go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: July 2021

Go to Homepage [0], contents or to navigation menu



PlugwalkJoe plugged people … 1 person at a time in different ways, now arrested

I did the show notes for this article titled PlugwalkJoe Does the Perp Walk and I have been trying to figure out how to write this in a friendly article for the blog.

While his arrest is well covered, the article linked goes in to a lot of detail in regards to Sim Swapping cases, threats on rape and murder of a 16-year-old girl and her family, bomb threats, and more.

This will be discussed on the Security Box, this week, stay tuned as I think the phone lines will light up.

Comments (0)

Sans News Bites: July 30, 2021              Vol. 23, Num. 059

Here is Sans News Bites for July 30, 2021. Guess I should look at WordPress and see if I need to give it a nudge so that it can get the latest manager unless Shaun has already done that. There’s other stuff too, if you’re interested, please feel free to read it and see if anything applies to you.

Comments (0)

Sans News Bites July 27, 2021              Vol. 23, Num. 058

This Newsletter covers quite a number of things including IOS 14.7.1, Windows has another problem mainly in server versions, the No More Ransomware project and more.
Here is a link to the newsletter for those who want to read it.

Comments (0)

A Family of Fraud gets busted

Another item that was covered in news notes delbt with a fraud family ring. This is a very interesting story because one of the suspects is 15 years of age.

The 15-year-old was responsible for selling, while a 24-year-old wrote the code. Dutch police are taking after the United Kingdom and trying to train teen hackers not to utalize their skills for hacking. I do hope that this works out for them because prison should probably be the last resort in my opinion.

The article is Dutch police bust alleged ‘Fraud Family’ phishing service members and it was a good one. Hopefully they learn.

Comments (0)

Kaseya gets a decryption key

We don’t know exactly how Kaseya got their decryption key, but they better count themselves lucky. In fact, Revil from what we can tell and learn, didn’t get paid either by their affiliate or the main operators to boot.

It seems as though Revil may not be done yet, as I spotted an article talking about a different name, and if that is the case, we’re in for a long ride.

For now, Kaseya obtains decryption key for victims of massive ransomware attack should be read, and is worth the read. Its interesting news we have in regards to this and I don’t think it’ll be the end of whatever the gang wants to call themselves now.

News Notes for podcast 54 has highlights from this article, so check out the podcast for complete details unless you want to read the article.

Comments (0)

Spam Kingpin gets time served

Hello folks,

While the podcast is out now, and show notes are up as well, I still want to write about the items I have and this one is talking about a Spam Kingpin that is getting off with time served.

The Gentleman is originally from St. Petersburgh, Russia. According to the article, he was a pivital person in the cybercrime industry, he was able to keep track of people and rent out his botnet for hundreds of dollars depending on the job you wanted.

Peter created some of the nastiest things out for its time including the storm worm, the Waledac botnet and the Kelihos botnet as well. Each of these are links within the article so you can learn about each of these.

He also ran affiliate programs which paid other cybercriminals as well.

According to the article, he’s got a family, and hopefully time served will be enough. Brian Krebs goes in to a lot more detail on everything, so if this interests you, than go and check out his article.

The article is titled Spam Kingpin Peter Levashov Gets Time Served so go check it out.

Comments (0)

The Security box, podcast 54: Scammers Will Stop At Nothing

This is the link to the Security Box which is 125.1mb. While there were no calls today, that’s OK. I covered everything I wanted to, even going back to something we didn’t really cover in great detail as part of trying to solve overall security things like not having necessary addresses on domains if you don’t need them.

DKIM can also play a part, and while i ran over the beginning of what DKIM is, and we covered it briefly as part of podcast 37, I talk about an email which failed DKIM but yet some systems will deliver it.

I believe i know why we deliver it, which I didn’t cover only because DKIM is not implemented the same everywhere, so email ended up getting lost in the process.

Below, please find the show notes, and thanks for reading!


Hello Everyone! Welcome to podcast 54 of the Security Box. On this edition of the program, learn about Windows 11, the latest Microsoft operating system and what scammers are doing to monitize even while this version is still in beta. Next, come with us and learn about the latest in the average ransomware payments as it looks like they are declining, for now. We’ll have news, notes, hopefully calls with questions or discussion throughout. If you want to leave feedback and you’re listening through the podcast, call 602-887-5198 or email, imessage, whats app, or text your thoughts. The lines of communication are given throughout and I welcome what you have to say.

Topics

Here are the topics for today’s program.

Sans News Bites

Here are links to Sans News Bites, a newsletter by Sans Institute. While we may cover some of the items in these newsletters, you should read these to determine if something affects you.

News that have been read from around the web

The following is news that have been read from arount the web. Some may be blogged, some may not have been blogged.

We hope you enjoy the program as much as we have bringing it together for you!

Comments (0)

Serial Swatter only getting 5 years

While writing up news notes for the security box podcast, I just couldn’t get mad at this article. It isn’t Brian’s fault I’m mad, he’s just the reporter. He did a great job in covering this case, and it is quite complicated.

The article is titled Serial Swatter Who Caused Death Gets Five Years in Prison and as I said, it made me mad.

An 18-year-old and his co-conspirator decided to harass various victims including a 60 year old man who died after a heart attack because police and swat teams were at his home thanks to these people. Not only that, but other people are mentioned in this article that have had dealings with the same people.

Shane Sonderman, of Lauderdale County, Tenn. admitted to conspiring with a group of criminals that’s been “swatting” and harassing people for months in a bid to coerce targets into giving up their valuable Twitter and Instagram usernames.

At Sonderman’s sentencing hearing today, prosecutors told the court the defendant and his co-conspirators would text and call targets and their families, posting their personal information online and sending them pizzas and other deliveries of food as a harassment technique.

Other victims of the group told prosecutors their tormentors further harassed them by making false reports of child abuse to social services local to the target’s area, and false reports in the target’s name to local suicide prevention hotlines.

Eventually, when subjects of their harassment refused to sell or give up their Twitter and Instagram usernames, Sonderman and others would swat their targets — or make a false report to authorities in the target’s name with the intention of sending a heavily armed police response to that person’s address.

Unable to disengage a lock on his back fence, Herring was instructed to somehow climb over the fence with his hands up.

“He was starting to get more upset,” Billings recalled. “He said, ‘I’m a 60-year-old fat man and I can’t do that.’”

Billings said Mr. Herring then offered to crawl under a gap in the fence, but when he did so and stood up, he collapsed of a heart attack. Herring died at a nearby hospital soon after.

The last paragraph is important, as this poor guy trie to comply and died because of what these clowns did.

There is also a woman that was also targeted because of her two-letter name registered on social media. She decided to use the letters of her name, VD as her username. Not only was she harassed, but a bomb threat was made among other things.

According to the article, the suspect has a confirmed condition of bipolar disorder, and a statement read to the court mentioned this and an adiction to drugs that were psychiactric in nature. The judge sentenced him to the maximum by law, but I wonder if this isn’t enough? Sure, he has medical conditions, and I could make sure he is segrigated from the rest of the public because of his condition, we need to send a message that this type of thing is not to be tolerated. Take the case, and any medical conditions and make a case on sentencing where appropriate. Thoughts? Read the full article titled Serial Swatter Who Caused Death Gets Five Years in Prison for all of the details.

Comments (0)

An explosive spyware report shows limits of iOS, Android security

Michael in Tennessee sent this to me, its worth the read. That is why we need to install our updates when there are some, and keep our guard up.

Amnesty International sheds alarming light on an NSO Group surveillance tool.

Source: An explosive spyware report shows limits of iOS, Android security

Comments (0)

Sans News bites for July 20, 2021

In the better late than never department, Here’s Sans News bites for July 20, 2021. I didn’t get this in to last week’s security box, and I’m going to try and get better on making sure that we get all of these.

There is plenty including the older news that REEvil had potentially gone dark, and we know now that that is the case. If you need this newsleeter issue, go and get it now.

Comments (0)

Ransomware payments went down 38 percent in Q2 of 2021

I’m surprised that Phishlabs didn’t write up this article, but Cyberscoop did and they did a great job. There are some very interesting stats within this article, but there are also lots of items linked in here.

Maybe I should say that there are some stats, but Phishlabs really breaks it down which is why I like their analysis much better.

So, … Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says is the article from Cyberscoop and I hope you guys read it. This is the second topic of this week’s program and yes … I quoted some stuff as it is worth quoting.

Please feel free to comment if you found this article of interest.

Comments (0)

Scammers aren’t done, Microsoft Windows 11 is targeted

In a very interesting article I read and will be one of two topics for this next week’s Security box, Scammers are targeting Microsoft windows 11.

Granted, 11 was announced in June, and an Insider build was released shortly after, but scammers know what people want. When searching out windows 11, you can get something that could be annoying, or even as bad as a trojan or a password stealer. Microsoft has a lot to worry about, and several items are mentioned within this article.

Better have your guard up, Scammers are using fake Microsoft 11 installers to spread malware is the article, and it’s also going to be linked in our show notes for discussion.

Comments (0)

Sans News bites for July 23, 2021

Hello folks,

Friday’s newsletter is out, and I urge everyone to take a listen to it by reading the article, if youread by access technology, or read it with your eyes. Some of the items may be of importance to you, and I want you to have access.

Here is the link to this newsletter for you to have.

It covers IOS 14.7 which is available now and has been for several days. I’m surprised that the Pegasus software which the tech podcast has covered for quite some time, IOS does have fixes we need to go and have applied.

Better get your game on. Maybe its time this evening that I take my phone offline to do the update. An hour is worth the time it may take to get as secure as possible. Thanks so much for reading!

Comments (0)

The Security box, podcast 53: Better Get Your Windows Update on … especially if you print

Hello folks,

This is the link to podcast 53 for you to freely download. While we had trouble with what I thought would be a simple process of merging calls, but Skype broke it. It is 184.1mb in size.

Here are the show notes for this week’s program.


Hello everyone, welcome to the security box, podcast 53. On this edition, we’ll be talking about some of the things that articles talk about in regards to Windows Update that came out the week of July 16, 2021. Seems like we had good success with last week where we opened the phone lines for others to participate in an open forum, so we’ll do that again and see what happens and if people participate or not. You can always comment after the fact by calling our voice mail line at 602-887-5198 and letting me know you want your comments aired. We’ll also have some news notes and maybe a discussion on those as well.

Windows Update

Here are the articles that deal with Windows Update. One is by Trend Micro and one is done by Brian Krebs from Krebs on Security.

Sans News bites

News Notes from around the web

>


Thanks so much for checking out the program, and we’ll make it work. Its all a learning curve, and we all learn how this works. Thanks again for checking out the program! We’ll see what next week’s program brings.

Comments (0)

SolarWinds 0-day gave Chinese hackers privileged access to customer servers

Wow. This is quite interesting. Dev0322 now in the solar winds ordeal now.

Hackers IDed as DEV-0322 have a fondness for defense contractors and software-makers.

Source: SolarWinds 0-day gave Chinese hackers privileged access to customer servers

Comments (0)

Morgan Stanley discloses data breach that resulted from Accellion FTA hacks

I can’t blame Morgan Stanley directly for this one, but anothr story about the file transfer application we talked about some time ago. Wow.

Financial services firm says data was stolen by exploiting flaws discovered in December.

Source: Morgan Stanley discloses data breach that resulted from Accellion FTA hacks

Comments (0)

Facebook catches Iranian spies catfishing US military targets

Putting a new spin on cat fishing, eh? Michael in Tennessee sent me this one, and I think we hould look at it. Found the article from Ars very interesting. Its quoted and sourced below.

Hackers posed as recruiters, journalists, and hospitality workers to lure their victims.

Source: Facebook catches Iranian spies catfishing US military targets

Comments (0)

Ransomware attack at Comparis resulted in data breach

If people are familiar with this, better know about it. Doesn’t seem like a U.S. company, so it is good for us in the States. The post is on twittr and it was three days old.

Last week’s ransomware attack on Swiss price comparison website Comparis resulted in a data breach.

Source: Ransomware attack at Comparis resulted in data breach

Comments (0)

July Patch Tuesday is here, better get your patch on … especially if you print

Hello everyone, both articles from Trend Micro and Krebs on Security are similar in content this week. While Krebs mentions Adobe as he always does, both articles make sure that you are aware of several things.

  • There are either 116 or 117 different patches are out there.
  • 15 of the patches were submitted through the Zero Day Initive project.
  • The biggest vulnerability is fixed in this week’s update dealing with printing.
  • Several other CVE’s are given and linked within talking about other aspects of vulnerabilities.

The Print issue

Both articles talk about CVE-2021-34527, an issue that deals with printing in Windows. An out of band patch was issued last week in regards to this vulnerability however it may have caused problems according to what I’ve read.

The vulnerability is known as print nightmare and there is guidance linked within Trend Micro’s article. Of course, Trend Micro talks about Microsoft Exchange and DNS servers multiplied. Krebs also has the same MSRC link for the print nightmare and links to the others as well.

I recently rebooted after a good week and Windows promnpted me to update and restart which I did.

While I don’t print, if you do, you’ll want to know about this vulnerability and othrs that might affect you, so give the two articles linked a read. Just click on their names to read it.

Comments (0)

The Security box, podcast 52: The Security of our Water Supply, news notes and a very interesting robery story to boot

Hello folks,

I don’t have a link to one of the best interesting articles I’ve found to date in a news story heard on Michael in Indiana’s local news, but boy you’ll want to hear that. We talk about the water supply hacks and go in to password managers and other topics as Michael in Tennessee joins me.

Here is the link for this week’s program. The file size is 153.6mb.

Below, please find the show notes, which include links to the things we’re talking about.


Welcome to the security box, podcast 52. On this podcast, let’s talk about the water supply hacks and the growing threat of them through the help of an interesting article by Last Pass. After that, we’ll see if people partook in an open forum of topics they want to talk about and of course news, notes and highlights from the landscape that have been read.

Topic: The Water Supply and the landscape

News Notes

Below, find links to items that are of interest we’ve read from around the landscape.

Thanks for listening!

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu