go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: October 2021

Go to Homepage [0], contents or to navigation menu



Windows update, its time to update again

Its time to figure out when a good time to update will be. Windows had its update and as usual, our two major sources posted articles.Have you found a good time to update?

Trend Micro indicates that 11 of the 71 updates were submitted through the ZDI program. Only three of the patches were rated critical.

Krebs, on the other hand, covers the gamut of updates from Apple’s 15.0.2 to Adobe and even Windows and the miriad of CVE’s that are linked within both articles.

Comments (0)

NCSAM post 8: Verizon is getting phished now

Verizon customers, not the company is getting phished now. Verizon subscribers are the target of a phishing expedition; do not respond to this text message comes to us from Phone Arena.

The same day the Security Box was to air, I had signed up for a webinar dealing with 5 Things You Need To Know About Ransomware Before It’s Too Late begins in 1 hour – October 13, 2021 at 02:00 PMEDT. You may ">view and sign up for the web cast as the replay is available.

I bring this up in this post because one of the things even though it talks about ransomware, is that Phishing and Social Engineering are the steps that actors can take when it comes to getting information.

The article reminds us of the T-Mobile breach and what is going on there, but then goes on to say that Verizon customers may be getting similar things.

First of all, most Verizon subscribers have already paid their September bill so while it might seem that the text must be from Verizon since it knew that you paid last month’s invoice, as a Verizon customer this writer can tell you that the nation’s largest carrier doesn’t offer you a gift just for making your payment on time; heck, Verizon won’t send you a gift for paying your bill earlier than the due date. 

As I said in a previous post, I’ve seen messages identifying me by name, and telling me Thanks for paying my bill and offering me a prize too. That post talking about the T-mobile breach phishing expodition should be read too, as these two posts are related.

It would not surprise me if any of the other carriers around the country will be hit with actors doing the same thing.

You don’t need a smartphone for this, even flip phones with web capability could be used, as no application is ever downloaded. How do I know this? I’ve looked at these URL’s, and the prior post talks about what I’ve seen.

I’ll say that the paragraph I am quoting is specific to Verizon, I am not sure if it applies to T-Mobile or AT&T customers. That paragraph says:

With this information, you could lose control of your Verizon account while the bad actor changes the address, password, and other information. Once that is accomplished, this criminal orders expensive new phones that you’ll be paying for. The devices get sent to your account’s new address which is controlled by the crook.

I think the advice should be followed where it says that if you receive a questionable text, call the carrier to confirm things. Since I’ve seen how AT&T sends me free text messages, I know that there is a short code. The Verizon article linked here gives the short code to forward these bogus messages to. Please make sure you read both this article I link to here on this post, and the prior one for T-Mobile along with its accompanying article.

This seems to be a hot commodity right now, and this post is post 8, although both this and the prior post has the NCSAM tag i have on the blog.

This is valuable information. Please be aware of what is going on and stay safe. Know how your phone carrier sends you texts messages so you’re aware of what might lie ahead.

Thanks so much for reading!

Comments (0)

Haven’t updated to 15.0.2? Better think about it

In an earlier blog post, I linked to AppleVis and their coverage of IOS, Ipad and watch updates. This Phone Arena article titled Apple wants you to install iOS 15.0.2, iPadOS 15.0.2 and watchOS 8.0.1 ASAP goes in to more detail on this and even talks about 15.1.

YOu can read all of the details by clicking through to the article. Keep safe!

Comments (0)

Are you a T-Mobile customer? Better pay attention to this

In a batch of stuff that came from Michael in Tennessee, this one may be a little bit outdated but worth sharing anyway.

I’ve written T-Mobile as tmobile at times, and I think that needs to change. The reason is going to be clear when you read T-Mobile customers are receiving spam texts possibly related to August’s data breach which comes from Phone Arena.

The article covers the fact that actors are going around sending text messages apologizing for an outage that may or may not have recently occurred.

A portion of a paragraph says:

The text continues by noting that the person receiving it was “one of the 25,000 affected clients” belonging to the nation’s second-largest carrier. The bogus message goes on to ask recipients of the text to take a 30-second survey about T-Mobile (note in the image how the company’s name was written as Tmobile, something that the wireless provider would never do) in return for a free gift valued at $100.

Also, another paragraph states:

Pressing the link takes you to a new page where at the bottom, the truth is finally revealed. Reading the small print reveals the information that the company behind the survey is a marketing website that is not “affiliated” with T-Mobile. On that page is a button that says “Accept.” Don’t press it even if you feel pressured by the countdown timer on the page. And note that the October 1st deadline has already passed.

I’ve seen similar messages from various area codes about my payment being processed and that I get a free gift. Looking at the link took me to a page where I got to pay a $2 processing fee. Pressing the button on that page takes me yet to another domain where it asks for personal information including number if I remember right.

I’ve also seen these URL’s and they are not AT&T’s domain or any domain they claim to be. Its quite weird if you ask me.

Just be aware of this, know what’s out there, and make sure you check those URL links if you do press the link.

Comments (0)

The Security box, podcast 65: Twitch, NCSAM week 2, news notes and more

I know that the RSS feed is updated with the Security box for the week, and I know that there were two technical issues, but the show must go on.

I meant to post this yesterday, but took the afternoon off.

Below, please find the show notes which include links to various things that were discussed during yesterday’s program.

Please follow me on Clubhouse and feel free to join my club if you wish to do so.

Thanks so much for reading the blog, learning with us, and learning something that might help you.


Welcome to the Security Box, podcast 65. On this podcast, let’s discuss an article we read after the release of last week’s program in regards to Twitch and their recent breach we were alerted to during the live taping of the program. After that, we’re going to cover more NCSAM and even have some news notes. We’ll do news notes the same as we did last week, as it turned in to a lively discussion. I hope you’ll enjoy the program, and thanks so much for listening!

Breach topics

NCSAM: Scam apps

News Notes read from around the landscape

Comments (0)

NCSAM post 8: Phishing Tips to keep you safe online

This week seems to be a Phishing week. No, no, I’m not sending any phishing e-mails, but the topic of Phishing has been on everyone’s mind. I recently was on one of our Internet Radio channel’s shows talking about the landscape with folks on Teamtalk and Phishing was a topic there too.

I’ll be on that same program again this week, where we’ll go through the landscape again with the group. Not only am I doing that, but we also have a phishing article from Lastpass that we’re going to bring to everyone’s attention as well.

This time, Lastpass has the article Phishing Tips to Keep You Secure From Scams which I’ve been thinking about lately as well.

While I have an NCSAM topic for this week’s box, I don’t want to give anything a passup if I can help it, so we’ll blog this one.

Here are the tips which are headings in their article.

  • Carefully review messages from all channels
  • Make a habit of double-checking a sender’s email address
  • Trust your intuition
  • Your password manager can help you identify phishing sites
  • Be cautious of blindly accepting multi-factor authentication (MFA) prompts

All are good in their own right, but I definitely have been trying to encourage people to check those email addresses! Since Phishing can still be coming by email, and now there are more URL shorteners than the one I like we’ve mentioned, spotting email addresses as well as checking those links are important.

Trust your gut! If you think there’s something wrong, place a call to the company if you do business with them or delete that email or don’t respond to that direct message on social media!

If you have decided to use a password manager, if programmed correctly, the password manager should make sure that you are protected. When you save a password, it should capture the appropriate domain as well as your username and password. So, if you had an account on this blog and someone made a similar blog saying that you were on the technology blog and podcast, it knows what URL is the original by that name because it saves this blog.

I had that issue with Michael in Tennessee’s blog. I thought i was going to his blog, yet it didn’t fill in my creds. I ater looked at the URL I was going to, and it was completely different, and it didn’t let me log in even if I copied my creds from Lastpass or any other password manager I use.

I’ve not accepted any authentication requests as I’ve not gotten any. But when I do, its because I’m logging in to a site and need access to my app.

When I had facebook log in problems, I got texted and emailed by facebook, and while the emails were sent at night, I went to facebook’s site to confirm what was going on even though it identified me by full name.

Is there anything else that caught your attention on this article? Sound off in the article comments here on the blog, or better yet, subscribe to the TSB list by searching for the post on this blog on how to do that, or contact me for instructions.

