go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: November 2022

Go to Homepage [0], contents or to navigation menu



Research shows that there are tons of trackers out there

Hey folks,

As I peruse twitter, I came across some very interesting research about trackers on the internet. These are of course estimates, and Nord VPN did the research.

Your typical news site has quite a number of them, health sites also have tons, but the typical site that has to follow GDPR has the least.

Here at jaredrimer.net, the tech blog does allow you to like posts, tweet them out and the like, but I, Jared Rimer, do not know who clicks these buttons and it doesn’t interest me.

Remember when I posted about Giving Tuesday? Well, one person took advantage of it and we thank them, but we don’t disclose who they are. And on top of it, our logs are flushed every day and I’m not interested in looking at logs to see how many visits I have on any of my properties..

My other bigger site, MENVI doesn’t have any tracking capabilities that I know of besides what the server does by default of running on it.

I don’t need to collect data from people unless they contact me first. I don’t understand why websites need to download logs, peruse through them, see who clicks on ads and the like. I understand that impressions are what count when you pay money to advertise on a site, but who has the time to download logs and look at that data?

I don’t, for sure. One of my twitter followers posted this on their timeline, and the article is titled You’re not wrong – websites have way more trackers now.

Thanks Tech Radar for posting a very interesting article, and I hope that we can have more research like this.

I know that I’ve looked at the privacy report on my iphone, and jaredtech.help shows one, and jaredrimer.net shows 7, all of them Google or Twitter properties. I know what’s New on jaredrimer.net has an applet where the what’s new information is displayed and that came directly from Twitter.

What Google Code, I’m not sure because the Scripts i use are third party but I’ve never had a problem.

What it may be, is the cookies on my phone not being able to track me to my site, seeing that it is designed that way.

However it works, I know that my sites are safe, and most others are as well, but the research itself is quite interesting. I just searched jaredrimer.net’s raw page in code and don’t find any reference to Google or Twitter on the main page, so I am not sure if what I’m seeing for myself is correct on my own page.

Maybe someone with more experience in this can contact me about things like this and we can learn together.

Thanks so much for listening, reading and participating!

Comments (0)

dropbox is now being impersonated

This Freshbooks blog post was from last week. Now it seems like impersonators have moved back to file sharing services such as Dropbox.

While any company can be impersonated, even yours truly, you must know how the company communicates with you.

In this instance, the actors say that you have a file that was sent by Dropbox, and they have images of the page that they share.

Know how services like dropbox communicates with you, and know how your other companies you communicate with communicate with you.

This article is titled Received a Dropbox link via email? Read this before you click.

Since I use Dropbox, I know how they communicate with me when I get a new folder request. Usually we share folders, not just files.

If a file was to be sent via dropbox, it comes from the domain, similar to what we’ve learned when it comes to Freshbooks in today’s podcast.

Remember to stay as safe as possible when it comes to how you send and receive things.

Comments (0)

The Security box, podcast 122: EBT cards and the disabled

Hello folks, welcome to the Security Box for this week. While we got a call today, not knowing whether it was for the box or not, we did play a message from a listener who was listening live. We thank you.

The show is up and running on the RSS feed for those who need it. Here is the link for RSS.

Here is the 147.9mb file for those who want to have a copy.

We thank those who came on clubhouse to check out the program, even if you didn’t stay through the entire program.

Now, here are the show notes for consumption as it contains links to things tht we didn’t put in to the clubhouse room.


Welcome to the Security Box, podcast 122. On this podcast, we will be covering some news that came out of Freshbooks on Wednesday, November 23, 2022. We’ll also be covering Card Skimming and how it disproportionately is a disadvantage to people who use EBT cards. We’ll also have plenty of news and notes from around the landscape and we’ll also see what else people want to talk about as we return from our Thanksgiving break.

Freshbooks

As we blogged on November 23, 2022, Freshbooks became victim to Phishing. The company itself did not get phished, but people who are customers and non-customers were hitting Freshbooks’s Twitter asking if emails were real or not. Freshbooks reports that these emails are fake, and said that emails come from freshbooks.com or any of its properties and not from anywhere else.

The technology blog and podcast’s coverage of this event

On November 29, 2022, they indicated to the JRN that while there was no incident, the phishing uses other domains that is outside of Freshbooks itself. They linked to an FAQ titled What Emails Are Sent Out of My Account? Please read this FAQ if you’re a freshbooks customer or get email from them as a customer of someone who pays to send invoices.

EBT cards are now a target

In our main topic, we’re going to talk about EBT cards and what is happening with them. We also learn that there’s a lawsuit to get states to actually do something if something goes wrong. You’ll understand why as the discussion is done. Here are the articles:

We thank each and every one of you for listening, participating and most of all, reading the blog. Without your participation and listenership, this program wouldn’t be what I’m trying to make it.

Remember to check out email host security which is a site that’ll help you navigate the Phishing landscape. This site is sponsored by the Jared Rimer Network and I hope people will learn what it is about, check out the companies and resources and of course the terms.

Starting with this podcast, the podcast is commercial free thanks to a donor through the JRN. If you’d like to donate, go over to our donations page where there is a Paypal button and links available to use to donate one time. If you want to make a monthly donation using a credit card, let me know and we can make that work. We thank you!


Thanks for listening and make it a great day!

Comments (0)

Fake SMS app steals phone number, 2-factor codes

I believe this came out yesterday, but I’m only reading it today. Turns out that there’s an Android app out there that is number 1 in several countries that steals your phone number and allows actors to steal two-factor codes that are sent through SMS.
This fake texting app hides malware that steals your number is the article title from komando.com staff. A security researcher with a company called Evina found the app named Symoo.

There are apps out there like Text Now, Google Voice, and others tht you can get a number and text for free and they work. Click through to learn more about Symoo and make sure you learn.

Comments (0)

The Cyber Incident law could change reporting

I read a very interesting article from Cyberscoop recently that talked about a Cyber Security incident reporting law. This would allow people like you and I to know about potential breaches and other issues so we can better protect ourselves from issues.

We want to be able to have that information shared, the news gotten out and an action plan that allows us to be able to better protect ourselves.

If you’ve read this article titled How the cyber incident reporting law could finally fix the information sharing problem from Cyberscoop, what did you think?

I thought it was a very interesting article and I think a step in the right direction. If it comes to pass, we may end up hearing about even more breaches, but at the same time, we won’t be left in the dark about a good majority of problems that could lead to them.

Thanks for reading, we’ll be in touch!

Comments (0)

500 million Whats App numbers reported stolen

In the Midst of Facebook’s troubles, I found an article titled Nearly 500 million WhatsApp User Records Sold Online which was quite interesting. When first reading it, it gave me something completely different, but then I tried again and it gave me what I wanted.

Suffice it to say, Facebook had a 2021 case that is talked about where they sued for scraping data. Linked in was also mentioned.

Good thing I changed my Whats app number, but we don’t know if anyone in the U.S. is targeted.

I suggest this be read if you’re a whatsapp user.

Comments (0)

Komando.com has a breaking news item on the twitter breach

In this blog post from several days ago, we talked about Ben Lovejoy’s coverage of the recent news that is coming out about the July Twitter breach.

While a lot of people have jumpped ship, there’s no reason to panic. Our data is already out there as far as I’m concerned, and I don’t know about you, but even when you buy a domain, you open yourself up for phone calls asking you if you need services from all kinds of people.

Have a Twitter account? Your personal info might be included in this leak is komando.com’s update on this story.

According to this, another 1.4 million people may now be at risk, not that the 5.4 million people wa s bad enough, and that doesn’t necessarily mean just one account.

Check out Kim’s web site article linked above for complete details.

Comments (0)

Its Giving Tuesday

The last few years have been tough, yet for some years, there’s been something called giving Tuesday. While I run the JRN out of my pocket, and I don’t make it a habit of asking for donations, small businesses like mine can use donations.

Here is a link to the donations page. You can use the Paypal button to make a recurring donation of any amount, or use the links to make a one time donation using your credit card.

Paypal accepts all kinds of payments and you don’t need an account to give. The links allow you to securely use your bank account to give as well.

I know there are charities more worth donating to, but if you chose a small business like mine, we thank you.

Remember, small businesses also have bills to pay.

If you’re interested in what the network offers, please feel free to send an email and inquire.

Thanks a lot!

Comments (0)

Google Chrome has another 0-day, only the 8th this year though

What really caught my attention was a zero-day in Chrome. As usual, the folks at komando.com have coverage.

Update Chrome! Patch fixes major bug hackers are exploiting is the article and if you use it heavily, you will want to update it.

If this is executed, they can take control of the browser among other things says a linked Bleeping Computer article.

Comments (0)

True or false, facebook searches and viewing public?

As I return back from doing something I started to do health wise before I got sick, I come across two out of three from this newsletter for today. Today’s first post talks about whether peaking at someone’s profile or even your searches on Facebook being a private matter.

Of course, some settings can be changed for posting, who can friend and the like, so make sure if you’re new to the platform that you check out this article. Its titled True or false: Someone can see if you looked at their Facebook profile. It is written by Kim herself. Check this out to be facebook smarter.

Comments (0)

The Security box, podcast 122: EBT cards and the disabled

Hello folks, welcome to another blog post. This time, I’m announcing the podcast for this coming week.

We already have a room on Clubhouse for podcast 122 so go and find it in the calendar of events. Here is the link to my Clubhouse profile.

I check regularly for followers, as clubhouse now allows for protected profiles. It works similarly to protected tweets where people need to be approved. Please have a profile as that will ensure that I at least have some idea about who you are.

Here’s the opening paragraph from the show notes in which are being worked on and may be done by the time this goes to post.


Welcome to the Security Box, podcast 122. On this podcast, we will be covering some news that came out of Freshbooks on Wednesday, November 23, 2022. We’ll also be covering Card Skimming and how it disproportionately is a disadvantage to people who use EBT cards. We’ll so have plenty of news and notes from around the landscape and we’ll also see what else people want to talk about as we return from our Thanksgiving break.


The show will be on the independent artist channel at 11 am PT, 1 PM CT Wednesday, November 30th.

Remember to visit EMHS fpor podcast archives if you need them.

I hope to see you all there this week!

Comments (0)

3 of the biggest scams making the rounds, sounds like some have been covered before if not all

Hello folks,

With the holiday season in full swing, it is more important o make sure you are paying as much attention on where you’re shopping. Why’s that? Its because scammers are using the biggest 3 scams we’ve probably talked about in the past.

1. Family emergency scam

There are probably many variations of this scam, some of them come in by telephone. They’ll tell you that a friend or family member is in danger, you need to pay to pay them money in the form of some other than something you’re familiar with and the whole thing eventually comes out all wrong.

komando’s article probably covers this better than I can, but it could be real enough.

2. Delivery scams

This hasn’t slowed at all. You get an email, text or phone call stating that you missed a delivery. If you aren’t expecting a package, don’t respond. Better yet, if you are, check with your carrier you have delivering it as they have your info.

I found a new application thanks to the AppleVis Web site called Parcel. Here is the web site for this app called Parcel – Delivery Tracking for iPhone, iPad and Mac.

Here are links to download the app directly from the site:

They support over 300 carriers and there is a premium feature to detect shipments coming from Amazon, web access to add tracking directly from your PC and more.

They support email/password log in, as well as Apple log in which I use.

3. Too good to be true

This might be harder for us to detect, the too good to be true aspect of things. I’d say, stick to your shops you’re familiar with and don’t venture off them if you can. The advise of checking for ratings and reviews are respected and can help, as too many reviews of negative reviews can tell you that something is wrong.

The article I’m talking about this time is titled Top 3 holiday scams you and your loved ones need to know about and you should read each item carefully and its encouraged to pass this along.

Thanks so much for reading!

Comments (0)

So … we’re learning that the Twitter Hack is bigger than first thought

Ben Lovejoy has an article talking about how bad the Twitter breach from last year really is. Apparently, one person who tweeted the news got his account suspended. Why? We honestly don’t know and Ben Lovejoy, like me, will not peculate why. Maybe the new twitter, whatever it decides to become, doesn’t want that getting out.

Since Elon Musk’s takeover, he’s made lots of changes and fired a good bunch of people including his public relations team. This in itself could be eventually a bad move, but so far, it hasn’t done much.

The article from 9to5mac is titled Massive Twitter data breach was far worse than reported, reveal security researchers.

I wasn’t about to go as far as to say that multiple actors could’ve done it without proof, of course we can speculate and you can search this blog for Twitter coverage and make your own speculations.

Let’s hope that the new twitter hires a team that can field questions like whats going on if Musk won’t field those questions.

Kim Komando even said that Twitter won’t go anywhere and that Musk has bigger troubles than Twitter.

I guess we’ll see over time, won’t we?

Comments (0)

There are 7 different domains that were closed due to “pig butchering” and are we happy about that?

Seven different domains says an article titled U.S. Authorities Seize Domains Used in ‘Pig butchering’ Cryptocurrency Scams.

We covered Pig Butchering in detail thanks to articles by Krebs on Security and you can search this term to get the podcast right from this blog. You can also go to EMHS’s full directory to see various topics there.

All of the domains are .com domains and while it’d be fun to buy all 7 and point them to EMHS, I’m not going to buy strange looking domains like these.

The 7 domains are within the article, and you’re welcome to check out the complete article to find out more.

Maybe our good cohort Nick will find this news of interest. I know I did.

Let’s hope other stories like this come out. I love sharing the good news!

Comments (0)

Apple has a setting to stop advertisers from knowing about you

I read this article titled Delete this secret ID hiding on your phone that gives away your personal details which was another great read.

It talks about a setting in privacy settings for IOS that can stop companies from knowing everything about you.

Don’t worry, Google fans, the article also has steps for you too.

I know that most people are on mobile now, and I do some shopping on mobile with Amazon, so I’m not different. But I also do a lot of shopping on the computer when I need something. I’m not most or a good portion of people now, so this article might be of use to people. Thanks for reading and make it a great day!

Comments (0)

Got an email about something you didn’t pay for? Chances are, its a scam

OK folks, maybe we’ve covered this before, but its the first thing that caught my attention today on komando.com’s newsletter articles for today.

It talks about email that may be sent that will allow you, the consumer to call a phone number back if the email states that you’ve made a purchase.

I’ve personally seen these and have demonstrated I have by posting a few of these.

If you don’t remember, here’s one I picked at random, saved in a folder I share with someone. Don’t call the number.

,


Your Transaction code#407281*
Subject:
Your Transaction code#407281*
From:
“Service Dept” marthajoness868@gmail.com
Date:
7/19/2022, 3:27 AM
To:
“jared” jared@jaredrimer.net

Welcome back!

Congratulations for subscribing with G??k Squ?d™ Security Program which secures your home devices and network.

This recent subscription plan is set to renew today as you’ve authorized auto debit payments every year unless cancel.

So we’ve processed the yearly expense of $ 395.69 from your updated payment method or account funds credit balance.

Service issue? – please contact our core team  +1 (888) 385 8394

Consumer ID – 9527FC471J

Issued date – 19 -July -2022

Plan Tenure – 12 Months Only

Order Price – $ 395.69

If you wish to unsubscribe or cancel the membership and get the full refund – reach out us +1 (888) 385 8394

Thank you for being an active valued member with us!

Kind Regards
Consumer Care & Helpline Dept.


Notice the spelling mistakes to get around filters. Notice the grammar if you know how billing actually works. There are a lot of red flags in this one and in others I’ve seen, but don’t worry, they’ll just get better at that.

Also notice that in this example that they say I’ve signed up for the Geek Squad, but yet it came from a gmail address.

Today’s article which will also be put up on EMHS is titled If you get an email with this phone number, don’t call! It’s a money-stealing scam and it may be true more during the holidays because people are going to be shopping and spending money. The thieves know this too. Make sure you’re prepared and stay safe.

Comments (0)

Steps to make your phone not ring for unknown numbers, good or bad ideas?

Spam calls are calls that are probably not in your contacts. In today’s newsletter, I’ll be damned if all three items were of interest to me and we’ll start with this.

While the article talks about blocking unknown callers, I hesitate doing that because of the fact that people may call that I don’t have a contact for and they are legitimate calls.

Kim says thtat if they are legitimate, they’ll leave a message. That’s well and good, but someone called yesterday and I didn’t answer it because Skype was being innodated with calls. While I answered one, it seemed innocent enough. They wanted to know if I owned EMHS (which is the shortened name of our new project) and then asked if I need development services. Problem with that call is that it took a minute (maybe less) for them to even answer when I said hello. Gave me a toll-free number if i wanted services. That’s nice.

But if you’re a hospital, say, calling about my family let’s say, you’re not probably going to leave a message and wait for a phone call. You’re going to want to talk to me and get whatever you need asked then. Back to the call yesterday on my phone, I didn’t see the voice mail till this morning as I opened the phone app and there popped up the voice mail. Not cool!

So, I take the second option, if the number is unknown to me, I don’t answer it. Skype’s number is more my business number, so I will answer there if I’m available to do so. Voice mail is also on that line, although they use a generic greeting instead of a personalized greeting.

There might be something else here that might interest you about this article. So, please read How to silence spam calls without downloading any apps to see how you want to handle these unknown callers.

I told you what I like about the article and don’t like, maybe it could be a topic on a show of some sort. Let’s see what happens.

Comments (0)

I didn’t know cobalt Strike was a legitimate app

We’ve covered Cobalt Strike some time back, and a new follower to me called criminal ip posted this article talking about a legitimate version of this application.

This was cool to find, as you always learn something new. The article is titled Cobalt Strike Beacon: Finding Infected Botnet Servers and I thought it was worth sharing.

I did direct message this company to see if they would like to be listed on EMHS, but have heard nothing.

Maybe some of you may find this article of interest. I did.

Comments (0)

It seems as though the European Parlament adopted a very nice resolution … gets DDOS’ed

I’ve decided to limit posting for the Thanksgiving holiday, and I hope that each and every one of you who read the blog and participate on the podcast has had a very nice Thanksgiving holiday.

The article that I’m going to talk about this posting came to us from our TSB list and was sent Thanksgiving evening.

Seems as though the European Parlament made a very good decision on calling Russia a problem, but after they called them a problem, they were knocked offline by Kilnet. Kilnet belongs to Russia and that’s no surprise.

The first paragraph says:

The European Parliament website was knocked offline for several hours on Wednesday by a distributed denial-of-service (DDoS) attack that started shortly after the governing body voted to declare the Russian government a state sponsor of terrorism.

The European Parlament President confirmed the site outage, according to the article.

While the article was written, the site came back up, which is what a DDOS attack is. It only stays down as long as the attack persists.

For more, please read the article. The article is titled European Parliament declares Russia a terrorism sponsor, then its site goes down.

Thanks for reading folks, we’ll have much more later.

Thanks Michael for posting this to our list!

Comments (0)

Tax preparation software giants send refund and other info to Meta

While the United States celebrates a day of Thanks, we learn that the thanks some tax preparation software companies gives us is sending the information to Meta probably unknowingly.

You see, they have a piece of code that communicates with Meta, and that code somehow shares information about you to them.

The article Kim is sending in today’s newsletter is Tax prep software was sending info back to Meta and I suggest those who use paid services to do taxes read this one.

Happy thanksgiving from all of us that keep the JRN up and running and make it a great day!

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu