The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
Scammers impersonating Netflix, Disney+ and other streaming services – Red flags to watch for
Shaun sent this some days ago, but now I’m having time to read it. Its a thread on an email list that was discussed from this Kim Komando piece. We’ve talked about Kim on one of Throwback’s security segments for October, so was happy to see this. Take a look at this, as the holidays are upon us and they’ll stop at nothing to get our stuff.
Phishing scams are increasingly being used to impersonate streaming services. Here’s how to spot them to avoid falling victim.
Source: Scammers impersonating Netflix, Disney+ and other streaming services – Red flags to watch for
Comments (0)
This could be a cautionary tale, phones not to get
Some of the articles sent through the Security Box I’ve not read, and may have kept them around for some reason or another. This one I’m referencing can probabbly be a cautionary tale of what not to get, as I don’t know if they’re even still available.
The article is titled Security audit raises severe warnings on Chinese smartphone models and it comes from Ars Technica.
It talks about a couple different Chinese-made phones, which may be sold by Amazon and Walmart. The article doesn’t link these phones because there are quite a lot of problems with them.
The biggest thing, is that these phones will take you to different app stores, replacing the Google play store. It also can redirect you to potentially dangerous malware, depending on what you search for. legitimate pieces of software you’re looking for.
While this may be late, you should always check out where software is gotten from, as you don’t know at least with these devices if changes were made.
The article has complete details on what to look for but doesn’t cover what to do about it mainly because there isn’t anything you can do.
If this is still ttrue, please make sure you’re staying safe and getting what you really want this Holiday season.
Comments (0)
The NSO is finally getting sued
This is going to be a “things to ponder” for our next podcast, and I’ve submitted it to Throwback Saturday Night for future airplay. It isn’t an urgent thing for them, but something we all should be aware of.
The NSO group has been covered by numerous podcasts including Security Now and this one just for a two examples. I’m sure others have too. This is because of something called Pegasus which has been used as a surveilance tool at Journalists and other people.
Apple is suing them because they are targeting their products, and even one recent patched vulnerability is discussed. The NSO group claims their software has saved lives and governments have assisted in arresting pedophiles and other criminals thanks to the software.
The article indicates that there was no backup to the NSO claim of the above, and from what I’m hearing, it has done nothing but become a problem.
The Pegasus software can be installed without any knowledge of the victim, and it can do anything the NSO group wants. It is an Android and IOS problem, and the developers of this software bypass the software all of the time.
We’ll have to see what this lawsuit will look like as it proceeds.
- Apple sues Israeli spyware group NSO Ars Technica
What do you think of this one? A good thing or a bad thing? Why or why not?
Comments (0)
Linux has a serious vulnerability, I hope a patch is out soon
Hello folks,
I’m way behind on this blog, and really need to start writing about what I read. Today, I’m hoping to start that again.
This topic is going to be the main topic for our next security technology podcast, and it could possibly affect us. Why? Because one of the pieces of software it affects is Bind, whicjh allows sub-domains to be bound to the account, especially when it is on a shared server.
It is probably used through Linux, regardless of shared hosting or not, but when creating sub-domains, I always see messages from the control pannel that it is reloading bind. I suppose that unbind would take place for a deletion, but I don’t know anything about the third, dnsmasq. The show notes will not cover the other two, but if I’m completely wrong, someone can correct me.
The article was sent by Michael in Tennessee, and it is titled Linux has a serious security problem that once again enables DNS cache poisoning and comes from Ars Technica.
There is quoted material of all kinds, so go read and learn. Enjoy learning a little today.
Comments (0)
The Security box, podcasts 69-71
Hello everyone,
I know I’ve been devoid of blog postings lately, there’s a lot happening. However, the podcasts continue.
Podcast 69
Welcome to the security box, podcast 69. On this edition of the podcast, we turn our attention to another story, bullying over the telephone lines. We have some news, notes and commentary as well, but the bulk of this program is to think about what might go on these lines whether it is one you are on now, or one you’ve been on. Thanks for listening!
Podcast 70
Welcome to podcast 70 for the 17th. Its open forum today, hope you all enjoy it! Lots of different topics. Hope you enjoy!
Podcast 71
Welcome to the Security box, podcast 71. On this podcast, we’re going to cover things we did not cover last podcast including windows update and a very interesting report dealing with the threat trends for November 2021. We’ll have news notes and plenty of it too. Hope you enjoy the show!
Patch Tuesday
- Microsoft Patch Tuesday, November 2021 Edition Krebs On Security
- November Continues Streak of Quiet Patch Tuesdays Trend Micro
Threat trends and intelligence report
News Notes
Below, please find the links for the news items that are going to be talked about for this week. We may have blog posts on some of these, so make sure you check out the blog for complete details on things and maybe you’ll find something you want to comment on.
- The US closes Huawei loophole, will no longer grant exceptions for ISPs Ars Technica
- More than 1,000 Android phones found infected by creepy new spyware Ars Technica
- Malware downloaded from PyPI 41,000 times was surprisingly stealthy Ars Technica
- US charges Ukrainian and Russian nationals over ransomware attacks Ars Technica
- US says Iran-backed hackers are now targeting organizations with ransomware Tech Crunch
- Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating Ars Technica
I hope you enjoy the program, we’ll have more news notes and another great program next time. Thanks for listening!
All podcasts are on our RSS feed for you to go and get. If you need copies, please let me know. I’ll be happy to send you what you need.
Thanks so much for listening to the programs, and I hope you’re getting something out of it. Replays are also available on Clubhouse, just search for my name and you’ll find me, my profile, and my clubs and replays. Contact me if you have any questions.
Comments (0)
Is it time for you to watch for packages? Beware of things to watch for
Hello folks,
I talked about this for a future program of Throwback Saturday Night which will air this Saturday on Server 2 on the mix. While I made it not article related, I said I’d be posting this to the blog and I amdoing that.
There are lots of ways to get notified of packages without relying on the dreaded text messages telling us to click on links. Doing so, could get you in to a lot of trouble.
As you’ll soon find out when we play the threat trends and intelligence report which I attended yesterday, I happened to ask about the recent barrage of texts about potential packages and the fact they have potentially been delivered or not, and the particulars of messages that say you’re due a prize for paying your bill.
If you’ve not been to the quarterly trends reports, Here’s the one from Yesterday. We’ll be talking about it, and even Michael in Indiana talked to me about it last night as I uploaded a copy to Live Wire for their perusal.
What does this have to do with packages? Plenty. The number one threat that is still talked about is Phishing, whether it is Email based, voice based, text messaging, social media or even an unpopular method with QR codes.
I’ve seen these codes in setting up two-factor authentication with apps, but I am unfamiliar how they really work as it can include URL’s that phishers have used in certain circumstances. While it isn’t common here int the states, it has been used.
They could in fact, get you to view a QR code instead of clicking on a link as we’ve seen through SMS and email in the future and that’s where our topic that is going to highlight this blog post comes in.
The major carriers like UPS and Fedex use short codes instead of phone numbers for SMS communication. When you are signing up to get notification through their web sites, you give them your phone number, and you have to confirm receipt and can even ask for all deliveries to come to you. I did that through USPS where all updates are received when I submit to them a tracker.
The article ‘Tis the Season for the Wayward Package Phish written by Krebs on Security talks about the various problems like Phishing emails perporting to be coming from fedex. According to the article, this can be bad, as it can ask you for another delivery time.
The ones I’ve seen indicate that I’ve had packages attempted 4 times. They want a $2 processing fee, and then they ask me for name, address and the like on a completely separate domain from the one I start with. BTW, both domains I’ve seen aren’t your major carriers either. Please read this article all the way through, because it is important you do so. If you want your packages saved, you should read the article anyway.
Have yourself a great day! Stay safe!
Comments (1)
Braille 2000 version 2.278
Hello folks,
A little bit late here, but if you run B2K, you’ve been tipped off in regards to an update which fixed some bugs.
Here is what’s new, thanks to Bob.
Hi,
One more time… yet another B2K.
There are five fixes:
- 1. In Select Pages, The Include Current Page button did not update the display of selected pages.
- 2. Substitutions (e.g., replacing tabs with spaces) didn’t work for Paste
- 3. When Pasting material not in UEB, the target document code settings would go screwy
- 4. If the cursor is in gray, Enter does nothing (might happen following paste)
- 5. When doing interpoint, the file might end with a gray-fill blank back side. It can be awkward to input more prose (the cursor is in a sea of gray). The new feature Insert / Text Page will generate a new page (with a blank paragraph waiting for input) that is anchored using braille page break.
Please use the panel, file management, check for updates option or download the full installer from our web site if needed.
Comments (0)
So … What Happens when you die? What will happen to your crypto currency?
OK, I know its not a subject we want to talk about, and I recently signed paperwork for myself should something happen and I need medical care. But what about those who have crypto currency? I saw an article on Twitter that covers this aspect of things which I thought was quite interesting.
One of the things it says is that Crypto is an investment and it can be rewarding. I do like the technology, but I just don’t feel that investing for me is the right thing to do.
If you do invest, know what you need to do for your will in case you die. onal
More
navigation region end
Business News
› is the article and I think it should be passed along.
I don’t want to scare you one bit, but I’ve been told how crypto trading is worth it and all that, and I’m happy for people who do it. Just know what happens if you don’t do something if you suddenly die and your family and friends have to close things out for you. You don’t need to make a hard decision today, but you should make one just the same, and maybe sooner than later, depending on your health and other circumstances.
I hope that this is of interest.
Comments (0)
Time change
Hello everyone. This is a note to indicate that we’ve changed the time on the blog to match Pacific time for standard time.
I’ll be starting to blog again, I’ve been lackluster at best, but i’m still here. I hope that you find the blog of interest and make it a great day!
Comments (0)
The Security Box, podcast 68: NCSAM extra! Social Media, News notes and more
Hello everyone! The rss feed has the podcast up, and below you’ll find the show notes including a very interesting blog post that our own Shaun Everiss wrote.
You should read it.
Welcome to the Security Box, podcast 68. On this edition of the program, let’s talk about social media and phone line issues as it relates to cyberbullying and other related topics. We’ll also have news, notes and more.
Social Media discussion
In a very interesting turn of events, I wasn’t necessarily going to put anything in to this section because I was going to do a full vocal discussion. But when I saw my own digest on my blog, I saw a very interesting post dealing with Social Media and other things related that I’ll link here. I’ll still do vocal talk with no notations, but this post is worth bringing up.
,
- Don’t miss what’s happening People on Twitter are not the first to know. The Technology blog and Podcast’s Shaun Everiss
News Notes
- Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018 Krebs On Security
- ‘Cyber event’ knocks dairy giant Schreiber Foods offline amid industry ransomware outbreak Cyberscoop
- A Russian-speaking ransomware gang says it hacked the National Rifle Association Cyberscoop
We hope you enjoy the program, and thanks for listening!
Comments (0)
navigation menu
- Archives
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
Join 10 other subscribers
- The tech blog’s pages
- Blogroll
- Crashmasters blog
- Cyberscoop
- Documentation
- Improve Internet Accessibility for Individuals with Impaired Vision
- International friends network stream
- Kim Komando
- Krebs On Security
- Plugins
- Register to this site
- Suggest Ideas
- Support Forum
- supporters and partners
- the blind perspective
- The Jared Rimer Network donations page
- The Phishlabs Blog
- The Security Box discussion list
- The Technology blog and podcast and TSB on amazon music podcasts
- Themes
- toptechtidbits
- WordPress Blog
- WordPress Planet
- “Blind VMS and the Tech podcast join forces”