go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: February 2022

Go to Homepage [0], contents or to navigation menu

McDonalds apparently hacked? Russia has started going after U.S. businesses

Hello everyone and happy Sunday. I hope everyone is having a great day, and ready to get some news just coming from Kim Komando about a potential breach of 500gb of data from our beloved restaurant, McDonalds.

Apparently, if this holds true, McDonalds would be the first company to take the heat from Russia in their invasion against the U.S. and its sanctions.

Remember, the president has made it clear that unless necessary, we would not attack Russia in this war. And, as predicted, sports teams are canceling matches against Russia in protest of what they’ve done. While the sports aspect is not necessarily affecting us here in the states, and some of us don’t get coverage, the fact is that people are not happy and I want you to know that this is happening as well.

According to Komando.com’s article, a Russian group Snatch took responsibility for this massive hack.

If you use the McDonalds application, take the steps necessary to protect your data as much as you can. As of press time, the news site linked did not get confirmation from McDonalds of the breach whether it occurred or not. Usually companies will hold off as long as they can, and Kim’s article mentions this.

While Kim herself didn’t write the article, this is her site, so I give her credit.

Here is the first section of the article for those of you who don’t want to read the article right now.

In an effort to hurt the U.S., Russia launched a cyberattack on the quintessential American food chain: McDonald’s. To be more specific, a Russian group called Snatch took the credit for a recent hack on the McDonald’s Corporation. According to National Cybersecurity News, Snatch stole 500GB of data and demanded payment on the Dark Web. DailyMail broke the story. Reporters say they reached out to McDonald’s for a comment but never heard back. This news is no surprise to Kim, who said Americans should brace themselves for cyberattacks in retaliation to U.S. sanctions on Russia. After all, Russia launched cyberattacks on Ukraine prior to its invasion through land, sea and air.

There’s plenty more, including linked material to an alert from Cisa and possibly others I’ve missed.

Retaliation? Russian hackers take credit for McDonald’s ransomware attack

Comments (0)

Conti supports Russia, threatens retaliation

Hello folks,

As we continue to get some of the news that has been coming out in regards to Russia, we have Conti ransomware group announces support of Russia, threatens retaliatory attacks to deal with.

The first paragraph says:

An infamous ransomware group with potential ties to Russian intelligence and known for attacking health care providers and hundreds of other targets posted a warning Friday saying it was “officially announcing a full support of Russian government.”

I suppose we’d be expecting this from the number one ransomware group in the world now that other gangs have either been arrested or crippled.

A portion of the next paragraph says:

The gang said that it would use “all possible resources to strike back at the critical infrastructures” of any entity that organizes a cyberattack “or any war activities against Russia.”

As we know, Conti has attacked a good number of U.S. companies. The paragraph that is next mentions that

Conti ransomware was part of more than 400 attacks against mostly U.S. targets between spring 2020 and spring 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the FBI reported in September.

After the initial post, the threat against infrastructure was removed, but like Russia, I don’t know if I trust a gang that just writes good PR and just does whatever they want to do anyway. I suspect im my opinion that they will go after infrastructure just like they’ve done before.

“Mandiant has previously assessed that at least a portion of actors involved with CONTI ransomware are based in Russia and some criminals operating from there already have documented ties with Russian intelligence apparatus,” said Kimberly Goody, director of financial crime analysis at cybersecurity firm Mandiant. “More recently, publicly reported chat logs suggest that a key player in CONTI operations may have intended to provide support for government projects.”

So, if the majority of them are in Russia, and we know that the president there has not done much to curve cybercrime in general, he’ll just turn a blind eye against what is going on and call it good.

Another analyst offered a more skeptical view of the matter.

“I wouldn’t consider this threat to be particularly serious,” Brett Callow, a threat analyst at cybersecurity firm Emsisoft, told CyberScoop. “Conti has a history of making big claims and, in this case, I suspect they lack the capability specifically to target critical infrastructure.”

That said, “the threat shouldn’t be dismissed,” he added, and urged organizations to follow CISA’s advice earlier this month to get “shields up”
and prepare for potential cyberattacks.

There’s plenty more, so please feel free to read this one. There is some linked content, and I wouldn’t pass Conti up on their threats. They’ve written something like this up before, but continued to do what they did which we’ve covered.

Do leave your thoughts. The blog awaits you.

Comments (0)

Ukrainian officials warn of new phishing attacks

In the wake of the war, Russia has decided that they would use a multi pronged offense, land, air and sea with a dose of cyber attack for good measure

But we can’t forget about other nations in this area that may decide that they’re going to do the same thing.

According to the first paragraph, it says:

Ukrainian officials warned Friday that Belarusian hackers are sending a wave of phishing emails targeting Ukrainian soldiers and civilians.

They posted on their facebook page about the issue and the article has a link to it.

Another paragraph says:

Once an account is compromised, hackers gain access to the target’s messages and their contact details, allowing them to send additional phishing emails
to their contacts, the CERT said.

This is nothing new, as we’ve gone through this before with other potential campaigns that even targeted other countries including the United States.

The campaigns follow the wave of denial of service attacks that hit the Ukraines prior, and is linked in this article for reference.

According to a portion of the very next paragraph, it states:

Officials are pinning the phishing campaign on a Minsk-based group of hackers referred to as “UNC1151,” which is believed by several security firms to be tied to the Belarusian government.

There have been defacements that were tied to this group last month, and that’s also linked.

According to the article, it is tied to prior phishing attacks that this group has done in the past.

Another paragraph states:

One of the phishing emails reads: “Dear user! Your contact information or not you are a spam bot. Please, click the link below and verify your contact
information. Otherwise, your account will be irretrievably deleted. Thank you for your understanding.” The emails are coming from the URLS “i[.]ua-passport[.]space”
and “id[.]bigmir[.]space,” UA-CERT warned.

We should be aware of this in case they decide to attack any other country which could include us here in the United States.

Don’t be mistaken, Russia has denied lots of things through the years. They’re not going to stop denying anything as long as the president continues to reign that country.

For complete details on this, please read the article Ukrainian cyber officials warn of new wave of phishing attacks and I hope that people at least understand what is happening.

Please be safe. If I find anything else worth posting, I’ll do so.

Comments (0)

Russia VS Ukraine, could it affect us? Info from Kim Komando’s Weekend Newsletters

Hello folks,

In trying to gage what I should do for next week’s podcast, I was asking people in a clubhouse room, some of who have participated on the Security box. One person indicated that nothing will happen, yet they probably do not understand what has already happened so far.

I don’t want to scare anybody who reads or may come on to discuss this, but we really do not know what will happen. According to this weekend roundup by Kim Komando, it indicates that Russia could hit countries who have decided to put sanctions against it for attacking Ukraine. We also know that they have attacked our infrastructure in the past, and even tried to sabotage our democratic process in the 2016 and 2020 elections.

If you remember, it was reported that there was interfeerence in the 2016 elections, with Russia denying it, and we stopped potential issues in 2020.

I said this in a public clubhouse room, on Wednesday, “I don’t trust Russia or China” because of what they have done with either our networks due to Ransomware, or China’s involvement with shutting out their residents when they chose to protest for whatever reason they felt necessary through the years.

Today, I present you Kim Komando’s crew as they present us the article Ukraine Invasion: What it means for you and your family if Russia retaliates against the US and I suggest you at least look at it.

What you choose to do is your business. The Jared Rimer Network is not going to tell anyone what you should do with your equipment. Let me be very clear about that!

I, along with others who have rooms up on clubhouse or even talk about this publicly on podcasts like this one only want to get the information out based on what we read, hear, and understand.

We’re not in any way going to tell you what you should do. If you want to keep ignorant and pretend that nothing could happen, that’s your choice. But as I said in that room last night I was in, I am worried because I’m a small business and they could decide to go after this network because of my writing and opinions of what I read in the press.

I am only reading the tech press and making my opinions on that. I am not listening to the regular news, as they probably won’t be covering this angle, only the war aspect on the ground, air and sea attacks. They have a possibility of covering the attacks if something were to happen, but they’ll be brief on it.

According to the opening paragraph of this linked article, it says that this could be the darkest time since world war 2. A portion of that paragraph says:

“These are among the darkest hours of Europe since the Second World War.” Countries globally are condemning Russia, weighing in with sanctions to protest, and America’s voice is one of the loudest.

Let’s make no mistake, this could be a huge problem if Russia decides to make it one. Be warned, be alert, learn what is being said, and make your own decisions based on what you read.

Other things to read from Kim Komando

Here are the scam alerts and or tactics used from the scam article listed above. Please read it for complete details.

  1. Help, help, I’m stuck here
  2. We need your support now more than ever
  3. But it looks and sounds SO real
  4. I have money, lots of money
  5. I can show you how to time the market
  6. If I could just give my loved one a proper burial
  7. I’m defending your freedom
  8. Do as I say or else

  9. It looks so legit
  10. I will love you until the end of time

I’ll have more as I read it, but since this is dealing with Kim’s recent posts, i’ll end this here. Please be aware.

Comments (0)

Cyber Security Experts weigh in on the war on Ukraine

This Scott Schober video is clips from news segments where cyber security experts including him speak on what is going on right now. Some terms are discussed. Feel free to view this video for some clips of what has gone on this past week since Wednesday.

Comments (0)

The war starts with DDOS attacks against Ukraine, this is the beginning of things

Hello Folks,

I’m trying to do some catchup while I sit listening to a hangout room on clubhouse. The article i read from Michael in Tennessee that was sent to our Security Box list is titled Torrents of malicious junk traffic make Ukrainian websites unreachable. This discusses the fact that multiple banks and other web sites were hit with a coordinated DDOS attack.

According to the article and this Wikipedia article on DDOS, it indicates that DDOS is coming from many different sources.

You can take this quote.

A DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, thus disrupting

The difference between this and the Internet is that hundreds of computers can possibly be needed to take a web site to the same type of situation discussed in the quoted paragraph of Wikipedia.

Besifdes the banks, the defense ministry was also targeted, and at article time, the site was still offline.

For those who are sighted, there are images and figures. Feel free to check this article out, it might be worth knowing about as this continues.

I’ve already posted one article earlier today about the latest, but this isn’t too far out of date.

Comments (0)

Security News, news ending February 18, 2022

I’m quite behind because I’ve been sick.

This is the link to the article titled This Week in Security News – February 18, 2022 from Trend Micro.

Here are the headlines from this news digest.

  • SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification
  • ‘Russian State-Sponsored Cyber Actors’ Cited in Hacks of U.S. Defense Contractors
  • Security Automation with Vision One & Palo Alto
  • The Cyber Fight in Ukraine Is Getting More Serious
  • Detecting Pwnkit (CVE-2021-4034) Using Trend Micro™ Vision One™ And Cloud One™
  • Red Cross Reveals Actors Exploited Unpatched Zoho Security Flaw in January Breach

  • Can You Rely on Otps? A Study of SMS PVA Services and Their Possible Criminal Uses
  • San Francisco 49ers Hit with A Ransomware Attack
  • Massive LinkedIn Phishing, Bot Attacks Feed on The Job-Hungry

Please feel free to click through and check out the article and click on the article that interests you. Feel free also to comment and let us know what interested you and why. Thanks so much for reading!

Comments (0)

The Security box, podcast 83: SMS port scams, Trick Bot, and possibly more

Hello everyoe. Welcome to the Security Box, podcast 83. I put the show up on the RSS feed after show time, but its been busy.

I now present you the blog post with links and even a download of the show as well. The download is 155.91mb.

We’ve got several topics that might be of interest, one was braught up by someone on the security box list that actually comes to assist me.

I hope that you find the program of value, and thanks so much for listening!

Hello folks, welcome to podcast 83.

Let’s start with something that came to my attention on Monday. Let’s recap a little bit about Sim Swapping.

This actually came up on Monday when someone who comes to assist me was saying to me that someone they knew had their phone cloned. They told me that T-Mobile, the company they were with, told them the phone was cloned.

As we know, T-Mobile was breached, and I don’t know about you, but I definitely don’t trust them. Remember the following?

Remember too, that Podcast 47 covered this in news notes and comments came in too. So there is plenty I covered.

Please also read SIM swap scam from Wikipedia.

As our main topic, I want to catch people up on what is going on with Trick Bot. The article TrickBot developers continue to refine the malware’s sneakiness and power from Cyberscoop will be used in this discussion.

The public on Clubhouse got in to a Spam discussion with one talking about the spam messages they were getting. While educational, we did some good laughs in this program and we thank everyone for participating on clubhouse’s platform. Tunes were also played during the program.

We thank you so much for listening and make it a great day!

Comments (0)

Russia and Ukraine, the battle has begun

Last evening while in a music Clubhouse room, we learned that Russia and Ukraine have started a war. Of course I wouldn’t expect nothing less of Kim Komando to talk about this in an article and I saw this today.

Unfortunately, as I probably would have predicted, Russia denied it had any involvement in the wiper malware many articles are talking about including this article from Kim’s web site Ukraine cyberattacks could be sign of things to come – Secure your systems which should be read.

I was in a ,meeting all day today, lasting over 5 hours, so I do need to do some reading. I know I saw stories of this myself, but komando.com says that Russia denied it which probably doesn’t surprise me.

In the article I’m linking to kick off this coverage, I want you to read it as while we’re not being attacked right now, anything is possible.

I was in a room with JJ of know before last evening when they broke this, and I as well as others talked about what Russia has done before and China also has done before.

I’m wondering if JJ knows of this one? I’ll have to send her this link, maybe it is something for tomorrow’s room.

While my phone charges down stairs, I’ll be working on making sure we get good commentary and good articles out about the situation. It also won’t surprise me that we talk about this withing the network, whether it is on throwback saturday night or any other podcast of mine.

We need to be aware of what is going on, and Kim’s article is a start. We’ll have much more later on, so stay tuned. Please start with this article, and please, take notice of it.

Comments (0)

Trick bot is back in the news, and it is not looking good

Hello folks, welcpome back to the blog. I got really sick, so I have not had an opportunity to do much reading or even blogging.

As part of today’s podcast on The Security Box, we’re going to cover <a href=”TrickBot developers continue to refine the malware’s sneakiness and power and it comes from Cyberscoop.

Trick Bot, as we know, has disappeared for quite awhile, as least for awhile it seemed. This article talks about some 2021 activity which may be concerning. It also has news about what it is coming with including 20 more pieces of problems.

The Security Box is going to be held on The Mix starting at 11 am PT, 2 PM ET, on the independent channel.

Hope to see some of you there! I do have notes from the article including quoted paragraphs to help the discussion on this one.

Comments (0)

discord hell

Can anyone explain why in the 9 hells I was thinking when I agreed to do discord again?
Its not like I didn’t need to do much but all hells will hit you when you do this.
Weather you are just starting out with account creation and everything I recommend you have an email program or whatever open.
One of the first things you will recieve is a message about your ip.
I don’t know what the limit is to clear that with the link but its like 30 seconds or so and just a little to fast for my liking.
So basically by the time I tried this the first 3 times the links were expired.

Next h captcha.
Who made it, a baby in nappies or what?
Seriously, so first I had to find and click the link for the accessibility cookie which didn’t appear to work the first time and well does now.
No indication I had made it but still it was in mail.
Next save that file to somewhere you won’t get it lost like to an important file on your dropbox or something.
There isn’t any way you can automatically get it back if you lose it and you will need that link so save the file as html and then it will work.
Once you set cookies and such and get your account for discord all setup and check all the settings.
The only thing to remember is that alt shift f4 is minimise and alt f4 is exit.
That stumpped me for a bit.
Still not sure if I will use it as such but I am crashmaster #6488 if you care to bother looking me up.
I have it here, now I don’t think I will ever really run it but I have it now sitting about on my ssd chewing another 100mb space.
I made my account ages back when I thought I’d use it but oh well.
Discord has 2step auth but I don’t see its needed unless for whatever reason someone hacks into your laptop on the road or your mobile gets stolen or something.
Phones have qr codes anyway.
One thing is after logging into discord unless you actively logout its going to just do it no matter what without any interaction so once you exit and relaunch it will do it.
It also checks and auto updates on launch.
As for the other cast unsure when or if I will do it.
I have various eye issues and one of these is when the light gets in thhe wrong angle or straight on is I get a headake of massive size.
So the best time to seriously work is between 8pm and 2am in the morning.
This will probably pass but it may be a winter project

Comments (0)

another optimisation run

Hi all.
Well this is just a note that due to downtime at the end of a sunday night I found some extra things to do with site performance.
While looking through jetpack I found another free boost plugin made by the jetpack maintainers.
Things like only loading images that people see, adjusting when certain tasks are handled, and when css is processed and how all that works.
It may not increase performance much but the latest tests show that mobile performance has gone up from 39% to about 47%, and desktop performance has gone from 83% to 91% whatever that means.
Hopefully this will stop the sitekit complaining about things.
So there is an extra boost icon.
Next you will notice a themes warning in health status.
Have no idea why that is how it is.
I cleared all the themes managed to clear 1 to many so put an older theme back, in case the other one fails.
However the tracker assumes I still have to many themes but I don’t so ignore it.

Edit, managed to reinstal 2022 and cleared the extra fixes I had put in place so now the issue is gone.
I activated then reactivated both themes and it looks like it is fixed.
I regenerated the css database again as instructed and it should all work fine enough.

Next, this is mostly for rss feeds.
Some posts at least 6 scheduald for release at certain dates either were never released or the release soon dashboard is glitched and never showed them as such.
Luckily editing their status or publishing info, immediately canceling the edit and republishing them made them disappear from that status.
As usual I need to check user counts but there hasn’t been any issue even when ipstack complains about request overload.
I may regenerate the css boosted files every so often like when I do a site run which is probably once a year if that since the thing manages itself.
The next is podcasts.
Currently thinking about a programming environment runthrough, there may be a couple audio games on the way down the road and well a radio unboxing in the following weeks.
One thing I need to seriously try to redo is get on dischord.
It seems a popular chat panel system for the blind gaming community as well as unigram.
However I’ll probaby do dischord first.
Laters all.

Comments (0)

The Security Box, podcast 82: Windows Update and other topics

Hello all, welcome to another podcast of the Security box. On the box today, we’re going to talk about Windows Update stuff. We also have other topics as well.

The JRN apologizes for the delay of the podcast, but Jared got sick recently and needed to get medical care to make sure it was not anything that needed medical attention.

The RSS feed was updated either Thursday or Friday, but that’s as far as I got.

Don’t have RSS? No problem! Download the 139.66mb file and I hope you enjoy the program!

Below, please find the show notes with any links that you’ll find of interest. And, Clubhouse’s replay does include links to other stories that were mentioned as part of discussion during open forum. Those stories are located here on the blog, so I did not include them in to the notations for the show.

Hello everyone! Welcome to podcast 82 of the Security Box. This week, we’ll catch up on Windows Update, and we will also cover a lot of other stuff from the blog as well. We’ll also see what else the listenership and participents in Clubhouse want to talk about.

What happened in Windows Update? Our good buddy Brian Krebs from Krebs on Security has the full details. Microsoft Patch Tuesday, February 2022 Edition is the article. Lots of linked material that we links to some CVE numbers if you’re interested.

Thanks so much for listening, and we’ll see you next week, where we’ll talk about Trickbot as its back in the news. I’ll be blogging once again in a day or two about this and other topics that may be of interest.

Want to subscribe to our mailing list? Go over to the mix’s web site and look for the link to the Security Box discussion list.

I hope to see some of you there! We post potential articles that may be blogged or talked about on this or another podcast. I hope that you find it of value! Thanks so much for reading what we have to offer, and make it a great day!

Comments (0)

Use Google Chrome? We better look to update

Hello folks,

This evening, Kim Komando is emailing out to let us know about a zero-day vulnerability in the program Google Chrome. A lot of this community I serve uses Google Chrome in replacement of Internet Explorer and Firefox.

While I mainly use Firefox as I’m more familiar with it, I do occasionally use Chrome for some sites that do not work very well with Firefox.

This Komando.com article Update Chrome now to patch another zero-day flaw being used in attacks should be viewed to make sure that you are as up-to-date as possible.

I’m in a meeting right now, so I am not going to mess with this right now. I’ll look to do this before releasing the podcast to the RSS feed, as that is one place Firefox doesn’t quite work.

Thanks so much for reading and participating in the blog and podcasts!

Comments (0)

Using the Mac and Zoom? Better check this out

Hello folks,

I meant to have this post earlier in the day, and the topic of Zoom and the Mac came up. I did see a Kim Komando thing dealing with Zoom and meant to read it on a busy Valentines Day. Please check out this article called: Zoom could secretly be recording your audio – Update your computer now for complete details. I see my windows version at 5.9.1 and wanted to see if it was up to date before an important meeting.

If I don’t post anything else today, please at least take a look at this and please stay safe.

Comments (0)

With Valentines day two days away, romance scams may be on the rise

Doing something romantic for you and the one you love can be lots of fun. I’m not going to pick sides on what you like, and this is not the point of this article.

For the final article today, I want to touch on something I recently read which touches on some of what I’ve posted throughout the last few days and that is the numerous scams and things we need to watch for.

The final article today is titled Online romance scams expand, now with more cryptocurrency. Those of you who are in to crypto are jumping for joy. You can make double like you say, because you’re investing in time in someone who may or may not have someone, and bilk them out of tons of money.

By the way, you should know that this article came to us from Cyberscoop. They cover a wide variety of things including governmental issues with security, so check them out.

As I said somewhere, I saw something that said that bitcoin was at 43,000 dollars per coin. I believe that came from Paypal’s crypto section, as you can store crypto with them now.

Reports of online romance scams continued to grow in 2021, according to the Federal Trade Commission, and cryptocurrency payments now represent a big chunk of the money lost.

So, instead of the gift cards, or the itunes gift cards, they’re going to Crypto. Another reason why I’ll not get involved in the volitile market of something that isn’t regulated. $547 million was taken last year, according o the article which links to the FTC’s statement on this. It is up 80 percent. The last recent number was $307 million.

Of that total, $139 million in reported losses came from cryptocurrency transactions. In those cases, the victims often are subjected to a fancier plea for money than what typically occurs in a romance scam.

Here’s the funny thing. What is mentioned in the following paragraph I’ve seen. Biographies saying that they are an invester in forex which make double of what you put in. You mean the following paragraph, right?

“People are led to believe their new online companion is a successful investor who, before long, casually offers investment advice,” the FTC said. “These
so-called investment opportunities often involve foreign exchange (forex) trading or cryptocurrency.”

After you get them to bite like several on clubhouse have tried to do, they could walk off with your money leaving you out what you gave them.

I’ve made it very clear to each and every one of these people that I’m not interested, I don’t have the money and I’m clearly not interested to put money in to something that could possibly go wrong. I’ve never invested, and I have had no plans.

My biography on clubhouse says nothing about me being in crypto, so why are they following me? I’ve had account with both male and female names coming at me to get me to invest since Clubhouse put in the back channel capability last year.. I believe that all of the people who have contacted me were trying to get me to bite and take off with my money. Money BTW, that I really don’t have to spend.

Here are more staggering numbers.

The spike in cryptocurrency-oriented complaints is dramatic. The 2021 numbers “are nearly five times those reported in 2020, and more than 25 times those reported in 2019,” the FTC said.

Sophos is an antivirus company, and they have researchers just like other companies out there to protect us. Their researchers indicated that scammers would use dating apps, and get people to install to install a fake crypto trading app after getting them over to a more secure app like Whats App. Whatever the victims deposit in to this app, the actor steals it.

Here’s more.

The classic case involves a scammer who romances a person online, while dodging any attempts to meet in person. The final grift can be a plea for help, whether it’s for a financial crisis or a health problem. And it’s not always through a dating app.

There’s nore, I don’t want to pick this article apart, read it through, learn what the signs are, and protect yourself.

I’ll be blogging again real soon, but be safe this valentines day, as these schemes can happen at any time, even on a special day as this one is.

Thanks so much for reading, and stay safe!

Comments (0)

This is an important one, scammers cheating you out of crypto, and more

While we’ve been on a scam alert as of late on the blog, I’ve taped a segment for throwback Saturday Night for the future on this article: 7 new scams to watch out for although some of these scams may not be new, but updated.

  • 1. Unemployment scam: Be careful when you verify
  • 2. Social media scams: Bad guys love to pretend they’re your bestie
  • 3. Fake refund texts: If you didn’t buy anything, stay away
  • 4. Emotional ploys: Beware of potential lovers
  • 5. Invest carefully: Crypto scams are all the rage
  • 6. You’re under arrest: Law enforcement phone scams
  • 7. Car warranties, student loans and robocalls, oh my!

The “Under Arrest” one is something I’ve not seen, but it wouldn’t surprise me if these guys would come to a place where you may be, or may frequent. If you aren’t there, they’d leave a note for someone to have you contact them. Maybe not, but you never know with these guys.

What did you spot that you want to talk about? Get in touch and let’s discuss!

Comments (0)

Sim Swapping is bigger than what we think

According to an article hitting the Kim Komando breaking news newsletter as things to know, we’re going to cover a few items as I get to read them but this one is dealing with Sim Swapping.

The FBI is reporting this to be a high problem now, and its bigger than most people think. Its not necessarily a security concern, until you find out that the scammer or perpetrator has taken your number through typical means of social engineering and phishing attempts.

The article SIM swapping is one of the most dangerous phone hacks – And it’s on the rise talks about 7 different things you can do to help protect yourself. Its not going to be a guarantee, but it will at least make it harder if the attack is successful for those people to take advantage of everything you have which include your bank accounts, social media, crypto currency accounts if you have them, or anything else on your device.

Instead of me highlighting what those 7 things are, one of them deals with passwords and their use. Another deals with what you post on social media. For 5 others, click on through to Komando’s coverage of this, and make sure you’re as protected as you can be. Make it a great day!

Comments (0)

More information on IOS 15.3.1 from the folks at Kim Komando

Hello folks,

Earlier, I posted this blog post to put attention to IOS 15.3.1 which Apple Vis indicated that there was a fix for braille. That’s great!

We do need to bring something else to your attention. From the Kim Komando newsletter of breaking things you need to know, there’s another reason to update to IOS 15.3.1. The simple reason is a three letter word meaning three words. That is, an RCE vulnerability or remote code execution. Please read more from komando.com titled Update your iPhone and iPad now to patch major security flaw so you’re aware of what they have to say.

Comments (0)

Patch Tuesday, time to update that computer, maybe drivers too?

This is the week that updates are pushed out. Kim Komando had something in today’s newsletter about driver updating too, and the article was well written, but I’m not clear really how to update those. Since I don’t know what I run, and when I tell it to check for updates and it says it can’t find one, I know nothing about where to go for such things.

I can’t seem to find the Trend Micro version of the security updates for this month, but Brain Krebs is on it with the article Microsoft Patch Tuesday, February 2022 Edition.

One of the biggest patches is CVE-2022-22005 which is a weakness in Microsoft’s sharepoint service.

Another CVE is CVE-2022-21996 hicwhich is an an elevation of privilege vulnerability in the core Windows component “Win32k.”.

CVE-2022-21989 deals with the ongoing print nightmare issues that have plagued Microsoft for quite awhile now.

There’s plenty more, we’ll be covering Windows Update as part of this next week’s program.

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu