go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu

Sans News Bites: July 30, 2021              Vol. 23, Num. 059

Here is Sans News Bites for July 30, 2021. Guess I should look at WordPress and see if I need to give it a nudge so that it can get the latest manager unless Shaun has already done that. There’s other stuff too, if you’re interested, please feel free to read it and see if anything applies to you.

Comments (0)

Sans News Bites July 27, 2021              Vol. 23, Num. 058

This Newsletter covers quite a number of things including IOS 14.7.1, Windows has another problem mainly in server versions, the No More Ransomware project and more.
Here is a link to the newsletter for those who want to read it.

Comments (0)

A Family of Fraud gets busted

Another item that was covered in news notes delbt with a fraud family ring. This is a very interesting story because one of the suspects is 15 years of age.

The 15-year-old was responsible for selling, while a 24-year-old wrote the code. Dutch police are taking after the United Kingdom and trying to train teen hackers not to utalize their skills for hacking. I do hope that this works out for them because prison should probably be the last resort in my opinion.

The article is Dutch police bust alleged ‘Fraud Family’ phishing service members and it was a good one. Hopefully they learn.

Comments (0)

Kaseya gets a decryption key

We don’t know exactly how Kaseya got their decryption key, but they better count themselves lucky. In fact, Revil from what we can tell and learn, didn’t get paid either by their affiliate or the main operators to boot.

It seems as though Revil may not be done yet, as I spotted an article talking about a different name, and if that is the case, we’re in for a long ride.

For now, Kaseya obtains decryption key for victims of massive ransomware attack should be read, and is worth the read. Its interesting news we have in regards to this and I don’t think it’ll be the end of whatever the gang wants to call themselves now.

News Notes for podcast 54 has highlights from this article, so check out the podcast for complete details unless you want to read the article.

Comments (0)

Spam Kingpin gets time served

Hello folks,

While the podcast is out now, and show notes are up as well, I still want to write about the items I have and this one is talking about a Spam Kingpin that is getting off with time served.

The Gentleman is originally from St. Petersburgh, Russia. According to the article, he was a pivital person in the cybercrime industry, he was able to keep track of people and rent out his botnet for hundreds of dollars depending on the job you wanted.

Peter created some of the nastiest things out for its time including the storm worm, the Waledac botnet and the Kelihos botnet as well. Each of these are links within the article so you can learn about each of these.

He also ran affiliate programs which paid other cybercriminals as well.

According to the article, he’s got a family, and hopefully time served will be enough. Brian Krebs goes in to a lot more detail on everything, so if this interests you, than go and check out his article.

The article is titled Spam Kingpin Peter Levashov Gets Time Served so go check it out.

Comments (0)

Serial Swatter only getting 5 years

While writing up news notes for the security box podcast, I just couldn’t get mad at this article. It isn’t Brian’s fault I’m mad, he’s just the reporter. He did a great job in covering this case, and it is quite complicated.

The article is titled Serial Swatter Who Caused Death Gets Five Years in Prison and as I said, it made me mad.

An 18-year-old and his co-conspirator decided to harass various victims including a 60 year old man who died after a heart attack because police and swat teams were at his home thanks to these people. Not only that, but other people are mentioned in this article that have had dealings with the same people.

Shane Sonderman, of Lauderdale County, Tenn. admitted to conspiring with a group of criminals that’s been “swatting” and harassing people for months in a bid to coerce targets into giving up their valuable Twitter and Instagram usernames.

At Sonderman’s sentencing hearing today, prosecutors told the court the defendant and his co-conspirators would text and call targets and their families, posting their personal information online and sending them pizzas and other deliveries of food as a harassment technique.

Other victims of the group told prosecutors their tormentors further harassed them by making false reports of child abuse to social services local to the target’s area, and false reports in the target’s name to local suicide prevention hotlines.

Eventually, when subjects of their harassment refused to sell or give up their Twitter and Instagram usernames, Sonderman and others would swat their targets — or make a false report to authorities in the target’s name with the intention of sending a heavily armed police response to that person’s address.

Unable to disengage a lock on his back fence, Herring was instructed to somehow climb over the fence with his hands up.

“He was starting to get more upset,” Billings recalled. “He said, ‘I’m a 60-year-old fat man and I can’t do that.’”

Billings said Mr. Herring then offered to crawl under a gap in the fence, but when he did so and stood up, he collapsed of a heart attack. Herring died at a nearby hospital soon after.

The last paragraph is important, as this poor guy trie to comply and died because of what these clowns did.

There is also a woman that was also targeted because of her two-letter name registered on social media. She decided to use the letters of her name, VD as her username. Not only was she harassed, but a bomb threat was made among other things.

According to the article, the suspect has a confirmed condition of bipolar disorder, and a statement read to the court mentioned this and an adiction to drugs that were psychiactric in nature. The judge sentenced him to the maximum by law, but I wonder if this isn’t enough? Sure, he has medical conditions, and I could make sure he is segrigated from the rest of the public because of his condition, we need to send a message that this type of thing is not to be tolerated. Take the case, and any medical conditions and make a case on sentencing where appropriate. Thoughts? Read the full article titled Serial Swatter Who Caused Death Gets Five Years in Prison for all of the details.

Comments (0)

An explosive spyware report shows limits of iOS, Android security

Michael in Tennessee sent this to me, its worth the read. That is why we need to install our updates when there are some, and keep our guard up.

Amnesty International sheds alarming light on an NSO Group surveillance tool.

Source: An explosive spyware report shows limits of iOS, Android security

Comments (0)

Sans News bites for July 20, 2021

In the better late than never department, Here’s Sans News bites for July 20, 2021. I didn’t get this in to last week’s security box, and I’m going to try and get better on making sure that we get all of these.

There is plenty including the older news that REEvil had potentially gone dark, and we know now that that is the case. If you need this newsleeter issue, go and get it now.

Comments (0)

Ransomware payments went down 38 percent in Q2 of 2021

I’m surprised that Phishlabs didn’t write up this article, but Cyberscoop did and they did a great job. There are some very interesting stats within this article, but there are also lots of items linked in here.

Maybe I should say that there are some stats, but Phishlabs really breaks it down which is why I like their analysis much better.

So, … Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says is the article from Cyberscoop and I hope you guys read it. This is the second topic of this week’s program and yes … I quoted some stuff as it is worth quoting.

Please feel free to comment if you found this article of interest.

Comments (0)

Scammers aren’t done, Microsoft Windows 11 is targeted

In a very interesting article I read and will be one of two topics for this next week’s Security box, Scammers are targeting Microsoft windows 11.

Granted, 11 was announced in June, and an Insider build was released shortly after, but scammers know what people want. When searching out windows 11, you can get something that could be annoying, or even as bad as a trojan or a password stealer. Microsoft has a lot to worry about, and several items are mentioned within this article.

Better have your guard up, Scammers are using fake Microsoft 11 installers to spread malware is the article, and it’s also going to be linked in our show notes for discussion.

Comments (0)

Sans News bites for July 23, 2021

Hello folks,

Friday’s newsletter is out, and I urge everyone to take a listen to it by reading the article, if youread by access technology, or read it with your eyes. Some of the items may be of importance to you, and I want you to have access.

Here is the link to this newsletter for you to have.

It covers IOS 14.7 which is available now and has been for several days. I’m surprised that the Pegasus software which the tech podcast has covered for quite some time, IOS does have fixes we need to go and have applied.

Better get your game on. Maybe its time this evening that I take my phone offline to do the update. An hour is worth the time it may take to get as secure as possible. Thanks so much for reading!

Comments (0)

SolarWinds 0-day gave Chinese hackers privileged access to customer servers

Wow. This is quite interesting. Dev0322 now in the solar winds ordeal now.

Hackers IDed as DEV-0322 have a fondness for defense contractors and software-makers.

Source: SolarWinds 0-day gave Chinese hackers privileged access to customer servers

Comments (0)

Morgan Stanley discloses data breach that resulted from Accellion FTA hacks

I can’t blame Morgan Stanley directly for this one, but anothr story about the file transfer application we talked about some time ago. Wow.

