go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: August 2024

Go to Homepage [0], contents or to navigation menu



new scam

Hi all.
This is the pasting of an article from the local neighberhood platform I am on.
Its for new zealand but I assume this appears globally also.
Police are warning people to be on alert for the latest round of email scams referencing Police and other justice agencies.

The email claims authorities have done a search of the email recipient’s computer and located explicit illegal material.

The recipient is directed to reply within 72 hours, or a warrant will be issued for their arrest. This email is a scam and anyone who receives it should not reply under any circumstances.

They get smarter and smarter.
Stay safe.

Comments (0)

Apple Vis to reopen on September 9, 2024

Hello folks,

Earlier, we had passed on the news about AppleVis and their closure. While at that time, the decision was not made lightly.

As someone who has closed websites and projects, I completely understand what’s going on here.

The site continued to be open with a notice stating that there was news coming and to stay tuned. That was within the past week.

Today, there is a blog post out that talks about how things are going to work and when the site will be reopened for business.

Please read AppleVis Partners with Be My Eyes; Website to Reopen September 9, 2024 to learn about the partnership.

Also, ou might want to read <a href="https://www.applevis.com/blog/updated-saved-closure-end-era-announcing-closure-applevis">[Updated: Saved from closure] The End of an Era: Announcing the Closure of AppleVis  </a> which was updated on August 28th.

Please also read the updated blog post about the closure. [Updated: Saved from closure] The End of an Era: Announcing the Closure of AppleVis for updated information from David himself.

While the original announcement is still there, the top portion of the post talks about the updates.

Thanks so much for reading!

More soon.

Comments (0)

Confidential info pilfered from Dick’s Sporting Goods

This is a great article but I have a problem with it. They’re telling employees that there is a planned activity and to stay tuned, but yet there was an attack.

I would tell my employees that there was an attack and that they can’t access email right now until we do an identity check to make sure they get their access.

This is the first time I’ve seen this type of thing in reporting and I hope it is the last.

DICK’s Sporting Goods says confidential data exposed in cyberattack is the article.

It does not say what was taken or how many people are affected.

Good luck!

Comments (0)

Almost a million people stolen from Atlanta based company

Young Consulting is an Atlanta based company who specializes in something called the stop-loss marketplace.

Almost a million people are affected, and Black Suit says its much more. Names, SSN data and much more are potentially at risk.

BlackSuit ransomware stole data of 950,000 from software vendor is the article.

Comments (0)

We’re at 10 zero days for chrome

In this article titled Google tags a tenth Chrome zero-day as exploited this year from Bleeping Computer, it talks about two new zero-days that have recently been exploited by actors.

Chrome will go ahead and bring you up to date, or you can tell it to do so.

Hit alt+f for the menu, select help and about.

Crafty HtTML files are the culprit here, so make sure you’re only running things you’re expecting to run.

The article also talks about 8 other items fixed this year.

Both of the items have CVE numbers.

Comments (0)

AT&T in trouble again

Seems like AT&T cann’t do anything right. The article I found on them talks about two different incidents where 9-1-1 was unreachable due to outages.

In the 2023 case, they paid a settlement, but a February 2024 case may have some further consequences.

One was an outage which was caused by work being done and the other seems to just be an outage altogether.

AT&T failed to notify 911 call centers of outage, pays $950K to settle probe is the article if you want to read it.

Comments (0)

QR code Phishing affects Microsoft Sway

Phishing

I’ve never heard of Microsoft Sway, but it seems to be the target of a 2,000 percent uptick in a recent attack.

The attack, which could come in as an email points people to a web page. That web page, presents a QR code.

This QR code must be scanned by your mobile device, which then can be redirected to a site that can deliver malware.

The article at Bleeping Computer is titled Microsoft Sway abused in massive QR code phishing campaign if you want to read it.

Sample Sway phishing page

According to Jaws Picture Smart, the description says:

The image shows what appears to be a phishing attempt disguised as a message from Microsoft. It includes the Microsoft logo and the text, “Dear Microsoft Office User” followed by “The document below was shared to you using Advance Office365 file transfer software.” There is a QR code in the center, and instructions to use a smartphone to scan the QR code to authenticate the document. There is also a note in red warning to authenticate the QR code to access the document.

Remember! This is generic, and we’re sharing this so you are aware of how this works. This was the short description, not the long descriptions found by the models they use.

We hope that you find this article of interest and the description provided of value so you can learn what to look for.

GroupIB was part of the research here and they have been mentioned in prior podcasts.

Stay safe, stay aware, and learn.

Comments (0)

Ride sharing company gets fined again, says its bogus and unfounded

What major ride sharing company is now getting fined for GDPR violations for the third time since 2018? The first was of course in 2018, and the others happened this year.

This time, the fine is 325 million over the transfer of data to the United States.

As usual, they’re fighting this one, and the appeal can take up to 4 years. Because of the appeal, they don’t have to pay anything until it is resolved in their favor or the investigation is complete.

They’re being fined through chapter 5 of the GDPR, yet they claim that chapter 3 covers them under the cross transfer clause.

I read this article with interest, but I’m not really ready to say whether they should pay or not.

Uber fined $325 million for moving driver data from Europe to US is the article.

Comments (0)

Another possible job scam email?

Below, please find an email that was forwarded to the security box’s email list. Can anyone spot what might be wrong? Its OK if you copy this and use a braille display as discussion indicate that there are things found in braille that may not be recognized by speech.

The email starts:

Everyone, I have another red flag in the job market to pass on regarding urgent, personal assistant. While the guy did not have any misspelling. The urgent words really stir me and there is no website linked in the email for more information and how to apply it’s all Email communication.
Let me know your thoughts and if you get this email, please be aware.
This individual saw my résumé on CareerBuilder.
Thanks and be safe,
Preston

The forwarded message is in tact and will not be edited by the author.


Forwarding information

———- Forwarded message ———
From: Danny Telford danny.telford@acuteconstructions.com
Date: Tue, Aug 27, 2024 at 2:03?PM
Subject: Re: Inquiry
To: Preston Gaylor prestongaylor21@gmail.com

The email

Thank you for writing back Preston,

I usually would not hire anyone this way but I urgently need the services of a Personal Assistant. My name is Danny Telford, I currently run a private Constructions/Renovation Company, I’m also involved in cryptocurrency trading and investments. I need a dedicated assistant that I can entrust to take care of my personal/business errands whenever I’m unavailable.

This home-based, flexible role demands a high level of efficiency and trustworthiness. The majority of the errands associated with this position will be conducted online, I need someone who can stand in the gap for me, schedule appointments, send letters to clients, receive and send emails on my behalf, make internet research and data entry when needed.

I would like to point out a few things regarding specifications on what your job will be.
Before I get into that, I’d like to explain what I do. I’m a property developer, this is not area based, hence I travel around often, in and out of the state.

My secondary Job is cryptocurrency trading and investment, i work with a team of professionals remotely to help clients invest in cryptocurrency and maximize profits.

Here is why I need an assistant.
I’m mostly on the move, sometimes out of state, in times like this I’ll need you to take virtual meetings with clients, make research on some construction materials, pricing, and maybe purchase. Everything you’ll need to successfully execute this duties will be made available to you beforehand. You’re not going to be alone, I will walk you through everything you need to know and learn.

Key Responsibilities:
– Efficiently manage and maintain calendars, coordinate meetings, and assist with appointment scheduling.
– Handle sensitive information with utmost discretion and professionalism.- Oversee payroll activities, including timekeeping, deductions, and benefits administration.
– Perform general administrative duties such as filing, record-keeping, and office organization.

Required Qualifications:- Keen attention to detail, especially in payroll processing.
– Exceptional communication abilities, both verbal and written.
– Discretion in handling confidential information.
– Independent problem-solving capabilities.

**Benefits:**
– Competitive bi-weekly pay of $1500, excluding commissions on personal
projects.
– Paid time off and holiday benefits.
– Opportunity for professional development.

We value your educational background and are particularly interested in candidates who are organized, reliable, and capable of multitasking in a fast-paced environment.

Please let me know if you are interested in proceeding with this opportunity.

Looking forward to your response and the possibility of welcoming you on my team.

Thanks!
Danny Telford
Chief Executive Officer
Acute Construction Services

Here’s some information about the domain that might be of interest.

It expires next year in August.

It was created this year.

The phone number listed is a Vermont phone, but the rest of the info is hidden by privacy protection. Businesses normally do not hide behind privacy protection, do they?

The name servers point to a parking page, and not a fully functing web site.

Is there anything else you mention that you find? Comment here, or let us know by email, imessage or the like. I suspect this will be talked about on the podcast.

Comments (0)

APT domains injection to drop Cobalt Strike

The article here is titled Hackers now use AppDomain Injection to drop CobaltStrike beacons which was quite interesting.

This technique has been around since2017, so before TSB’s existance.

So far, it seems like the attacks have occured outside the United States, but it does not surprise me if this eventually changed at some point in th future.

APT domain injections also use DLL files, similar to side loading; says the article.

I believe that these domain attacks don’t actually use domains on the internet, but use domain tools within the PC itself.

There is plenty here, read the entire article for complete details.

Comments (0)

Russian man arrested in Argentina

The suspect, known as V.B. stole millions from the Lazarus group, now using another mixer service to launder their stolen gains.

This suspect moved apartments every month, and evaded surveilence for awhile, but Chainalysis and others were able to pinpoint his location.

Lazarus was not the only group he took from, says the article.

Russian laundering millions for Lazarus hackers arrested in Argentina

Comments (0)

Karakurt negociater arrested, sent to U.S.

Hello folks,

I think I saw this yesterday, but I don’t remember.

The article talks about a member of this gang who basicly worked with victims to get them to pay by negociating with them and coming up with a price they’re willing to pay.

This gang is first known as Conti, and started in 2021 after Conti was shut down.

The crimes mentioned could see a 20 year prison sentence or a fine of up to 500,000 or higher for property thefts.

I wonder if this also means that they get the 5 years for the cyber part too like most end up getting for these things?

U.S. charges Karakurt extortion gang’s “cold case” negotiator i the article. I guess we’ll see what this means if we hear more.

Thanks so much for reading!

Comments (0)

We’ve got more on the dad who refused to pay child support

Hello folks,

While browsing around the Internet, looking for things to post, I found Hacker dad who faked death to avoid child support sentenced to prison which goes in to more detail on page 2 of the 2 page article of this guy’s crimes.

Apparently, he was to receive up to 30 years, but it was reduced to a maximum of 7 years. While the judge gave less time, it sends a message because he has to pay all that money back including the child support.

He is also wanted in other states including Nebraska and Kentucky.

Whether you read this sotory, or the prior one I found through bleeping computer, both should be read.

I’m just glad that both stories include his sentencing and the fact that it shows that crime doesn’t pay.

I still feel that this story should be the stupid fuck of the podcast. I hope he learns his lesson.

Comments (0)

The Security box, podcast 205: Magniber

Hello folks,

Welcome to podcast 205 of TSB. On this program, we have a bit of a rough beginning with our introduction, I only found out when getting the file prepared with the ID3 tags. Sorry about that!

The show should be on the RSS feed but if you can’t access it, than don’t worry. We’ve got the link for you to freely download the program.

Please download the 168.1mb file if you need to use the link.

Now, without any further ado, please find the show notes with links to blogs, articles and other things that might be of value to you for this episode.


Welcome to the security box, program number 205. Which Ransomware gang is now responsible for deploying ransomware that actually disables security programs? Which types of security programs are affected? Which major company which was talked about last podcast confirmed that there was a breach that occured and when did it occur? Which car company is recalling cars that have not been serviced for a 9 year old problem? Finally, for those who haven’t participated in the discussion, do you share your location or accounts with your spouse or partner?

This week’s topic talks about something we may have talked about called Magniber. We hope you enjoy the program, thanks so much for listening!


Magniber back in the news

Magniber is back, old decryptors don’t work is the blog post that people can read. It leads to this article titled Magniber ransomware targets home users.

This article leads to another article from Bleeping computer, so there’s no need for us to link to it.

We also talk about the reorganization of 6 different items. But wait, we even talk about our guide we wrote on how to check links if the malicious things you get are by links. Getting Link information via access technology is the link. Please utalize it!


Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.


Internet Radio affiliates airing our program

Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Comments (0)

Man sentenced for hacking registry to fake his own death

This story is absolutely nuts. If this doesn’t qualify as a stupid fuck award, I don’t know what will this week.

The suspect, Jesse Kipf used this access to sign as a physician his own death and register it in the state of Hawaii. This then, passed itself across the U.S. over the fact that he didn’t want to pay child support.

He needs to serve at least 85 percent of his 5.55 years or 181 months before release and he has another several years of supervised release.

Not only did he do the falsifying of documents in Hawaii, but he also hacked in to other systems as well.

The estimated amount of money because of his actions is over $195,700.

Man sentenced for hacking state registry to fake his own death

Comments (1)

Here’s more on the lingo telecom fiasco

We recently blogged about Lingo Tellecommunications, and I recently found another article on this one.

This time, it comes from Ars Technica with a quote from the company on how it assigned the level A compliance as part of the shaken and stir protocol.

Ars Technica’s article is titled E ROBOCALL —
Telco fined $1M for transmitting Biden deepfake without verif
if you want to read it.

Maybe we need to cover this, again.

Comments (0)

Did you run windows update on a duel boot Linux system?

The question for this blog post is simple. Did you install the patches for windows on a linux duel boot system? If you did, reports indicate that you might not have been able to boot unless you turned off secure boot and did some more patching.

August Windows security update breaks dual boot on Linux systems has all of the details on this one if you are affected by this issue.

Comments (1)

The Security box, podcast 204: Sharp Rhino

Hello everyone,

We have neglected this blog and the TSB directory this past week.

Lots of different things were going on when it comes to the release to this blog including internet issues.

I’m here now, and its better late than never.

If the RSS feed does not havve this podcast, please let me know by sending me an email.

You can also just download the 1143.6mb file and enjoy the program!

Below, please find the show notes associated with this program, and we’ll be back with more blogs very soon!


Welcome to the security box, podcast 204. What big story is coming out about a company who has apparently gained access to tons of data illegally? The names, potential relative information, possible address information and social security numbers may be affected.

Our topic today talks about how IT workers are getting hit with a new ransomware strain called Rino.

All of this as well as the news, notes, questions and comments from any participents that may come in.


The next possible biggest breach

There’s a lot of conflicting information, especially when it comes to which particular group supposedly hacked the company to begin with.

This particular incident reminds me of the OPM breach of 2018.

search the blog for opm breach

Here are our blog posts which talk about the subject as of writing these notes. There’s still a lot for us to learn.

  • We’ve got more on this NPD databreach was written on august 11, 2024 and it links to a Bleeping Computer article. There are a lot of questions here including the exact number of people and the fact that there are conflicts within the data that was seen by the publication.
  • 2.9 billion users, National public data gained data illegally is the blog post that links to the hackread article that Kim Komando linked to within her newsletter. This one talks about a lawsuit and that lawsuit deals with the fact that this company got the info illegally and orders the court to delete the illegal data. We highlighted this article on the Throwback Saturday Night program for August 10th. The RSS for that show is on this link.

What is Sharp Rhino?

Ransomware gangs target IT workers with sharp rino malware is the blog post which leads to today’s discussion from Bleeping Computer titled Ransomware gang targets IT workers with new SharpRhino malware which should be a very interesting discussion.


Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.


Internet Radio affiliates airing our program

Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Comments (0)

Telecommunications company to pay 1 million dollars

Lingo Telecom is responsible for transmitting a deepfake of president Joe Biden urging people in New Hampshire residents urging them not to go to the poles to vote this year.

The person, named in the article, Steve Kramer, allegedly was behind the calls and was asked to pay a higher fee to the FCC in the amount of 6 million dollars.

Under the deal now proposed, Lingo, the company, will have to know their customers and verify the information that their customers and their upstream providers providing them services.

Jessica Rosenworcel, the chair of the FCC said in quotes that we should be aware of it is an AI person or a real caller on the line.

I hardly answer any of my lines anymore. This is because of all of the spam we get whether political or otherwise.

While that is a bad practice for someone in business, the calls I have answered were either connecting me to some call center outside the U.S., or it had nothing on the line.

I answered one call and it was trying to tell me that I needed to do something about my vehicle insurance, something I don’t even have.

I know people fall for these all the time, and we’ve even talked about the Shaken and Stir protocol in our early podcasts of TSB.

This protocol was to absolutely tell us who is calling, but also prevent unknown calls where the area code is faked not to go through if I understood this protocol correctly. Unfortunately, this is not the case, and it fails really bad.

To read the entire piece over at the verge, read the article titled Telecom will pay $1 million over deepfake Joe Biden robocall and let us know what you think.

We will be in touch, I’m sure!

Comments (0)

Ransomware breaks last years record

If the 450 million in the first half of 2024 is any indication, this year is going to double the 1.1 billion we saw this past year.\

To help matters, we reported that an unknown company paid a 75 million dollar ransom, and it was reported to be a fortune 500 company.

It won’t be the amount of attacks this year, its the quality of the attacks and how much money is being asked for.

Chainalysis is expecting this to be a 2 percent increase from last year’s total number. This means that they’re expecting a 24.2 million increase and could be a 25 billion dollar industry.

Ransomware rakes in record-breaking $450 million in first half of 2024

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu