go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: August 2020

Go to Homepage [0], contents or to navigation menu



If North Korea isn’t understanding, the game may be over soon

Yesterday, I posted an article about North Korea, but that was before I came across an article DOJ and Cyber Command partner up in civil forfeiture claim targeting North Korea’s financial hacks which may be some good news in the long term.

This article goes on to talk about the long term goal of letting people know about the dangers of their crime and that it won’t pay to hide. Turns out that if North Korea is using China to help them out, we’ve got more of a problem than we first thought.

There is a lot of links within this one like a lot of Cyberscoop’s articles which is good. If you’re interested in this one, you might want to read it too.

Comments Off on If North Korea isn’t understanding, the game may be over soon

Tesla gets targeted with ransomware

In a recent article, Tesla auto maker got hit with ransomware and it was confirmed by someone who a lot of people who know of may recognize the name. The article is entitled Elon Musk confirms that attempted Russian ransomware attack was aimed at Tesla and Elon Musk is definitely a familiar name to a lot of people perhapse.

The story is quite interesting. A russian man was arrested after an employee went along with the scheme and also told the company about what was going on.

Instead of going along with the plan, and taking the chance to walk off with a cool $1 million, the still-unnamed Tesla worker reported the plan to the
company, which went to the FBI. Egor Igorevich Kriuchkov, 27, was arrested on Aug. 22 on a single count of conspiring to intentionally cause harm to a
protected computer. Agents contacted Kriuchkov before the plan was complete and convinced him to drive to Los Angeles, Calif. for a meeting, where he was
arrested, according to the FBI complaint.

There are links to various things within this article, so make sure you get yourself caught up on this one. There are good employees that work for you, even if the situation is bad. Whoever this employee is, they should be commended for reporting this to the boss instead of walking off with money that might not be good money.

Comments Off on Tesla gets targeted with ransomware

Can you believe this? Tik Tok pleads its case in an interview

We’re as secure as we can be … we don’t share data with China

I just read this article on the 30th of August that is in an interview style with someone at Tik Tok who claims that they do not share data with China and that they have no reason to do so. The interview even goes on to claim that Bite Dance is a different app similar to Tik Tok, otherwise there is no relationship.

Who is telling the truth here? I have never heard of Bite Dance until they were mentioned in a piece done by the UK paper on Tik Tok which you can search out or search Tik Tok on the blog for all references to them from the network team.

I thought passing this along would be appropriate because it is information about something we’ve covered and it is only right we share information and have discussions on it.

Have you read this article from Cyberscoop or something similar in another place? If so, what did you think?

What to read:

  • TikTok’s security boss makes his case. Carefully.
  • The Interview:

    Below, I’ll paste the interview directly from the article. Note that there may be more, but to be fair, I’ll quote the interview so you can see this much. Click through to the full article to read the entire thing.


    CyberScoop: Can you walk me through how TikTok’s risk profile has changed since it became the subject of focus for the U.S. government?

    Roland Cloutier: Obviously there’s been a lot of noise and untruths spread about sharing of information.

    We simply don’t share data with governments, including the Chinese government. We have very specific processes when law enforcement or government agencies
    were to ask us for things, and because we sit in the United States, it would have to go through the U.S. government. So we don’t share information. Our
    information is protected in both our U.S. and Singapore data centers through all of our controls that you would expect our organizations to have, as well
    as the encryption that we put on protected data assets and objects in our applications. That’s managed out of the U.S. team.

    That aside, we start with the primary focus of ensuring that the platform is safe. Ensuring that, as people come on to the platform, ensuring that the
    information they’re accessing is safe both from things like misinformation and disinformation, protection for our younger users on the platforms, as well
    as ensuring that we don’t have that type of material that’s not part of our community agreements. We’re not going to have pornographic material. We are
    not going to have violence and speech. We are not going to have those things in our community.

    CS: In terms of the data transfers, you said the company is not sharing data with the Chinese government unless there’s a specific request. Is that correct?
    How does the law enforcement data request process work?

    RC: Let’s be clear: We’ve never gotten a request from the Chinese government.

    We publicly disclose, and we will continue to publicly disclose, responsibly in our transparency reports when law enforcement asks us for things.

    Obviously, U.S. law enforcement is very active in the digital space, and we get warrants from them. We’ve gotten it from other countries. We’ve never gotten
    it from China because, quite simply, TikTok does not operate in China.

    Neither TikTok data, nor use, occurs in China, so therefore [the Chinese government] does not have jurisdiction over the platform. It’s pretty simple.
    The data doesn’t even exist in China, so there’s a whole bunch of ways to look at this, but the biggest fundamental truths are that the Chinese government
    doesn’t ask for it, because it doesn’t exist in China.

    (Ed. note: TikTok does not operate in China, but ByteDance operates an app called
    Douyin
    that is a carbon copy of TikTok solely meant for Chinese users. When asked about this after the interview, ByteDance said: “TikTok and Douyin have separate
    markets, users, and content. TikTok is in close to 150 markets around the world, but it is not offered in China. The TikTok and Douyin apps are run entirely
    separately, on separate servers.”)

    There’s a global process by which law enforcement has to do that. In the United States, it falls under the Fifth Amendment, and in other countries there
    are different things, but there has to be a legal process by which information is requested, provided and disclosed. For any country to ask for U.S. data,
    it has to go through the Department of Justice. For the U.S. to ask for data from another country, it has to go through that country of origin.

    CS: How does it work with Bytedance owning TikTok and being based in China, though?

    RC: It doesn’t matter. The information is the information. It’s within the jurisdiction or under the legal guidelines of the country of origin. It doesn’t
    change anything. If someone were to unlawfully attempt to take information — it’s like any type of data, intellectual property, trade secrets — we’re required
    to protect that at a level where that can’t happen. So if Russia is hacking the [Democratic National Committee], or if another nation-state is hacking
    a bank, they have a requirement to be able to protect the information so it’s protected. And we do that through a variety of industry best practices for
    access control, access management and encryption. That’s how we handle it.

    CS: So if I understand this 100% correctly, because TikTok user data is stored in the United States, none of that is subject to
    Chinese law,
    right?

    RC: Correct.

    CS: How does it work in terms of TikTok sharing information? It says in the
    privacy policy
    TikTok shares user data with a “parent or subsidiary or another affiliate of the corporate group.” What does that mean?

    RC: If we’re doing some sort of testing or analysis on a new function that another part of the organization may have developed, we may need to test certain
    parts of the dataset to ensure that a product works.

    We may authorize individuals from one of the 48 countries that we operate in to do various testings. Remember, we have various engineers — an A.I. firm
    we bought out of the U.K., development organizations in Germany and Spain, and a large group in India, as well as China.

    We have people all over the globe. The privacy policy is meant to say that, through the appropriate controls and restrictions we have on information, that
    we may use portions of that information to work in our testing and validation of our technologies.

    Quite simply, we have strict employee controls on any data. Protected data, which are the super sensitive things we consider to be [personally identifiable
    information], we go as far to encrypt those throughout the lifecycle that they’re in the platform.

    CS: Is that encrypted user data shared with international affiliates under the terms of the privacy policy? I understand you’re doing testing and security
    and everything needs to be reliable, but is that encrypted user data folded into that in terms of being shared with parties outside the United States,
    whether it be China or elsewhere?

    RC: It wouldn’t be transferred outside the United States, if that’s what you’re asking.

    There may be some work that needed to be done from an engineer in a different location and potentially we would allow them access into the U.S. data store
    to get that information. And we have, obviously, a bunch of limitization, controls oversight, monitoring controls, data exfiltration controls, and all
    of those things in place, as well.

    The data always remains resonant in the U.S. or in Singapore.

    CS: So they can be somewhere else and access the U.S. database?

    RC: No. Let’s not use broad terms like “the database.” They may be able to access a specific set of data if necessary to do that. It would most probably
    not be the entire database. It would most probably be a portion of that data. Again, if they could access it based on requests that were done, and the
    review of the U.S. executive team to allow for that to happen, and then it would be done under the guise and controls of the U.S. security team.

    CS: One of the things about TikTok that stands out is the number of users who are under 18. How do you protect that data compared to the way that you would
    have someone who is an adult?

    RC: Think of it like we’re protecting the whole person. We want to protect the whole person, their information, and their experience on the platform. We
    have a set of tools, technologies and frameworks so that, if you were under 17, it can be applied. And if you’re under 13, it will automatically be applied,
    such things like you can’t [send a direct message], or you can’t look at certain types of content. There’s a host of things I can point you to in terms
    of what happens with our younger users.

    From a data defense standpoint their information is no less or no more important than anyone else’s that we protect. We protect every user from every position
    in society that’s on our site in the same way. They get that same level of assurance.

    CS: What happens next?

    RC: It doesn’t matter, in my space, what the future holds from a business portfolio standpoint. What matters to me is that we still have almost a billion
    users on our platform, we still have a very core mission in front of us, which is to ensure the safety of the community on our platform. Everything on
    my list today to achieve and every business initiative we are driving is still going forward. Whether that’s with company A, B or C, it doesn’t matter.


    That ends the article which was condensed for clarity, but there is more including links to stuff discussed in the interview. Again, I want to let you see the interview for yourself, and you can make your own decisions on this whole mess.

Comments Off on Can you believe this? Tik Tok pleads its case in an interview

FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

I wasn’t originally going to cover this … until … I saw it on my twitter feed.

USCERT is alerting us to FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks which is alert AA20-239A in their series.


Summary

This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework.

I just don’t feel quoting the whole thing is worth it due to the linking within it, but I did read qite a bit of this today, and the alert is just a few days old.

Seems as though North Korea can’t or won’t keep their nose clean and this … just goes to show you what they’re now up to. Have fun with this one!

Comments Off on FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

What Happened to All Social? We really don’t know

Early in August, I read a very interesting article about a web site called All Social. One day, it was up, another day a breach occurred and then it went dark.

The question is asked: What happened? The article A right-wing social network reported a potential breach. Then it went dark. What happened at AllSocial? is here now and if interested, feel free to take a look.

Comments Off on What Happened to All Social? We really don’t know

Jaws August Edition now out

The August Edition of Jaws is now out. Most of the following has been covered in the upcoming podcast for the tech podcast, I did miss just a couple of items.


Enhancements in JAWS 2020.2008.24 (August 2020)
The following is a list of improvements made between the June 2020 release and the August 2020 update.
To download the latest release, visit the
Downloads web page.
You must be logged on as an administrator to install this software.

• Once you have installed this August 2020 update, the English language versions will now include notification of official releases of new versions such
as the 2021 release coming out later this year. When you check for updates using the English versions of JAWS, ZoomText, and Fusion, major updates will
now also appear in the list once they are released. If your license is authorized to run the new version, the update can be installed. Otherwise, the update
is shown along with a message stating that a license renewal is required for use of this new version to work in other than 40 minute mode.
• Resolved an issue reading Tables in Microsoft Word 365 where JAWS was reporting “table” at the beginning of each row as you navigated by line.
• Resolved an issue with navigating tables in Chrome reported by Google where cells containing the ColSpan (column span) attribute were causing issues
when navigating by cell.
• Resolved an issue in Microsoft Word where text that was previously hidden and then unhidden, was not being read using speech.
• In Chrome and Edge, resolved an issue where selecting text from Right to Left was very sluggish in edit controls.
• Resolved an issue where HTML controls that started with punctuation were not reading as expected.
• Resolved an issue in Internet Explorer reported by SSA where JAWS was not honoring the language tags in ARIA live regions.
• Updated the Help Topic for Microsoft Edge to reflect support based on the latest Edge Chromium browser.
• Resolved an issue where JAWS was overly verbose when tabbing to a Video Player on web pages in Chrome and Firefox.
• Resolved a reported issue where Mouse Echo in Excel was too verbose, especially when moving the mouse across empty cells. These improvements make mouse
navigation with Fusion much better.
• When using Google Docs with Chrome, resolved an issue reported by Google where pressing the ALT key to access the Docs menu would sometimes unexpectedly
open the Chrome menu instead.
• Posted a TSN on the support pages for JAWS and Fusion customers using the latest version of Skype from Microsoft. A problem has been introduced with
this update which causes our software to stop reading correctly. The work around is to activate the menu with the ALT key, and then press ESC to leave
the menu and return to Skype. The issue has been reported to Microsoft and we anticipate it will be resolved in the near future.
• Resolved reported issues in Google Sheets where accurate column or row headings were not always being reported as expected while navigating.
• Resolved a reported issue in Libre Office where JAWS and Fusion would fail to read every other line after opening a document that was previously edited
and saved.
• Resolved issues reading prior messages in Zoom meetings and webinars using the JAWS commands, CTRL+1 through 0.
• Updated scripts and Help files provided by Corel Corp with changes to improve support for WordPerfect.
• Resolved problems where JAWS Personalized Web settings, accessed in Quick Settings (INSERT+V), were not saving and loading correctly. Personalized Web
Settings allow you to customize JAWS settings for a particular website. For example, if you have a particular page where you do not want JAWS to Automatically
read, you can make that change apply only for the specific domain rather than global.
• Added updated Braille display drivers tested and provided by Humanware to support new Braille devices shipping as of August 2020.
• Resolved an issue where JAWS was not reading the ALT Text for Graphics in both Chrome and Edge. Previously, JAWS was reading the Title.
• In Chrome and Edge, JAWS now relies on the “layout-guess” attribute to determine when a table is a layout or data table. Previously, JAWS could make
mistakes when the browser’s zoom level was very high, such as 200%.
• Resolved a reported issue in Outlook where pressing CTRL+E to access the Search option on the ribbon, would not work as expected when the JAWS Virtual
Ribbons were enabled.
• Resolved an issue in Word 365 where JAWS would announce “misspelled” on each character instead of when you first encounter the misspelling when JAWS
is configured to detect spelling errors as you navigate.
• Resolved an issue where navigating to www.kmiz.com using Chrome was causing a hang in JAWS as it was attempting to process this site.
• Resolved an issue with the new Braille Viewer where “Computer Braille” was being announced under certain circumstances when navigating in Outlook.
• Added a Topic to the Help System to include all Layered Keystrokes. Previously, only the Table Layer commands were included.
• Added 8 Dot Braille Translation Table for Dutch.


For complete information about how to get your update, go to this jaws page for complete details.

Comments Off on Jaws August Edition now out

technology suplamental 1 or blindvms 9, take your pick.

Hi all.
This is just to say that this thing is up.
Catchups on the cast, what is going on, and the no video jam, which sadly wasn’t what I expected.
Note, if you want to listen, do so.
But really unless you do the jam yourself it may not be one of the best casts.
I promice that future episodes won’t be so boring and stupid.
Maybe doing the no vid jam was a bad idea because I didn’t get much of the games in it.
Tip, waterfox/firefox just doesn’t like unity.
Use sleep mode with nvda with the java stuff.
Use edge and chrome and good luck.
Look at the forum page of audiogames.net with my submissions.
Remember that we are now on http://blindvms.jaredrimer.net.
Remember that everything else works to.

Comments Off on technology suplamental 1 or blindvms 9, take your pick.

This week in the security landscape, News ending August 29th 2020

Welcome to this week in the Security Landscape. I’ve decided to try and do something each week in regards to the Security Landscape, and model it after the blog post “This Week in Security news” which highlights articles around the landscape.

If you’d like something featured in this set, please feel free to contact me with a link to the piece, and we’ll take it from there.


In an upcoming Security Box, Michael in Tennessee talks to us about Microsoft as part of many things in the landscape that caught his attention. Microsoft Put Off Fixing Zero Day for 2 Years is the article title written by Krebs on Security. Michael went in to this as part of his segment for the box, and it is just aweful. How could Microsoft go and claim everyone is fixed, but yet, they can’t answer the question of why they took two years to acknowledge the flaw?

A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week,
when Microsoft finally issued a software update to correct the problem.

There are links to prior information, but I said in the audio that it was fixed in July but it was fixed in August. Let me remind you that if they continue at this pace, we’ll have over 1300 patches for Windows itself. Michael indicates that this is as bad as Android was all those years ago. Oh boy!


Speaking of this week in Security News, Trend Micro has a deluge of things in this week as usual. One of the items talks about Ransomware going Corporate. We knew that was going to be the case, and its a good thing they’re leaving us individuals alone at least for now. The problem with the fact we’re working from home, according to this week’s news, is that the actors are now probing our home routers. One of the big questions I have asks the question on how we know whether our routers and devices our ISP’s and other vendors gives us is really as up-to-date as possible? This is going to be a continuing question. I just don’t understand this at all.

Also, as part of this week in Security news, Trend Micro is teaming up with a company to fight open source security problems. Trend has been in this business for many years, and so they have the inside knowledge of all of this. This is going to get interesting for the partnership.

Autodesk is a piece of software on the internet that allows people to keep track of various things. A recent article talks about their big-time problem in a cyber espianage attack. Trend Micro also covers the CVE that is well over 2 years that got fixed.

For a complete article rundown of this week in security news from Trend, This Week in Security News: Trend Micro and Snyk Partner to Fight Open Source Security Flaws and Ransomware Has Gone Corporate is the article, and please decide what might interest you.


Krebs on Security has been busy with various articles as of late we’ll cover as part of this week in the landscape. One article we’re taking a look at right now talks about hacked accounts. Sendgrid Under Siege from Hacked Accounts is the article title and this can’t necessarily be good.

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and
abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication
for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime.

The long and the short of it? This company got targeted and their email accounts are sending out malicious content and they’re whitelisted as a safe sending agency. Maybe the Internet needs to fix this if that’s going to continue to be a problem.

Many companies use Sendgrid to communicate with their customers via email, or else pay marketing firms to do that on their behalf using Sendgrid’s systems.
Sendgrid takes steps to validate that new customers are legitimate businesses, and that emails sent through its platform carry the proper digital signatures
that other companies can use to validate that the messages have been authorized by its customers.

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a
large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

To make matters worse, links included in emails sent through Sendgrid are obfuscated (mainly for tracking deliverability and other metrics), so it is not
immediately clear to recipients where on the Internet they will be taken when they click.

To view this article in full please find the article title above. This is going to get very interesting.


Leah Bachmann is a member of Lastpass who does blogging for the agency of lots of various topics. This one is in regards to fighting identity theft. On the question of why pople would want to take someone’s identity, several bullet points are given.

  • open new credit cards
  • Charge purchases to existing credit cards
  • take out auto loans in your name
  • claim your tax refunds
  • open new cell phone accounts
    Submit fraud in regards to insurance claims

As people who are disable who read this blog, getting loans for cars when we can’t drive worries me. Getting new credit cards worry me too, because we don’t even know what is even going on until it is too late.

Here are 6 items that are highlighted

  • Place fraud alerts with the major credit bureaus
  • Monitor for stolen personal information
  • keep your devices clean and up to date
  • Stay suspicious on people asking for personal information
  • review accounts and statements
  • protect accounts with long, generated passwords and other security measures

There is stuff in each of these sections, and I do a lot of these. The question is, why should I place a fraud alert with the bureaus that got breached already? We’re already doomed already. For the full article Fighting Identity Theft is the article title. Have fun with this one!


Next, two articles talk about voice phishing. Phishing was discussed on an earlier program of the security box. This is going to be the new normal I’m afraid. I don’t really understand the motive

Both articles should be read in full, its something that I want to get out there. Both articles come from Krebs on security and they link to lots of various stuff.


Finally, I want to highlight a two-part article talking about a criminal that wants to turn his life around. We’ve covered this guy on the technology podcast, and what I saw this week really is awesome.

Both Krebs articles here is quite interesting. First part is the story, the second is an eye opener. I always like to see stories like this one, and I hope that within this next year, we can see more stories like this. Please contact me with anything you see, and we’ll see what we can do. Some of these may be included in podcasts, others may not. You never know!

Comments Off on This week in the security landscape, News ending August 29th 2020

The New Zealand Stock Exchange is now back online

The Technology blog and podcast has covered Fancy Bear or APT28 as it may be known as. In a not so much surprising article, this particular group has now gone after the New Zealand Stock Exchange wia Denial of Service Attack which was distributed across the network. This is a little worrying because Fancy Bear or APT28 or 29 in some circles has never really been stopped. This can’t necessarily be a good sign, can it? NZX back online as Government assists in helping it address cyberattacks was sent to me by Shaun Everiss and I thought we should be sharing this as a cautionary tale of what we may be facing. This can’t be good.

Comments Off on The New Zealand Stock Exchange is now back online

What do you think about with set top boxes?

Set top boxes are those types of boxes that have various connections so you can hook up a TV and it receives the signal from the outside to be able to connect your favorite channels to you. In a recent article Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers Avast, an antivirus company, talks about research done that makes several models vulnerable to attack, malware, and even a ransomware attack. We know the TV doesn’t have data on it, but the DVR portion of the device may. While this is theretical right now, the actors may decide that this may be a new attack vector seeing that devices aren’t going to get updated. Check this article out, and let me know what you think.

Comments Off on What do you think about with set top boxes?

The Security box, podcast 7 for August 26, 2020

Hello everyone, welcome to another security box podcast. This time, it was a little shorter but tried to give some good content. While there was no participation by telephone, its ok. I’m sure that people will be wanting to listen to what is said, and we play some tunes too.

The first hour, I cover what I wanted, but since I opened the lines and there was noting, I went ahead and broke out the Phishing guide and talked about some things that could be relevant to the topics I talked about on this show.

Below, please find the show notes, and I hope you enjoy the show as much as I have. Starting next week, I present a brand new intro for you, I hope you’ll enjoy it.


Welcome to podcast 7 of the Security Box. This week, let’s peruse some topics, I’ll link to some articles, and you can comment as usual. News, Notes, and much more. Thanks for listening!

  • Election officials have been warned about Typosquatting domains and how they can be used to bring trouble to their particular candidate. Typosquatting is a big problem, and in a future podcast, we’ll look in to what this is. In an article entitled Feds warn election officials of potentially malicious ‘typosquatting’ websites you’ll learn what is the danger in the election scheme of things.
  • I think its time to really bring out a topic. How many people heard of the dark web? 11.6 billion records have been breached and are on the dark web since 2005 according to this article by Lastpass. Is this something we should be concerned with as a whole, or do you think it isn’t a big deal? This can only get worse, and the box wants to hear what you think of this. Each year, more companies are breached than ever before and it is definitely a problem I think. There is a way you can scan the dark web for any type of data like an Email address, but is this enough? Lastpass has the capability of doing this for you. The article What are dark web scans? goes in to more details on how this is done.
  • News:

  • Looks like Experian can’t keep their mouth shut. According to a Cyberscoop article, 24 million South Africans are now at risk because someone potentially opened their mouth. They said the employee was tricked in to disclosing information on a unknown number of people, but the number seems to be a whopping 24 million. No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans is the article and boy if Equifax and Experian haven’t learned anything from their prior U.S. things, when will they ever learn? The U.S. stuff were hacking attempts but still … human intervention is the weakest link in this whole ordeal.
  • This week in Security News from August 21st covers another article on the 24 million from South Africa and even some other stuff that might be of interest. The tech blog will also highlight things from this article that might be of interest.
  • Michael in Tennessee went ahead and gave me a heads up on this one. Turns out that a former CSO was charged in the Uber breach from 2016.

    U.S. prosecutors have charged the former Chief Security Officer at Uber with allegedly covering up a data breach at the ride-hailing company that exposed
    information tied to roughly 57 million people.

    Joe Sullivan was charged Thursday in the U.S. District Court in San Francisco with failing to disclose details of the security incident. to the proper authorities. Sullivan, who now works as the chief information security officer at Cloudflare, allegedly committed two felonies by not informing
    investigators about the hack while they probed the circumstances surrounding a prior data breach.

    This is great news, and one in which I want to cover in passing. Former Uber CSO criminally charged with covering up 2016 data breach has the full details from Cyberscoop.

Comments Off on The Security box, podcast 7 for August 26, 2020

There is a new threat, its called death stalker

Apparently there is a group out there called death stalker and it is also malware and an actor group that knows how to make it work to bypass detection services. This is going to get interesting as the article we’re linking to indicate that this has been around since about 2012 and small businesses are the target. This is going to get interesting. Haven’t seen this article? The DeathStalker cyberspy group and its tool set and it comes from kaspersky, an antivirus company.

Comments Off on There is a new threat, its called death stalker

Can I take your order for a username and password today?

If you’re in Utah, this article I saw which is three days old through twitter’s eyes anyway, came across my desk. It talks about Utah Gun Exchange and several of its sites suffering a data breach. The good news is that they use Paypal as their payment processor, but usernames and hashed passwords were compromised for at least 195 thousand users if not more.

The Utah Gun Exchange has taken steps to find the vulnerability and they have corrected it. A link to the statement is within the article. Bit Defender’s blog Hot for Security blogged this one. Utah Gun Exchange Confirms Data Breach after Bad Actors Publishes Stolen Customer Records Online is the article if you’re effected by this.

I don’t know if you are or are not, and I don’t know everyone who may reach this blog. Therefore, I feel its the best thing to publish a link to the story and let people know about the breach just the same.

Comments Off on Can I take your order for a username and password today?

Blind bargains puts up newsy things, there may be something for everyone

Good day everyone,

Blind Bargains usually runs a weekly podcast. There are two different categories of news, one for blindness related and assistive stuff, and some other tech news. Some may be in the Security Landscape.

This post is a couple of days old and I’m now seeing it. If you’re on either podcast, and you find sonething you want to talk about or me for the security box, feel free to send me the article in question.

This is the Blind Bargains post: BBQ In Review: A pile of news to smooth things over until our next podcast is the article. The last podcast as you remember featured me in the middle of the program. I’ve not yet checked out the program in full, but I need to.

If there is anything in this list, please let me know. I look forward in hearing from you!

Comments Off on Blind bargains puts up newsy things, there may be something for everyone

This week in Security News, news ending August 22, 2020

There is quite a lot in the news this week that might be of interest, including a city that is taking their security seriously.

  • A bug bounty program called ZDI awarded 25 million dollars within its 15 years
  • Experian has a very big problem and its 24 million this time, although I read an article on it saying its outside the United States
  • A stat as part of an article indicates that 94 percent of cyber attacks involve email as a starting point
    Connected cars and blind spots of cyber security
    Humans can make errors, and that can effect cyber security

Those are some of the highlights, but you might want to read the rest of the news. I’m sure since i’ve been absent that you’ve seen stuff of interest, so please feel free to send anything you want talked about.

We also learned through Michael in Tennessee about an arrest of someone for a 2016 hack. He sent me a link to the Cyberscoop article I’ve not read yet. More to come, but those are the big ones for now.

Comments Off on This week in Security News, news ending August 22, 2020

This week’s Security Box, podcast 6

The podcast for the Security Box is on the RSS feed for your enjoyment. This podcast has one main item, and we even have some interesting topics as part of the open forum which is the majority of the show.

Want your say? Feel free to contact me and let me know what you want to contribute.


Welcome to podcast 6 of the Security Box. On this show, we’ve got a topic, a very interesting news notes where two articles take center stage, and we’ll open the lines for comments, questions, and other things.

Topics:

  • Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren’t so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store’s rules. On Epic’s Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let’s discuss this one!

News

Open forum:

  • Michael in Tennessee came on to talk about his apartment complex and their lack of security with the WIFI setup. While they wanted to make it convenient, it could be a parking lot attack at the entire network.
  • Michael talked about updating software and how inportant it is.
  • Michael also talked about smart TV’s as well.

Comments Off on This week’s Security Box, podcast 6

Election officials better figure out security before its too late

In a recent article, election officials are being warned of the upcoming danger as this year is an election year for our president of this very interesting country.

The reason why this is now becoming a spotlight issue at this time is because of a term called typosquatting. According to Wikipedia, Typosquatting is a form of cybersquatting. It could also be linked to brand jacking. These types of mistakes happen when its relied on mistakes such as typing the domain incorrectly in to your web browser. It happens to the best of us, and people take advantage by registering domains that people may type to give you wares even though you don’t necessarily want to go there.

I have hear that you should buy all possible typosquatting domains and point them all to you, so no matter what, you get the traffic. I know its more important for business than consumer, but is it really worth the money? Typosquatting is a big deal, and this Wikipedia link will show you some examples and go through the history.

The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains
and could be used for phishing or influence operations.

The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were
purporting to offer information related to voting and elections.

“These suspicious typosquatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence
operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations
of legitimate U.S. election websites.”

The Cyberscoop article talks about how Typosquatting is a big deal, and I think it is. How do deal with it, I’m not sure but the wikipedia article linked above gives some pointers.

There are links to other pieces of information, but I think it is important and you be the judge This is been a problem for quite awhile, and I think we should bring light to it whether it is election, or other things. Thanks for reading!

Comments Off on Election officials better figure out security before its too late

Thunderbird lays off 250 people

On the 12th, Shaun sent me this email and in part the quote from Mozilla says:

Today we announced a significant restructuring of Mozilla Corporation. This will strengthen our ability to build and invest in products and services that
will give people alternatives to conventional Big Tech. Sadly, the changes also include a significant reduction in our workforce by approximately 250 people.
These are individuals of exceptional professional and personal caliber who have made outstanding contributions to who we are today. To each of them, I
extend my heartfelt thanks and deepest regrets that we have come to this point. This is a humbling recognition of the realities we face, and what is needed
to overcome them.
<

Its unfortunate that companies like Mozilla are now facing tough times, but we all are. While some of us have been able to work from home, if there is no money coming in, than tough choices like the above must be made. I enjoy Thunderbird and firefox greatly. May they continue the best they can.

Comments Off on Thunderbird lays off 250 people

Last Week in Security News, news ending August 15, 2020

I’ve been a bit under the weather, but finally feeling a bit better. I recently read last week’s security news, and I really found it facinating with Microsoft’s record breaking year. If the numbers continue, we’ll have over 1300 patches for the entire year. That’s nothing to sneeze at!

They also have a two part series of tips for a Corona virus world and I’d like to talk about the highlights of these two articles or at least the first one.

Are you a Mac user? Better take a look at the article dealing with it, The article XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits </a.> might be of interest to you.

There may be others that might be of interest, but to me, I’m highlighting the most important ones.

Want to read the entire news for last week? Find something you’d like to talk about? Please go now to the article This Week in Security News: Microsoft Patches 120 Vulnerabilities, Including Two Zero-Days and Trend Micro Brings DevOps Agility and Automation to Security and enjoy your stay!

Comments Off on Last Week in Security News, news ending August 15, 2020

Technology podcast 350: Transit App, Covid stuff, and is Epic Games mad?

The RSS feed is up with this program. I will be working on getting it up on the mixcloud as well. Below, please find the show notes.


Welcome to the technology blog and podcast, podcast 350.

  • I can’t believe that we’ve made it to 350 episodes. In 2017, I didn’t publish much because of the constant breaches, but in 2018 we’ve come to find out that we must continue this work. I reflect on this in the first official segment.
  • Several segments are videos with Covid 19 stuff as well as a short video segment from Twit dealing with Tik Tok. Nothing is set in Stone.
  • Katie Monroe from Transit App joined in the AAC meeting from August 13th’s meeting. Lots of accessibility work was made and not just for people who are blind.
  • Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren’t so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store’s rules. On Epic’s Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let’s discuss this one! If not side loading, what about the terms of service aspect?

The program lasts 1 hour, 10 minutes and I hope you enjoy!

Comments Off on Technology podcast 350: Transit App, Covid stuff, and is Epic Games mad?

Older Posts »

go to sections menu


navigation menu

go to sections menu