Financial services firm says data was stolen by exploiting flaws discovered in December.

Source: Morgan Stanley discloses data breach that resulted from Accellion FTA hacks

Comments (0)

Facebook catches Iranian spies catfishing US military targets

Putting a new spin on cat fishing, eh? Michael in Tennessee sent me this one, and I think we hould look at it. Found the article from Ars very interesting. Its quoted and sourced below.

Hackers posed as recruiters, journalists, and hospitality workers to lure their victims.

Source: Facebook catches Iranian spies catfishing US military targets

Comments (0)

Ransomware attack at Comparis resulted in data breach

If people are familiar with this, better know about it. Doesn’t seem like a U.S. company, so it is good for us in the States. The post is on twittr and it was three days old.

Last week’s ransomware attack on Swiss price comparison website Comparis resulted in a data breach.

Source: Ransomware attack at Comparis resulted in data breach

Comments (0)

July Patch Tuesday is here, better get your patch on … especially if you print

Hello everyone, both articles from Trend Micro and Krebs on Security are similar in content this week. While Krebs mentions Adobe as he always does, both articles make sure that you are aware of several things.

  • There are either 116 or 117 different patches are out there.
  • 15 of the patches were submitted through the Zero Day Initive project.
  • The biggest vulnerability is fixed in this week’s update dealing with printing.
  • Several other CVE’s are given and linked within talking about other aspects of vulnerabilities.

The Print issue

Both articles talk about CVE-2021-34527, an issue that deals with printing in Windows. An out of band patch was issued last week in regards to this vulnerability however it may have caused problems according to what I’ve read.

The vulnerability is known as print nightmare and there is guidance linked within Trend Micro’s article. Of course, Trend Micro talks about Microsoft Exchange and DNS servers multiplied. Krebs also has the same MSRC link for the print nightmare and links to the others as well.

I recently rebooted after a good week and Windows promnpted me to update and restart which I did.

While I don’t print, if you do, you’ll want to know about this vulnerability and othrs that might affect you, so give the two articles linked a read. Just click on their names to read it.

Comments (0)

Kaseya is the next victim in ReEvil’s grasp

According to this article Kaseya hit with suspected cyberattack, raising fears of major supply chain incident ReEvil is back affecting 300 partners with 200 companies so far. Security Now will be covering this today as part of today’s program. Go to TWIT for details.

This is definitely getting interesting.

Comments (0)

US hits anti-robocall milestone but annoying calls won’t stop any time soon

Large carriers deploy STIR/SHAKEN. Small carriers, old landlines are still problems.

Source: US hits anti-robocall milestone but annoying calls won’t stop any time soon

This seems to be an update to the whole shaken and stir that we talked about on the Security Box. This is quite interesting.

Michael in Tennessee sent this one to me.

Comments (0)

DOJ files 7 new charges against alleged Capital One hacker

The U.S. Department of Justice (DOJ) has filed seven new charges against Paige Thompson, the former Amazon Web Services (AWS) engineer accused of hacking Capital One and stealing the personal data of more than 100 million Americans. The new charges, which include six counts of computer fraud and abuse and one count of access device […]

Source: DOJ files 7 new charges against alleged Capital One hacker

Michael in Tennessee sent me this, and we’re definitely going to put this in our news notes. While delaying a trial may be a good idea, now we’ve got new charges and this is just going to get interesting.

Above, find a quote with the link to the article, but do read it, it is definitely facinating.

Comments (0)

Western Digital is not done, more zero-days on the way

There are two researchers named Radek Domanski and Pedro Ribeiro featured in an article by Krebs called Another 0-Day Looms for Many Western Digital Users. While one particular issue couldn’t be demonstrated in Pown to Own because of an OS upgrade, they did find something else that Western Digital did not respond to. After that incident, the company vows to respond to all researchers regardless of life cycle and the like. These guys are trying to keep a company honest, and I hope this is a lesson to companies that there are people trying to help you.

The article details the Mybook ordeal as a reference point for those who didn’t hear about it till now.

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu