl digs a little deeper. Girl finds out that Boy isn’t the dreamboat he portrays himself to be. Boy is, in fact, her female colleague’s
timid 13-year old son whom she met once at a work function.

Another version covers the PH aspect of catphishing.

Two months ago, Deloitte revealed that it was breached by hackers,
who most likely already had access to compromised servers since November 2016. Around the same time, a cybersecurity staffer at Deloitte was convinced to open a booby-trapped Excel file from a female friend he met on Facebook months before. Her name was “Mia Ash,” a London-based photographer. She was described as
lovely and disarming. She was also 100 percent fake.

Two other names were used in this Scheme, Robin Sage, and Emily Williams.

Something else we need to know which has happened to me. People have come to me on other social media such as Facebook or Twitter and asked for a boyfriend. They have asked me for information about what I do, how much I make, and the like. The most recent was someone who I thought I knew of in the disability community, according to the name.

I asked the person why we meeded to move to hangouts and explained that I’ve been potentially scammed before. They asked why and I explained. I didn’t think it was a big deal, but I knew that going from one platform to another without really knowing them first was a bad idea. Messenger allows for calls, so it wasn’t a big deal. What really tipped me off too was that they claimed to be using their sister’s phone, because their phone was broken.

As disabled people, it is important to talk to the person, not just type to someone, especially if we’re going to have a relationship.

What is catphishing?

Catfishing (spelled with an “f”) is a kind of online deception wherein a person creates a presence in social networks as a sock puppet or a fictional online persona for the purpose of luring someone into a relationship—usually a romantic one—in order to get money, gifts, or attention.

Catphishing (spelled with a “ph”) is similar, but with the intent of gaining rapport and (consequently) access to information and/or resources that the unknowing target has rights to.

The one with an F is to break your heart, the PH wants data

Malwarebytes Accessed May 19, 2020

I’ve talked about numerous instances, the one that sticks out is in podcast 289 where we have a person who started on Twitter and then moved to hangouts. They wanted me to set up a bank account, gbut yet asked for money. You can go to the the RSS feed of this podcast and search for that episode.

Catfishing media has been produced, often centering around victims who wish to identify their catfisher. Celebrities have been targeted,
which has brought media attention to catfishing practices.
catfishing (accessed May 19, 2020)

Why are you talking about this?

There is a very good reason that we’re bringing this up. Cyberscoop has an article that talks about this in light of today.

Gen. Paul Nakasone, the director of the National Security Agency and head of U.S. Cyber Command, is a busy man. He oversees vast, technical surveillance
efforts in the U.S. and abroad, while also commanding a military outfit charged with launching cyberattacks.

Emailing random women from an outpost in Syria is probably not on his to-do list.

So when, Susan, a woman from the New York City area, started receiving correspondence from a “Paul Nakasone” this week, she wondered why the self-proclaimed
“head of U.S. Army Cyber Command” was trying to flirt with her.

“I Googled this guy and I’m like, ‘Are you kidding me?’” Susan, who asked to be identified by only her first name, told CyberScoop. “And it was very flirtatious,
but I’m a married woman.”

The article goes on, and the long of the short of it, the actor is able to answer a question that was thrown at them by just “googling it” which “googling it” was termed before the turn of the century or shortly after it.

Meanwhile, Cindy was corresponding with a similar account, claiming to be Stephen Lyons. The emails were of a similar nature: flirtatious messages and
requests to download Google Hangouts.

Susan alerted CyberScoop about the Nakasone email address after being unable to contact Facebook about the Lyons account.

There’s more to this facinating story, and I think people need to read the article that I read on cyberscoop which I’ve quoted some of. We all need to learn about this, and I’ve got experience with this. The article indicates that they’ll start small like gift cards and other items, and then ask for bigger items. The fact that none of these people ever called me, one threatened me with their attorney, and the other most recent dropped off after they said they’d go to their room and do as I said. It never happened folks, none of them. They don’t want to call, they want their money, and that’s the most important thing I can give you.

Someone is trying to catfish women by pretending to be Paul Nakasone was read on May 18, 2020 and portions quoted on May 19th for publication. Let me know what you think of this one. Has this happened to you?

Comments (0)

The Hidden features of an app, this one, a nice little gem: The History feature

Braille2000 is very intricate, having lots of different features within it. Without going through each option thoroughly, there is no way to have every option known to you. This is the case in today’s feature that can help every transcriber that utalizes the application, blind or sighted.

I’m talking about the history feature, which I spotted once while looking around the panel menu. The Panel menu has lots of options that are also available in the panel itself, but as blind people, it is advised to turn off the panel within its options. See the braille transcription using braille2000 web site for more info on setting up B2K as a blind person.

The history option that we are speaking of is in the file management section of Braille2000. At the current time of writing, it can be accessed by “pannel” “file management” then history.

Once there, you can see the many files that you’ve saved through your B2K history. Unlike other history options, this one is a very comprehensive history with every save of every file. It does not matter where you saved your file, if something were to happen, this is the place to get it.

While this feature was accessible out of the box, some improvements were made to give access to the full information. In longer filenames, Jaws seemed to cut it off, and this isn’t conducive for a blind speech user. Since I do not have braille access, I am not sure how this worked prior to the build which has a new awesome feature to this search history and is available as of May 13th, 2020.

Prior to the build dated 5/13/20, the search functionality of this very powerful history function was not available. I was asked at one point by Bob to give him a version of a file and he told me how to access it like I did here. Since I’m doing the Braille Transcription Course, he wanted to see one of my earlier assignment 18 files. All Jaws was giving me was assignment 1 although i did do 10 onward. This gave Bob the idea to build out the search feature so you can search your files by filename, earliest date, latest date, and other parameters. The talking edition by default will allow you to hear how many results the search feature reduced your options by as you type. He also added radio buttons to this so a blind user can change the order of the results whether file, date, or other parameters.

Pressing OK from the search dialogue returns you back to the history, and you can then press enter on a file you want to view. For the sighted, you double click and it’ll open that file. The file in question is in read only, but if something were to happen, you just save that version and you’ve got the last working file you were happy with.
We had some very interesting challenges getting this to work, as by default, the edit boxes didn’t seem to read right with Jaws. It always read the next one. This eventually got worked out, so when you enter the search function, you’ll land in the first edit box. While I don’t understand screen reader use as why this was occuring, talking to Bob and understanding how this was working correctly elsewhere gave him the idea on how to fix this one, and the build you get today will have all of this functionality.

When you get in to the history, you can just up and down arrow to see what it has. Jaws will read the file name, the path of where it was saved to, and the date and time of each entry. Added to this release that you will be getting will be the new search facility to search this data, and the ability if needed to maximize the window if you are needing to see more data than you’re able to. It should not be necessary for you to need to maximize the window, but the option is available through alt+space x as you would any other window or the equivalent button found withthe the mouse.

The new search dialogue is a button and it is the first tab when you press your tab key. This button has various elements as discussed earlier in this article. It has name, path, earliest, latest, and past the cancel and ok buttons, you find the order set of radio buttons on how you want to sort your data. The talking edition will allow you to hear as discussed earlier how many search results are there, and it will tell you how many options as you refign your search.. For example, if I searched for my assignment 18 file called assignment18, it’ll find all of the files including DXB’s for my instructor that I’ve ever saved. I can even only get the B2K’s if I want. I think this will benefit the entire Braille2000 community sighted or blind.

How to Update

If you’d like to update so that you can get this new search functionality within your history, its now available! Go to pannel, file management, software update, and get the update dated 5/13 or greater.

Thanks for reading, and make it a great day.

Comments (0)

Last week in Security News, news ending May 16, 2020

I’ve been neglecting the blog for a little bit, part of that has been my health, but there are two items I’m going to post while I’m thinking about it. The first of course is going to be the news for last week that is compiled by Trend Micro.

The top story is one we’ve covered on the blog in regards to how two researchers were able to make a factory like environment, then commandeer the robots to do whatever they want. Of course, we can’t forget the Microsoft ordeal with the third month with over 100 patches fixed in their roll-up.

Another item that caught my attention is a package delivery service I’ve actually never heard of that got owned and breached. The company is named Pitney Bowes .

Finally, Texas courts did not pay any ransome, after being attacked with ransomware.

This Week in Security News: How Researchers Used an App Store to Demonstrate Hacks on a Factory and Microsoft Again Surpasses 100 Vulnerabilities on Patch

Next, we posted two articles in an earlier blog post that talked about Windows Update. On Friday, Trend Micro came out with their post, and it still is worth posting. 16 of these patches are critical while the rest are not “so bad” if you rate important less severe.

May Patch Tuesday: More Fixes for SharePoint, TLS, Runtime, and Graphic Components Released

Find anything in the last batch of news items or something in the patch Tuesday you want to talk about? Why not comment or send me an email?

Comments (0)

Its Windows Update time, time to start patching

This week is Windows Update week. We’ve got two articles and one from a very unlikely source.

This is the first time I can recall that Cyberscoop has covered Windows Update.

Krebs on Security and Cyberscoop have similar writing on all of the various patches from Microsoft and Adobe for this month.

If you want to learn more about the different updates, pick the article that interests you.

At the time of writing, I have not seen Trend Micro with their writeup. The reason I like their writeup is because they go in to some detail, and I’m sure it’ll be out soon. When it does, I’ll be sure to put it up for everyone to peruse.

This is the third month that 100 patches or more are available from the big tech giant, Microsoft. With the Corona virus in full swing, actors are at work exposing problems lthough both articles I link in here say that they have not gone after these in wide spread ways yet. I am under the assumption that this will change within the next week.


Comments (0)

Ransomware Hit ATM Giant Diebold Nixdorf

When I read this on Monday, I got to thinking about the company Diebold who made election software or machines who were criticized on their lack of insecurity or shall I say security.

Krebs on Security has this full article Ransomware Hit ATM Giant Diebold Nixdorf which I’m passing along.

Comments (0)

Targeted Ransomware only hits Taiwan, not wide spread

Besides the wide array of sending mail out to see if you can hit someone with some type of malware or ransomware, there can be a thing called targeted attacks, and this time it is ransomware related. It hit organizations in Taiwan, which is outside the United States for those who do not know.

In an article that Trend Micro wrote on the blog recently, I spotted this, and wanted to highlight this so that people can see what’s out there.

A new targeted attack has infected several organizations in Taiwan with a new ransomware family, which we have dubbed ColdLock. This attack is potentially
destructive as the ransomware appears to target databases and email servers for encryption.

The information we gathered indicates that this attack started hitting organizations in early May. Analysis of the malware points to similarities between
ColdLock and two previously known ransomware families, specifically
Lockergoga, Freezing, and the EDA2 “educational” ransomware kit. There have been no indications that this attack has hit any other organization outside of those targeted; we do not believe
that this family is currently in widespread use.

The names of these other families are links within the article, so you aught to check these out if you are interested in this. Since it isn’t in wide spread use, that may be a good thing within itself, but something to highlight just the same.

I am so happy that this type of activity has not hit the disabled community to my knowledge, although what started me on this journey of talking about things like this goes all the way back to 2006 and episode 3 of this podcast. On that podcast, it was known then as only a virus, but it did hit the blind community more than other disabilities. I can share that podcast at some point, with the understanding that the audio is different, and I don’t believe I kept extensive notes like I do now.

The long of the short of that podcast is that this community was hit with a file claiming to be an app update to a program no longer in existance. Some blind people installed it, and the computer became useless.

I would hate to find out what Ransomware would do to our machines because we use access technology. I think this was a one time thing too, I’ve never heard anything more.

Back then, i had an article written on the now defunked about web site which was nice. I’d hate to see what ransomware would do to our computers if something like a program to disguise an update to a program that we use for whatever the reason is.

Are you interested in this Taiwan article dealing with Ransomware? Targeted Ransomware Attack Hits Taiwanese Organizations is the article, and I hope you enjoy this one.

Comments (0)

Smart Manufacturing not secured?

Trend Micro has a very nice article talking about smart manufacturing. Robots can do the job all day without a problem knowing that they can communicate a failure within the network and stop if thre is a problem. I don’t know if this is the case, but research says that this can be broken, and if it is, it isn’t going to be very good.

If an actor were to try this, the entire platform could be told to do something else by manipulation.

I’d say lets learn what the research is teaching us, and read this forward thinking article Securing Smart Manufacturing and we’re going to have to see what plays out on this one.

Comments (0)

Web Monitoring Rat bundled in an installer of Zoom? Have fun with this one

I recently read an article that talks about a web monitor Rat that comes bundled in a Zoom installer. The normal Zoom installer which I ended up running once comes with nothing to be concerned about.

Actors decided to make their own installer of Zoom, and put this thing in it. This is why it is important to get applications from their official stores or web sites, and not from some shady actor who says you need an update or an installer.

When I went to go to a zoom conference, I went to the link from the site I was on that was advertising this meeting. From there, I installed the application, and tried the link again. It let me in, and I was able to listen to the meeting. I chose not to participate by asking questions, but I found that session interesting.

Plenty of malware variants pose as legitimate applications to conceal their malicious intent. Zoom is not the only app used for this type of threat, as
many other apps have been used for this attack as well.  For this particular instance, cybercriminals may have repackaged the legitimate installers with
WebMonitor RAT and released these repackaged installers in malicious sites.

The article also talks about the fact that official stores and sites should be used and problematic apps do not come from these channels. This can’t be stressed enough.

To show how much of a threat this think can do, here are the things it collects according to the Trend Micro article.

• Battery Information
• Computer Information
• Desktop Monitor Information
• Memory Information
• Network Adapter Configuration
• OS Information
• Processor Information
• Video Controller Information

Itt doesn’t seem to be a whole lot, but it sends it to an IP you may not even be aware of, to a particular php file which is mentioned within the article. You really don’t know what actors could do with this info, and I hope we don’t get targeted with this thing, either by email or by accident somewhere.

WebMonitor RAT Bundled with Zoom Installer is the article if you wish to learn more about this stealthy way of getting things on machines. Enjoy!

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu