The Technology blog and podcast

T-Mobile, you’re starting to learn, but another security breach greeted you

T-Mobile has learned a little bit about security but not much. An article I spotted last night and read this morning tells us that this breach was a lot smaller. The information taken could be troublesome, including sim-swapping which was reversed by tthe company, and other info about the telephone line like how many lines the customer has among other things.

The article is titled T-Mobile welcomed Christmas with its second data breach in less than six months and as I said, was good and bad news for the company.

The article does say breaches like this happen all the time, especially with sim swapping, but T-Mobile is getting scrutinized because they recently had one of the worst breaches I’ve ever seen in this space.

If you were affected by this breach, how was your experience with the company on getting things resolved?

Comments (0)

Gatekeeper security bypassed again, this isn’t the first time

I don’t get much in the mac news, but someone on my email list sent this over and its several months old. It comes from the Hacker News, and it talks about another bypass of gatekeeper on the Mac.

While I have some experience on the Mac, my knowledge is very limited. One of the things the article does state is that a PDF can be opened which could bypass gatekeeper and other security mechanisms that the operating system offers. Apple has fixed this in their September Mac update.

Want to read more? Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security is its title, and I hope that Mac users will find this of value.

Comments (0)

Did Lastpass get hacked or targeted?

Hello folks,

I’ve been seeing tweets of a potential hacking attempt over at lastpass. Lastpass is just like any companym, and I decided to go over to see if they had any news on what was going on.

The good news is that no user data as far as they can tell was ever accessed, but credential stuffing was definitely the cause on some accounts.

The article is titled Unusual Attempted Login Activity: How LastPass Protects You which you should read.

The article is detailed on what they found, the fact they monitor for such things, and advise users not to use their master password for anything else. They believe that the attempts were as a result of prior breaches elsewhere, where actors are trying to try email address and password pairs to take over lastpass accounts.

The article also talks about the password recovery process in case users need to utalize it and the fact you still need to use a browser you last logged in successfully to regain access to your account.

If you use Lastpass like I do, than you should read this one. I found this article very valuable. Thanks for reading!

Comments (0)

Shutterfly appears to have been the next victim in the ransomware is back game

Hello folks,

It looks as though Shutterfly was affected by Ransomware, according to a Cyberscoop article titled Photography site Shutterfly is dealing with a ransomware attack. From this article, we can learn that credit card data is not affected, but as security experts have said, keep an eye on things, especially if you pay for the service.

They engaged third-party services to help with the incident, which was first reported by Bleeping Computer and linked within the article.

The company would not indicate to the press whether they were talking to the actors to negotiate a ransomware payment.

If you guessed that the Conti gang was responsible for this, the Cyberscoop article says that it is. It gives a history of what this gang has done in the past.

According to the final paragraph, it says:

The ransomware attack did not impact Shutterfly.com, Snapfish, TinyPrints or Spoonflower sites, according to the company.

I’d say that this is what we know so far, and you should be vigilent and watch your credit or debit card for suspicious activity, especially if you have used Shutterfly services.

Read the article for complete details, and make it a great day!

Comments (0)

Here’s a timeline of some NSO news … Some we knew … Others we didn’t

Hello folks,

As I said earlier, I’m catching up on some news that I haven’t read, and soon we’ll cover stuff I’ve read that never saw the light of day on podcasts or the blog.

This time, it looks like we’ve got a timneline of whats going on here at NSO, and of course, it doesn’t look good.

The secret Uganda deal that has brought NSO to the brink of collapse is the article title and it definitely seems to be worth the read, seeing how the story of the downgrade was made on the money borrowed was discussed, the company defaulting on loans borrowed in 2019, and other things that have been covered as well.

From what the article says, the NSO group now wants to turn Pegasus in to a defensive operation to please the United States, but i wonder if that is past time now.

Only time will tell.

Here are several paragraphs which start the narative of what seems to be a full timeline.

In February 2019, an Israeli woman sat across from the son of Uganda’s president, and made an audacious pitch—would he want to secretly hack any phone in the world?

Lt. General Muhoozi Kainerugaba, in charge of his father’s security and a long-whispered successor to Yoweri Museveni, was keen, said two people familiar with the sales pitch.

After all, the woman, who had ties to Israeli intelligence, was pitching him Pegasus, a piece of spyware so powerful that Middle East dictators and autocratic regimes had been paying tens of millions for it for years.

But for NSO, the Israeli company that created Pegasus, this dalliance into east Africa would prove to be the moment it crossed a red line, infuriating US diplomats and triggering a chain of events that would see it blacklisted by the commerce department, pursued by Apple, and driven to the verge of defaulting on its loans, according to interviews with US and Israeli officials, industry insiders and NSO employees.

A few months after the initial approach, NSO’s chief executive, Shalev Hulio, landed in Uganda to seal the deal, according to two people familiar with NSO’s east Africa business. Hulio, who flew the world with the permission of the Israeli government to sell Pegasus, liked to demonstrate in real time how it could hack a brand new, boxed, iPhone.

The eventual business was small for NSO. A person familiar with the transaction said it brought in between $10 million and $20 million, a fraction of the $243 million that Moody’s estimated the privately owned NSO made in revenues in 2020.

But about two years after the sales pitch, someone deployed Pegasus to try to hack the phones of 11 American diplomats and employees of the US embassy in Uganda, according to two US officials, who spoke after notifications were sent out by Apple when the iPhone maker discovered and closed a flaw in its operating system in November.

This is only the beginning of a much longer story worth reading. Have fun with this one!As I said, some of this we knew, some we didn’t. You be the judge.

Comments (0)

Samsung has good phones, but what about their app store?

Just looking at the Security Box Email list, and saw an article about Samsung’s app store. If this is true, Samsung should be ashamed of itself.

Michael, the poster who sent this Phone Arena article, indicated on our network that these phones get updates and recommended them. But he never talked about the app store.

I am not sure why, maybe he didn’t know about it, or decided that since it isn’t one of his main phones, he just doesn’t do much with the phone as it is.

Regardless, this week is blogging week, and I feel that this article should be blogged. Its titled Samsung’s app store is home to potentially harmful apps and should be read.

The article talks about apps that are found in this store and what their behavior is. Its unfortunate that app stores are now having these types of problems, especially if the apps look to be just fine by reading descriptions and the like.

If you use the Samsung app store, what do you do to make sure that you’re not getting bit by apps that are exfiltrating data and asking for more permissions than they need? The boards and comment lines await you.

Comments (0)

Sans News Bites, December 28, 2021

Hello everyone, welcome to blogging here on the blog. We’re going to start the blog posts with Sans News Bites. In the December 28th edition, we find some news in regards to Log4J, other breaches in the health care industry and more.

Here is the Web page version of the newsletter that was sent on the 28th.

I hope that this finds you well.

Comments (0)

More Log4J news read during the holiday

During the Holiday break, I have been doing some reading and found some articles I want to talk about. Two of the three in this post were sent to the Security Box Email list, the third was more for people who need to know what to look for to try and protect servers and things from this ordeal and to offer steps on what you can take.

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

This is probably not a surprise. We read as part of podcast 74 that delbt with Log4J that cars may have an impact, but we really don’t know to what extent.

What we do know is that we now see that at least for now, a proof of concept may be possible.

Here is the opening paragraph. It says:

Evidence of attacks using the Log4j vulnerability was also shown in a test that triggered a bug on a Tesla car. For this case, the source does not provide much information on where it was actually executed. Nevertheless, this means that the exploitation of the vulnerability could still have an impact on the user’s privacy and the general security of the car because a back-end compromise could allow attackers to push actions to the car and serve malicious firmware over-the-air (FOTA) updates.

As we know, the invent of the smartphone can give us a lot of convenience, like checking our email on the go, looking up sports, watching sports or movies, and even playing games. According to this article, it can also replace the keys that you would put in your pocket for the electric cars. This would in turn, make the car a perfect target as you don’t have to have your key around while you operate it.

Here are other paragraphs that might be of interest in this discussion.

Beyond the three devices or properties in modern cars discussed in this article, there are still many more to test and monitor for Log4j vulnerabilities. Among them are servers’ responses to tests and plenty of other vectors that could allow attackers to use the access afforded by applications to send commands that can unlock a car, control the heating, and perform other functions that can be abused by malicious actors.

Nobody has thought about that paragraph before, have they? Yes, you don’t need a lot of gas usage now, and it saves you money, but what about the ways it could be abused like what was discussed in a Security Now episode where someone took a car for a rental and how he still had access? There’s more we’re quoting as part of this too.

Up to now, organizations and security experts are still grappling with the full extent of the Log4j vulnerabilities. It is likely that more reports looking into the effects of these vulnerabilities in specific services, devices, or applications will be released in the coming weeks. On the other hand, cybercriminals are also making the most of this time to catch potential victims, including those who are still exposed via unpatched Log4j vulnerabilities, off guard.

The main fix for the vulnerabilities is to update Log4j to version 2.17.0. This version removes the message lookup feature, which provides a way to add values to Log4j’s configuration, entirely. However, in most cases, such as RISE-V2G, using an up-to-date version of Log4j could break applications.

This is unfortunate, and that’s why we continue to see hospitals being burned, because they can’t update operating systemns and software because it’ll break stuff. Don’t know how to get around that one, I’m afraid.

There’s more including some commands that could be envoked for when things need to get done.

The Log4j story, and how it has impacted our customers

This article was very insiteful even though I’m not a Trend customer. They describe what happened happened. There’s definitely more because they’re doing research in to what is really going on and this is only one of two articles that could tell the story.

What to Do About Log4j

This article I didn’t send to the TSB list because its more for people who need to be aware of what to do to mitigate the vulnerability. Its meant for those who have log4j running within their environment and I want people to have this because its being blogged. You should definitely take a look at this if you’re affected by this vulnerability.

I don’t remember which article, but some articles may talk about multiple CVE 2021 numbers as part of the problem. Be safe, get the latest if you can, and keep reading so you can make your environments as safe as possible.

Comments (0)

U.S. Cert releases mitigating Log4J advice

Hello everyone.

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities was sent on December 22nd and it talks and links to information on what comnpanies can do to do their part on making sure they’re protected.

Perusing articles as I am known to do as of late tells me that Cyberscoop wrote an article titled: CISA, Five Eyes issue guidance meant to slow Log4Shell attacks which should be read too.

They both have information that you should probably read, and even as this is written on the 24th and posted after Christmas, we’re still in the Log4J (Log4Shell) and a couple of more days posting to the blog isn’t necessarily going to hurt anyone.

If you need to have this information, please heed its warnings, as this is only the beginning.

The JRN hopes that you have had a merry Christmas, and we hope the new year will bring us some good news too.

Comments (0)

There’s a Fake Christmas Eve termination troublemaker out there, better read this one

Hello folks,

My goal wasn’t necessarily to blog till after the Christmas holiday, except, I saw that a post of mine got some traction on Linked in where this Cyberscoop article was posted. The article is titled Fake Christmas Eve termination notices used as phishing lures and it is something that needs immediate posting.

A phishing campaign using a well-known malware families is employing a pair of particularly devious methods to trick targets into opening an infected file: fake employee termination notices and phony omicron-variant exposure warnings.

The particular campaign is our good friend Dridex, which has been around since 2014.

The suspicious email told the target that their employment would cease as of Dec. 24, and that the decision was not reversible. An attached password-protected Excel file promised additional details.

As per usual, the file asks you to click continue to run a macro which will infect your machine. According to the article, it says:

Dridex is a trojan dating back to 2014 that typically spreads through email phishing campaigns and is associated with credential theft. It’s been used to steal more than $100 million from financial institutions and banks spread across 40 countries, according to the U.S. Treasury Department.

It further hones my point that it has been around for many years.
Bleeping computer reported this on the 22nd, and if it isn’t sending the phony termination letters to potential people, it is full of ratial things that the researchers have found. That paragraph of the article says:

A reply to TheAnalyst’s tweet containing the phony termination notice noted that in some versions of the email, the “Merry X-Mas” pop-up substituted racial slurs instead of the word “Employees.”

There are two more paragraphs which I’m going to quote. one talks about the ratial things that I mentioned above.

The racist messaging with this particular Dridex effort dates back a couple months, TheAnalyst told CyberScoop Thursday. A phishing email sent to targets around Black Friday, for instance, referenced killing “black protesters,” with a license. “If you find this message inappropriate or offensive, do not hesitate to click complaint button in the attached document and we will never contact you again,” the message read.

The hackers also infuse racist email addresses into the malware payloads, TheAnalyst said, as an effort to troll researchers. Targets of the campaigns don’t see this part of the campaign, but researchers who seek out, examine and expose phishing campaigns do.

Besides that, some people may get a message about someone in the company getting infected with the latest Covid-19 varient, and what they need to do to learn more is to open the attached file.

It is of course, a passworded file.

Please make sure you know where you are getting for files. For example, the JRN will always tell you what files are being sent, and will indicate the format if possible. If you don’t see any information about what you’re getting and you see its from any of my team that may represent me, you can contact me by phone, or through a trusted address you have on file or through my contact form.

Please be safe! We don’t want you to get infected and have more problems than you already have. Thanks so much for listening, reading and participating!

Comments (0)

The Security box, podcast 75: 2022 predictions, what do you think?

This is the last podcast of the year, unless something breaks we need to cover in audio.

This week, you’ll get a discussion and even some holiday music for the Christmas Holiday this weekend.

Please find the show notes for the program below the ruler, and I’ll be back with articles of interest after the Christmas holiday. Thanks so much for reading and participating as we navigate the Security landscape together.

---

Welcome to the Security Box, podcast 75. On this edition of the podcast, come with me as we do a little predicting for 2022 with a Trend Micro article titled Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022. We’ll also have thoughts on recent news read, and its been decided that the full news notes segment will be no more in favor of topics that need discussion. This doesn’t mean that we won’t cover news, but we’ll cover it a little differently.

Topic

• Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022 Trend Micro

Comments (0)

Windows Update foreshadowed by Log4J

Hello everyone,

While I had things to attend to today, I did a little bit of reading and found Krebs On Security’s article dealing with Windows Update.

Unfortunately, we won’t be doing Windows Update because we need to do other topics, but it is important to blog what we can so that people are aware of it.

The article from Brian is titled Microsoft Patch Tuesday, December 2021 Edition for those who want to read it.

The opening paragraph of this mid-Decmeber article says:

Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month’s Patch Tuesday is overshadowed by the “Log4Shell” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.

While this is still true, and Security Now today is titled “Log4J Christmas” we should be dilligent on making sure our software is up-to-date.

The Security Now program is being taped as we speak, and should be available as a podcast by morning.

In case you missed it, here are several paragraphs as we know it and as Krebs wrote for this article.

Log4Shell is the name picked for a critical flaw disclosed Dec. 9 in the popular logging library for Java called “log4j,” which is included in a huge number of Java applications. Publicly released exploit code allows an attacker to force a server running a vulnerable log4j library to execute commands, such as downloading malicious software or opening a backdoor connection to the server.

According to researchers at Lunasec, many, many services are vulnerable to this exploit.

One of the things mentioned in this article is the mention of “Apache Struts” which was used in earlier attacks.

In regards to Windows Update, as part of this article, a half dozen of the patches are rated critical by Microsoft. The biggest flaw seeing exploitation is CVE-2021-43890

link

Malware families like Emotet, Trickbot and BazaLoader may take advantage of this flaw.

There’s much more to the article that I linked above, and I link to the CVE and other info for you to look at if it interests you.

Thanks so much for reading, make it a great day!

Comments (0)

T-Mobile finally getting with the times of sim-swapping issues? You Be the Judge

In an article recently posted but not too far dated, we are learning that T-Mobile is definitely making changes to prevent sim-swapping. As the article notates, we are in an era of breaches where T-Mobile had several through the years, and their own reporting indicates what the plans are for phone changes.

I can only see that an actor will try to tell the employees they don’t have said number they want, the operation they have in that case where phones are being switched takes place, and the consumer still doesn’t know what’s going on.

I guess we’ll have to see how this works in practice and if we have any problems.

To read all of the details, please read the article T-Mobile introduces a more secure way for authorizing SIM changes and it comes from the folks at Phone arena.

This seems recent, as the article says the changes at T-Mobile went in to effect on December 14th.

Let me know what you think by leaving a comment.

Comments (0)

Pushing Forward: What do you think the predictions of 2022 will be?

Hello folks,

As I prepare the program for this week, i’m going to talk about predictions this week. The article is titled Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022 which I’ve taken highlights of in a list type of format instead of quoting the article.

Since this is a blog post, we can go ahead and do a little more of a deap dive on this, and that’s what I’m going to do on this article.

threat actors or cybercriminals will evolve their tactics, although the TTP’S are going to be the same. According to the article, they will evolve and even go after the data our cars have. This should be a concern for those who have cars, because everything you connect to, then could be exfiltrated if it is meant to do so.

The headings in this article include:

• As they focus on making their supply chains more robust via diversification and regionalization, enterprises will implement zero trust principles to keep their environments more secure Global supply chains will be in the crosshairs of fourfold extortion techniques as companies evolve their supply chain operations
• Enterprises will ensure that cloud security basics are employed to defend their environments against a slew of cloud security threats and achieve a managed level of risk
• To remain protected against evolving ransomware threats, enterprises will set their sights on protecting their servers with stringent server-hardening and application control policies

Each portion has some very interesting things to say about each section. What worries me if this does come true is the server attacks. In theory, they may not necessarily have to lock up the files on the server, but exfiltrate the data completely out. While it could be possible for them to lock up the server, this could put us at risk. I’m predicting that if they go this way, we as consumers will have bigger problems, as we would be accessing a server that would be infected and that could in theory be passed to us. This could be a huge problem as some of us are still computer based, while some may be Android or IOS specifically based, and even some may be both PC and Android or IOS based.

While IOS 15.2 has been released to those of us with IOS, Android must be better on making sure that their updates are given to us who use it in a timely manner.

In 2022, Google, the manufacture of Android, must push their updates like IOS does. They must in muy opinion make sure their customers get the latest for the phone they have. IF Apple can do it, Google should too. Trend Micro didn’t cover this, but I should just add it anyway.

There is much more in this article which I highlight and we’ll talk about, feel free to read more and learn, and at least think about what Trend is saying. They have been in this business for 30 years, and they have insight that us consumers don’t. What they write in this article makes complete sense, only time will tell.

Comments (1)

Another U.S. Government backdoor hack? Where is the person who can fix this?

So, my question about a recent article sent within the past week to the Security Box list talking about the U.S. Government problems is: Where are the people who are responsible for this issue to resolve it?

By publishing details on whatever the vulnerability the government has now, actors can find that post and take advantage of whatever it is like they’re doing with Log4J and other vulnerabilities they wish to persue.

This article is an arstechnica article titled Backdoor gives hackers complete control over federal agency network and should be perused so you can tell other people you might know about it and make sure you and them aren’t infected with whatever this is. I read the article, and the government must be ashamed of itself, and if not, they will be soon.

Read the full article to see what’s going on.

Comments (0)

Log4J: its being used in targeted attacks

Hello folks,

Trying to do some backreading, I guess I can’t be surprised at the fact that this vulnerability will be used for harm.

In this article titled Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns it should not be surprising that countries are wanting to leverage this for their use.

While this article stipulates that the United States has not been targeted yet, it is a bit backdated and it would not surprise me if things have changed by now. We know that this is a developing story, and as developing stories go, we’ll want to keep watch on it.

This is probably going to be the first of many articles coming, so make sure that you keep your eyes open on what you find, even if we don’t blog it. It may apply to you.

Log4J is something that affects software as well as servers, and as I said as part of Throwback Saturdaynight

For a limited time, Please download this week’s show where we talk about this. Remember that you can also go to our RSS and pick up podcast 74 which we covered this as extensively as we could at the time.

Thanks so much for reading, and make it a great day!

Comments (0)

Apple Releases IOS 15.2

The JRN has heard that Apple released IOS 15.2 to address log4j. If that’s the case, wonderful! Besides that, IOS 15.2 does fix some long standing issues with SIRI and possibly other things you might find of interest thanks to AppleVis.

The article is titled Apple Releases iOS 15.2 and iPadOS 15.2; Bringing Apple Music Voice Plan, App Privacy Report, New Safety Features, and Bug Fixes so if there is anything that is of interest in this list that makes you go and update, that’s great!

There is a report saying that Bluetooth may have issues with this version, especially with braille displays. Haven’t gotten the orbit 40 to work when I got the replacement unit with IOS 15.1 even though the connection is there and it successfully sees it. It doesn’t connect, saying that it isn’t supported. It can’t be duplicated by Orbit.

Take care.

Comments (0)

More on Log4J December 17, 2021: morning reading articles

I’m continuing to read from articles that have been sent to my list about Log4J and I’ll briefly talk about what I’m reading.

Logging system security flaw compromises iCloud, Steam accounts Ars Technica

This article talks about the initial report on this explosive Vulnerability. Besides podcast 74 which we released yesterday, we’ll be on Throwback Saturday Night for the last hour of their show on the Mix. There is really nothing new within this article, but if you really want the beginning, this may be something worth reading.

Hackers launch over 840,000 attacks through Log4J flaw Ars Technica

This was talked about as part of the original articles I took from for podcast 74 of the Security Box. Unfortunately, actors will jump on anything to get their hands in to our data and Clubhouse continues to have rooms about this. I wanted to listen to the weekly news room happening at the time I’m writing, but I can’t listen to it and blog these articles, so hopefully, there’ll be a replay of this available that I can catch later.

One of the paragraphs in this article probably doesn’t surprise me any. It says:

Perpetrators include “Chinese government attackers,” according to Charles Carmakal, chief technology officer of cyber company Mandiant.

Since the Chinese have really been up to no good in my opinion, especially during this pandemic, nothing surprises me in regards to this paragraph.

I want to stress this paragraph which states:

The flaw in Log4J allows attackers to easily gain remote control over computers running apps in Java, a popular programming language.

People may be confused between Java and JavaScript, but these are two different languages. Javascript is a scripting language used in web pages, where Java can be used in programming altogether.

While I understand Apple has put out a patch, this next paragraph might be of interest. It states

Both CISA and the UK’s National Cyber Security Centre have now issued alerts urging organizations to make upgrades related to the Log4J vulnerability,
as experts attempt to assess the fallout. Amazon, Apple, IBM, Microsoft, and Cisco are among those that have rushed to put out fixes, but no severe breaches
have been reported publicly so far.

As I’ve heard in rooms, this Apache logging system is in quite a lot of products and services and this could be here for quite awhile.

Within the podcast, we mentioned our good friend Mirai, and one of the paragraphs within this article talks about other things out there that are using this flaw. That paragraph says:

According to Check Point, nearly half of all attacks have been conducted by known cyber attackers. These included groups using Tsunami and Mirai—malware that turns devices into botnets, or networks used to launch remotely controlled hacks such as denial of service attacks. It also included groups using XMRig, a software that mines the hard-to-trace digital currency Monero.

So … we’ve got actors using quite a number of old friends in new ways that will haunt this industry.

Also, the article indicates that you can get unlimited access with this vulnerability. Apache has released now two patches to deal with this, and according to what I’ve heard in rooms, its been out there since 2013.

The paragraph mentioning this statement I just mentioned says:

The flaw has existed unnoticed since 2013, experts say. Matthew Prince, chief executive of cyber group Cloudflare, said it started to be actively exploited from December 1, although there was no “evidence of mass exploitation until after public disclosure” from Apache the following week.

This is definitely going to get very interesting.

As Log4Shell wreaks havoc, payroll service reports ransomware attack Ars Technica

This is unfortunate. While Ransomware is on the rise, Log4j is taking hold as an attack vector. The company here is not ruling out the attack point being log4j and they’re very clear that this is going to take weeks to resolve. You should at least check this article out because there may be some similarities, although nothing is confirmed whether the entry point for the ransomware was Log4J or not. Can’t forget this attack point.

Patch fixing critical Log4J 0-day has its own vulnerability that’s under exploit Ars Technica

As stated, Apache has released two fixes, and this was covered in clubhouse in various rooms. In the room I left when I wanted to write this post they were mentioning that they’ll be continuing to watch this, as there are people in this industry who are in that room. They also said that the open source software packages and programs are “not secure” anymore after this, and I can see why they are saying that. I’m not about to make that claim, as software like the twitter clients for the blind for the PC are written in the open source system and they’re very safe to use. So, let’s make sure that we mention that there may be software that qualifies as not safe, but not all open source software is going to be unsafe.

The article talks about the earlier 2.15 release and what was fixed in 2.16, so please read this if you need to know what is going on.

More Later

I’ll continue to write more as I continue to read more. This is all I’ve read as I continue to catch up. Let’s make sure we stay as safe as possible

I’ll also be blogging some of the news too, as we need to be aware of this big time flaw so th news will be blogged as well. Thanks for reading!

Comments (0)

Run Firefox? Look for an update to firefox 95

Firefox 95 is out, and according to a recent article I saw on the subject sent to the TSB list, it is quite interesting what they’re doing.

The Ars Technica article is titled Firefox 95 for Windows and Mac introduces RLBox, a new sandboxing tech which talks about it.

They look to improve this technology so that they don’t have to scramble around when a major problem occurs, according to a quote. There’s a link to a write up so go and check this article out.

Comments (0)

The Security box, podcast 74: Log4J

The Securithy box was released today, and Clubhouse has the replay in raw form.

You can search me out, and you’ll find the security box room there.

If you want the podcast, please go over to the RSS feed to pick it up.

If you need a direct download, please contact me and I’ll get you a link.

---

Welcome to the Security Box, podcast 74. On this podcast, something breaking this week called Log4j. We’ll break down three different articles that talk about this. Instead of me doing news notes, we’ll ask listeners if they have any thoughts on what they have read. There may be questions, comments and other topics not mentioned here for you to enjoy too.

Topic

• Log4J

• CISA warns ‘most serious’ Log4j vulnerability likely to affect hundreds of millions of devices Cyberscoop
• CISA to brief critical infrastructure companies about urgent new Log4j vulnerability Cyberscoop
• Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited Trend Micro

---

This is still developing, and we’ll continue to blog about this and other things throughout the holidays.

Thanks so much for checking out the podcast, and make it a great day!

Comments (0)

Older Posts »

go to sections menu

---