The Technology blog and podcast

9 devices and technologies that will be going away comment

Hi all.
Well the article to this can be found at the link below.
https://www.idropnews.com/news/9-devices-and-tech-that-will-soon-be-obsolete/151060/12/
I personally think articles like these are potentially dangerous.
Microsoft and others are trying to go passwordless for example.
First is my comment then my analisis on it.

To be honest I will have to disagree with you in some respects but not others.

1 wired headphones.

I agree, generally not for everyone.

But as a gamer and audio person, I actually use my wired sets on my studio gear including laptop.

I have portable wired units I use on my digital recorder.

My gripe about wireless/bluetooth are the delays and battery usage.

This will probably get better but for now nothing beats an expensive studio set while at home.

I don’t use headphones while on the go otherwise but am thinking about the frames stuff.

Being blind I shouldn’t have my ears blocked with things anyway.

1. you are probably right with cameras period.

Most everyone uses digital cameras on their phones.

1. hard drives.

Not sure, certainly I like running things locally as well as on the cloud.

I am a home user, and admin person, so a lot of my stuff is on the drive.

Sure internal drives on laptops will be harder and harder to get so eventually workstation desk units may be the way.

However I don’t see myself storing all my audio, video, and stuff online.

Price wize, you can’t get more than 1tb personal anyway.

I can still buy hdds of 4tb or more cheap enough.

What may happen is that ssd units will drop down and maybe that will be the future maybe.

As for drives sitting about I agree, my 1-4gb flash sticks do sit about, but I usually use 8, 16, 32, and 64 gb drives on a regular basis, well while thats not daily I wouldn’t go without them.

The net isn’t going to always be accessible or accessible at any fast speed.

In some rural areas thats really bad and if you are remote well.

I remember when I had a 128gb laptop only before I got a workstation with duel drives.

I was able to do everything online but take away the net and my laptop became fucking useless!

Now for those that work in business as a primary thing, do banking and email maybe, but net speeds don’t match up to uploading terabytes of info and dragging them about.

Yeah you can and some do this, but even on a fast connection you could be waiting for weeks for a backup, though granted hdds can and have gone bad I’d still trust my multiple offline storage solutions over online any day.

The next is who’s data is it.

According to some, its whoever’s server your stuff is on and can be used for well anything you can imagine.

At any rate all that digital music etc, some is streamed sure but for those that have a subscription in the cloud thhats not really your’s, I mean you have the right to access it but its not really yours.

Analog watches, maybe bar specialised things like braille.

Phones hmph not sure.

I like a physical keyboard and a home button, touch is something I will eventually have to embrace but not yet.

Passwords.

Yeah, nice try, but I will always trust a password over anything else, unless we get microchipped like sweeden I am unsure.

Not every device has biometric devices and even if you do have them they are not always acurate to be usefull.

I have family with a lot of issues usin theirs.

We should talk about things that should die.

1. digital rights management at least for music and maybe books.

That is a good idea but its an accessibility nightmare.

1. devices with inaccessible interfaces, all this touch is nice but a keyboard is the most accessible or at least some feadback or voice guideance.

2. copy protection on dvds and everything else.

No idea why producers just don’t sell or put with your video the audio described track in mp3 or something spacifically licenced for the blind.

It would save me cracking my own dvds which I legally brought so I can listen to them or going to dodgy sites putting my system at risk of a reformat, after all they have the material in the first place.

Lets break down the article as I see it though.

1
Corded Headphones
While I see this going away on the mobile side, I wouldn’t give up this just yet.
Audio files like myself like them.
On the pc and places where bluetooth doesn’t exist or is hard to access and to be honest non wireless is always best just isn’t there yet.
Also batteries, and latency can be an issue.
The blind have delays with speech as it is.
Granted if you use a portable device and are not wedded to a workstation a lot more than me I can probably get you, but I do think there will be wired options, maybe not with the 3.5 as much, maybe duel or other.
I can get a bluetooth/wifi set with a detachable cable still and there will always be cheap units.
2
Physical Storage
While I can see this on a business sence where you run everything on the cloud or on a server, as a business user that also is a home user, physical storage has its place, audio, video, and extra stuff being in a separate place is a good idea.
True its harder now to buy laptops with duel drives so eventually it will be a laptop and a desk station or nas or something but still.
At any rate have you ever tried to run a system in a situation where there is no net or slow net?
Fine if you have 100mb to 1gb I guess or higher but a lot still don’t have that or the speed.
Worse, just who does your stuff belong to, in some cases thats the cloud previder.

Do you really want to have all your personal files and everything else you own and make owned by google over the vast amount of stuff they own of yours anyway?
Pluss while they do fail, a few storage devices in different locations are good for backup.
You can backup, I have heard of some people with backup cloud drives, but assuming things don’t crash and you can afford 8tb or somethhing like that its going to take weeks to upload and download your stuff.
Becides with all the protection with books and music locking you into expensive contracts or single devices while its good for business its not generally good for users at home at least not for everything.
And with antivirus software flagging some apps I am happy for the separate storage here though yeah its going to get harder to justify that.

