The Technology blog and podcast

More about multi-factor authentication

Earlier, I penned an article that talks about passwords. While I didn’t put the NCSAM tag on that blog post, NCSAM is in its title.

If you missed that blog post why not check it out?

Today, we’re going to talk about two-factor or multi-factor authentication. Both are pretty much the same, and is explained well in a Sans blog post from last year’s NCSAM.

As we tend to do, we like to share great blogs like this one, so we’re going to do just that.

With this blog, you’re going to learn more about why people are recommending us to use what is now being called passkeys. Its basicly authentication like we do already with your device. You just need to use your favorite biometric available from what I understand.

Would you like to learn more from those who know more than I do about this type of MFA? What is Phishing Resistant MFA? is the article title and I feel that we should share it.

Feel free to pass it along if you have learned something. Sharing is power!

Comments (0)

Is it a good idea to share passwords? Not so fast

Dad said I could use his Amazon account. Someone else said to cancel my Amazon account and use theirs. Kim and others say not to share passwords, although providers have said it isn’t a good idea.

Now, enter Disney. Like Netflix, Disney is going to follow in their footsteps. Starting November 1, 2023 in Canada, they’ll be cracking on password sharing. We talked about Netflix in the past, and something has to give.

Disney has lost 11 million in revenue according to the article, and some of that is because of sharing passwords.

Disney says they’ll enforce the password sharing rules they set out, and I’m sure its possible.

Read the full details in the article titled: main region which gives all the details on how this is going to work.

Comments (0)

Epic Games eliminates staff, Bandcamp

Epic Games has been talked about through the years on this blog and podcast series. According to Epic Games is eliminating 16% of its workforce and selling Bandcamp from CNBC, this is going to be very interesting.

Here’s the boost that came across my desk with the link to the article.

Celeste, AKA DJ Celrock!: Boosting Joe Ortiz (joeo10): If you’re using #Bandcamp, I would strongly advise getting two external hard drives depending on your size and download your purchased #music ASAP since the new owners are a marketing B2B company and I know where this is eventually going. https://www.cnbc.com/2023/09/28/epic-games-is-eliminating-16percent-of-its-workforce-and-selling-bandcamp.html

I would not be surprised if Songtradr is going to push the #enshittification button on it. https://www.songtradr.com/blog/posts/songtradr-bandcamp-acquisition/

Songtradr acquires Bandcamp is the press release.

According to the press release, they intend to keep Bandcamp from Within the music industry. I guess we’ll see what happens with that.

Hopefully, Epic can figure themselves out now that they don’t have to worry about Bandcamp.

Comments (0)

Progress, the makers of Moveit, discloses maximum sevarity bug

This can’t be good for the makers of the software that has been given a lot of coverage through the past year with multiple vulnerabilities that have lead to compromise of data.

I can’t blame them for all of it, they have patched the software, but users are responsible for updating it. This vulnerability that Bleeping computer is talking about is in the SFTP (Secure file transfer protocol) portion of the program. They call it WSFTP, but I don’t know what the W stands for.

The full article is titled Progress warns of maximum severity WS_FTP Server vulnerability for those who need to read about it. This is definitely unfortunate, as I know that they’ve been through a lot lately.

I urge those who use this software to update. I know the article is a few days old, but we must push this out. Make it a great day.

Comments (0)

News Alert, Senator Diane Feinstein dead at the age of 90: actors will take advantage

While I normally don’t post news items like deaths of people, shootings and the like, we’re going to start NCSAM really soon and this could be something that you might want to talk about as your strategy.

Actors will stop at nothing to get their wares out on the Internet. Twitter, now known as X put multiple items on my phone about this from multiple different accounts. Its now the top story on KNX.

article

Why am I posting this to the tech blog? Simple. Actors will come out telling you that you could learn about this important figure’s death by clicking on a link. The link could be something like dianefeinsteinexample.click (don’t go there) as an example.

While the page could look like a news site, there’s something you should think about. With the example mentioned above, have you ever been there and have you heard it advertised to learn about the Senator and what might be going on with her?

Here’s what you could do.

• Check the domain. Each domain has a registration date. Icann whois lookup and whois search are two different sites. If the domain is just days old, just be a little suspicious.
• Wikipedia might be another good site to check for facts. With people like Diane, there may be a page on her. It might be a little torn up right now as news is just coming out and it will be updated as info is known, but its a start.
• Searching the person’s name will in most cases come up with the actual page of what she’s done. Look at the URL to make sure you’re where you want to go.

Just searching Diane Feinstein gives twitter results and live news updates. Your search engine may vary.

Use reputable web sites for news like KNX MSNBC CNN and others that you are more familiar with.

Don’t rely on email or text messages to give you your news like this important news that is going to go around the country. Use reputable sites and services you trust.

Thanks so much for reading, do make it a great day! Stay safe out there!

Comments (0)

Amazon to charge for Alexa services one day?

I won’t say one way or another whether Amazon will charge for its services. But I did see this article talking about something I also received by email. That is, Amazon will now discontinue Alexa Guard and charge for emergency services.

But I don’t know if anything will be able to have conversations with us, seeing how Chat GPT apparently get things wrong and has started to get dumber. This is coming from technology expert Kim Komando, this isn’t me saying this about chat gpt.

With that said, I have tried Be My Eyes AI, and I used it for a very specific reason. It recognized that it was the same person and it gave me enough to get what I wanted.

I also saw a doctor about my concerns too, so I just didn’t rely on this alone.

No price is given on Alexa generative AI, and the person mentioned in the article will be leaving Amazon at the end of the year to take another position.

Other executives from the September 20th presentation pretty much said the same thing.

From Ars Technica, the article is titled Amazon wants to charge a subscription fee for Alexa eventually.

I guess we’ll have to see what happens, and whether this eventually comes true. It’ll be interesting to see how this space works out. I guess Siri can already do this with this latest update to 17 if I’m not mistaken, so we’ll see how Amazon will work in the future.

Comments (0)

I’ll be putting this one up … 55 percent of people have been scammed

I spotted this while browsing Kim Komando’s site as the articles section hasn’t been updated as of late. 55% of Americans have been scammed – Keep yourself safe online and offline is the article that I spotted and its quite interesting.

Tell your story, report it if necessary, and be safe.

I think this article has some good things in here. Be aware.

Comments (0)

Here’s news about IOS 17.0.2

On Saturday, I was talking about IOS 17.0.2 to some folks, and at that time, it was only available to IOS 15 phone owners. The JRN’s Terry Ring indicated that someone he knew didn’t have any trouble transferring data from one phone to another.

In the article I’m publishing today, IOS 17.0.2 is available for all phones that have 17 compatibility. I hope that this article is of value to folk.

Its titled Apple releases updated iOS 17.0.2 build for all iPhones to fix data transfer bug and comes to us from 9to5mac.

The Mix’s Tim Appleby boosted this one, thanks Tim!

Comments (0)

Important breach notification, Soni Playstation, 900 colleges and healthcare

This is massive and a large notification. I saw this in a breach notification from Kim Komando, and here’s the article on it titled Data breach warning: Sony, 900 colleges, health care org and more targeted.

We need to do our part as I’ve continually said numerous times through these podcasts.

Its not enough for us to sit back and let the world go by. We must be aware of what is going on with these breaches.

Check out the article for complete details. Its the same info I got in the breaking news newsletter.

Comments (0)

Could Trans Union be in the cross hairs of another potential breach?

I heard this on the Cyber Crime network through their podcast, apparently they’re in the crosshairs of yet another breach. They, in this case, is Trans Union.

Searching this out, I found an article from Security Week, they’re flat out denying it, saying that the formatting is different than their data, and one thing mentioned is that the data goes back to March of 2022.

If this breach is true, and I’m not the expert to say it is, its yet another breach that will go in to the “Why did it take too long” department of us citizens being notified.

The article for this is titled TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data and was the first article I spotted on the matter.

I don’t know about you guys, but if this breach is true, they should pay a penalty just like L.A. Care Health had to. No company hould be immune for blatent breaches. For their defense, they did say in the article that it didn’t match their database, but who is to say you changed your database from that time to now? Just putting it out there.

If you’re a concerned citizen like I am, we should start asking questions. Serious ones.

Comments (0)

Mark Cuban lost quite a bit … you can too

With many ways to be threatened, you must be as safe as possible. I’ve talked through the years of tech and the new series TSB about how I’ve been taken advantage of by various things.

If Mark Cuban searched for something and got bitten, you can too. As I said on Saturday, this type of thing can happen to you, me, and our hosts and supporters.

There have been stories out there that indicated that security experts, those who dole out info get hit. Its human nature.

In this three minute read, you’ll learn what happened to Mr. Cuban and ways you can protect yourself if you use crypto currency.

The title of the article is called Steer clear of cryptocurrency recovery phrase scams and if you’re in to Crypto, please read this one.

I’m passing this along to you, so you’re aware of what’s going on. Stay safe!

Comments (0)

Mixin suspends withdrawls and deposits after getting hacked

Bloomberg is reporting a short article about this company titled Mixin. Apparently,, the breach was caused through a third party cloud provider.

You’re welcome to read the article Defi Project Mixin Network Suspends Services After $200 Million Crypto Hack for complete details. If you use this, you should be aware.

Stay safe!

Comments (0)

Podcasts in a different language

Spotify, the rebranded Ancor platform this podcast is using, is looking to use Open AI and other partners to translate podcasts from English in to other languages.

The article, coming from the Verge, indicates that this is in a limited capacity and names are given to whom is given the tech in the beginning.

While I don’t know these folk, this could get interesting when it rolls out, as podcasts like TSB could in theory be translated in to other languages.

I guess we’ll see how it goes. I’d consider this beta for now.

Spotify is going to clone podcasters’ voices — and translate them to other languages/

Comments (0)

X, formerly known as twitter, now is offering the ability to use government identification for paid accounts

According to an article by the Verge, X can now get governmental ID as part of verification. The company, who is based in Israel, can hold on to this data for at least 30 days.

I’m still not convinced about paying for such a service, seeing that we don’t know what real benefit it’ll give us.

X can now ask users for government IDs to verify their paid accounts/ is the article and you can do with it as you wish.

Brian Krebs boosted this one.

Comments (0)

Here is another T-Mobile security problem, … this one seems bad

Like we need more bad news over at T-Mobile, this one looks bad. You’re in your own application on your own account, but you see someone else’s info including credit card number, balences if applicable and purchase history.

Apparent T-Mobile security breach sees personal data revealed to other customers comes to us from 9to5 Mac.

They highlight past breaches going back to the several in 2021 and one this past March which is still really unkown.

If I hear anything else, I’ll be sure to get people notified as quickly as I can get it.

This … can’t be good.

Comments (0)

HHS settles with L.A. Health care over Hippa violations

I’d love to see more of these. I think that if the health care industry as a whole was targeted by the organization that targeted these guys, maybe their security would be more up to par. Then again, maybe not?

“Breaches of protected health information by a HIPAA-regulated entity often reveal systemic, noncompliance with the HIPAA Rules,” said OCR Director Melanie Fontes Rainer.  “HIPAA-regulated entities need to be proactive in ensuring their compliance with the HIPAA Rules, and not wait for OCR to reveal long-standing HIPAA deficiencies.  Entities such as LA Care must protect the health information of its insureds while providing health care for the most vulnerable residents of Los Angeles County through its coverage, which includes Medicaid, Medicare, and Affordable Care Act health plans.”

It shouldn’t stop here with Los Angeles. All of these health care industries Databreaches has posted about whether we have posted about it or not should be targeted by this OCR group to see if there are any compliance issues.

Not all breaches could be targeted by compliance issues, but we have no way to know.

Full article by databreaches: HHS Office for Civil Rights Settles with L.A. Care Health Plan Over Potential HIPAA Security Rule Violations if you’re interested.

Comments (0)

Elon Musk says X will charge users ‘a small monthly payment’ to use its service | TechCrunch

Here’s another article that talks about the fact that Twitter is going possibly completely paid. It has even a bit more than the other, and while I try to only post one article, I think multiple may be necessary here. Let the games begin.

X owner Elon Musk today floated the idea that the social network formerly known as Twitter may no longer be a free site. In a live-streamed conversation

Source: Elon Musk says X will charge users ‘a small monthly payment’ to use its service | TechCrunch

Comments (1)

Here’s something new, charge everyone for twitter … how successful will that be, musk?

I’d honestly like to see how this is going to go with everyone. This network has made it public with those on the podcast that we will not be paying for Twitter, seeing that we can’t use third party apps which are easier to use than the app or site.

Just Recently as an example, I got a direct message. Great! I went on the web, tried to reply to it on the web, found I could not. I don’t know why. Tried pressing enter on the DM, tried to find a reply button, nothing.

So, I had to result in using my phone to reply to the musician who gave me a code of his recent release.

This musician is not going to be named, as many Bandcamp artists are giving codes to users by choice, so I’m not going to say which one.

But now, I can see why in a previous boost, i saw what I saw. It basicly said that they wouldn’t pay for Twitter.

And I know for a fact that I have 4 accounts, one on staff has two, one of which I help maintain as part of my 4.

I wonder if this is going to be the beginning of the end that we’ve been calling for? Some of us have been predicting that within 6 months to a year, Twitter would be pretty much history.

Here’s the latest coming from a site called Variety. ngler
Plus Icon
elon-musk-charge-all-x-twitter-users-fee-1235726693/#article-comme is the article, and I bet we have no say so now.

Here’s the boost which I saw before the article I am posting about.

Celeste, AKA DJ Celrock!: Boosting JamminJerry (jamminjerry): regarding that last boost I just did about the idiot charging for twitter, I bet you lose a whole bunch of users that way, and you still won’t get rid of bots, like you claim it will fix. I know I won’t be paying for it, so if he does do this, I am deffinitly gone from it.

Jerry, I know we’ve not spoken in quite a number of years, and now i understand your post here. After reading the variety article linked above, this is just going to add to the interesting column over at Twitter.

I honestly don’t call it X, I call it Twixer. I’ll never call the platform X.

Comments (0)

Why did it take so long from breach to notification? Your guess is as good as mine!

In an article I posted and we talked about across the network, it took what we think is way too long to be notified.

The first paragraph of the Databreaches article says:

Some state and federal laws provide specific timeframes by which breached entities must provide notice to regulators and to those affected by a data breach. Unfortunately, loopholes abound, as we seen in statutory language such as Minnesota’s breach notification law, where for timing of notification, it says: “The disclosure must be made in the most expedient time possible and without unreasonable delay, consistent with any measures necessary to determine the scope of the breach, identify the individuals affected, and restore the reasonable integrity of the data system.”

I’m not against the fact that we need to secure the system first, make sure the data is safe and as secure as possible before notification, but you’ll find out that in this instance, there was a huge delay.

One side of the article we’re talking about says that it took 4 months to be notified of the breach, and 2 months to notify everyone. But the article also talks about how it took over a year.

If I were running a business that got breached, I would definitely not wait an entire year to notify anyone of a breach, state or otherwise.

If it took a year for me to know there was a breach, that’s an ongoing problem. But if I was notified two months afterword, I am responsible to notify customers, steakholders and the like of this breach as oon as possible.

The lengthy databreach article is titled An inexcusable gap from breach to notification, or an excusable one? and I hope that you give this a read.

It should not under any circumstance after notification take an entire year to be letting your customers know of a breach.

Give me a break!

Comments (0)

Social media attacks targeting banks? You bet!

As I continue to catch up with tons of reading, this particular article where social media attacks are going up as banks are now targeted is more important.

Some banks may be more prone than others, at the same time, we all need to be aware of what’s going on.

Just revcently, I got a facebook friend reuest. I’m doubtful that it is who the name I saw, but that is only the beginning with attacks.

While other trends facing other businesses on social media are lower, we shouldn’t be putting our guard down. I suspect we’ll fluctuate depending on what is going on, but it isn’t going anywhere any time soon.

Despite the decline, 2023 social media attack volume is still consistent with 2022 and well above the average number of attacks in 2021. Social media has emerged as a preferred channel for cybercriminals to target businesses indiscriminately, with abuse occurring in the form of advertisements, illegitimate business pages, and phony executive profiles. The rapid nature of communication via these channels, in addition to the ease of account creation makes brand abuse and impersonation a light lift for cybercriminals looking to perform nefarious activity.

I understand that Mastodon is considering a captcha model, but from what I’ve heard, they were looking at H-Captcha.

While Sendspace had it because of Cloud Flair, the backbone they have, its aweful. You have to set a cookie, and hope it sticks. What I’ve found, is to set the cookie, then go and do what I need to do keeping my browser open.

But H-Captcha requires up to sign up, and other solutions like what Google offers does not. Google offers Recaptcha, and version 3 is supposed to be behavioral based and only throws up something if it senses something off. I like that approach better.

In Q2, cyber threats and impersonation were nearly tied as the top threat type on social media. Cyber threats were most observed, with 34.5% of overall attacks targeting businesses taking the form of telephone support scams, giveaway scams, employment scams, and more. This is the second consecutive quarter cyber threats has won the majority of threat volume.

There’s a lot more to dive in to, so why not read the article like we did? Social Media Attacks Targeting Banks See Greatest Increase Since 2021 is the article, and I hope that ou find it of interest.

If you’ve got banking friends whether a financial advisor or someone who assists you regularly at the bank, let them know about the article so they can find it and pass it along.

Together, we can make that difference.

Comments (0)

Older Posts »

go to sections menu

---