go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: September 2020

Go to Homepage [0], contents or to navigation menu



This week in the security landscape: news ending September 12, 2020

Welcome to the news and things i’ve been reading in the landscape within the past week. I may not have read everything I’m jhighlighting, especially with Trend Micro’s stuff as of late, but it is all in passing. If there is something you want me to talk about on a podcast, please let me know. Email, imessage, text and whatsapp are all available to each and every one of you.

Purple Fox EK Relies on Cloudflare for Stability
This article really intrigued me. Relying on a cloud provider for stability is smart for a piece of softwre that is already mared as trouble. The delivery methods of this particular malware is interesting to say the least, and the read I found quite interesting.


Hartford Public Schools delay reopening amid ransomware attack
If this year hasn’t been bad enough, one school can’t even get started because they were hit with a ransomware attack.

Hartford was responsible for a lot of the research in regards to the covid-19 pandemic we continue to fight through, cup that with a glass of ransomware, and they’re having a hard time. 18,000 students in the district from pre-kindergarden through the 12th grade are needing to be notified of the delay, which I hope isn’t long.


Staffing firm hit by Ransomware, bad news for employees
If this not bad enough with the story above, my blog post talks about another ransomware I believe I’ve read about once. This ransomware is called REvil. The R is capitalized, and the first letter of Evil is capitalized and it is really bad. It did some serious damage and worth the read.


>Patch Tuesday is here, its time to update
September patch Tuesday has come and gone. Have you updated? We’ve got another month where there are over 100 patches. We approach 130 patches to be certain. This can’t be good, i fear it is only going to get worse. I link to several articles where you can read more.


Did you know there are tricky forms of phishing?
This blog post is in the form of a question for a reason. I blogged about a very interesting article talking about the different types of phishing going around now-a-days. This blog post talks about form creation tools such as Google Documents. I believe its well worth the read. The article talks about this in a light where it highlights 13 different sites which include Google. They aren’t alone for this and the article talks about the problem we now face with simple tools like this,.


The Security box, podcast 9: Typosquatting and more
Typosquatting has been known about for awhile, and as I did the podcast on a Tuesday this past week, maybe you didn’t catch the program. We link to various typosquatting articles that came out, and it looks like it will be part of the Phishing arsenal for some time now.


Chinese cyber power is neck-and-neck with US, Harvard research finds
This probably shouldn’t be any surprise to anyone. With the development of the great firewall, well before all of this hacking, China can do practically anything. China can’t be left out though, other nations like North Korea and Russia are also being noticed in this space. Thoughts on this one?


This Week in Security News: Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday and Trend Micro’s XDR Offerings Simplify and Optimize Detection and Response
There are other things besides some of what I put here, that I may have not read from Trend Micro’s blogs. The news here talks about docker servers potentially targeting people with cryptominors, an attack called Raccoon attack that could break SSL and allow people to see what you’re doing, Linux resources having a battle for resources for Cryptominors, Zeppelin Ransomware having a new trojan on board to add to what it already offers and more.



There is more there than what I’ve highlighted and read, so feel free to bring out anything that fancies you for a podcast or two. Thanks for reading! Contact info is on the blog and podcast itself. I have Email, imessage, text messaging, whats app, and even a voice mail number and extension if you can utalize it.

Comments (0)

Staffing firm hit by Ransomware, bad news for employees

A new ransomware to me, REvil (capital r, capital evil) seems quite new to me. I don’t remember if I’ve read about this one, but this particular ransomware hit a staffing firm and walked off with many tyypes of data.

The data includes but not limited to username, password, social security numbers, medical information including medical insurance info, financial info including payment card info, drivers liscenses or state ID, government issued ID, passport, visa and electronic/digital signature info according to the article.

Some of this data can mean bad news for the person whose info was taken. This definitely isn’t good, and it took this company a long time to determine what was going on. The good news is that they were able to restore from backups according to the article.

If you wish to read more, I found this on twitter through one of my followers who tweeted the bleeping computer article US staffing firm Artech discloses ransomware attack, data breach and this can’t be good in the long term.

Comments (0)

Braille Note Touch gets updated, signing in to Google is possible

Hello folks,

Checking in with Blind Bargains this morning, I found something that might be of interest if you use the Braille Note plus note taker. It has gotten updated to sign in to Google using the O-Auth protocol as well as reading PDF files directly by extracting the text from the file.

I know that a lot of PDF files are images, so how would that work if that was the case? It doesn’t say.

To read more, here’s the blind bargains post: Software update for the BrailleNote Touch Plus adds pdf support, sign in with google, and more is the article, and I hope that this is of value.

Comments (0)

Patch Tuesday is here, its time to update

With another month of over 100 patches, this has got to be the year of records. In non-tech related, last Sunday which would’ve been the 6th, set a record where I live at 121 degrees. The number of patches could’ve been set by the temperature outside with parts of the United States west coast at 118 and higher, and this month was 129 patches.

In the serious department of this post however, one of the biggest patches is not being taken advantage of in the wild, but effects email. CVE 2020-16875 is talked about in both articles within this set.

What do you think of the recent bout of almost 130 patches for your operating system now? Is there going to be more next month? Sound off in the comments!

Comments (0)

Did you know there are tricky forms of phishing?

I recently read an article dealing with tricky forms of phishing on the new Intellegence blog. I found it quite facinating what we can learn.

Many phishing pages are hosted on websites with spoofed domains or pages created through website builders. But recently, creating phishing pages has become
easier through the use of forms — tools that can be configured within only a few minutes.

Lets take a look at this a minute. This is talking about using forms generated by tools such as Microsoft, Google, and even other products that might be developed in the future. I’ve seen different types of Spam lately that link to some sort of Google document URL. Sometimes I’ve gotten curious, and it is a redirector, others I just ignore.

This reminds me of the resume deal where I would receive potential resumes from people. I would open them and it says it can’t be opened. I would send it off to someone who confirmed it couldn’t be opened. I did what any person would do and tell them that the file they sent couldn’t be opened and I need another. They never wrote back, mainly because hings like this are now common where they want to infect you. Maybe my mistake was to respond, but I would’ve kept the resume on file if I had an opening, which I don’t. Now that this can easily be done using online tools, and the documents can contain anything, how can we be so sure? This is going to get interesting.

There are 13 different sites besides the main two I mentioned above according to the article under the question “How are these schemes formed?”

Would you like to read the article and learn more about this so you can be informed like I was? From Trend Micro Research, I bring you the article: Tricky ‘Forms’ of Phishing for you to check out and lets learn together. Thanks so much for reading the blog, and lets learn together!

Comments (0)

The Security box, podcast 9: Typosquatting and more

Hello folks,

The RSS feed has the podcast. Due to the length of the show notes, it is not going to fit in those notations.

I hope you enjoy the program as much as I have putting it together for you. Next week, we’ll be returning to a Wednesday schedule.


Welcome to the security box, podcast 9. This week, I think we’ll change gears a little bit and talk about the Internet in a different type of light. We’ll also have news, notes, commentary, and I believe the fix to comments left by callers is solved with an app I already give info for. If you can use the dial in number, you may use it, but turns out, not everyone may be able to use it. The days of Voice Mail services may be over. Lets get started!

Topic:

Have you ever made a mistake while typing a web site address in to your address bar? You have? Well, you’re not alone. While it is human to make mistakes, actors know this now more than ever. The term is called typosquatting when an actor picks up these types of misspelled domains and utalize it to do lots of things to you. Consequently, in “This Week in Security News” for the week ending September 4, 2020: there is an article talking about Typosquatting in it.

News, notes, and more

Other things:

  • Have you ever thought of your building on the Internet? Podcast 337 had an article I got from Sans News Bites that talked about hackers using things like elevators for DDOS attacks.

    one of the biggest topics I think you’ll want to get your paws on is buildings being connected to the Internet. I’m not kidding! I’ve got a blog post with the article of the same name: Hackers are hijacking smart building access systems to launch DDoS attacks and this is definitely something to think about.

  • From the same podcast, we’ve got the best thing ever. A dumb criminal on how Not! to get caught on crimes. I changed the show notes a little bit and decided to go after the original article.

    Also on the podcast, we’ve got a dumb criminal award for the podcast. If you’re going to commit a crime, you want to try and hide like a lot of America’s Most Wanted’s criminals did. Thats why they were hard to catch, and eventually, a lot of them were caught. Booter Boss Busted By Bacon Pizza Buy is the link to Brian Kreb’s coverage of this.

    Have fun with this one!

Have something you want to contribute? Please feel free to do so by email, imessage, or voice. The choice is yours! The file has all of the contact info on how to get ahold of me throughout the program. Thanks so much for listening, and we’ll see you next week!

Comments (0)

A different type of scam … The Pyrimid Scam … or is it a scheme?

I’m perusing Twitter, and see something here tweeted by a follower about scams. Blessing looms: new scam follows old pattern is the article. I recently within the last 4 or 5 years read books dealing with scams and the different kinds.

One was scams in general, one was dealing with the pyrimid scheme or ponzi scheme, and yet another book delbt with scams and older people.

I want to share these resources with you to learn it as I’m not surprised that it is now going on social media.


The following books are going to be taken from BARD’s collection. You must be a member of BARD to get copies, but they may be available elsewhere. For the sighted, check Amazon for these titles minus the digital book number.


Fraud!: how to protect yourself from schemes, scams, and swindles DB50194
Bertrand, Marsha. Reading time: 8 hours, 34 minutes.
Read by Gregory Gorton. A production of the National Library Service for the Blind and Physically Handicapped, Library of Congress.
True Crime
Examines economic fraud, a billion-dollar business that victimizes more people than violent crime. Describes Ponzi and pyramid schemes, affinity fraud,
and scams involving high-tech, stocks, commodities, and franchises. Discusses con artists’ techniques, how to prevent being duped, and how to react if
targeted. 2000.


Scambusters!: more than 60 ways seniors get swindled and how they can prevent it DB64860
Smith, Ron. Reading time: 5 hours, 49 minutes.
Read by Gary Tipton. A production of the National Library Service for the Blind and Physically Handicapped, Library of Congress.
True Crime
Consumer Issues, Personal Finance
Concise manual on recognizing fraudulent activity and avoiding becoming a victim. Describes dozens of scenarios involving banking and credit, nursing homes,
health care, online pharmacies, insurance, investments, the Internet, car repairs, charitable donations, shopping, and telemarketing. Includes resources.
2006.


Finally, the book I think you’ll want to read, I found it of interest.

Ponzi’s scheme: [the true story of a financial legend] DB60737
Zuckoff, Mitchell. Reading time: 9 hours, 59 minutes.
Read by Grover Gardner. A production of the National Library Service for the Blind and Physically Handicapped, Library of Congress.
True Crime
Social Sciences
U.S. History
Account of the 1920 get-rich-quick scam devised by charismatic Italian immigrant Charles Ponzi of Boston that led to the loss of millions by investors.
Uses original sources to document Ponzi’s rob-Peter-to-pay-Paul investment pyramid and its unmasking by Boston Post newspaper editor Richard Grozier. Some
strong language. Commercial audiobook. 2005.


Do your research. If it sounds too good to be true, then look the other way.

People like myself have asked for donations to keep the site up, or to get music, or even to try and get money for bettering a site. I know its a choice for people to donate, and for those who do, I appreciate it. The site doesn’t beg and my intent is not to beg either. These scams may. Lets learn together!

Comments (0)

Windows Defender able to download files … this can’t be good

Shaun Everiss sent me this article talking about and giving instructions on using Microsoft Defender to download any particular file from anywhere on the Internet.

While in practice, this could be helpful as a download manager, Shaun indicates correctly that it can be potentially abused.

I’m sure that most people remember the download managers we used to use years ago including Getright. Since I’ve not used it in quite awhile and we had a license, just searching for it tells me it doesn’t even run in Windows 10.

Today, I’m not sure if we really need Getright since Firefox and Chrome have their own download managers built in and they can take you to the page where the file is as well as open folders of where you saved your stuff.

The article should be shared in passing, because it can be possible for this to be abused, and it probably won’t be long before it does. Thanks Shaun for this.

What to read:

Comments from Shaun after he gives me the link:

Obviously this has its uses.

However I do wander what microsoft was thinking.

Malware users and hackers can use this file to download anything they want.

The file download is quite dangerous as well lets face it its a legit download silently by windows defender.

Now, it can be used for some troublesome files I guess but you certainly can’t block it.

I do hope it doesn’t bite microsoft in the rear though.

You’re not wrong. Could this be used as a new download manager? This is going to get quite interesting.
As an update to the post, according to winaero, a lot of security reserchers have voiced the same concerns I have.
Microsoft’s responce was to issue a boilerplate answer explaining that their stuff works and that there is no risk.
My responce would simply be to delete the feature entirely, maybe make a thirdparty tool that would handle this feature and release it if you want with a user interface or something if you want.
This isn’t smart of microsoft.
Even if this thing is not used or abused, there is no way to tell its being used unless you notice something.
The only thing is, that its likely that this will not be used extensively, you can’t just run mpcmdrun.exe from anywhere you must initiate this yourself.
The issue would be scripts trying to get downloads from who knows where.
Microsoft could restrict this to certain certifyed programs but even so.
Remove it or make a download manager the user can use is my vote.
Unless you are support then you probably don’t need it and with all the scams well who knows.

Comments (0)

IOS 13.7 has been released

Hello folks. This apple vis post talks about IOS 13.7. Its main feature is COVID-19 information. Please read the entire post to learn more about this feature and how to utalize it. According to the post, you can turn on a setting and you don’t need to download an app. I’m going to have to check this out one of these days.

Comments (0)

Tech podcast 351: Voice mail systems, Jaws, a team up, typosquatting, and more

RSS for those who want it.

Welcome to podcast 351 of the podcast. Some people can’t stand the changes in regards to one telephone system and what they did. Shaun Everiss and I team up and I created a page for it. Jaws had an update and I covered all but two. Here is the blog post on that as well. Finally, Typosquatting is discussed in preparation for the next Security Box. All this, and final thoughts and contact info on this edition of the podcast.

Comments (0)

The Security box, podcast 8: show notes reissue

I found there was an error in the notations, which I fixed in my file.

Instead of going ahead and updating the post, I’ll go ahead and make a new one.

RSS is here for you to get your copy of podcasts across the network. Remember to visit blind vms for other podcasts as we team up.


Welcome to podcast 8 of the Security Box. As you’ll see by the notes here, we’re fully packed, the show should be that way. I hope you enjoy it as much as I am bringing it together for each and every one of you.

Commentary:

  • Jennifer had quite a bit to talk about during the reairing of the Security Box from last week. Through Skype, we’ve got several messages due to Skype’s change in the way messages are taken which is news to me. We play and answer any questions asked.

Topics:

  • What do you think when you have your TV? Do you think of it as something to watch, something to possibly play games on and listen to podcasts, and that is all? We know that the apple TV allows you to watch movies and rent them through Itunes, but what about your set top box? Do you know anything about them? In an article tweeted by Security Week we are learning that several manufacturers are not fixing anything and the vulnerabilities in these set top boxes are bad. I had not envisioned this to be a malware prone set top box, and now, I am glad I don’t have a TV. Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers is the article, and I think we need to at least know about them. Avast was responsible for this research, and I think it is important for people to read this one. It talks about the set top box, and goes in to the research that encompasses it.
  • Shaun Everiss has sent me this article from stuff.co.nz in regards to New Zealand’s issues with its stock exchange. According to the article, New Zealand had its stock exchange attacked by a well-known entity known as Fancy Bear. We know on the tech podcast that Fancy Bear has been targeting people for ransom for many years now, along with other groups like apt28 which may be the same people. Look it up. NZX back online as Government assists in helping it address cyberattacks is the post and its something we need to be concerned about although the exchange is now back online. We could be the next target. This can’t be good.
  • I was asked to cover Tik Tok. Cybersecurity expert’s take on TikTok sale is Scott Schober being interviewed about the potential sale. We’ve got an interview which is covered briefly in news notes, and this video was put out on September 1, 2020 just a day before the podcast. I found this quite interesting and you may too.

News Notes:

Lots of different items have gone on this week it’ll be hard to cover everything here. There are some things linked through the blog, but I’ll highlight a few items here.

There may be things listed here we covered as a topic, but then again, there may not be.

For a complete article list, check out the tech blog where you might find other things not covered here or in the news notes file played within the podcast.

Podcast segments

Final Thoughts:

Have anything you’d like to say? Want to leave a voice mail message? Call 641-715-3800 and when prompted dial 96-96-709. Follow the prompting to leave a voice mail in the voice mail box. While Skype allows for voice mail, this won’t work anymore due to changes unknown to me, and there aren’t that many options left. I hope you’ll enjoy the program today, and thanks for listening and checking out the notes!

Comments (0)

This week in the Security landscape, news ending September 4, 2020

Hello folks, welcome to this week in the Security Landscape and news I’ve been reading within the past week.


55% of Cybersquatted Domains are Malicious or Potentially Fraudulent

In a single month, cyber-squatters registered almost 14,000 domain names, more than half of which went on to host malicious or likely fraudulent content,
Palo Alto Networks states in a report released this week. The company, which collected information on newly registered domains in December 2019, found
13,857 domains classified by its software as cybersquatting based on lexical analysis.

I want to read this article more, it caught my attention when reading the blog post. Whether the acters are cybersquatting by putting these pages up as part of their campaigns to get you when you least expect it, or whether you get it by clicking something, it doesn’t matter. Its going to definitely get ugly now. According to this article, Typosquatting is only part of the problem in Cybersquatting as a whole, and the article gives some numbers.


This Week in Security News: 09/04/2020
This article has the article linked, but may have other articles that I’ve not read as well. If there is something in this that you want me to cover, than please contact me. There are many ways to do so.


One of the questions in regards to securing strategy is whether your employees are as secure as you think they should be. Read the article Are employees the weakest link in your security strategy? Train them! for more on this one, and you can bring it up for potential topic discussion on any of the podcasts along the tech landscape here on the network. I believe that training is a start, simulations are good if you know where to get your hands on that, but let your people know to ask if they aren’t sure. I’ve got one of those, and it pays off.

The article in question even goes in to the fact that most of the attacks (92 percent of Covid-19) were email based. Email is still the first line of defense, and we can’t let our guard down.What are you doing if you run a network to teach your customers and users how to be safe with all that email?


Tik Tok can’t seem to stay out of the news. According to an article recently read, really interesting ads and things have been removed. TikTok scrubs ads promoting diet pills, fake apps after Tenable report is the article, and now I really don’t want to use the app!

The video-sharing app, which claims some 49 million daily active users in the U.S., said Thursday it removed an array of advertisements from its central
#ForYou page that marketed suspicious diet pills, fake mobile apps and other inauthentic services.

Do you think those silly scammers as mentioned in the first paragraph really care? Their reputation really doesn’t sit well with me.


Speaking of things I’ve read whether it is in the security landscape or not, lets talk about Email. I read this article from Krebs just today, and it really makes you think about short email addresses. This specifically talks about gmail, but I have a question. What about other providers? The short email address whether it is two or three letters are used for various purposes like putting it as a second email address whereby you get those password resets and the like. Apparently Krebs on Security definitely gets lots of those through another address, and he documents what he finds in a piece entitled The Joys of Owning an ‘OG’ Email Account and if you’re new to the Internet or haven’t been here in awhile, you’ll want to take a look at this article and learn what NOT to do.


Think you haven’t had enough reading about typosquatting and cybersquatting? Think again. The most popular brand websites that hackers use for typosquatting campaigns comes from Cyberscoop and it may have other info the other article I published may not have. This is going to get interesting.


If you think the FBI has some good stuff out there, apparently they do. The FBI’s digital security guide for local police actually has good OPSEC advice should be passed along to your intellegence community friends. This article is packed full of stuff that might be of interest.


Cisco Systems needs to issue a patch, according to an article. Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit is the article. The bugs are so bad, that they released info last Saturday and it talks about exhausting memory. This must be bad and I hope a patch is forthcoming.


Find something you want us to talk about? Send me an email with a link and I’ll be sure to give it a look. That’s all I’ve read this week, I’ll be back soon with more! Happy trails!

Comments (0)

The Security Box, podcast 8 for September 2, 2020

Hello folks, welcome to a packed podcast here on this program. This program has lots of different links to various things that we talk about and wht they’re about. If you’re comning here from the RSS, the RSS is too small for these notes because its over 4000 characters.


Welcome to podcast 8 of the Security Box. As you’ll see by the notes here, we’re fully packed, the show should be that way. I hope you enjoy it as much as I am bringing it together for each and every one of you.

Commentary:

  • Jennifer had quite a bit to talk about during the reairing of the Security Box from last week. Through Skype, we’ve got several messages due to Skype’s change in the way messages are taken which is news to me. We play and answer any questions asked.

Topics:

  • What do you think when you have your TV? Do you think of it as something to watch, something to possibly play games on and listen to podcasts, and that is all? We know that the apple TV allows you to watch movies and rent them through Itunes, but what about your set top box? Do you know anything about them? In an article tweeted by Security Week we are learning that several manufacturers are not fixing anything and the vulnerabilities in these set top boxes are bad. I had not envisioned this to be a malware prone set top box, and now, I am glad I don’t have a TV. Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers is the article, and I think we need to at least know about them. Avast was responsible for this research, and I think it is important for people to read this one. It talks about the set top box, and goes in to the research that encompasses it.
  • <;li> Shaun Everiss has sent me this article from stuff.co.nz in regards to New Zealand’s issues with its stock exchange. According to the article, New Zealand had its stock exchange attacked by a well-known entity known as Fancy Bear. We know on the tech podcast that Fancy Bear has been targeting people for ransom for many years now, along with other groups like apt28 which may be the same people. Look it up. NZX back online as Government assists in helping it address cyberattacks is the post and its something we need to be concerned about although the exchange is now back online. We could be the next target. This can’t be good.

  • I was asked to cover Tik Tok. Cybersecurity expert’s take on TikTok sale is Scott Schober being interviewed about the potential sale. We’ve got an interview which is covered briefly in news notes, and this video was put out on September 1, 2020 just a day before the podcast. I found this quite interesting and you may too.

News Notes:

Lots of different items have gone on this week it’ll be hard to cover everything here. There are some things linked through the blog, but I’ll highlight a few items here.

There may be things listed here we covered as a topic, but then again, there may not be.

For a complete article list, check out the tech blog where you might find other things not covered here or in the news notes file played within the podcast.

Podcast segments

Final Thoughts:

Have anything you’d like to say? Want to leave a voice mail message? Call 641-715-3800 and when prompted dial 96-96-709. Follow the prompting to leave a voice mail in the voice mail box. While Skype allows for voice mail, this won’t work anymore due to changes unknown to me, and there aren’t that many options left. I hope you’ll enjoy the program today, and thanks for listening and checking out the notes!

Comments (0)

The Intellegence Blog has moved

For those who followed the Trend Micro Intellegence blog, its got a new home. This is the new RSS feed you should use. I plugged it in and its 8 posts long now. I may talk about stuff from this new blog in the future, but they encouraged me to send thi out for those who are interested like me. Enjoy!

Comments (0)

blindvms episode10

Hi.
Note to all, this was requested by a gamer on the gamers descussion group.
Its up here because I decided to try to put it up and see.
The wireless cast was done but it was really boring so I clobbered it.
Still thinking about what next.
Laters just now

Comments (0)

« Newer Posts

go to sections menu


navigation menu

go to sections menu