3
Point-and-Shoot Digital Cameras
This I can agree with.
There will always be specialised hardware, I have got the equivilant of a camera in an olympus lsp4 for my digital recording, the issue is that recording still takes up a lot of battery on your smart phone.
And unless you have a way to get things off or have a way to access the net to get it you may have a problem.
At any rate mobile phone rates are really expensive especially if you roam a lot.

4
Analog Watches
Bar braille I can actually agree with this, who’s seen a sightling use a non digital or non smart watch anyway.
Not for a few years I bet.
5
Lightning and USB-C Charging Cables
Same as the storage issue.
Do you know how much legal, non hacked mag safe actually costs, vs a cable?
Cables will never go away, at least not while wireless charging and such costs more than cables.
There is some contravercy that these so called wireless fast chargers dammage batteries, heat them and could potentially cause harm.
The humble cable aint going away, maybe you will get everyone adopting a universal standard like usbc and using that, that would be nice at least.

6
Standalone GPS Devices
As long as you have mobile data and are in range I can agree.
Unless you have lifetime maps your standalone device is going to cost a lot to keep upgraded.
But again this article doesn’t put in to account that outside the net like in the bush your gps may be still your friend.
Stand alone devices may go away but devices will start existing in other things generally.
Cars at least some manufacturers have crappy gps units or their data packs suck.
However outside any major city your mobile whatever is useless away from a cellsite.

7
Passwords
Biometric works with some but not others.
I still see a password as having some place still, either we have a manager or something but a password is still needed as well as 2factor codes and the like.
Not every device has biometric chips, anway how secure are those anyway.
I know in sweeden there are microchipps you get but how secure are those?
However for those that can’t use fingers or well faces especially a mask, not sure how you can go passwordless.

I mean I do on my home system, I don’t need a password to login.
Now if there was a way to log into my bank without my password or username or anything that would really be good but hmmm this may be still to early a concept.

8
The Home Button
I like this as well as keyboarded devices and so do a few other blind people
It just means that if the replacement aint accessible it makes things harder for the blind, granted some have got used to it but while touch is good the best control for the blind anyway will always be a keyboard and a physical button or sequence of buttons.

9
The Apple iPod
Hmph, unsure about that.
Maybe the ipod, but music and your phone and battery life = a problem potentially pluss do enough on your device and you will get a hot device.
At any rate its the smart speaker or something now that is a pod like thing.
The ipod may be on the way out but in some situations portable devices will still be here for a bit.

Comments (0)

The security box, podcast 40: Windows Update and ransomware in the manufacturing industry

The RSS has the updated podcast. Due to little download usage, we are not providing any more links for download.

If you wish to have a downloaded copy and you don’t have RSS, let me know and I’ll upload and have an email sent to you from a service.

At some point, we will disable all download links by cancelling Sendspace but it will not be done right away.

Below, please find the show notes for today’s program.

---

Welcome to podcast 40 of the Security Box. On this podcast, we’re going to have our main topic that deals with the Windows Updates which you may have been prompted to install. Instead of news notes, I’ll pick a few of the articles and we’ll see what you think about them as I’ll give my thoughts. No full news notes this week, but plenty of content to boot. We hope you enjoy the program, and thanks for listening!

Topic: Windows Updates for April 2021

Windows, like a lot of software, gets updated each and every month. This batch for April has a record high for this year, according to Trend Micro’s write up of the patches.

According to the Trend Micro article, 114 patches were released for April with only 19 classified as critical, 4 were publically known, and one publically exploitable in the wild. 5 Vulnerabilities were submitted through Trend Micro’s Zero Day Initiative program.

We know that the exchange server fiasco has really caused some headaches over at Microsoft. Exchange was dominated by 16 different problems dealing with RPC or Remote Procedure calls. Out of the 16 critical updates for exchange, the majority (12) were flaws in the RPC runtime. The RPC runtime has to do with programming, and not necessarily having to do with user behavior. There were 15 further vulnerabilities that effected the same runtime, according to Trend Micro.

If we haven’t had any trouble with exchange before , we do now. Besides the RPC vulnerabilities, 2 additional CVE numbers were designated. They are: CVE-2021-28480
and CVE-2021-28481. The CVSS score on both of the CVE’s are 9.8.

Its interesting to note that according to the Trend Micro article, both of the CVE’s were credited to the National Security Agency (NSA) and it suggests that both should be patched as soon as system administrators are able to do it.

Besides that, if you use the Windows Media Video Decoder, there are two vulnerabilities with it. The CVE numbers for these are: CVE-2021-27095
and CVE-2021-28315. They could lead to remote execution if a specially crafted video was sent to you and opened.

Besides these, Trend Micro’s article talks about some important updates which some may want to be aware of. If you use Visual Studio you should look at the Trend Micro article from these show notes, as there are CVE’s for it. For my normal computer users, Visual Studio is used for programming and is not used by the average user.

Key networking components are also effected. Two of these, CVE-2021-28324 and CVE-2021-28325 effect the SMB component, which affects file sharing.

There are several affecting the TCP/IP portion of windows, which deals with routing across the Internet. Two of these lead to denial of service problems, and a third leads to information disclosure. The Trend Micro article should be read to see if you need to worry about these as the CVE numbers are given within it.

Krebs On Security gives highlights and even links to several CVE’s as well as a Microsoft blog post talking about the updates that may affect readers. Both articles are worth the read, especially Trend Micro’s so find the articles and see what is of importance to you.

• April Patch Tuesday Sets Record High for 2021
• Microsoft Patch Tuesday, April 2021 Edition

Topic: Ransomware hitting the Manufacturing Industry: Victims aren’t coming forward

The sectors of business are starting to get hit with Ransomware. Ransomware is defined as malware that is intended to lock up a computer and force people to pay money in the form of bitcoin to get their files back. The ransom notes are usually on the screen and instruct the victim where to go to get help and even have support agents available to answer questions such as where to get Bitcoin from a retailer.

Today’s article was read last week and talked about this now hitting the manufacturing industry. We’ve talked about numerous articles that mentioned how hospitals were affected by ransomware and two or so articles talking about how someone was killed because ransomware affected their care at a hospital and had to be transported some 70 miles away.

The article, written by Cyberscoop’s Sean Lyngaas, starts out with a true story on how Norsk Hydro had to pay 90 to 110 million dollars because production haulted for weeks as they tried to figure out what was happening. Halvor Molland is the senior vice president of communications for the company, and he had to respond to this incident. Its unfortunate that this occurs, but with everything connected in one network, its not a wonder that they got hit. This company isn’t the only one that has gotten effected by this type of thing, look through the tech blog and find ransom articles. You’ll find story after story on companies getting hit.

Norsk Hydro did something that nobody has ever done in this industry. They told their story and did it in vivid detail including releasing video interviews and telling their story of what happened. This is probably the first time we’ve actually heard of someone telling their story and we can get a picture of what they did, what they were doing, and how they were going to fix the problem.

I understand and know that ransomware attacks are mistakes. Someone clicks a link because they believe whatever the email is that they get is real, and that can happen with anybody at any company, big or small.

Even two years later, this candid reporting by this team at this manufacturing company stands out as ransomware continues to plague industries across the world during this aweful time. The actors have taken advantage of the pandemic like its the last thing they can do before the world blows up.

You know what’s sad? Cyberscoop tried to contact many different companies that were compromised by Ransomware in the last 2 and a half years. Nearly all either declined or didn’t respond to the inquiry.

To top it all off, Honeywell, a thermostat company that also endeavors in other things, declined to tell its employees and even us if we are affected by this breach at their facilities since data can be taken through the Internet these days. Honeywell has not said a word to anyone about their potential issue.

There is more, including news on the Honeywell incident which indicated that they did have a problem but it “wasn’t a big deal.” You can read the article as part of these notes for the entire detail. Let’s open it up, and get uyour thoughts!

• As ransomware stalks the manufacturing sector, victims are still keeping quiet

Comments (1)

The Security box, podcast 39 for April 14, 2021

Welcome to podcast 39 of the Security Box. Looks like we’ve got commentary from the replay of broadcast 38’s airing. We’ll answer any questions from those comments if any, as well as talk about yet another story I read afterword in regards to Facebook and why it might be a good idea to remove your telephone number or use something like Google or Text Now as your number instead of your primary one. We’ll have news, notes, commentary and more. We hope you enjoy the program as much as I have bringing it to you. Thanks for listening!

Topic: More on Facebook, why Brian Krebs deleted his Facebook account

In an article that I read on April 7th, Brian goes in to detail on why he eventually deleted his Facebook account sometime in 2020.

According to the article, a paragraph says:

The phone number associated with my late Facebook account (which I deleted in Jan. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 billion active monthly users.

We know that Facebook has never been trustworthy after any type of incident, and I honestly don’t believe that Mr. Krebs couldn’t be part of the 533 million people affected by the breach. Checking with the site, yours truly isn’t effected either, but I honestly wouldn’t believe it now-a-day especially since news of this is two years old.

The supposed database has been kicking around the Internet Cybercrime community since Last Summer, according to the article. I’ve never seen any of these databases, and with the massive amounts of databases out there and what they contain, who could confirm every piece of data in it? I like what Have I been Poned and what it is trying to offer, so don’t get me wrong when it says that I’m not in there when I put my mobile number in the site to check.

We now learn that the database was put up since June 2020 and include names, mobile number, gender, occupation, city, country and marital status. It includes data for 100 different countries and there is a link to a January 2021 twitter post within the article.

KrebsOnSecurity goes on to talk about what might happen if someone with malicious intent gets ahold of your mobile number. One of the things that could happen is your phone number changing hands, otherwise known as a Sim-swapping attack. This happens because an employee at the store you got service is tricked in to changing the information to the attacker and you don’t find out until you use your phone.

Brian talks about how it is probably time to remove your number from services like Facebook once verification of the account is complete. I’m almost tempted on doing this myself. There is a very interesting paragraph in which I got interested in. It says:

Why did KrebsOnSecurity delete its Facebook account early last year? Sure, it might have had something to do with the incessant stream of breaches, leaks and privacy betrayals by Facebook over the years. But what really bothered me were the number of people who felt comfortable sharing extraordinarily sensitive
information with me on things like Facebook Messenger, all the while expecting that I can vouch for the privacy and security of that message just by virtue of my presence on the platform.

We can’t vouch for a presence of a sensitive message just because we’re on the platform. I’ve never used Facebook or its messenger client for anything secure anyway, but that paragraph is very important.

Are You One of the 533M People Who Got Facebooked? is the question and article title we’re talking about in this segment, do read the article.

News Notes and more

• According to an article found on April 8th and written the day before, shopify let data go and it isn’t as we would think. According to the article, the California man, Tassilo Heinrich, is charged with identity theft and conspiracy to commit wire fraud; while two people outside the United States, were not charged. These other two were located in Portugal and the Philippines, according to the article. I don’t understand why these two outside of the United States aren’t charged, they received stolen data, and could have had the oppertunity of using it. California man indicted for stealing Shopify customer data is the article do give it a read.
• Think Ransomware is going away? Not so fast! This time, an article talks about emailing customers of the companies that they hack to tell the customer that they got hacked. The purpose of emailing customers is of course to get the company to pay up, although as we know, that doesn’t necessarily mean anything as ransomware gangs are only in it for the money. Ransom Gangs Emailing Victim Customers for Leverage comes from Krebs on Security and is definitely a good read.
• I blogged about this article on the tech blog, but it never made it in to news notes from what I can recall. Brian Krebs talked about someone who registered the domain krebonsecurity.top and what they’re using it for. I’ll just quote one of the paragraphs outright, it says: “Let’s just get this out of the way right now: It wasn’t me.” The article talks about the Shadowserver Foundation, who has tracked the exchange server attacks and their progress of getting patched or lack there of. According to the article, David Watson, a director of the Shadow Server Foundation Europe, tracked hundreds of unique variants of backdoors that allow the actors to keep access. What was very interesting to me, was the fact that an executable was called krebsonsecurity.exe and Brian talking about this plus the malicious domain made the article worth blogging. I just didn’t have a chance to put it in to news notes till now. Read No, I Did Not Hack Your MS Exchange Server for all of these very interesting details.
• So there was a breach of a water utility in 2019. Cyberscoop’s Sean Lyngaas wrote this article on a Kansas man who was indicted because of that breach. Wyatt Travnichek is alleged to have done it, as they claim he logged in to Ellsworth County Rural Water District’s computer system
  in 2019 and it was unauthorized access. This unauthorized access lead to a shutdown of the facility in question. He is also charged with causing damage to a computer system. According to a customer service rep, Angela Naegele, said the issue was not effected in the drinking water supply. There is no word on whether he bypassed any security controls. Kansas man indicted in connection with 2019 hack at water utility is the article, go on and check it out.
• Finally, in the “I can’t believe i heard this article” department, Michael in Tennessee read this article via arstechnica which really started me thinking about this company’s security posture. The company’s name is Q Link Wireless. They apparently had an app that allowed you to enter any customer telephone number which you had to know. After doing this within their application for IOS and Android, the person could see anything they wanted within the account with “no password required.” According to the article, this company known as a “Mobile Virtual Network Operator,” according to the article. They are based in the state of Florida. It provides government and subsidized phones to people who qualify under the lifeline program. They apparently serve at least 2 million customers, according to the article. I suggest you check jaredtech.help as I have a bunch more to say in regards to this story, suffice it to say, they apparently closed this hole by doing it server-side and no communication with any researcher or anyone who reported this to the company. For full reading of this disaster, I give you: No password required: Mobile carrier exposes data for millions of accounts: Q Link Wireless made data available to anyone who knows a customer’s phone number. is what you need to read. Have fun!

We hope you enjoy the program as much as I have bringing it together, make it a great day!

Comments (0)

Why is there “no password required” when accessing accounts? What not to do when setting up accounts for services

I’ve been contemplating this article Michael in Tennessee sent me in regards to a wireless company that thought it would be a great idea to have applications for IOS and Android that allowed people to put in any phone number of a customer and allowing anyone to have full read access to all of the data of the account.

When writing up the news notes, I wrote:

Finally, in the “I can’t believe i heard this article” department, Michael in Tennessee read this article via arstechnica which really started me thinking about this company’s security posture. The company’s name is Q Link Wireless. They apparently had an app that allowed you to enter any customer telephone number which you had to know. After doing this within their application for IOS and Android, the person could see anything they wanted within the account with “no password required.” According to the article, this company known as a “Mobile Virtual Network Operator,” according to the article. They are based in the state of Florida. It provides government and subsidized phones to people who qualify under the lifeline program. They apparently serve at least 2 million customers, according to the article. I suggest you check jaredtech.help as I have a bunch more to say in regards to this story, suffice it to say, they apparently closed this hole by doing it server-side and no communication with any researcher or anyone who reported this to the company.

The sub-titled of today’s article is entitled: “Q Link Wireless made data available to anyone who knows a customer’s phone number.” and I suppose it just fits, doesn’t it?

The article was written for Arstechnica on April 9th, and sadly the last item for news notes. People aught to be ashamed of themselves at this company for thinking this was a great idea.

Q link offers a mobile app called “my mobile account” for both IOS and Android as stated in the notations quoted above as well as within the article which I’ll link here as well.

Besides the app allowing you to see data usage, minutes available, buying minutes, minute usage, text usage and even to buy more minutes or data. It also can display the customer’s:

• First and last name
• Home address
• Phone call history (from/to)
• Text message history (from/to)
• Phone carrier account number needed for porting
• Email address
• Last four digits of the associated payment card

This is a lot of data for one account, especially when the company had it to where anyone can enter a subscriber’s phone number. Can you imagine what would happen when someone malicious came in and decided that they would take a look around?

According to the article, this wide open access has been available since December of last year, but the article only states since December.

According to a person on reddit, they reported this glaring report to the company with only a “thank you for reporting this to us.” He later reported the same issue twice this year, February and also in April. Then this past thurdday, the app stopped connecting to accounts with a message that says that the number is invalid.

I wonder what they ended up doing? Why did it take this long to fix it? Why didn’t the CEO respond to the reporter’s email(s) when it was braught to his attention?

For the complete write up by DAN GOODIN of Ars, please read: No password required: Mobile carrier exposes data for millions of accounts: Q Link Wireless made data available to anyone who knows a customer’s phone number. for complete details. This is security at its worst. Good job, q link wireless, keep up the great work.

Comments (0)

I love good news, Kansas man indicted in connection with 2019 hack at water utility

I love covering articles like this, especially when charges are filed.

A U.S. grand jury has indicted a 22-year-old man for allegedly hacking the computer system of a rural water utility in Kansas and shutting down processes
that affect procedures for cleaning and disinfecting water.
…
Angela Naegele, a customer service specialist at the water utility who answered the phone Thursday, said the 2019 incident had no impact on customers’ drinking water. The utility continuously monitors its water quality and safety, Naegele added.
…
The indictment did not specify whether Travnichek allegedy circumvented any security controls in his alleged break-in. Prosecutors cited the Safe Drinking Water Act, a 1974 law that mandates contamination-free standards for U.S. water systems, in bringing the charges.  

There’s definitely more here including:

Travnichek’s indictment comes two months after another high profile digital intrusion into a water treatment facility near Tampa, Florida. In that incident,
an unidentified hacker used a remote software program to breach the facility’s computer system, and temporarily changed the plant’s sodium hydroxide setting to a potentially dangerous level, according to local authorities.  A plant operator noticed and reversed the change.

This is critical infrastructure we’re dealing with, and people like this guy just don’t care.I’m glad he’s been picked up and charged.

For complete details: Kansas man indicted in connection with 2019 hack at water utility is what you need to read, and enjoy.

Comments (0)

Ransomware gangs not going away? Ransomware and their gangs now have something else up their sleeves

Ransomware isn’t going anywhere In fact, its been reported in podcasts that the actors are now emailing or even calling their victim customers to force the customers to call the victim to have them pay. If I remember correctly from reports I’ve heard, it hasn’t worked so well, or even if the customer calls the company and the company pays, its not the end of it in regards to possible problems.

Krebs on Security covers this quite well, and I think its worth passing along to my readers as well.

According to Brian’s article, he gives a letter that was sent to a customer of a business.

This letter is from the Clop ransomware gang, putting pressure on a recent victim named on Clop’s dark web shaming site.

“Good day! If you received this letter, you are a customer, buyer, partner or employee of [victim],” the missive reads. “The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data.”

“We inform you that information about you will be published on the darknet [link to dark web victim shaming page] if the company does not contact us,” the message concludes. “Call or write to this store and ask to protect your privacy!!!!”

To make things worse, the company that was hit this time came back and said that they were part of a third-party breach, and as we know, those can’t be good.

In response to questions from KrebsOnSecurity, RaceTrac said it was recently impacted by a security incident affecting one of its third-party service providers, Accellion Inc.

We talked about Accelion and their FTP client on a recent Security Box, which this blog and podcast seems to be going that way. Don’t worry, I still need to get a tech podcast out, although now I don’t remember what I wanted to do with it. I digress.

The University of California was one of several universities that had been hit with Klop’s ransomware, and I’m sure that this isn’t going to be the last we hear from this gang.

There are lots of links and lots more, so Ransom Gangs Emailing Victim Customers for Leverage is the article, go and check it out. Enjoy!

Comments (0)

Rogue Employees can be part of the breach problem … hope these two emplpoyees got fired

According to an article I read from the Verge, rogue employees can be part of the breach problem. The article was written on April 7th, and was found on my twitter feed

The article is entitled California man indicted for stealing Shopify customer data and talks about a man by the name of Tassilo Heinrich, who paid Shopify employees to get him data on customers which he then he sold to two people outside the United States. According to the article, this breach affected fewer than 200 merchants and it was because of employee abuse, according to the article. A linked article said that one of the merchants involved was Kylie Jenner’s makeup company Kylie Cosmetics.

For full information on this one, please read the article. Glad in this case it was bad employees, and not a full blown breach. As a side note, these employees gave access to Google Drive via links, as well as giving images as well.

According to the article, Mr. Heinrich is charged with identity theft and conspiracy to commit wire fraud; his two co-conspirators, based in Portugal and the Philippines, were not charged.

Comments (0)

The Security box, podcast 38: Facebook at it again, news, notes and more

Hello folks,

The RSS is updated with today’s program that was aired on the Independent artist channel on the mix. Don’t have RSS? Don’t worry! Here is the 100.8mb file.

Below, please find the entire show notes for all to read. The News Notes section is shorter due to time constraints, but good stuff too.

---

Welcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren’t going to do that. Why? It looks like news has gotten about Facebooks’s 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We’ll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program!

Topic: Has Facebook done it again?

Michael in Tennessee sent me an article from Phone Scoop, as well as me seeing the article we’ll be taking from, which came from Cyberscoop. It looks like Facebook is really paying for a 2019 breach in which 500 plus million people’s information including phone number were exposed somehow and later patched by Facebook.

The data, which comes from people from over 100 countries, includes users’ phone numbers, email addresses, full names, birthdates and location, among other
identifiers, according to Insider, which first “reported the news.”

The leak, was first reported by Motherboard, according to the article. The only thing that I’m unclear on is the section that talks about the fact that the leak was reported by Motherboard in January.

The information was made available by paying a Telegram bot a couple of bucks for the details according to the article. According to the article, Facebook removed the ability of searching people by telephone number after the breach. Facebook will be probed by Ireland, and its unclear if the Unnited States will follow suit by the FTC.

The article goes on on what the actors may do with the information now that the information has been made available for free. The website “have I been poned” has been updated by Mr. Troy Hunt with the information that was made available by the breach.

For more information and to read the full article, 533 million Facebook users’ personal data leaked online is the article and do read this.

News Notes for podcast 38

• Office 365 is no stranger to attack. A Phishlabs article talks about the latest threat. This time, actors can mimic websites by using Google’s API through Google Ads that allow redirects to whatever they want. The issue with this one is that once you log in, they capture your credentials as well as sending you to your account. For complete information, Breaking Down the Latest O365 Phishing Techniques is the article, which will talk about this entire process.
• Ubiquiti is back in the news. A post by Krebs on Security talks about the latest drama at the company who now has come out saying that there was a problem. After making a change that forced people to log in to their network, they were later told to reset their passwords because of a “third-party cloud provider” may have been breached. There’s more including the very interesting fact that this company should have invalidated all credentials. Ubiquiti All But Confirms Breach Response Iniquity is the article. This is going to get very interesting now.
• Finally, due to time constraints, I’ve got some good news I want to pass along. Another web boss now has been pleaded and this guy pleaded guilty. This boss was behind selling heroin, firearms and hacking tools. He pleaded guilty on charges of money laundering. Tal Prihar was captured by French authorities. Read Cyberscoop’s article DeepDotWeb boss pleads guilty to laundering millions for more.

Thanks so much for listening!

Comments (0)

The Security Box, podcast 37: The Beginning of DKIM and other stuff

It looks like I did not put the show notes up on the blog for podcast 37’s Security Box. Sorry about that!

The rss feed has been updated after the program was updated.

Don’t worry, those who don’t have RSS can get the 166.76mb file right here.

Want the show notes? You’ve got those coming right up.

---

Welcome to the Security Box, podcast 37. On this episode of the program, we’re going to talk about something I don’t think people know much about dealing with email, verification of domains in the process, the standards of what it is and how it came to be. We will also cover a very interesting webinar that I listened to by Trend Micro that delbt with the security predictions for 2021. We’ll also have news, notes, questions, comments and more as the show progresses and the listeners choice on whether they have something to contribute. I hope you enjoy the show as much as I have bringing it together for you, and thanks so much for listening!

Topic: DKIM

DKIM is a short form of a longer term which means Domain Keys Identify Mail. This may take several programs to cover, and I think its time, seeing how we had some issues that were the result of it in passing. I’ll talk about those issues in this episode and we’ll get through some of the document.

• DomainKeys Identified Mail

Webinar: Turning the Tide: Security Predictions 2021

This was quite eye-opening. Usually these predictions are in writing on a blog, and we can pick them apart. This time its in a video, and I hope people enjoy it. I did.

• Here is a link to the video.

News Notes and more

• Phishing is definitely continuing to be the topic of the landscape more now than ever, even with the pandemic continuing to rage on. In an article I spotted on Phishlabs, they analyzed 100,000 different web sites of phishing because they indicate that some are on free hosts, some are compromised web sites, yet others may be domains that have expired that they snatched up. The site analysis took place through a three month period and they found the following things: 38.3% used compromised websites, 37.4% abused free hosting services, and 24.3% used maliciously-registered domain names. Within the article, the different terms such as malicious registered are defined. There are two main headings “Discerning Compromised vs Malicious Domain Registration” and “Free Hosting Abuse” which should be read if nothing else. This was definitely a great read, and news worth sharing. Most Phishing Attacks Use Compromised Domains and Free Hosting is the article.
• Shortly after podcast 35’s airing, there was an article that was posted that made it in to Trend Micro’s “This Week in Security News” roundup which is posted to our blog. While I’m not going to link to that article in news notes, one article about the Solar Winds breach came to light. According to a Swis firm, an actor had APT access to networks for quite awhile. The name of this group is Silverfish. The firm that was named in the article is called Prodaft. Silverfish took advantage by carrying out a sophistocated attack on at least 4720 targets which included governmental institutions, global IT providers, dozens of banking institutions in the U.S. and EU, major auditing/consulting firms, one of the world’s leading Covid-19 test kit manufacturers, and aviation and defense companies. The hackers worked a normal day, monday through friday 8 am to 8 PM according to the article. The report is linked within the article which is entitled Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker so go ahead and read this one if you read nothing else.
• Speaking of Phishing, we can’t forget to mention the fact that Covid-19 scams are still out there. A cyberscoop article goes in to detail about the recent rounds of phishing pages to ask for credentials to Office 365 accounts while they send you an email about potential issues or otherwise in regards to the vaccines. All of us now have a chance to get vaccinated, check with your state or pharmacy for complete details for your needs. COVID-19 vaccine scammers are still lurking is the article, and please give it a read.
• Finally, patching after the massive flaw in Redmond is well under way with 92 percent of servers that were now patched after the biggest breach in business history to date as far as we’re aware. There’s lots of links within Cyberscoop’s article, so its best to read the article entitled Patching is trucking along on Microsoft flaws, but hackers are still meddling.

Thanks so much for listening, and make it a great day!

Comments (0)

Looks like Facebook is now paying for an old breach

According to several articles out there, Facebook is now paying for their apparent mistake that allowed people to get access to phone numbers. While they fixed the vulnerability, hackers have now made the data from the 533 million breach which includes 32 million in the United States alone publically available.

Apparently, this breach occurred in 2019, and a telegram bot could accept a couple of bucks to have access to the data.

Now, you know where this is going, right? The actors can now call you or do anything they want with your phone number, so be aware of what is happening now.

Cyberscoop is one who has details on this latest facebook ordeal, so go read it. 533 million Facebook users’ personal data leaked online is the article.

Comments (0)

mobile news for april7 could be a potential issue

Hi.
Firstly from redmondpie, we have.
1. lg is shutting down.

LG Confirms It Will No Longer Be Making Smartphones Anymore

From july 31 this year lg will be dieing out.
If you want an lg unit get one now.
Aparently they have good audio etc and will have updates and support for a while but still, lg is switching to components and electric cars, etc.
No more phones though but well there we go its been rumored for ages.

The second and more troubling is this.

uMobix Lets You Keep Track Of Your iPhone And Android With Ease

the article intro blurb states
Keeping tabs on iPhones and Android phones is something that plenty of people have legitimate reasons to want to do. Parents in particular need to know what their children are doing with their devices, not to mention where they’re going. uMobix is an app and service that makes that possible.
uMobix is an app and service that makes that possible.
Once the uMobix client has been installed on the device that needs to be tracked it’s easy to keep tabs on call history, text messages, social media apps that are being used, and more.
You’ll also have access to a GPS location tracker so you’ll always know where the phone has been and when it was there.
Need to know exactly what someone is doing with their device?
uMobix also includes a keylogger so you will always know what your kids are typing.
uMobix captures and records all user keyboard activity, whether into web browsers, messaging, or apps. You can get full insight into all keystrokes initiated.
The uMobix website has a handy demo to show what all of the features do and how they operate, and you can take it for a spin in no time at all by creating an account there and then.
The amount of information you’ll be able to track is impressive and, importantly, it could be hugely important as well.
The article doesn’t go intothe obvious downfalls of this.
1. who is you.
Is it you or is it a hacker.
Sure I could see a reason to use this.
Teen agers, children the list can go on, elderly people other cases like that, people like myself.
But when is to much to much.
1. tracking where you are.
Ok I guess that happens anyway.
2. your text messages, phone calls, what apps you use and what you type online.
I admit it here I am well an absolute bastard online, I wouldn’t trust myself with an laser rifle not to mention that humans can post without thinking.
Its hard to have your digital and real worlds to mesh, its really hard to try to equate real and virtual rules to your real world profile.
You build a profile up of whoever you are posting to and its more than often totally wrong.
I’d have a lagit issue with everyone knowing what I do online, twitter and social networks, I guess if you were a bully or predator maybe but I see no other reason for all this.
Assuming this all complies with the google permitions policies coming into force even then.
Checking emails, knowing where you are and logging your keystrokes.
No human should have that information.
Now I haven’t nore will I be visiting the site in question but assuming all the information is in a secured account, assuming its actually secured with encription, passwords and extra on extra security assuming it works then yeah this would be really good.
Sadly I can find a lot more issues than well good points.
1. Its known hackers will use lagit software to do bad things.
2. all that information is on your phone, assuming its all dialing home somewhere which means everything you do is no longer private or secure.
If this was like this on windows I’d remove all my security software, firewalls and everything, I’d set weak passwords to my bank and I’d post all my information to every hacker out there.
Its just not a good idea to handle this like this.
Next has anyone thought about the battery drains and what we have had to let go.
Covid19 has meant you need to be tracked and the government needs to know where you are.
Granted that information needs to be transfered via randomly generated security access code and that program is held by the government and the tracers need to give you a security code to enter and none know it but still.
We need to be tracked, we allready push so much online, data use and costs, data caps not to mention the battery.
Next, avoiding the first thing made in point 1, there is almost no need to have the information, in other words the same things that would need the information there are also a lot of reasons why not.
The biggest thing is us humans put to much out allready even when we don’t want to.
And automation does more.
I am currently away, and have had to remove printers, tvs, and a host of other extra programs and other things off of my workstation because windows assumes on each network I access I will want access to the devices in question.
Next of course is how secure is the client to access.
One would assume there would be a password but kids are smart.
I know friends with blocking programs set on their systems to track them because of actual good reasons, friends that have managed to hack or get by other means, like watching their parents access them, to remember the passwords turning the program on and off.
Even if we do take all this away, can you imagine what someone could do with every keystroke, everything written, passwords, etc, you may as well not use security software or any passwords at all.
We get so many spam calls and the like.
Can you imagine if you are told by someone they have your umobix password and you need to pay a million to stop your information being uploaded.
And what if it actually is.
Everypassword is compromised.
Your identity stolen.
Your credit cards gone, and you are in jail for multiple crimes you havn’t physically done but all the data is that you have.
The hackers have broken into everything from government to police and have control of all data.
All the lawsuits.
Then what.
Things will have to be made more secure which means legit reasons to get into things will become even harder and round and round it will go till world war 3 happens.
Oh did I mention that that may happen to.
In short its just not a good idea to use this.
Umobix could become the next security nightmare.
The easiest thing to do is not start.
On the other hand, this could actually work.
But no one will want to be tracked and can you imagine all the family and other relationship squobbles that will result in this program.
I have a few extreme religious families that have broken up due to restrictions.
And while a couple got away and won’t be back, one is completely on the give me cash because god told me and the other has gone away and is mentally unstable.
Won’t even talk to her mum, and is on who knows what and wants things.
This is without umobix.
Even if this does go through even without all this is it worth it.
I suspect its not.

Comments (0)

The Security box, podcast 37: Let’s Get Along and learn a bit about DKIM, news, otes and more

What turned out to be a very serious email coming from Uber turned in to a little bit of a discussion at the beginning of the show. Some of the people we deal with are different nationalities and we have to do the best we can no matter our struggles in life.

I’ve got the entire news notes below, the 166.67mb file for download, the rss feed for those who need it as well as the comment boards.

Please note, I’ve seen between the two podcasts a couple of downloads here and there. If people are interested in the direct downloads, I need to know. Otherwise, they’ll go away soon.

Here are the entire show notes for this podcast 37, hope you all enjoy!

---

Welcome to the Security Box, podcast 37. On this episode of the program, we’re going to talk about something I don’t think people know much about dealing with email, verification of domains in the process, the standards of what it is and how it came to be. We will also cover a very interesting webinar that I listened to by Trend Micro that delbt with the security predictions for 2021. We’ll also have news, notes, questions, comments and more as the show progresses and the listeners choice on whether they have something to contribute. I hope you enjoy the show as much as I have bringing it together for you, and thanks so much for listening!

Topic: DKIM

DKIM is a short form of a longer term which means Domain Keys Identify Mail. This may take several programs to cover, and I think its time, seeing how we had some issues that were the result of it in passing. I’ll talk about those issues in this episode and we’ll get through some of the document.

• DomainKeys Identified Mail

Webinar: Turning the Tide: Security Predictions 2021

This was quite eye-opening. Usually these predictions are in writing on a blog, and we can pick them apart. This time its in a video, and I hope people enjoy it. I did.

• Here is a link to the video.

News Notes and more

• Phishing is definitely continuing to be the topic of the landscape more now than ever, even with the pandemic continuing to rage on. In an article I spotted on Phishlabs, they analyzed 100,000 different web sites of phishing because they indicate that some are on free hosts, some are compromised web sites, yet others may be domains that have expired that they snatched up. The site analysis took place through a three month period and they found the following things: 38.3% used compromised websites, 37.4% abused free hosting services, and 24.3% used maliciously-registered domain names. Within the article, the different terms such as malicious registered are defined. There are two main headings “Discerning Compromised vs Malicious Domain Registration” and “Free Hosting Abuse” which should be read if nothing else. This was definitely a great read, and news worth sharing. Most Phishing Attacks Use Compromised Domains and Free Hosting is the article.
• Shortly after podcast 35’s airing, there was an article that was posted that made it in to Trend Micro’s “This Week in Security News” roundup which is posted to our blog. While I’m not going to link to that article in news notes, one article about the Solar Winds breach came to light. According to a Swis firm, an actor had APT access to networks for quite awhile. The name of this group is Silverfish. The firm that was named in the article is called Prodaft. Silverfish took advantage by carrying out a sophistocated attack on at least 4720 targets which included governmental institutions, global IT providers, dozens of banking institutions in the U.S. and EU, major auditing/consulting firms, one of the world’s leading Covid-19 test kit manufacturers, and aviation and defense companies. The hackers worked a normal day, monday through friday 8 am to 8 PM according to the article. The report is linked within the article which is entitled Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker so go ahead and read this one if you read nothing else.
• Speaking of Phishing, we can’t forget to mention the fact that Covid-19 scams are still out there. A cyberscoop article goes in to detail about the recent rounds of phishing pages to ask for credentials to Office 365 accounts while they send you an email about potential issues or otherwise in regards to the vaccines. All of us now have a chance to get vaccinated, check with your state or pharmacy for complete details for your needs. COVID-19 vaccine scammers are still lurking is the article, and please give it a read.
• Finally, patching after the massive flaw in Redmond is well under way with 92 percent of servers that were now patched after the biggest breach in business history to date as far as we’re aware. There’s lots of links within Cyberscoop’s article, so its best to read the article entitled Patching is trucking along on Microsoft flaws, but hackers are still meddling.

Enjoy!

Comments (0)

go to sections menu

---