The Technology blog and podcast

Malware droppers give you banking trojans

Hello everyone,

In a breaking news item, we learn about dropper malware that gives you banking trojans.

The article is titled If you see this app warning on your phone, DO NOT ignore it and it is a must read.

The article was written today and covers what will happen because you’re going to get fake login prompting.

If you’re an android user, please read this blog and article so you’re aware of what’s going on. Thanks so much for reading!

Comments (0)

iphones losing wifi

komando.com is reporting that people are losing WIFI with the latest 16.1 of the IOS operating system.

While 16.1 has fixed a lot of bugs, there is the off chance that something like this could go unnoticed, or noticed but no fix was implemented on time.

Please read The latest iPhone update introduced a bug – Try this if your Wi-Fi is spotty for ideas on how to get around this until apple comes up with a permanent fix.

Thanks for reading.

Comments (0)

Multi-factor authentication for small businesses

We’ve talked about multi-factor authentication quite a lot on this blog and podcast series.

Lastpass has an article as we wrap up NCSAM for this year titled The Importance of MFA for SMBs which was quite interesting.

The article talks about how the MFA solution needs to be balanced, so it isn’t too complicated for users, yet easy to use so they adopt it.

You want things as easy as possible, but you don’t want to jeopardize your own company either.

The headings ask questions.

• What is MFA?
• Why MFA?
• Peace of mind with MFA

The last item isn’t a question, but gives you a peace of mind. If set up correctly, it can be very useful. Take a look at this article, and see what you can get out of it. Happy reading!

Comments (0)

Tesla is in a lot of trouble, criminal investigation under way

I was listening to the Kim Komando minute today, and Kim’s been talking aobut Tesla’s auto pilot and the problems with it.

If you drive a car, and you drive this car, this company is in trouble possibly because of how it market’s the auto pilot feature.

If you subscribe to the minute, you aught to be not surprised, because she continues to say that people have either gotten injured or even several died because they relied on the auto pilot.

I’m not going to provide a link to listen to this one, as it doesn’t affect everyone, but you should check it out by searching for Komando and finding the daily minute podcast.

Be aware.

Comments (0)

The Security box, podcast 118 show notes reissue

The purpose of this reissued notes is to correct anissue that we found while perusing the notes.

While the notes are correct, there was a broken code find which caused an issue.

So, here are the corrected notes for last week’s program.

---

Welcome to podcast 118 of the Security Box. On this show, we’re going to talk about books. Not all books may be covered due to time constraints, but we’ll list all of the ones here. Question is, what kind of books? These books are dealing with security in one way or another.

The list may contain multiple books, and are split up in to authors. We’ll have this in a multi-list format where the main list is in author, and sublist will have the books.

Books may be available via other sources that the blind and disabled can access including Bookshare, the NLS, and apple books. The NLS Bard page can only be accessed by eligible patrons and will not be linked here. All linked books come from Amazon or its affiliates, but you can search the book titles separately to find the price that fits your budget unless bard has it already.

From this list, we do know that BARD only has one book, but that could change. Check Bard often, you never know what will be posted there.

Besides that, we’ll have news, notes and more. Now, here are the books and thanks for listening!

• Mark Russinovich

• Zero Day: A Jeff Aiken Novel (Jeff Aiken Series Book 1)
• Trojan Horse: A Jeff Aiken Novel (Jeff Aiken Series Book 2)
• Rogue Code: A Jeff Aiken Novel

Scott Schober

• Hacked Again
• Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home
• Senior Cyber: Best Security Practices for Your Golden Years

Kim Zetter

• Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon

Mikko Hyponnen

• If It’s Smart, It’s Vulnerable 1st Edition,

There may be more, but these are specific to the landscape we’re covering. There are also books that tell true stories from people like Frank Abagnale, Kevin Mitnick and possibly others. Please feel free to check out these books, as maybe it can teach you something to improve your security posture. The true stories that I intended to list but decided against doing so may also be used in changing any issues you may have too. While the true stories talked about crimes committed in the past and how they changed as authors, they’re still worth reading if not to learn what was done, how they were caught and the consequences of their crimes.

We hope you enjoy today’s program and thanks so much for listening!

Comments (0)

This week on the Security box: social media and its intricacies

This week, what do you think about social media as a whole? Do you use it heavily or do you use it sparingly?

We’ll talk about the different networks and how they work if we know, as well as talk about some of the problems we know about.

If you want to listen, you can listen through the independent channel of the mix on Wednesday at 11 am PT, 1 PM CT.

I hope that we’ll see you then!

Comments (0)

Use Shampoo? Better read this for 19 dry shampoo’s that are being recalled

You ask, “Why are you posting this on the tech blog when it doesn’t have to do with tech?”

It does have to do with tech, because as disabled people, we have to use technology to know what we have and people to help us get what we want. Because of this, I’m going to publish this because apps that can read bar codes are useful to find these products so we can know what they are.

Today’s article by komando staff is titled Recall alert: More than 1M Americans using shampoo with a cancer-causing ingredient and again, it affects dry shampoos.

The article talks about what might be the cause, the fact the company behind this recall is doing it voluntarily, and of course, lists the products we need to be aware of.

If you use dry shampoo, please at least look at this article so you make sure you’re safe. Luckily, nobody has had issues with these products, says the article, but again, they’re doing this out of caution more than anything.

Comments (0)

Let’s talk a little bit about linked in

Hello folks,

I know that Linked In is one of these sites that are supposed to be good for finding jobs, and getting the word about what you do out there.

For example, if you look at my web site, you’ll find a link to my Linked in.

On that linked in page, come November 2, I will be adding the Email Host Security site and what I’m doing with it.

Let’s start with Brian Kreb’s article Glut of Fake LinkedIn Profiles Pits HR Against the Bots as this is where I heard of the problem that we’ll be mentioning.

Linked In is now part of Social Media whether we like it or not. With Social Media, there may be fake profiles out there, and this is bad for Linked In, since it is a specific type of social media site.

As I’ve posted recently, we’ll talk more about social media on both TSB and the Security Hour on the mix.

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups.

The problem is, they are taking info from legitimate people, creating profiles, putting up pictures, and trying to get people to give up information that might be valuable to an actor to do whatever an actor wants to do with it.

There’s more to this story, including some research that has been done about this fake profile problem now proliferating this popular Microsoft job site.

Some time after the first Krebs article, I then read Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn and Linked In still not sure how to respond to this problem.

There is still research in this space where data is being collected on how bad the problem is. In fact, this article states that people claiming to work at the biggest companies Amazon and Apple fell by a big margin overnight.

Maybe Linked In started to figure out who was real, and who wasn’t based on their own data. You should also read this article, as it might be of interest to you.

Finally, an article I spotted by Kim Komando’s staff titled Scammers love LinkedIn – Here’s a new step to keep yourself safe on the job site which talks about three things that Linked in will be adding.

Here are headings talking about the new features.

• Learn more about a profile
• Fighting fire with fire
• Warnings for suspicious messages

The third item is very recognizable, as I’ve had others who started with me through SMS and wanted to move to whats app as an example, or twitter to email.

Each of the headings talks about what Linked In will be adding to your account within the next month or so to help you stay safe.

I hope that this finds you well, and stay safe on your job hunt!

Comments (0)

Its time to look for holiday decarations, don’t get ripped off

The holiday season is already starting, according to komando.com. Christmas music is starting to play in stores, and the scammers are also out trying to get money for decarations that might not be so good.

If you are buying decarations this year, it might be a good idea to buy Shopping for holiday decorations? Don’t fall for this online shopping scam so you’re aware what might be going on so you can avoid it.

I know there may be people you know that you can forward this article to. I’d recommend that if you’re not affected by this yourself because you don’t buy decarations like I don’t.

Make it a great day!

Comments (0)

There’s a tool out there to see if you are affected by the Raccoon stealer

Today’s newsletter is quite interesting on Kim Komando, and I’ve submitted two Email addresses for possible search.

As we’ve learned, this Raccoon infostealer is bad. Really bad.

What we later learn is that one of the administrators has been arrested and charged. This article titled Use this free test to see if your info is part of this huge Ukrainian hacker leak and its something we should all check out.

If you do not receive an email, you’re good. If you do, says the test page, it’ll give you some more info.

Let’s make sure that we’re as protected as possible by doing our part. Its free to check.

Comments (0)

This coming week on the Security box

On wednesday, November 2, we’re going to cover social media. There may be a lot to talk about, but I’m not going to take from the particulars of any one article, but possibly discuss the different platforms, what we’ve seen on them, some news in regards to it and more.

Of course, we’ll have news, notes and more. If this post or something similar goes out later on, I apologize, I don’t remember if I went ahead and set one up so I’m going to send it up now.

I’m on clubhouse, so remember to follow the JRN club and you’ll be notified of rooms being created and when they start.

Hope to see you all then!

Comments (0)

The Security now program, podcast 894 for October 25, 2022

I’m passing this along for those who are not aware of a show which I enjoy called Security Now. It is similar to the TSB program, except it is more structured and while it is with two people like TSB has been a s of late, it is still good as they cover things that we may not.

Here are the notations from GRC in regards to the program.

Title: Data Breach Responsibility

This week we note the release of an updated Firefox browser and Google’s welcome and interesting announcement of a super-secure-by- design open source operating system project. We look at the latest cryptocurrency craziness and at a new Windows 0-day which bypasses downloaded executable file security checks. And speaking of 0-days, Apple just patched their iPhone and iPad OS’s against their 9th 0-day of the year. We then take a look at the forces driving the evolutionary demise of previously rampant banking malware and at today’s critical VMWare update. Then, after sharing and addressing some interesting listener feedback, we’ll take a look at new Australian legislation aimed at punishing data breaches and consider the ethics of Australia’s proposed new heavy fines.

<a href=”download the 49mb file from GRC if you’d like to listen.

If there’s something you want us to cover from there that we haven’t covered, let us know. I’ve talked about things on SN before, so we’re good here. Enjoy!

Comments (0)

Ukrainian gets indicted, might be picked up

This is a little bit of good news out of all of this bad news department. The article this time is titled Grand jury indicts Ukrainian for role in vast Raccoon Infostealer cybercrime operation which is a start in the right direction of truly getting charged and picked up.

This is an info stealer, which means that it can steal data from you.

There is a name in the article and discusses what the indictment is.

If you want to read more, feel free to click on through and put it on your radar of some good news.

Comments (0)

New Windows updates are available, optional but might be important

While patch Tuesday has come and gone, komando.com has posted something I’m now getting to that might be of inportance.

It reminds us of the apple updates, but then goes in to details on optional updates for Windows 10 and 11 that might affect some customers. Some with gaming, some with keyboard use in 11, and some other odds and ends.

The article is titled Update alert! New Windows 10 and Windows 11 fixes live and I hope it finds you updating if needed.

Thanks for listening, reading and learning!

Comments (0)

The beta is almost over

I’ve talked about the beta of email host security on my podcasts. Why? I’m seeking feedback to help me fix bugs, spelling and structural things before going live.

The work on the web site is complete and the last of the TSB directory was finished yesterday. My intent was to post this yesterday but I was on a call.

I’m going to let it sit and let people look and report back if any issues.

Please go over and take a look and contact me through the JRN if any issues.

Our launch date for EMHS will be this coming week. A press release in the form of a story and highlights will be posted through social media and this blog on the day of launch.

I hope to hear from you if there are any bugs. Thanks so much for reading!

Comments (0)

Malicious apps in the form of extensions are on the loose

I don’t know if we reported on a prior article talking about extensions, but this one I am. The article comes from komando.com and its titled Check your browser! These malicious extensions have been installed 1M times

All of the extensions have to do with changing colors on your browser and have color in their name. This article lists 24 of them, and i’m pretty sure that I have none of these.

If you want to learn more, please click through to the article and learn about this dangerous practice of malvertising. That’s what these extensions do.

Instructions on how to remove them are provided. Thanks for reading!

Comments (0)

The top 10 brands of q3 is …

komando.com has sounded the alarm on the q3 report by a research company on the brands that we do business with. Linked in is no longer the top dog in this list. The top dog is a company that does shipping.

The article is titled The top 10 most impersonated brands online – Read this to steer clear of phishing and its quite interesting.

Here is the top 10.

1 . DHL (22% of phishing attacks)
2 . Microsoft (16% of phishing attacks)
3 . LinkedIn (11% of phishing attacks)
4 . Google (6% of phishing attacks)
5 . Netflix (5% of phishing attacks)
6 . WeTransfer (5% of phishing attacks)
7 . Walmart (5% of phishing attacks)
8 . WhatsApp (4% of phishing attacks)
9 . HSBC (4% of phishing attacks)
10 . Instagram (3% of phishing attacks)

What do you guys think of this? Read the article for more.

Comments (0)

The Security box, podcast 118: let’s talk books

Hello folks, welcome to the security box, podcast 118.

Let’s talk books! We covered 6 out of the 8 in full, and we were a bit time constrained a bit. That’s ok, as we actually covered everything but two as related to the first.

This is the 124.55mb file you’ll need if you don’t have RSS already.

The RSS is being updated and don’t forget our Amazon integration as well. The link is in the blogroll.

Here are the entire show notes for you to have, and we’ll see you all next week!

---

Welcome to podcast 118 of the Security Box. On this show, we’re going to talk about books. Not all books may be covered due to time constraints, but we’ll list all of the ones here. Question is, what kind of books? These books are dealing with security in one way or another.

The list may contain multiple books, and are split up in to authors. We’ll have this in a multi-list format where the main list is in author, and sublist will have the books.

Books may be available via other sources that the blind and disabled can access including Bookshare, the NLS, and apple books. The NLS Bard page can only be accessed by eligible patrons and will not be linked here. All linked books come from Amazon or its affiliates, but you can search the book titles separately to find the price that fits your budget unless bard has it already.

From this list, we do know that BARD only has one book, but that could change. Check Bard often, you never know what will be posted there.

Besides that, we’ll have news, notes and more. Now, here are the books and thanks for listening!

• Mark Russinovich

• Zero Day: A Jeff Aiken Novel (Jeff Aiken Series Book 1)
• Trojan Horse: A Jeff Aiken Novel (Jeff Aiken Series Book 2)
• Rogue Code: A Jeff Aiken Novel

Scott Schober

• Hacked Again
• Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home
• Senior Cyber: Best Security Practices for Your Golden Years

Kim Zetter

• Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon

Mikko Hyponnen

• If It’s Smart, It’s Vulnerable 1st Edition,

There may be more, but these are specific to the landscape we’re covering. There are also books that tell true stories from people like Frank Abagnale, Kevin Mitnick and possibly others. Please feel free to check out these books, as maybe it can teach you something to improve your security posture. The true stories that I intended to list but decided against doing so may also be used in changing any issues you may have too. While the true stories talked about crimes committed in the past and how they changed as authors, they’re still worth reading if not to learn what was done, how they were caught and the consequences of their crimes.

We hope you enjoy today’s program and thanks so much for listening!

Comments (0)

IOS, Mac and watch get updates, is it time to upgrade?

Hello all,

This week, IOS, Mac and watch get updated. Apple Releases watchOS 9.1 and tvOS 16.1 is the first I read today and it talks about siri support for TVOS 16 and gives instructions on how to update.

Since Apple Vis is a small team, they do not know if there are any issues to Watch 9 and TV 16 at this time.

As for IOS 16.1, maybe its tine for me to think about updating it. Apple Releases iOS 16.1 and iPadOS 16.1; Bringing Many Fixes for VoiceOver Users from Applevis does list a bunch of fixes that were made, and talks about one regression. maybe its time for this to finally be spun along the JRN, thoughts?

The JRN can’t comment on any mac related issues as we do not have a Mac. Herbie, moderator of the mac club we broadcast on the independent channel hasindicated the system preferences being renamed to system settings or settings as its known in IOS. The New Features, Changes, Improvements, and Bugs in macOS 13 Ventura for Blind and Low Vision Users is the blog post we have from Apple Vis on this.

They link to articles talking about the mainstream changes that they don’t cover in their post.

Do you use any of the updates and if so, what are your thoughts? Sound off by email, imessage, text, or on the podcast when we tape. Look forward in hearing what you have to say!

Comments (0)

Here’s another huge recall alert for people who drive

komando.com seems to be the place that we see car recalls.

Remember that cars run on computers now, so we have rolling computers to worry about. If you have a car, you might want to check out the article Recall alert: Nearly 155,000 Jeeps, Rams, Audis and VWs could endanger drivers for complete details on which cars, what issues might be out there, and telephone numbers to call if you are affected by this set of issues.

Thanks for reading, and make it a great day!

Comments (0)

Older Posts »

go to sections menu

---