Each heading which is listed above has paragraphs from Lastpass, but I decided to make my own and talked about what interested me about these headings. Feel free to read what they have to say, as its valuable information too. Some stuff may be linked as well, giving you more resources.

Stay safe! We’ve got a long way to go.

Comments (0)

NCSAM post 7: Insider threats, here’s a true story

Hello folks,

Ever think that an insider threat can’t occur? We know by word of mouth that AT&T had a breach that apparently was an insider threat, but now, we’ve got an article that says that there was a definite insider threat.

The article Former TD Bank, Bank of America employee allegedly helped email scammers launder money comes from Cyberscoop.

Three people were involved in this case and it was very well orchestrated.

An accused money launderer allegedly used his position as an employee at Bank of America and TD Bank to aid an email fraud scheme that scammed five businesses out of more than $1 million.

The U.S. Department of Justice announced Thursday that a grand jury had returned an indictment against three men — Onyewuchi Ibeh, Jason Joyner and Mouaaz Elkhebri — charging them with money laundering and aggravated identity theft. The defendants allegedly operated a business email compromise scheme, in which thieves pose as a business or associate in an email then ask a victim to wire up to hundreds of thousands of dollars at a time.

These are the first two paragraphs. Lots of links and even a link to their many articles tagged BEC which this could definitely qualify as BEC with all of the money taken.

There are plenty of linked content here as well as plenty more on the case. Feel free to check this one out.

Comments (0)

A company that has been hacked for 5 years? Is This Crazy?

I thought this story about a routing company being hacked for 5 years was quite crazy, but yet, that’s what it talks about. I know that a breach can take up to 191 days to be discovered, but this hack was from 2016 to 2021 when it was discovered.

My question is, how is this possible?I think this is the first I’ve heard of this.

The article is titled Company that routes SMS for all major US carriers was hacked for five years and our good buddy Michael posted this to our TSB list. This is absolutely crazy and I hope they come out and tell us whether SMS was affected by this hack. People can send anything through SMS, and this is going to get interesting if sensitive info were to be given out or leaked somehow as part of this whole mess. Better check this one out, we all need to watch this one.

Comments (0)

Apple releases updates yesterday

Late last night, I saw two posts in regards to apple updates. Both of these come from Apple Vis.

That’s it. These are the updates for now. Thanks for reading!

Comments (0)

My first day on IOS 15.x

Hello everyone,

Well, today is going to be my first fullday on IOS 15.x.

I got it installed last night, between 8 and 9 PM.

The good news is that I have not yet experienced the IOS 15.0 bugs although I did see that I couldn’t edit an alarm but it isn’t that big of a deal.

One of the biggest things that I like are the focuses. I finally can change my schedule for do not disturb which I did today. It is still new to do,

The thing I don’t like is the vibration when voiceover has nothing to read, but turing that off in touch, vibration under the accessibility makes your phone not vibrate for other things, so its a double edge sword.

I think this will be a work in process, but I do like the idea of focuses and will see if I want to set up others, although it is a set schedule from what I can gather.

I also like the alerts per app or people aspect of this too, its well thought out.

Anything you want to talk about? Sound off!

Comments (0)

The EFF is announcing deprecation of their plugin https everywhere

Hello everyone, welcome to another blog post ehre on the blog. Today, I’m doing some news notes, and while some may be here, others may not. Today, in this post, the EFF is announcing that their https everywhere plugin will be discontinued (deprecated) in 2022, so you have time.

We know that the web is going full https, and I announced in june that we were running on full SSL redirect. That blog post talks about and links to a video of someone at the company talking about how to do this. There may be other instructions for other control panels out there, feel free to check it out.

While the browsers are updating now on a regular basis if turned on which mine is by default, maybe we should have it disabled earlier than that? I know the article Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin has the details on why this may not be the case, and links to other sources of interest and backstory.

Do you think the deprecation should happen sooner, or do you think 2022 is reasonable? Let’s discuss!There’s no wrong answer here.

Comments (0)

NCSAM post 6: Scam apps on the android store

So … I guess we shouldn’t be surprised in regards to the fact that scam applications re now being talked about in the relm of the Android ecosystem. Problem is, we can’t rule out any potentials in the IOS ecosystem as these types of things can be sneaky and could pass the checks that Apple has too. Its been done.

The article comes from Ars Technica and is titled Hundreds of scam apps hit over 10 million Android devices which should be read in full.

“This is impressive delivery in terms of scale,” says Richard Melick, Zimperium’s director of product strategy for end-point security. “They pushed out the full gauntlet of techniques across all categories; these methods are refined and proven. And it’s really a carpet-bombing effect when it comes to the quantity of apps. One might be successful, another might not be, and that’s fine.”

The operation targeted Android users in more than 70 countries and specifically checked their IP addresses to get a sense of their geographic regions. The app would show webpages in that location’s primary language to make the experience more compelling. The malware operators took care not to reuse URLs, which can make it easier for security researchers to track them. And the content the attackers generated was high quality, without the typos and grammatical errors that can give away more obvious scams.

Lots of linked material in this post, and this will also go in to our podcast as part of NCSAM because it is important to discuss this. What do you think?

Comments (0)

NCSAM post 5: We’ve got a new article dealing with Twitch

Today, we’ve got a brand new article talking about Twitch. The article is titled Trolls defaced Twitch’s website with pictures of Jeff Bezos, the latest security concern which was quite interesting to read.

It covers the same thing as the article we first covered when I blogged about this before.

I guess you’re asking what’s new?

What’s new is that we’re learning that Twitch got defaced. Deface in this context means that the site was changed in some way.

While the image of Bezos disappeared from Twitch within a few hours, the website defacement is a signal that Twitch’s security issues are not over, days after a major data breach.

A lot of people know that Jeff Bezos is the founder of Amazon, and his picture was the image that is talked about which was plastered on Twitch.

If you are interested in the update, please click through and read this update.

Thanks for reading, and make it a great day!

Comments (0)

NCSAM post 4: The Rise of OTP Password interception bots

So, I’ve been thinking of this post a little bit more since we covered it in news notes. The article is titlted The Rise of One-Time Password Interception Bots.

What was interesting about this article was the fact that it talks about SMS based authentication where the actors would get the codes because they’d call you and tell you there was a problem and you’d enter the code by telephone.

What I’m curious about is whether the authenticator apps are affected by this. The reason I ask is because if you got a call, and you believed it, you could enter those codes and they could probably try it.

I have thought about this and I think it could work although the OTP changes every 30 seconds, whereby the SMS could take minutes as they allow for it to be delivered.

Feel free to check this article out in full, and let me know what you think.

Comments (0)

NCSAM post 3: Twitch got breached, what can we learn?

Since I missed a day, I’m going to number these as post numbers now. This time, we’re talking about a breaking story as we taped the Security Box live Wednesday. The article Stolen Twitch source code, creator payment data revealed in apparent data leak is the article written during the same day.

For those who are not familiar with Twitch, the first short paragraph sums it up nicely on who they are.

Twitch, a subsidiary of Amazon, is a popular service that broadcasts esports, live music and other events to audiences that have numbered millions at a
time.

Another portion of another paragraph says:

An anonymous user of the message board 4chan — home to hackers and trolls alike — posted a 125-gigabyte torrent file that they allege includes all of Twitch’s code, including information about internal security tools, three years of payment history to Twitch “creators” and data related to proprietary software.

This number is not to sneeze at, 125GB is quite large, although not as large as some of our hard drives today.

Twitch did confirm the breach which I think is a first in quite awhile anyway.

This will be our first topic of next week’s show, appropriately because it broke during last week’s program and I didn’t look till after the program.

Lastpass tweeted out two tweets which are quoted within the notes, although adjustments to braille needed to be made as it uses symbols not known to braille.

Those tweets are:

LastPass, Worried about the #twitchleak? ? Step 1: Change your Twitch password. Step 2: Turn on Multi-Factor Authentication. Stay safe online this October (and beyond), and #BeCyberSmart. ? Via @VGC_News: https://bit.ly/3oFylYa a day ago, Khoros Publishing App

LastPass, The #Twitch leak is a good reminder to always be vigilant about your online security.
Whether you are/aren’t a Twitch user, here’s steps you can take to #BeCyberSmart: https://bit.ly/3iD3pUL a day ago, Khoros Publishing App

The time stamps mentioned here are the time from when the tweet was posted, and the client they used.

Were you affected by the Twitch breach, and what did you do? A quote said that using MFA and changing your password were not bad things to do, but the article did not say what was potentially taken.

Before I let you go, the article said they were working quickly to determine what happened, and more information would be forthcoming. If that happens and I’m alerted to it, I’ll update with more information when I get it.

Thanks so much for reading!

Comments (0)

The Security box, podcast 64: NCSAM week 1: News notes and more

The RSS has the program and I hope you enjoy the 2 hour 40 minute program.

We even changed up the ending track just to change it up.

Here are the show notes for you to have.


NCSAM is now in full swing, this week, Are You Cyber Smart? A Checklist from Lastpass will be what you need to look at with 5 great tips and things that might be of interest to you. In my writeup of this, I talked about the Neiman Marcus breach and how people should be aware of it even if they aren’t affected. We’ll have news, notes and more. Hope you’ll enjoy the show!

News Notes

Thanks so much for reading and participating in the show!


See you next time!

Comments (0)

Automated vehicles not ready for prime time, hit blind pedestrian

You’ll need to run this through a translator as the article is in German. Someone who followed me after I was in their room on Clubhouse sent me this today, and it is definitely scary.

Its definitely lengthy but an important read. A blind individual got hit by a fully automated bus, meaning that the driver was not responsible for anything, according to the article.

This is definitely going to be interesting, as i’ve been following the driving cars for years. The blind person was not killed, but missed where they were to go.

Read the article Autonomous driving
Look me in the eye, small car!
for all of the details.

Comments (0)

NCSAM day 2: let’s see more arrests

Its always nice when we see arrests of different suspects in the cybercrime arena, and I hope that during NCSAM, we will see more.

Today, I want to highlight this article titled Police raid in Ukraine results in arrests of 2 alleged ransomware hackers which was written by Cyberscoop. Several countries are going to be talking this month, according to the article, and hopefully they’re going to over this and other things.

Europol was involved in this, and Trend Micro has been known to be involved in investigations where Europol helps pick up people.

The statement did not name the group the suspects allegedly worked for, said the scammers pulled off attacks against “very large industrial groups in Europe and North America from April 2020 onwards.” The group uses a double-extortion technique in which it locks up the victim’s servers and then threatens to leak sensitive data if the victim does not pay, according to authorities.

Authorities from Ukraine, France, the U.S., Interpol and Europol were involved in the most recent operation.

There’s plenty of other stuff and linked material here, so feel free to check this out.

I hope that you enjoy reading and make it a great day!

Comments (0)

This week in security news, news ending October 1, 2021

I haven’t posted these in quite awhile, but need to. This Week in Security News – October 1, 2021 has tons of stuff in it.

  • IoT and Zero Trust Are Incompatible? Just the Opposite
  • Senators Introduce Cyber Bill to Mandate Reporting on Ransomware and Critical Infrastructure Attacks
  • Fake Installers Drop Malware and Open Doors for Opportunistic Attackers
    Cyberattacks Top List of Focuses for Business Leaders
    FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal

  • Russia Detains Head of Cybersecurity Group on Treason Charges
  • Zloader Campaigns at a Glance
  • NSA, CISA Release Guidance on Hardening Remote Access Via VPN Solutions
  • IoT and Ransomware: A Recipe for Disruption

  • Google Launches New Reward Program for Tsunami Security Scanner
  • Mac Users Targeted by Trojanized iTerm2 App

  • 4 Cybersecurity Strategies for Small and Midsize Businesses
  • Microsoft Warns of New Malware That Creates Secret Backdoor
  • Telegram Bots Are Trying To Steal Your One-Time Passwords

These are all of the article titles, so read what’s interesting to you and make it a great day!

Comments (0)

Facebook has started returning

Just a note that I’m in a clubhouse room, and they were mentioning that Facebook is up. Because of the Internet DNS issues, it may take 6-12 hours if not a day for all of this to be resolved. Security Now! will have a post-mortem report tomorrow on the show.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu