go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: January 2023

Go to Homepage [0], contents or to navigation menu



Cybercrime groups offering 6 figure incomes? Wonder how long that lasts?

I was talking with Nick, and i got to thinking as we continue to prepare topics for upcoming shows.

When you read Cybercrime groups offer six-figure salaries, bonuses, paid time off to attract talent on dark web for the first time, what do you think?

My first thought is that this could be the case for a little while. I mean, programming or doing customer support for huge amounts of money sounds great, until your boss eventually gets caught.

They don’t tell you what you’re programming for, or even what the customer service entails unless they tell you that part of it so you’re aware of it. They then would tell you not to open your trap.

They probably don’t pay you like normal companies do, they pay you based on the crypto that they get from their illicit gains, although you don’t know that. You just know you get paid in Crypto and you have to keep your trap shut.

I’d read this article in full, so you can see what is going on. Then you’ll know what to look for on job boards and the like to stay away … unless you want to do it and risk your reputation when the boss gets fired by getting arrested or caught in some way.

Just a thought anyway.

Comments (0)

Here are two articles talking about scams

Hello folks,

Here are two articles which we put in to EMHS’s resources page that I want to highlight today.

Can you spot the giveaway in this scam email?

This one needs a little bit of explaining. Komando staff got an email which on the surface looked pretty legit. That is, until they spotted things that were a tell tale sign of a scam. Luckily, they didn’t act hastily or they wouldn’t be talking about it today.

The article does describe what was found from within the email, but I wish that they do what I do, show the email so people like you and I can see what is actually going on. Images don’t tell us anything, especially when they aren’t alt tagged describing what they’re there for.

The text may be enough to help though, so I’m putting it up here.

Security warning: Watch out for Social Security scammers

This one could hit quite a number of people and various kinds of ways. The fact that social security is received and there’s many forms of it give you a prime target and lots of innocent people to target.

Luckily, I know that I received my letter telling me what I am getting and I already started receiving it. We’ll see what happens, but its still early.

Why scammers would tell you you’re receiving a raise when that happens at the beginning of the year is beyond me. That’s strange to me.

Be alert, be aware and learn. Thanks for reading!

Comments (0)

Health apps that aren’t … Android users must be aware of apps

Some apps are gaming apps, some may be finance apps, but all are definitely not health tracker applications.

Each year, people want to try and lose wait, eat better and the like. But at least on IOS, this is easy with the health app built right in.

As for Android, the article we’re linking to doesn’t say, but there are several apps that you don’t want.

I don’t know if this affects the disabled community so much, but we do have sighted counterparts so I am going to go ahead and post this.

Komando’s article is titled Don’t use these shady health tracker apps with 10 mil downloads and it was written today.

Some apps may include:

  • • Lucky Step-Walking Tracker.
  • • WalkingJoy.
  • • Lucky Habit: health tracker.

Others include:

  • • Golden Hunt.
  • • Reflector.
  • • Seven Golden Wolf blackjack.
  • • Unlimited Score.
  • • Big Decisions.
  • • Jewel Sea.
  • • Lux Fruits Game.
  • • Lucky Clover.
  • • King Blitz.

This is the list directly from the article. The JRN can’t say if IOS is affected, but I’d check to see if these apps are installed on your device anyway. They might have been part of other apps you’re not aware of.

I’ll tell you what, its going to get pretty interesting with all these kinds of nasty apps out there.

If there is something for Android users, please let us know what they should use for a health tracker app. Thanks for reading, make it a great day.

Comments (0)

The Government can’t even do anything right, some of the stuff is interesting

On this week’s edition of the podcast, we’re going to cover an article titled Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations.

Maybe this joke I found which is a couple months old fits this article.

Retweeting Puns AndOneliners (punsandoneliner): When I was at school, I put invisible ink in the printer before printing a maths question. I couldn’t see what the problem was.

If the government doesn’t know what the problem is, why are they telling us through entities like CISA that we need to update, patch, restart our devices or anything else?

I took for this podcast some of the paragraphs I thought could lead to discussion.

The program will air on Wednesday on the Independent channel at 11 am PT, 1 pm station time. It aires on Blue Streak Radio on Friday and on International Friends Radio Network at 3 CT, 1 PT on Monday.

You can tell your device to play International Friends through your device using the Get Me Radio skill. Talk to Get Me Radio on Google or open it using Lady A. By telling it to play international friends, you’ll get their program.

You can also find a link to their listen page here on the blog, as I updated it since it changed. Their web site is located on EMHS under the security box page.

As for this article, its going to be very interesting, and we’ll see what comes up with it whether phone calls or through the room on Clubhouse.

Thanks for reading, off to see about doing more blogging I go!

Comments (0)

What’s going on with breach notifications?

We’ve never been notified in an adequit manner when it comes to data breaches. It doesn’t matter what industry it is, we’ve just not been soooo lucky in getting notified timely.

The problem is, they’re becoming more of a non-issue. We’re notified, just like the Lastpass breach, but we really don’t know much about what really went wrong.

The article is titled Data breach notices become more opaque, leaving consumers in the dark and it comes from our good friends at Cyber Scoop.

Feel free to give it a look and stay informed. Don’t know what the proper solution is going to be, but we need to know what is going on. How are we going to make the right decision?

Comments (0)

This might end up going on our bonehead award, but don’t go creating booter or stresser services

When I was reading Krebs on Security some time back, they talked about someone who ran a booter and stresser service. This can be used as part of a distributed denial of service attack or DDOS attack. This can be looked up on Wikipedia or even through your favorite search engine.

Basicly, this means that someone can set up something where people can crowd your shop so nobody can get in to do legitimate business.

Thinking of Hiring or Running a Booter Service? Think Again. is the article that I saw talking about this problem.

Nick mentioned it briefly last week when he called in, and yes, I do remember this article now.

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.

The article continues with the second paragraph, naming the individual who is the focus of the piece.

And then there are booter store operators like John Dobbs, a 32-year-old computer science graduate student living in Honolulu, Hawaii. For at least a decade until late last year, Dobbs openly operated IPStresser[.]com, a popular and powerful attack-for-hire service that he registered with the state of Hawaii using his real name and address. Likewise, the domain was registered in Dobbs’s name and hometown in Pennsylvania.

As Krebs does in his articles, he does thorough research and uses tools like the domain lookup tools out there that can be used to look up people who own a domain.

His only note on his resume, according to Krebs, is being a freelance developer since 2013. That may not be so bad on the inside, as you’ve had a long standing job. But when you attract atention by sayingggg that you have at least a million page views daily might raise some eyebrows. I can’t even get that many, or at least I’m not aware of it anyway.

In December 2022, the U.S. Department of Justice seized Dobbs’s IPStresser website and charged him with one count of aiding and abetting computer intrusions. Prosecutors say his service attracted more than two million registered users, and was responsible for launching a staggering 30 million distinct DDoS attacks.

So he attracted tons of traffic and users tht caused a ton of trouble around the net as he was paid to target whatever they asked them to.

There’s plenty more, feel free to check out the full article and send me a note if this should be the idiot of the podcast. Nick already hinted yes.

Now, its time I go and figure out how I’m doing this podcast, or there won’t be on this week.

See you all later!

Comments (0)

Vice Society is now targeting manufacturing

Hello everyone. It seems like Vice Society is not done, but what actor is done with work they are set to do?

According to an article I recently spotted, the group is now setting their sights on manufacturing as their next target.

This came from the folks at the research department at one of our companies, Trend Micro. It was a very interesting article to read.

They made headlines late last year and even started this year with a bang too. One of the attributions was toward the RTD system in San Francisco.

They have been known to target education and health care as well.

While they’re targeting outside the United States right now, it would not surprise me if they found a good reason to change their mind. They were reportedly responsible for the print nightmare vulnerability which may still be a problem today.

In any case, we’ll be talking about this on a future security box podcast, and we may end up getting updates if any are posted around the net.

The article is titled Vice Society Ransomware Group Targets Manufacturing Companies and I honestly think it should be read.

If we don’t know what actors are doing to other places, how can we protect ourselves if they ever changed their mind and attacked us?

Great article, Trend. It was well worth the read. Thanks for sharing and making your work available for us to read and share.

Comments (0)

Ratial slurs found in code

Trying to figure out how I can cover this one, as this is probably the first time I’ve heard of this.

Yandex is similar to Google. It offers various products and search capability for who they serve.

How someone found ratial issues within code is beyond me, unless it was comments for whomever wrote it and that is how they write.

The article is coming from Cyber Scoop and is titled Racial slurs discovered in leaked Yandex source code. Yandex claims it is old code and isn’t in production now, but I am wondering why anyone would care about comments meant for whoever coded it?

Russian tech giant Yandex apologized on Friday for racial slurs uncovered in the company’s source code.

That’s nice, but why apologize when the code apparently isn’t in use in the first place? I know that part of coding is sometimes difficult, where people need to put comments within the code to be able to remember what its used for.

This seems to be a strange one to me, maybe someone can explain this one to us.

According to the Yandex press office, the code in question appears “to be old fragments differing from the current version of the company’s repository and would never have affected any of the company’s services.” The company called the incident a “blatant violation of our corporate ethics” and said it is conducting a review to understand “how this happened” and to take measures to “to ensure this does not happen again.”

The boards and email await you.

Comments (0)

There is a guide out there about Smishing from komando’s web site … smishing is spreading

Look up Phishing using Wikipedia and you’ll find Smishing within its list of terms.

Resources from EMHS

I recently got another text message, this time from an 803 number which said that the vice president was worrying about something because someone retired. They asked to donate through a site called Win Red.

I’ve been seeing messages from all kinds of numbers supposedly from Trump for 2024 and it asked for all kinds of personal info including a survey on whether you’d vote for him or not.

These may be several types of things you’re receiving on your phone now. While I’m not trying to make this political in any way, its points out tht while Win Red may be collecting information and payment info, others might not be so lucky.

Win Red also allows you to pay via apple pay, and they say that by signing up, you agree to text messages, automated things and the like, I’ve never heard of them. I looked at the surveys but never provided any information which includes asking for your number.

This article by komando.com is titled Smishing is spreading – How to spot it and will be on our EMHS resources page.

Its definitely worth reading as this might be the way of the future.

Stay well. Stay safe. Learn and protect yourself. Thanks for reading!

Comments (0)

Bitwarden being phished, make sure you’re on the right site

Well, I mentioned that I was not sure if other managers worked similarly to Lastpass, but this has nothing to do with whether they work the same or not.

Apparently, Bitwarden had been used as phishbate. In the article titled Criminals are going after password manager logins – What to watch out for which was published yesterday, it indicates that the login page was exactly like the real deal, but the URL was completely different.

When you submitted info to the page, it actually redirected you to the real deal.

This is definitely going to be a problem. The Phishing page has been taken offline, but who’s to say that this won’t happen to another manager, which may include Lastpass?

How to protect yourself from this type of thing? Ask for the URL of a service and don’t just rely on Google.

When we were setting up for International Friends, I did find them on Google, but I was in communication and asked for the URL to the site and anything else they wanted to provided me.

They sent the same URL as what I found, and we proceeded.

See TSB’s page for more.

If you can’t, I’d proceed with caution, especially if you aren’t sure.

This is definitely something that I don’t know how to protect from because sites are always coming online.

I recently got an email supposedly from Sams Club offering me to take a survey, but it had some URL with a TLD of rest. That’s just spam, but this is an example of what is out there now. Without knowing, and with new people on the internet regularly, there isn’t necessarily going to be a good solution to this.

Thanks for reading, and stay well. Stay safe. Learn.

Comments (0)

Komando.com has news about IOS 16.3

I recently posted a blog post talking about IOS and Mac and other updates released this week.

That post leads to Applevis and multiple posts talking about updates to each platform and quoted material from release notes.

If you want a more general report on IOS 16.3, this article I’m about to post is for you. It talks about how there are bugs fixed in Safari, among others. There are even RCE fixes out there.

The article is titled Update your iPhone! iOS 16.3 fixes bugs and adds these new features.

This article was written by komando staff and might be more helpful to those who are not disabled and don’t need to know about potential accessibility fixes.

I hope that this is of value and thanks so much for participating, reading and learning with us. We can’t do it alone!

Comments (0)

The Security box, podcast 128: What’s going on with CISA?

Hello everyone. Welcome to the Security box, podcast 128. I hope that everyone has had a great week, and those airing the program will be getting their copies within the next day.

The RSS should have the file by now and should be distributing the program to those that want it.

For those who want RSS, please use this link to get it. It is a redirector to the RSS feed on Anchor, the provider that provides the podcast series.

Don’t have RSS? That’s not a problem. We will provide the 127.4mb file for you to get. I hope that you enjoy the program and thanks so much for reading, listening and participating on our program!

Now, without any further ado, please feel free to look at our show notes below, as it incorporates links to the various stories and main topic we’re covering.

As a side note, there is no strong language today, so please know there was no need for an additional disclaimer.


Show notes

Welcome to the Security box, podcast 128. On this podcast, we probably have two morons of the podcast, one of which should’ve gotten it before we came up with the idea. We also ask the question, What’s going on over at CISA? This acronuym stands for Cybersecurity and Infrastructure Security Agency.

Seems as though they don’t know what’s going on, or at least might be confused.

Moron of the podcast

We have listed both morons of the podcast by listing the basics of the story and links to the stories themselves.

  1. It seems as though T-Mobile has had yet another breach with at least another estimated 37 million consumers, whether prepaid or postpaid.
  1. The second moron goes to a guy in Russia that thought it would be fun to launder crypto currency. Not only was he funneling Crypto, but he was the founder of a crypto currency exchange. Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested comes to us from Cyberscoop and hasn’t been blogged as of yet, but will be.

Topic: What’s going on at CISA?

CISA has been known to send notifications via an email list that people can subscribe to. How I got on it, I don’t remember, but it has since changed the way things are sent. Regardless, the article Insiders worry CISA is too distracted from critical cyber mission is our article that will help us with our discussion. It also comes from Cyberscoop.

Other stuff

I know that Nick missed last week’s program so we’ll give him an opportunity to get on the program and talk about anything from last week. We’ll go through news, notes and other things too.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (2)

user management update

Hi all.
Small note, this is probably only going to effect the non admins on here which I think is 3 of you however as I was mucking about checking the status of systems, it occured to me to edit everyone’s profile including all admins, myself included and check our user options.
For the admins they are all set, visual editor off, shortcuts on, etc.
However I noticed that while others had the ability for visual editor active, no toolbar which none of us use, etc I did notice keyboard shortcuts for comments and other submission were disabled.
Admins have it enabled by the way already.
Anyway just to say, that feature is now active for what its worth.
With the system running as it is I won’t need to adjust or even look at things for another few months and as I had some downtime between appointments I thought I’d just look quickly.

Comments (0)

What has been posted to EMHS, week of January 27, 2023

I’m cutting off this week’s updates at 11:30 am on January 23rd. This is what will be posted when EMHS gets updated on the 25th.

Please visit Email Host Security for more.

Blog Posts

We do have a few blog posts, see if something catches your eye or ear.

I may have given you a few more than we needed, but it has been a quiet week in posting to the site.

We’ll be continuing to blog and have continued to blog other stuff of newsy interest, not necessarily for the site though.


Terms

I have added one term to the list. It came about when describing Lastpass’s continuing problems. The term is PBKDF2 and it is listed in the alphabetic list. PBKdf2 will be covered in a future podcast in March.


Companies and services

We’ve got no new companies and services, but we did post to the blog a very interesting recent article from the Malware bites blog. It should probably be no surprise to many on the topic in which it covers.


Podcasts

Our podcasts section got podcast 127 as it usually does, the same day it normally gets released to the public. The blog normally gets it the next day, but we got it up there the same day too.

Books

I’ll be sending Nick a list of authors to look up their books. If anyone of them match what we’re trying to do for EMHS, we’ll add it to this list. Since we don’t have any new books, make sure you check out the list, as it covers things we’ve been talking about for quite awhile.


In Conclusion, we’re trying to provide this as a resource. Please feel free to support the project by sending resources of interest you wish us to look at. Thanks so much for reading and participating! Without you, we can’t do this alone.

Comments (0)

Sans news bites for January 24, 2023

There are quite a number of things, some we might have covered through articles. Want to view the Newsletter? here is the link to view today’s newsletter from Sans.

Top of the news

  • • HUMAN Security Takes Down Vastflux Ad Fraud Operation
  • • NSA Publishes IPv6 Transition Guidance
  • • Report: Ransomware Victims are Refusing to Pay

Stories 1 and 3 are ones that sound familiar here. Feel free to look at the blog or read the newsletter for articles and commentary on these.

The Rest of the news

  • • Indian Education App Exposed Student and Teacher Data
  • • Some MSI Motherboards Do Not Have Secure Boot Enabled by Default
  • • Apple Updates Include Backported Fix for iOS Vulnerability
  • • CISA Adds ManageEngine Flaw to Known Exploited Vulnerabilities Catalog
  • • Federal Agencies Do Not Implement Majority of GAO’s Cybersecurity Recommendations
  • • FAA Statement on NOTAM Outage (January 19, 2023)
  • • Bitzlato Virtual Currency Exchange Taken Down in International Effort

Story 3, the one on apple is interesting since we don’t get a lot on IOS and other Mac things. We do know there may be some accessibility fixes, but without reading the page, we don’t know whats up.

The Indian case is saddening and is the top story in this section. I’m saddened to hear that more student’s personal information is out there for anyone to have.

Story 5, we covered I’m sure. I have it for a future topic for TSB. The final one too is quite interesting, don’t remember if I blogged it, but probably saw that on my feeds.

Want to cover something you read from the newsletter? Feel free to get in touch! We look forward in hearing from you.

Comments (0)

Dark Pink, a new actor group is out there

Hello folks,

While this group to date has ben targeting Asian countries, they could in fact change their minds and attack whomever they wish.

This is why I am bringing you the article titled Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations.

The fact it is targetting Government should probably not be surprising. Our own government can’t even get half of their cyber security straight, so why not target them?

Here is one of the paragraphs of this article. It states:

The so-called “Dark Pink” campaign surged in the second half of 2022 and has, to date, been responsible for seven successful attacks, Group-IB researchers Andrey Polovinkin and Albert Priego said in a detailed analysis. Its primary goals seem to be corporate espionage, document theft, sound capture from the
microphones of infected devices and data exfiltration from messengers, according to the researchers’ analysis.

While some researchers could not attribute this to an existing group, a Chinese research group which is linked the campaign to Southeast Asia.

Whose to say that whoever this group is, they don’t target another country, group of people or even do something that research hasn’t thought of yet?

There are lots of links from within this article, so I’m not going to try and quote and take apart this word for word. Let’s just learn that this is out there, we need to be on guard for any type of attack, no matter where it comes from.

Stay safe, stay well, and learn.

Comments (0)

So … what’s going on with accessible ways of getting links?

Hello folks,

For some time, I’ve been interested in ways that we can check links to make sure they’re going where they’re supposed to go. For example, if you got an email, the email says “Click here to go to the Jared Rimer Network!” how would you know you’re going to the network home page?

We’ve discovered that in Jaws, while searching for links in the ins+space, j for links we find that screen sensitive help ins+f1 is your key. Underneath the link, the text says:

Describes the current window or control, what it is used for, and what keystrokes can be used at the current location. If a link has focus, its source URL will be shown so you can responsibly manage possible phishing links in suspicious emails. Use this command frequently when learning windows.

This is awesome! Thanks Freedom Scientific for this valuable resource.

I remember in Window-Eyes, before it was discontinued, we could hit ctrl+ins+s which read the status bar. This is what happens when you hover a mouse over the link. The sighted user can see exactly where they’re going at a glance. I don’t know when Freedom Scientific added the link browsing to the ins+f1 facility, but that is so awesome!

Now, let’s catch people up with other things I’ve found out.


NVDA

Before I get in to NVDA’s response, let me make one thing clear. You can still hit the context key or shft+f10 and select copy link, copy link location, or something similar depending on the browser or application. After that, you can paste the link in to something like Notepad and looking at the link that way. That was always the key I had done when looking at suspicious looking links or links that say to click here.

With that said, Quentin Christensen, the training and support manager wrote back with a couple of thoughtful responses.

Hi Jared,
Apologies for the delay, you caught on leave over the new year. Good question.  Just off the top of my head, I’m not aware of a simple command for this.  From memory, you used to be able to query the status bar to find out the destination target of a link, but now that isn’t possible anymore.

I’ve created an issue on our tracker for it here: https://github.com/nvaccess/nvda/issues/14535.

  Do please add any extra info I’ve missed.

In the meantime, the main workaround that I can think of, is to “Copy link” or “Copy link address” from the context menu, then press NVDA+c to read the
clipboard.  This works but is not as simple.  Hopefully we can add the functionality soon as I can definitely see your point about the importance of it.
Kind regards
Quentin.

This was sent to me on January 12, 2023 and yes, I believe I wrote late December of 2022 and got a mailback indicating that he was out on break. I really thought the writing on the link which is linked here was thoughtful and I responded as such.

In my response, I indicated how phishing has grown at least 200 percent within the last couple of years and Spam and phishing aren’t necessarily going away any time soon.

I did try out the steps he sent on January 15th and it does work. Granted, you need to use the command after copying the link you want to hear. Here is that Email.

Thanks Jared,
Yes, I definitely appreciate the issue re phishing and how important identifying links is.  Hopefully we can implement a simple solution to that issue. 

In the meantime, those steps to identify the link are:

  1. Navigate to link
  2. Press applications key / SHIFT+F10 to open context menu
  3. In Chrome: Press DOWN ARROW five times to “Copy link address”.  In Firefox, press L to “Copy Link”.
  4. 4. Press NVDA+c to read the clipboard.  Alternatively, paste the link wherever you choose and read it there.

Kind regards
Quentin.

I then sent him over to EMHS which he responded and said he’d check it out.

Maybe they can get a benefit of what we’re trying to do, and while NV Access is a non-profit from what I understand, EMHS is a teaching tool, not a money making tool for the JRN.

When I told him about the copy link location and copying aspect, I sent him over to EMHS which he said he’d check out. Let’s see if it can be incorporated in to something for people who use that reader.


Android

I don’t have anyone on Android, but I do know a couple of people. I’ll try to reach out to someone who I’ve lost touch with and ask. For now, I’d look to see if there’s a way of copying the link and pasting it somewhere for review.


IOS and Mac

I’ve been waiting for an opportunity for asking how the Mac works when wanting to preview links, I.E. not clicking on them by pressing enter but to get the location. For now, IOS is similar to NVDA, although you can doubletap and hold and preview the page, as well as copying the link. You still have to copy and paste this link in to notes or some other text facility to get the link’s URL.

The Mac club was last week, but it was more of a demo format and not a Q&A for general topics, but I intend on asking this when it is available to do so.

While there is a Mac and IOS club at the time of writing, I won’t ask there as it is a different type of club for people to get questions answered that might be basic in scope. Hopefully soon, we can tackle Mac.


In Conclusion

I hope that this guide might be of interest, and once we get the information complete, I’ll create a page on the blog that links to these posts or even copy the text and make it one large page for folks. I’ll figure it out once we get all of the answers.

I hope that this helps people and thanks for reading, learning and participating with us!

Comments (0)

Apple is releasing updates to their OS line

Apple yesterday released updates to their line of products including IOS, Mac and TV. Here are Applevis’s posts in case you guys want them.

Several of the posts talk about security enhancements, but TV doesn’t supply any updates on what has changed.

View the posts, and see what might apply to you.

I hope that this finds you well.

Comments (0)

Should we be surprised that Crypto Currency hacks lead to a 4 billion dollar loss

Trying to catch up on some of the things I’ve read, and an article titled Cryptocurrency hacks shot up in 2022, amounting to almost $4 billion in losses. This article was written by Cyberscoop.

The first paragraph covers it best. It says:

Losses of cryptocurrency assets due to hacks rose to $3.7 billion last year, a 58 percent increase over the $2.3 billion that cybercriminals stole from investors and exchanges in 2021, according to a report released Thursday by Immunefi, a web3 security testing platform.

To be honest, I’ve liked the idea of Crypto Currency, but I honestly understand that its like the stock market.

I saw a room that indicated on Clubhouse by its title that said Crypto is up 35 percent year to date. While that’s awesome news, I don’t know if it is going to stay that way. Even if I baught 100 dollars of Crypto, there are only several places and services that take it. One such service is Paypal, where you can buy, sell and even purchase with bitcoin.

Several other companies take it too, but I’m not necessarily impressed. As I heard or read somewhere, probably Mikko’s book, by the mid 2100s, Crypto will have made it last coin for bitcoin. As for other currencies, I don’t know.

If you’re interested in Crypto, you might want to take a look at this article. It might be of interest to you.

Comments (0)

State legislators will not wait to cover online privacy for children

Hello folks,

Coppa is the is the Children’s Online Privacy Protection Act, which was signed in to law many years ago. Unfortunately, it may be time to either have it rewritten or updated. The fact is, companies like TikTok do not care much about the law, and in fact, one country already fined them for a violation of their version of the law.

At least here in the United States, different states aren’t waiting for our Congress to go ahead and fix what may be brken.

The article is titled State legislators aren’t waiting for Congress to regulate children’s online privacy and it comes from Cyberscoop.

Here are two paragraphs from the article.

After a year of stalled efforts in Congress to pass expanded children’s privacy legislation, states are plowing ahead with their own efforts to address growing concerns about how tech companies collect and use children’s data.

At least five states, including New Jersey, Oregon, Texas, Virginia and West Virginia, are considering children’s privacy-related legislation while several other states are set to reintroduce legislation that expired last session.

Some states may consider having rules similar to California, which may from what I have read, taken the lead on privacy issues. I don’t remember if this is still the case, so don’t quote me on this.

The problem here is lack of enforcement. This is why TikTok has been in so much trouble. Countries are noticing, but yet what about other big tech companies?

It talks about what states are doing now.

Instead of me breaking apart the article, why not check it out and see what you think? The comment boards will await you on this one.

There is a register link available on our blogroll under the categories and the like. If you need a link, please send a note and we’ll assist.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu