The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
WordPress safe to use, but be caucious on where you get your plugins
Let me start by saying that I hope that the attack that is discussed in this article we’re linking from is resolved, and the company has figured out what caused the supply chain attack.
The rticle that I’ve been contemplating writing on as well as being delayed for this coming week’s show is Supply chain attack used legitimate WordPress add-ons to backdoor sites.
Dan Goodin talks about the challenge, the fact that the company didn’t comment, and what the researchers at Jetpack found.
Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found on “quite a few” sites running the open source content management system.
The backdoor was discovered by security researchers from JetPack, the maker of security software owned by Automatic, provider of the WordPress.com hosting service and a major contributor to the development of WordPress. In all, Jetpack found that 40 AccessPress themes and 53 plugins were affected.
Let me say that the plugins we have installed on the blog come by way of instlaling them through the WordPress interface itself. You can get a zip file and unpack the zip and install it in the plugins directory and that’ll get a plugin installed. It is usually safe to do this, but it seems like there was a coordinated attack that was launched at the same time updates were pushed out. WordPress.org’s repository was never compromised, says the article. That doesn’t mean that it couldn’t have happened, and millions of sites were affected.
The article talks about a script called initial.php which was used to drop other things.
I highlight this in the discussion points for the podcast, and of course the company didn’t comment. I hope they’ve gotten this fixed.
Comments (2)
Lastpass gets award, again
I don’t know why I’ve been holding on to this article, bt I have. G2 Leader in Password Management, SSO, and MFA for Winter 2022 comes from Lastpass and it talks about a company giving them yet another award.
With the recent improvements in keyboard access for LastPass, this is definitely a good thing, but I wonder how the others fair in accessibility?
The reason why I ask is because I’ve not used the others, and I think they should be given a look.
We’re thrilled to share that LastPass has been named a leader in the G2 Winter 2022 Grid Reports. G2 is a leading peer-to-peer review site that provides unbiased user reviews on leading software solutions. Quarterly, G2 highlights the top-rated solutions in the industry, as chosen by customer reviews.
LastPass has been named a leader in the Winter 2022 Grid Reports for Password Management, Single Sign-On (SSO), and Multi-Factor Authentication (MFA).
We’re excited to receive these awards as they are based on verified LastPass user reviews. Thank you to all the LastPass customers that have left us a review. We love hearing how LastPass meets your business’ requirements and provides security to your organization.
You can read the entire article and decide what works for you. I like what Lastpass has to offer, and I like their blog too. Congrads, Lastpass. Keep up the great work!
Comments (0)
Crime shops selling stuff: this isn’t surprising,: hacked log ins anyone?
I guess this should probably go in to the “I am probably not surprised” category. Brian Krebs penned an article titled Crime Shop Sells Hacked Logins to Other Crime Shops which I recently read.
This probably doesn’t surprise me, as shops are always needy of data to sell, and some may have less than others.
Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites.
This is just the first paragraph of this fascinating article. The second paragraph says:
Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.
The third even says:
The site says it sells “cracked” accounts, or those that used passwords which could be easily guessed or enumerated by automated tools. All of the credentials being sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, as in the case of “bot shops” that resell access to infected computers.
So we’ve got criminals ripping each other off to get the most bang out of their buck if you will by selling their most prized posession, the stolen data that makes them their money to begin with.
One example of this going on is known as the Genesis Market, where customers can search for such stolen data. I’ve linked to the market although it is a blog post elsewhere on the web.
The article is quite fascinating, and I hope that you take a look at this one. This may be where our next stolen data is off to, and we just don’t know it yet.
Great job, Brian, you did it again with this one.
Comments (0)
We Know that REvil was taken down, but was it a good one? You decide
As I look to try and post over the weekend, we can’t look over an article talking about REvil. We talked about people who were arrested in Russia, but could it be the end in Russia for cybercrime?
According to the first paragraph, it says:
The Russian government’s Jan. 14 takedown of suspects associated with the notorious REvil ransomware group was an example of increasing cooperation between the U.S. and Russian governments on cybersecurity matters, a top Russian official said Friday, but the Russian government is still waiting for U.S. reciprocation on its own cyber requests.
We know through hearing some talk that Russia and other countries are having troubles, which I hope we don’t get involved in to be honest. What the Russian government wants in exchange for these arrests, is a clear definition on what DDOS is and this link is the link to the statement talking about DDOS.
More importantly, we know that Russia has metalled in elections, and if I were a betting man, we’re afraid that Russia will compromise us through a DDOS attack in a future election we may not be prepared for.
I’d love to see a day where we can hold elections over the Internet, just like shopping and other activities are held today. We’d have an election site we’d have to authenticate with and the appropriate ballot information is given to us for submission. I’m not sure how this would work with countries like Russia wanting to metal in everything, but that’s what I hope for.
The full article we’re talking about today is titled Top Russian official cites REvil arrests as sign of cooperation, says Moscow is awaiting reciprocation which comes to us from Cyberscoop.
I found the entire article interesting, but I don’t want to be talking about Russia much when China and other countries are doing the same as Russia is.
In no way am I saying the U.S. isn’t doing the same, but the Internet was not built for this type of problem we’re dealing with. I guess we’ll have to wait and see what happens as everything settles down.
Comments (0)
Pleading with hackers, the Red Cross is asking actors not to sell or use stolen data
Our very own Michael in Tennessee sent this article some days ago and I’m finally getting a chance to read it. Its an interesting article which I am not sure if the tactic is going to work.
Its unfortunate that the Red Cross stored data in Switzerland which got stolen. Sadly, its the world we live in. As some of us have said on the podcast, we feel its going to get worse before it gets better.
The opening paragraph of this article says:
The Red Cross on Wednesday pleaded with the threat actors behind a cyberattack that stole the personal data of about 515,000 people who used a program that works to reunite family members separated by conflict, disaster or migration.
A subsequent paragraph which has linked material says that whoever is responsible is possibly going to hurt innocent people who are already suffering for whatever reasons the Red Cross is involved with dealing with them.
According to another paragraph:
Wednesday’s release said the personal data was obtained through the hack of a Switzerland-based subcontractor that stores data for the Red Cross. The data was compiled by at least 60 different Red Cross and Red Crescent National Societies worldwide. The ICRC said it has no “immediate indications as to who carried out this cyber-attack” and is so far unaware of any of the compromised information being leaked or shared publicly.
That’s nice, we don’t know if its shared yet, and I believe the possibility is out there that it is. Its probably on the underground by now, and we as normal visitors on the web don’t have access to that.
I do know someone who has used services like TOR, but he tells me that the usage of such sites are the same as it would be on yours and mine, and access technology appears to work with at least TOR.
There is other information including links to other information. The article we’re taking from today is titled Red Cross implores hackers not to leak data for 515k “highly vulnerable people” and comes from Ars Technica.
I know I still have backdated stuff to post, and I’ll look to see how revelent they are before I post it. The fact is that this is a bit backdated as when it was sent to us, but it isn’t necessarily months old. I have stuff going back to December of last year that i’ll see if there is still revelent info from and try to get some of that posted if not talked about somehow. This should be, and let the boards begin.
Comments (1)
A story about payday loans that just go completely wrong
You’ve heard the story, someone promises you a loan and you find out later the interest is higher than what you asked for. While I was out, I read a very interesting story of some folks involved in this, and it seems to me that it intales several companies.
What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience spotlights what can happen when ID thieves and hackers start targeting online payday lenders.
The reader who shared this story (and copious documentation to go with it) asked to have his real name omitted to avoid encouraging further attacks against his identity. So we’ll just call him “Jim.” Last May, someone applied for some type of loan in Jim’s name. The request was likely sent to an online portal that takes the borrower’s loan application details and shares them with multiple prospective lenders, because Jim said over the next few days he received dozens of emails and calls from lenders wanting to approve him for a loan.
So … this is the first several paragraphs of a full length Krebs article titled Scary Fraud Ensues When ID Theft & Usury Collide.
This article talks about several companies that were involved in this shady business, although I don’t want loans, I want to get money fairly. Here is more interesting things from this article.
Curiously, the fraudsters had taken out a loan in Jim’s name with MSF using his real email address — the same email address the fraudsters had used to impersonate him to MSF back in May 2021. Although he didn’t technically have an account with MSF, their authentication system is based on email addresses, so Jim requested that a password reset link be sent to his email address. That worked, and once inside the account Jim could see more about the loan details:
The terms of the unauthorized loan in Jim’s name from MSF.
Take a look at that 546.56 percent interest rate and finance charges listed in this $1,000 loan. If you pay this loan off in a year at the suggested bi-weekly payment amounts, you will have paid $3,903.57 for that $1,000.
Jim contacted MSF as soon as they opened the following week and found out the money had already been dispersed to a Bank of America account Jim didn’t recognize. MSF had Jim fill out an affidavit claiming the loan was the result of identity theft, which necessitated filing a report with the local police and a number of other steps. Jim said numerous calls to Bank of America’s fraud team went nowhere because they refused to discuss an account that was not in his name.
That’s where they’re wrong. The account was in his name, it was his email address. He was able to authenticate with it by resetting the account, so now it was his. He proved that he didn’t take or even ask for the money and the outrageous percentage of payment. You can learn more about these as it has been covered before in various articles on the web. This is definitely a very interesting article that you should read more of if you’ve seen suspicious loan terms like what is described in these paragraphs.
Comments (1)
Apple releases IOS and Mac versions to fix Safari leak
Hello all,
We have some updates in regards to a blog post which got delayed two days for some reason. It talked about Safari and why it wasn’t a good idea to use it. Here is that blog post if you need to have it.
Now, for the update. Apple Releases iOS 15.3 and iPadOS 15.3 With Fix for Safari Bug That Could Cause the Leaking of Users’ Browsing History and Google ID | AppleVis is the first article. It talks about the fact that Safari is fixed. Apple Releases macOS Monterey 12.2, watchOS 8.4, tvOS 15.3, and HomePod Software 15.3 | AppleVis is the Mac post.
Both are from Apple Vis, and both talk about how to update your specific device.
It is very important that when possible, we update our devices to this version so we can prevent the leak. Since I’m on a call at the time that I’m blogging this, I plan to do so within 24 to 48 hours.
Please read the prior article so you’re aware of what this is fixing. Thanks so much for reading and participating on the blog and podcast. I really appreciate everyone who sends comments or participates live. No matter whethetr you listen and participate, listen, or just read the blog, let’s make sure we get the information out there that is of importance to you.
Comments (0)
The Security Box, podcast 79: This App is completely safe to use
Hello everyone. Its time to release podcast 79 of the Security Box.
I’d like to personally thank those people who came on to Clubhouse with me to discuss this topic, and the link to the article we take from is coming up unless you’ve viewed it already on the blog.
Don’t have RSS? No problem! Go ahead and download this 78.52mb file and I hope you enjoy the program no matter how you get it!
Below, please find the show notes.
Welcome to the security box, podcast 79. I probably am not surprised really about what we’re going to talk about, and it was talked about on Throwback Saturday Night’s security segment. Now, we’re going to take our time on it, because I feel we need to.
What are we talking about you might ask? Toronto lab finds security vulnerabilities, censorship framework in Olympic app is an article talking about the olympics and a new app the IOC basically says is completely safe to use. Researchers are saying differently, and one major problem that two of us see brings this to full circle.
I’d like to thank DJ Terry of The Mix for calling and asking about this after he heard very little on his news channel. With the games so close away now, this is the perfect time for someone to take advantage and do something they think is a good idea to do in their mind.
Thanks for listening whether live or through the podcast or replay, and we’ll catch up with you very soon!
Comments (0)
An article says: Don’t Use Safari until further notice
While I’m not techbnically logged in to any sites using safari like Google and Twitter, I hardly do a whole lot of browsing with my phone anyhow. The article was sent to us by Armando Vias to the Security Box on the 21st of this month, and it was definitely a very interesting read.
The problem I have is that Apple had several months to work on this, but only acknowledged the bug within the past week or two.
I know, I know, apple is pretty secretive on bugs, but this article titled Stop Using Safari Immediately (at Least for Now) coming from lifehacker is something we should be aware of.
I don’t think i have any sites logged in at the moment, and i think that should be the case until I know what is up. One site which I order food with, while somewhat accessible, isn’t that accessible but I get it to work. To pay, you have to log in, so it isn’t a persistant log in.
Have you seen anything like this? What did you think when you heard this article or read it? Sound off in the comments.
Comments (0)
Olympic app riddled with problems that the IOC says are not problems
I’ve been contemplating this article for several days, and I did write up the show notes for the up coming Security Box show notes for this though.
The problem is, that we really haven’t covered olympic security although there may have been a mention in podcast 47 as olympic did give one result.
Be that as it may, this is going to probably be the biggest thing I think we’ve covered, even if past podcasts and show notes and the like of older podcasts may have been lost.
In today’s article, we’re going to talk about an app called “my 2022” which the IOC is touting as being just fine, and the people who looked at it telling them that it is fine.
One of our DJ’s here at the mix contacted me in regards to this as he heard about it briefly through WGN in Chicago. As I remember talking about this in other aspects which I can’t find at the moment, it reminded me of different types of stories like ones covering web sites with malicious flash players to watch the games and other types of stories.
The article this time is titled: Toronto lab finds security vulnerabilities, censorship framework in Olympic app and it comes from the CBC in Canada.
Researchers at a Toronto-based tech laboratory have uncovered security vulnerabilities and censorship frameworks in an app all 2022 Beijing Olympics attendees must use.
The Citizen Lab, a research institute at the University of Toronto’s Munk School of Global Affairs and Public Policy that studies spyware, found a “simple but devastating” flaw in the MY2022 app that makes audio files, health and customs forms transmitting passport details, and medical and travel history vulnerable to hackers.
Researcher Jeffrey Knockel found MY2022 does not validate some SSL certificates, digital infrastructure that uses encryption to secure apps and ensures no unauthorized people can access information as it is transmitted.
This failure to validate means the app can be deceived into connecting with malicious hosts it mistakes as being trusted, allowing information the app transmits to servers to be intercepted and attackers to display fake instructions to users.
“The worst-case scenario is that someone is intercepting all the traffic and recording all the passport details, all the medical details,” said Knockel, a research associate, who investigated the app after a journalist curious about its security functions approached him.
According to the article, the organizers are requiring every single person to download this application.
The researchers also mentioned that it sends highly sensitive data, but is unclear who gets that data. This is concerning, as later in the article we learn that the IOC says that they had people check it and also asked for the research paperwork.
The update in January indicates that there were no changes to the claims talked about in the article, and that it may be worse now.
The article also talks about a keyword list which may or may not be active talking about Jews and other things being sensored. but not proven. But, the real paragraph is the kicker for this discussion.
The IOC noted it has conducted independent third-party assessments on MY2022 with two cyber-security testing organizations and found there are no critical vulnerabilities in the app.
Really? You’ve done independent reviews and this has not come up? How could this be?
Not surprisingly:
The Beijing Organizing Committee did not respond to a request for comment.
While we’re at it, there’s plenty more, so I suggest that you read the article, as every time I think about this, the angrier I get as the IOC claims its their app and wants to claim ignorance.
Oh yes, did I mention the SSL issues they talked about too? Probably not, but that’s OK, its talked about in the article.
Let the comments begin.
Comments (0)
The Security box, podcast 78: Windows Update includes a Wormable Flaw
The Security box, podcast 78: Windows Update includes a Wormable Flaw
Hello folks, welcome to the Security Box, podcast 78. Here is the download of the Security Box for this week.
While I was alone, I know that people may find the program of value, so I am releasing it and of course, the replay is available on Clubhouse through my network club if you want to view the raw recording and see who may have popped in during the program.
I didn’t have any guests, but that’s ok. The file is 93.6mb.
Now, here are the show notes.
Welcome to podcast 78 of the Security Box. As we do typically on the podcast, we spend some time catching people up on what has been going on in Redmond, Washington with Windows Update.
We’ve only got one article, however, News of the week for January 14th has the other article.
‘Wormable’ Flaw Leads January 2022 Patch Tuesday comes to us from Krebs on Security, and it covers this huge problem and others across Redmond and others too.
Please feel free to send your messages, topics and the like for consideration. Thanks for listening!
Thanks so much for listening, and make it a great day! I hope you’ll enjoy the program as much as I have bringing it to you.
I’ll have more blogging later on.
Comments (0)
Microsoft fixes patch, broke VPN services
This probably doesn’t happen too much, but i ran across a story on Ars Technica while looking for something else we’ll be covering.
The article is titled Microsoft fixes Patch Tuesday bug that broke VPN in Windows 10 and 11 which is a good thing. Its an out-of-band patch which you should at least know about if you’re interested.
I hope that this finds you well.
Comments (0)
Sans News Bites, January 18, 2022
This is the web link for Sans News Bites for January 18, 2022. The newsletter has thoughts on the recent arrests of REvil members and other stuff that might be of interest to you.
The top story is the one that interested me, but I agree that this isn’t enough. We know that Russia is probably up to no good, yet they arrested their own after careful cooperation plans that included us not metaling in the Ucrain problems I heard about in yesterday’s room on clubhouse.
What do you guys think about this or any other aspect of the newsletter?
Comments (0)
I call Spam on this one: telling someone to email to a domain that doesn’t exist among other things
I’ve received one cease and desist article in my entire life, and while I know why, it was something that I didn’t find threatening. It was many years ago and it was in regards to sinulcasting a station I happened to listen to at the time.
This, however, is very suspicious. Asking Siri about the 88 number, it indicates that it is a prefix for Bulgaria.
This guy also puts the same message in both sections of my form, as well as asking if I got his prior email. I didn’t because I don’t even recognize the name. There’s more I’ll talk about, but get a load of the message below.
Below is the result of your feedback form. It was submitted by () on Tuesday, January 18, 2022 at 15:30:59
Name: John Lucas
phone: 88486517526
contact_method: phone
bug: no
additional_bug_info: Greetings, My name is John Lucas, I have been waiting for your response regarding the message I sent you about my late clients investment/assets. Please kindly get back to me because I have received the final notice by the bank regarding his assets If you happen not to receive my previous message, let me know so that I can resend it for you to read and understand the deal in full and what is required of you. Contact me strictly on my E-mail: Kind Regards, Barrister. John Lucas (Esq) Legal Practitioner & Solicitor. SPAIN, UK, SWEDEN, USA & GERMANY Address: Castellon de la Plana 201, 28006, Madrid ? Spain
comment_or_question: Greetings, My name is John Lucas, I have been waiting for your response regarding the message I sent you about my late clients investment/assets. Please kindly get back to me because I have received the final notice by the bank regarding his assets If you happen not to receive my previous message, let me know so that I can resend it for you to read and understand the deal in full and what is required of you. Contact me strictly on my E-mail: Kind Regards, Barrister. John Lucas (Esq) Legal Practitioner & Solicitor. SPAIN, UK, SWEDEN, USA & GERMANY Address: Castellon de la Plana 201, 28006, Madrid ? Spain
submit: Submit comment or question to the Jared Rimer Network
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.54
REMOTE_ADDR: 195.246.120.147
Next, this guy puts the text of my form within the body to submit the form to the network. My legit forms don’t have that, I’ve never seen it, so don’t understand why they put that in there.
The IP adress according to abuse IP DB is coming from Sweeden, and the first abuse report matches what I see.
Now, the domain. I went to the web site mentioned., it doesn’t even exist! You can’t send an email to a domain that doesn’t exist! I figured there must be a new business around so figured I’d call them and tell them that someone was using their domain for Spam. But the domain doesn’t even exist.
And, why do they have to put the same message in the bug reporting section of my form when they indicate there’s no bug? That is irritating. Just saying!
Anything else you saw about this that you don’t like? Sound off in the comments or send me an email! Contact info is on the blog, I forget which page its on though. Have a good one!
Comments (0)
Windows Update: Wormable flaw on the loose, Other software too
Hello folks,
A little late, I’ve got Krebs on Security’s article on Windows Update. My computer last week called for a reboot, so I did it.
There are several CVE numbers given within the article.
‘Wormable’ Flaw Leads January 2022 Patch Tuesday is the article.
We’ve got already over 21,000 CVE’s and we’re in the middle of the month of January,, approaching the end. This necessarily can’t be good, but at the same time it is, as more bugs are getting fixed.
Hidden in This Week in Security News – January 14, 2022 from last week, Trend Micro also has a blog entry talking about Windows Update but I don’t see it in my feed. They do have other news in here that may be of interest, so take a look and see what interests you.
Comments (0)
The Security box links, podcasts 62-76
Hello everyone,
Its been quite awhile since we have been able to release podcast links directly. Sendspace at one point had to protect their infrastructure with a captcha, which broke the wizzard.
I could still use it through the web, but it was a bit hard to do as I put stuff within folders of folders in spots, and I always had to go get a cookie to even get it to work.
With that said, I went to do some stuff and tried the wizzard again after logging in to do what I needed to do, and it worked as it once had before. I sent Sendspace an email and thanked them for fixing it so we can use the wizzard once again.
Below, please find links to the podcasts I did not get links to, and feel free to leave those comments!
- Podcast 62
- Podcast 63
- podcast 64
- Podcast 65
- Podcast 66
- Podcast 67
- Podcast 68
- Podcast 69
- Podcast 70
- Podcast 71
- Podcast 72
- Podcast 73
- Podcast 74
- Podcast 75
- Podcast 76
As always, we appreciate everyone who has come along on the security landscape and we hope you’ll continue to listen and learn just like we’re doing. There’s always something to learn, and I love learning along with you all.
I’ll continue to blog and provide information and thoughts as much as I can, and feel free to join me on the ride.
Comments (0)
LOG4J is still out there, more patches out
I spotted this article recently and read it today as it was sent to our TSB email list.
Throwback was asking me about what was going on in the Log4J aspect of things, and I guess I can now tell them I finally read that article sent to our email list.
The article sent on the 8th of January is titled Patch systems vulnerable to critical Log4j flaws, UK and US officials warn.
We know that CVE-2021-44228 has been one of many CVE numbers given. This is the most severe vulnerability says the article.
According to this article, exploit code was released before a patch was made available, but yet, it could have been just the oposite and we may still have this problem. Actors love reversing patches so they can take advantage of systems, so just be aware of that one.
VMware Horizon servers are talked about in this article, and the artivcle even talks about quifax too.
Please feel free to check this article out for all of the latest, I don’t want to take the writing away from this one.
Comments (0)
The Security box, podcast 77: Google, why is this not a critical bug?
Hello folks,
Its time to bring some good news around here. We’re now able to return to bringing you direct links to the show, and this podcast will have that link. I’ll also post later on with links to prior shows that we couldn’t get links for until now.
We thank SendSpace for allowing us to use their platform, and the wizzard works once again.
As for the program, thanks to all who participated, and we even have at least one listen through replay so thanks very much for listening through Clubhouse.
As usual, the RSS feed has the program.
Here are the show notes for podcast 77.
Hello folks, welcome to the security box, podcast 77. Google fixes nightmare Android bug that stopped user from calling 911 is our main topic of today’s program, but I also cover other tech and other odds and ends too. We did have one guest available to chat with us, and we thank them for coming. We hope you enjoy the program and the few tracks at the end, and thanks so much for listening!
Here is the 86.35mb file for everyone to download.
Thanks so much for reading, participating, and listening!
Comments (0)
IOS 15.2.1 now out, no fixes for blind users
Hello folks,
Last night, I was notified of an update to IOS to 15.2.1. Apple Vis does have a small write up. One of the bugs fixed was dealing with messages and photos not loading via Icloud. The second talks about third party car play applications not responding to input.
The blog post talks about how to update IOS to the latest release.
I hope that this information is of value to you!
Comments (0)
Webinar: Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse
Knowb4 is hosting a Webinar titled Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse which will be on Wednesday, January 19th at 2 PM ET, 11 am PT. The webinar is an hour, and this is going to get interesting.
As part of the segment I’ve recorded for this week’s Throwback Saturday Night I mentioned the subject line and mentioned that I had not read the email.
Well, I did, and this is a webinar and it looks like its going to get interesting.
- Host: Roger Grimes
- What you’ll learn:
- How ransomware is evolving beyond double extortion, what’s coming next
- Proven best practice defenses that you need to follow to avoid becoming a victim
- How to empower your users to be the best, last line of defense when everything else fails
This means that the Security box will happen after the event is over, so I’ll schedule it between 12 and 12:30 PM US PT, 3 and 3:30 ET, and 2 and 2:30 CT.
I hope you can join me, as I hope we can learn a lot. Thanks so much for reading!
Comments (0)
navigation menu
- Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
Join 10 other subscribers
- The tech blog’s pages
- Blogroll
- Crashmasters blog
- Cyberscoop
- Documentation
- Improve Internet Accessibility for Individuals with Impaired Vision
- International friends network stream
- Kim Komando
- Krebs On Security
- Plugins
- Register to this site
- Suggest Ideas
- Support Forum
- supporters and partners
- the blind perspective
- The Jared Rimer Network donations page
- The Phishlabs Blog
- The Security Box discussion list
- The Technology blog and podcast and TSB on amazon music podcasts
- Themes
- toptechtidbits
- WordPress Blog
- WordPress Planet
- “Blind VMS and the Tech podcast join forces”