go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: September 2022

Go to Homepage [0], contents or to navigation menu



More Scare tactics? This doesn’t work for me, I already know about this

Take a look at this web form. I already checked my site and it was not hacked, and the site is another way to go to the Magnatune and independent artist channel web page. There are no databases on the site, just simple web pages. Get a load of this.


Below is the result of your feedback form. It was submitted by () on Friday, September 30, 2022 at 13:54:45

Name: Lila
phone: 30-18-18-79
contact_method: E-mail
bug: yes
additional_bug_info: Your Site Has Been Hacked

PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.magnatune.jaredrimer.net and extracted your databases.

How did this happen?

Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your http://www.magnatune.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site? s reputation for a small fee. The current fee is $2500 in bitcoins (BTC).

Please send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

bc1qmghwkrrxlh62k4r530lgfxucum65087ya00wvz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 7 days after receiving this e-mail or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM.

What if I don? t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there? s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don? t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.
comment_or_question: Your Site Has Been Hacked

PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.magnatune.jaredrimer.net and extracted your databases.

How did this happen?

Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your http://www.magnatune.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site? s reputation for a small fee. The current fee is $2500 in bitcoins (BTC).

Please send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

bc1qmghwkrrxlh62k4r530lgfxucum65087ya00wvz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 7 days after receiving this e-mail or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM.

What if I don? t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there? s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don? t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

HTTP_USER_AGENT: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:102.0) Gecko/20100101 Firefox/102.0
REMOTE_ADDR: 156.146.62.218


Anyone see what is wrong with this? The phone number isn’t even looking right. The domain may be one that was baught by a company to prevent typosquatting, and it leads to a legit company providing wheelchair lift services for stairs.

The company on the home page lists a toll-free U.K. phone number for people to call, and even a web form for people to fill out which asks for name, address, phone number and the like.

The IP that I captured was a transit provider in Switzerland and I’ve decided to blacklist the whole range to protect my network. I’m sure hat this is trying to extort me out of money I just don’t have. And, they filled out both portions of my web form.

If there is a true vulnerability, please report it to me and I’ll look in to it. Reports like this one do not do the network any good. I love receiving bug reports, but this is a waste of my time. Whoever did this, I hope you had fun trying to extort the network, it can not pay the extortion fee and will not engage in this behavior. The blog post will be posted instead, nd if you trash the network blaming us for something we did not do, go for it. Customers will be in contact with me if they get something suspicious anyway, so go for it. Thanks for making my day!

Comments (2)

There is a shock image that may be going around, hit popular parent/teacher application, parents beware

Michael in Tennessee sent this article to the Security Box email list and its titled Hack of popular parent-teacher app left users wide open to infamous shock image [Updated] which came from Ars Technica.

I’m happy that it was only a credential stuffing attack, where only a few accounts were accessed, but this just goes to show the types of things we taalk about can happen anywhere.

Credential Stuffing, as the term is known as, is where someone tries a username and password pair on a site or app to gain access to it either by finding the credentials somewhere or possibly by a guessing attack.

According to Wikipedia, it is most commonly done by an actor who has gotten the info from a stolen database or even through a datqabreach.

Credential Stuffing (Wikipedia)

While Seesaw said it was only 0.01 percent of the accounts, they say they’ve taken steps to make sure this does not happen again.

I do not know how old the article is, but if you do want to let parents know about this issue, please send them to the article Hack of popular parent-teacher app left users wide open to infamous shock image [Updated] which is an Ars article which talks about what the image is, the fact that this isn’t new, and what the company has done.

There is an update at the top which is of value too.

Thanks Michael, for sending this along!

Comments (0)

Why should Google pay for someone’s equipment upgrades?

Michael sent me an article that asks the question on whether Google or any other big tech company should cover the cost of upgrading ISP infrastructure; and I think that’s the responsibility of the ISP.

Google already can provide infrastructure as close to the ISP as they can, so why should they have to pay for anything else?

This is a very interesting article, one in which could be an interesting topic for a podcast of some sort.

The article is titled Google fights latest attempt to have Big Tech pay for ISPs’ network upgrades and I urge people to check it out.

I think I’ll stand behind Google on this one.

Comments (0)

We have an update on the Uber hack, British teen arrested

Hello everyone!

I’m not going to let the day go by without blogging this article about a British teen that was recently arrested after the Uber Hack that we covered on TSB’s podcast.

Uber has a press release page on this, and I did read it. If you wish to read it, this is the link you need to do so.

Last the TSB team read it, it was updated the 19th, and thats what we talked about as well as the recent Security Now that we published to the blog too.

The article is titled British teen arrested in hacking case and comes from Cyberscoop.

I always like these types of stories, and I can’t necessarily blame Uber for this as the supposed contracter really had no choice but to approve the request as he was getting bombarded with requests.

Apparently, the teen is 17 years of age, and of course is not named in the article. In the article, they link to Rockstar Games, another breach Security Now covered in the same podcast Uber was talked about.

There’s plenty more, so make sure that you pick this article up. This may be the last we hear on this, but if we see something else, we’ll let you know.

Thanks for reading, and make it a great day!

Comments (0)

Audio book now out for … If its smart, its vulnerable

I saw this yesterday in my twitter, and I meant to publish it. Its a tweet from Mikko Hypponen with some news that might be of interest.

@mikko: @jrimer2008 Audiobook for “If It’s Smart. It’s Vulnerable” is out now:
https://www.ifitssmartitsvulnerable.com/audiobook

Here is the link to learn more about the audio book and thanks for reading!

Comments (0)

Want to go solar? Better watch for potential scams

I know that I have sighted readers on here, so this article may be more for them than the disabled readers. Although, disabled readers may also want to go solar.

I know and understand that going solar may be an expensive proposition and we may not be able to afford the cost, but maybe it is something to look in to as it can save you money in the long run.

This article by komando staff talks about a scam where someone could knock on your door telling you that you have to act fast to get low cost or free solar.

While you can get rebates depending on the state, it isn’t going to be completely free. Warning: How to spot a solar panel scammer at your door may be read if you are thinking about getting solar or are interested.

Stay safe!

Comments (0)

Privacy Advocates want day care apps to be looked at by the FTC

Hello everyone,

Just trying to post some news as well as getting the podcast out, we have here an article talking about invasive day care apps.

According to the article we’re going to cover here, information like how many times a diaper was changed is shared.

Is that something that you necessarily want others to know?

Appparently, this article talks about one app that sends children’s data over to Facebook.

There are strict rules on COPPA, and we’ve talked quite a bit about Coppa through the years, and if we need to cover it again, we can do so in a future podcast and security hour.

Our friends at the EFF say that this is not the first time companies have been warned about their data practices.

The article is definitely linked heavily and links to other stories or hash tags, but this is something that everyone needs to know about.

The article is titled Privacy advocates want the FTC to take on invasive daycare apps and was written by Cyberscoop.

Maybe it can be discussed in a future podcast, either as news, or as a topic. You decide.

Thanks again for reading, and making it a great day!

Comments (0)

The Security box, podcast 114: NCSAM week 1: Passwords

On this week’s podcast besides covering the news, we’re going to cover passwords in a different kind of light. Taking from a 2022 article, we’re gooing to break down what it is tlaking about as it covers passwords in a way I’ve not seen before but was quite different.

The file is on our RSS feed, but if you can’t get RSS or don’t want to mess with it, than the 182.31mb file will be here for you to get.

Below, please find the show notes with the link to this article we used as our basis of the talk about passwords this week.

Thanks so much for reading, listening and participating and we’ll be back next week talking about domains and web sites.


Welcome everyone to the Security box, podcast number 114 on the technology podcast series.

On this podcast, we cover some of the news from around the landscape, and then we start NCSAM.

What is NCSAM you ask? It stands for National Cyber Security Awareness month, and various countries call it something different, and may cover different things.

On week 1, which officially starts on October 1, we talk about passwords. Besides learning about 10 passwords that you should probably not use, the artivle we take from takes this in to aidifferent demention, covering different categories like food and drink, curse words, sports and more.

The article is titled Most common passwords: latest 2022 statistics and it comes from Cybernews. Looks like they did a great job with it!

We hope you enjoy the program, and thanks so much for listening!

Comments (0)

NullMixer is one you get when …

In today’s newsletter, we’re getting notified of something called Null Mixer. It is a piece of malware that contains quite of number of things that will not be good for your device.

The way you get this is by searching for pirated software and music.

It has been stated for many years not to pirate music, software and videos. I’m not here to tell you what you do with your device, but if it is getting so bad now that 20 pieces of malware can hit that device as part of the download for whatever you searched for, than we have a problem.

The article this time coming from komando.com is titled Googling THIS PHRASE leads to malware that installs 20 malicious programs to your PC and while it talks specificly about PC use, it wouldn’t surprise me that it could in theory go after other devices as well.

Thanks for reading, make it a great day.

Comments (0)

There are 90 more applications to remove, 10 on IOS and 80 on Android

Security Researchers continue to do research on malicious applications. There are 10 via IOS and 80 on Android, and these are no gaming apps.

For the full story, please read the full article by Komando staff Check your phone! 90 malicious apps with millions of downloads spotted and please stay as safe as possible.

Chances are, most of us don’t have these apps, but you know what we say, pass the word along, so that’s what we’re doing. Thanks for reading and listening!

Comments (0)

Are you part of the Capital One settlement? If you haven’t claimed, you don’t have much time

Komando in today’s newsletter is letting us know that if we didn’t get the notice and we feel we’re entitled, we can call. I know I got one for Facebook, but not for Capitalone, and from what i remember, it was customers 2008-present so I fall outside of that.

But Claim your cash! Capital One is paying out a $190M settlement is the article, and you might want to read it if you’ve been affected by this as I could have been.

Comments (0)

Scammers are using Linked in tools to lure victims in to clicking

Hello folks,

Remember those types of scams we’ve talked about where you get an email telling you that you have trouble with some delivery? Well, the first thing you need to do is know what you have coming to you, especially if you have your own tracking numbers.

We all make mistakes, and this one uses Linked in, the social network for jobs. They use something called the smart links feature, where someone can package stuff together, and it can track how long you’re on the service too from what I am understanding.

Actors are abusing this by telling people that packages need to be delivered and to provide information. As part of the ploy, they’ll send something to your SMS, but no matter what you enter, you’re taken elsewhere.

Remember that if you’re expecting a delivery, you should get something from the provider at hand, or the company that is shipping you the item with that tracking number.

Use Google and put in that tracking number and press enter. It’ll take you to a search page where it’ll give you basic information and a link to go directly to the provider where you can get more detailed info.

The article this time is Watch out for this clever LinkedIn phishing attack and it is definitely clever. Stay safe!

Comments (1)

The Current newsletter for september 24, 2022

Hello folks,

This is the link for the Current Kommando Newsletter for September 24, 2022 which talks about this ordeal we posted about several blog posts ago about the stupidest prank which I would never do.

There are three things that are posted here.

First, before September 15, 2022, there were only five searches for NyQuil
On September 15, 2022, The FDA posted their warning which several of us feel is unwarranted but then again, some people are definitely interesting
and finally, after that warning was posted, there were 7,000 searches for the NyQuil chicken challenge.

Oopse! Maybe their idea was to get the word out on how this wasn’t a good idea, but its all about the views.

We’ll be talking about this tonight on Throwback saturday night’s Security Hour on The Mix and we’ll be talking about this as part of the Security Box, which wil be an open forum.

To read more about what is said about this, read the newsletter, and pass this along to your kids, as they may want to try this.

Here is my blog post on the chicken challenge if you want to read more.

There are other things in the newsletter, so make sure you check it out.

Comments (0)

The Security Now podcast, podcast 889: Spell-Jacking For September 20, 2022

Hello everyone,

As promised, I’m ging to try and keep everyone up as much as I can on another security program called Security Now.

Here are the notations for podcast 889 found on the Security Now web page.


This week we look at last week’s Patch Tuesday and at the changing cyber insurance landscape. We visit and revisit a collection of major network breaches at Uber, Rockstar Games and LastPass. We look at another significant problem facing 280,000 WordPress users and at a recommended mitigation for the future. We examine the cost to processing performance of the most recent Retbleed security mitigations, and look at Google’s very welcome use-after-free vulnerability technology. And after sharing a few pieces of feedback from our listeners, we examine a somewhat surprising consequence of enabling Chrome’s enhanced spell check and provide some mitigations.


Download the 44mb file if you wish to download it. The link goes through Twit’s network and we are not responsible for these links.

Comments (0)

Missed Court? Better check with the department directly and not by a call from someone claiming to be from one

I can’t believe I saw this on KNX. Just looking around this morning, I saw something that I normally don’t see from them, and this is a good one.

Sheriff’s officials warn of `missed court appearance’ scam is the article title, and I’m not sure if this has been covered elsewhere.

I know the tech press itself has been talking about scams like this one lately, especially on Kim Komando’s web site but this specific one may be specific to San Diego.

Just remember to keep your guard up, and know how these things work.

Comments (0)

I can’t believe TikkTok allows for this kind of thing

So welcome back to the blog. In the Kim Komando newsletter today, it talks about why not to reuse passwords, which we’ve covered time and time again. There was something else that didn’t seem that interesting, but the third item talks about the latest trend which is on the Social Media debacle, TikTok.

The latest is a challenge to have people including children cook chicken in cough medicine including but not limited to nyquil. I’ve taken this medicine to help me sleep when I got really sick once, but never would I think to put this or any other cough medicine in a cooking demo.

The article this time is titled TikTok challenge prompts an insanely stupid FDA warning and even the FDA here in the U.S. says they wish they didn’t have to put out this warning. Check this out, and maybe this aught to go in the stupid department.

I’m passing this along since a lot of people use the social media platform, and sharing is key especially in this situation. Stay Safe!

Comments (0)

The Security Now podcast, podcast 888: The EvilProxy Service

Hello folks,

I’m going to try and keep up on getting the program I love out there for people to have. Especially this week, since Uber was talked about.

This episode was for last week however, but I think these shows are worth listening to.

Here are the notations, thanks to GRC’s Security Now page.


This week we look at an unusual and disturbing escalation of a cyberattack. I also note that cryptoheists have become so pervasive that I’m not mentioning them much anymore. The While House conducted a “Listening Session” to dump on today’s powerful tech platforms, and a government regulator in The Netherlands quit his position and tells us why. There’s another QNAP mess which is bad enough to exceed my already quite high QNAP mess threshold, and D-Link routers need to be sure they are running their very latest firmware. I have another comment about my latest Sci-Fi author discovery and two quick bits of feedback from our listeners. Then we’re going to examine EvilProxy, the conceptual cousin to Ransomware as a Service.


While this isn’t the episode for this week, this episode is sure to bring you wonder especially during the news segment. Always something interesting in it.

download the 51mb file for those who don’t get their RSS.

When this week’s comes up on GRC’s page, we’ll be sure to bring it up.

Comments (0)

The Security Box, podcast 113: Violence as a service, this turns from Cybercrime to real world crime

Welcome to the Security box, podcast 113. On this podcast, we had 10 people going through the JRN for this weeks program, hopefully you found what you heard of value.

On this program, we talk about something that we hope people take to heart, because it could happen to you at some point if it hasn’t happened already.

Details on this, news, notes and more will be in the show.

The rss has the program for those who are on it, and we have the 135.2mb file for those who do not have RSS.

Now, without any further ado, here are the show notes with a link to the story which was also posted to the blog in a separate post.


Welcome to the Security box, podcast 113. On this episode of the program, the biggest topic is “Violence as a service” as it is being talked about on multiple podcasts.

Have you read the article by Brian Krebs titled Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire and if you did, what did you think about it?

Seems as though this is going to get very interesting as actors as they’re known in the industry will be changing their tactics to something like this.

Besides this, I hope that you’ll come join us and comment as we’ll have some news from around the landscape, thoughts on other things of interest and of course questions and comments from the audience.

Thanks for listening and participating and we’ll see you on another edition of the program!

Comments (0)

American Airlines is the next one we see for a breach

The article this time is American Airlines discloses data breach and it comes from Cyberscoop.

We are not clear whether actual customer data was taken, but some employee email accounts were compromised by an unauthorized party.

The article is well written, and if you need more details, please read the article. I’m not going to highlight the article here mainly because from what I can tell, we don’t need to. If we hear anything else, it’ll get published.

Comments (0)

We’ve been tracking the latest Uber breach, here’s an article talking about it

Hello everyone,

Several podcasts are going to talk about the Uber Breach, and several of them came from The Cyber Wire Daily podcast.

This week, on Security Now, Steve Gibson and Leo Laporte will cover it in the third segment.

We do have a Cyberwire article titled Blame game follows Uber hack. Experts say don’t fault employee. which came out and I thought was interesting.

Reports which I’ve not been able to confirm or deny indicate that it was the Lapsus group, but I thought that group was “shut down” as members were arrested. I’m pointing this out because you’ll hear it and come to me and ask whether this is true.

The Cyberwire has a daily rundown of headlines based on their free daily podcast and this may shed some light on this, but I don’t want to go that far without reading the article.

Uber may even have news on this on their web site and I’m actively trying to figure out what is going on.

From what I’ve heard, it seems like an Uber employee was sent a chat through Whatsapp asking to approve the request for two factor or they would continue bombarding the employee until they did.

If it were me, I’d not even approve anything unless I was the one initiating the request, that is how it is supposed to be done. While the actor in question is reportedly 18 years old, the screen shots apparently are to tools and other internal things that Uber uses.

With that said, Uber has not sent me an email to let me know that I need to do anything and the reports indicate that we don’t need to do anything at this time.

If the JRN learns more substantial information, we’ll be sure to let you know, and if I do talk about this as next week’s topic, you’ll know in the podcast.

I need to start blogging some of this stuff as I get it instead of holding on to it until we do, and this is one of those things. We’re a week old, and the main article I’m linking to is a few days, but I’ve not seen anything since.

Stay safe! RThere are links to other coverage from within this article, so thought I’d pass this along too.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu