go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary

Go to Homepage [0], contents or to navigation menu

With new things, comes different risks

I know that my twitter is several days behind, but I don’t read twitter every day, and I came across this article that I think is timely, even though it is several days old.

The article talks about Zoom, which I’ve used once for a webinar. It is accessible with Jaws and screen reading technology. While I’m unaware of much of what it does, I know the free version is 40 minutes which does not help me because if I were to do things, it would take longer than 40 minutes.

I think the 40 minute thing is treated as a demo, and that should be extended in my opinion. A conference can last awhile, depending on the topic. I definitely see the benefit of using this service, and I’ve got nothing bad to say about it.

While I mention Zoom in an assistive technology light as a product, this Zoom is a product that has Conferencing telephone capabilities as well as web. Other services I’ve used have only telephone, or only web. Some may have upgraded capability, check with the service to see what meets your needs!

In the article Holding Class on Zoom? Beware of These Hacks, Hijinks and Hazards we learn about some of the issues that may arrise, and probably have caused some people to wonder if this platform is secure.

As Steve Gibson has said on numerous podcasts, the fact is, we use default options and think they’re OK. This may not necessarily be the case.

I tend to look at options with conferencing and decide how I want to have it. I do set mine pretty much open, but I’ve also not used it all the time, so if people use it to hang out, the system I have can’t do much.

Even one facility I had used it worked where people were placed on hold and when I came in, it went ahead and started the conference. It was part of a package. Some services allow you to call out, and thats nice too.

If you use Zoom conferencing, what did you think of this article and how do you plan to change how you do your conferencing with this platform?

Comments (0)

A very thoughtful blog post from a technology guy now at home

I was looking at Apple Vis to determine what if anything I needed to talk about here as informational. I found a very thoughtful blog post on there on how technology is helping them stay in touch with the people they care about since nobody is venturing out. I thought this would be appropriate to share here, because there is no many articles out there about the dangers, and nothing about how technology is helping people like us, the disabled.

The article itself is not technical, and it doesn’t talk about any particular app, but is more of a thoughtful piece.

I’ll be putting this in the accessibility section, as it fits there. While a few apps are mentioned, nothing is detailed.

Staying Home: Already a Pro is the article title, and you’re welcome to discuss it here or on Apple Vis.

Comments (0)

Instacart, please get it together

I’m reading from the Huffington Post an article that talks about Instacart, a grocery delivery service having problems delivering because workers want to strike for a very good reason.

If you help out your community like Uber is, than you’ll have happy employees. I’ve recently been told that I should get an instacart account, but after this, I really don’t want to buy from a company that wants to make a profit and not make sure their people are taken care of.

While the article has been updated since the initial publication, there are still things that they do not like that need addressing.

Now is not the time to play games with workers. As I saw somewhere, the next state for stay at home orders is North Carolina. If thats the case, and we have these problems, how are we going to have our needs met? Online is where we need to be, not at the store. I’m almost tempted to just send someone and my credit card. This is not the way I would do things, I would try my best to listen and make things right.

Instacart Gig Workers Threaten To Strike, Demand Hazard Pay And Sick Leave is the article with a video that seems to not have any audio. How nice!

Comments (0)

Russia picking up people doing cybercrime? Seriously?

Cyber Scoop and Kreb s on Security are reporting in two articles that 25 people have been picked up within the region for cybercrime activity. Russia is not necessarily known to pick up their own, let alone anyone for crime to my knowledge.

This is hopefully a step in the right direction, and I hope that this trend continues.

I read the article Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace that came from Cyber Scoop. According to this article, the people behind this activity were running shops such as buy best, or golden ring.

Brian Krebs recently penned an article Russians Shut Down Huge Card Fraud Ring which I’ve not read yet.

I believe in these difficult times, reading good news like this should put a smile on our faces. This is definitely something I like reporting and blogging on. I’m sure that Brian’s article is just as informative as Cyberscoop’s. I would not be surprised if Brian blogged on some of these guys through the years either through his former employer or on his blog.

Lets celebrate some good news for a change!

Comments (0)

More about the Operation Poison News coming from Trend Micro’s intelligence blog

One of the news items from this week deals with operation poison news. This article was posted on the intelligence blog. This is much bigger than the IOS aspect that I had read in the weekly news article found on this blog post.

As discussed, this is done through Hong Kong’s popular forums that people go to talk about various topics. According to the analysis from Trend Micro, this may have started as early as November 2019 since that is when IOS certificates were issued. This may not necessarily be just an IOS problem though, says the article. There may be an android app out there as well, or rather, Android may be targeted by just going to these forums that have these posts.

To make things worse, Trend Micro indicates that these are new accounts, and the posts are not targeting any one individual or group.

To read more about what they’ve found including topics that the posts may cover to get people to click, do click on this article entitled: Operation Poisoned News: Hong Kong Users Targeted With Mobile Malware via Local News Links to read all the details. Very facinating stuff here, I must say.

Comments (0)

This week in security news, news ending the week March 28, 2020

Hello folks, what a week we’ve had in the cyber security field this week. We continue to see phishing in regards to Covid-19, security has gone up for those working from home, and of course the webinar that we published as part of podcast 342.

I think the biggest news out of this week comes out of Hong Kong. Their IOS users are targeted in an attack from poisoned news campaigns. While I’ve not read the article, this proves my point in Hey Criminals! Keep your hands off our kids and their data! That point I was making was that Google isn’t the only problem, yet we hear more about them than anything else.

Its sad that poisoned news is the topic, but the good news out of this is that these links are posted to forum sites leading to supposed news stories. My tip? Go to the news source for news, not a forum unless its a trusted link where a discussion of such things are regular like this blog for example.

News also came out about the Wawa Breach and an article talking why we should use dark web monitoring. I believe services like Lastpass do this, but I don’t remember whether or not they do this as part of their free services.

Other interesting news talks about how the cybersecurity industry is stepping up to defend places like hospitals and other essential services from these big time attacks that are targeting them during this difficult time. It was also reported by a source I follow that indicated that some ransomware gangs would stop targeting hospitals and the like until this crisis is over. I hope they’ll follow their word.

For links to these and other stories, Nefilim Ransomware Threatens to Expose Stolen Data is the article, and of course the comment boards here and there await your thoughts.

Please stay safe and do feel free to contact me with questions. I’ll be sure to answer them to the best of my knowledge.

Comments (0)

United States Government giving bad advice? This doesn’t surprise me

Hello all,

I’m trying to space out articles, and trying to find some good content within all of the stuff we’re seeing.

In this post, I want to talk about an article I read dealing with security and the government. We all know that the government is the last place we turn to learn about security because of the recent breaches within the sector and other stories that might just make you start asking questions.

In an article entitled US Government Sites Give Bad Security Advice some governmental sites indicate that you should be looking for the “s” in the link as well as it saying in part: “An official Web site of the United States government”

If I were to phish these sites, I could easily write this statement on my web site, make sure I had the secure certificates, and ask for all of the data that the sensus is asking for.

I recently took the sensus for the first time, and it was accessible. I’m hoping that it goes where it is supposed to go, and reading this article makes me think that this wasn’t the best idea.

While this blog post isn’t talking about the sensus per see, one of the sites highlighted is this sensus site that we’re getting mail on.

Brian also talks about sites in the governmental sector that does not have this phrase on it, but I can see why he is saying that it is misleading because anyone can put things up like that, and can copy logos and put them up too.

Its becoming a very interesting world out there. What do you all think?

Cyberscoop has a video on their page, I’m not sure about Krebs at this time.

Russian law enforcement action against accused cybercriminals inside Russian borders is exceedingly rare.

I know that if I were to do something, that I’d be looked for and arrested or questioned at best. I would like to hope that this is the beginning of a change within Russia and other countries that just hack with no consequence.

The comment boards await.

Comments (0)

Hey Criminals! Keep your hands off our kids and their data!

I was up late one evening, and decided to read an article. The article talked about how children are using applications from the Google Play store, using the same names as applications that these kids would be using like Google Hangouts, Facebook, tile puzzle match, and other similar program names. Note that these may or may not exist, but just examples. Just follow me here while I explain this a little bit.

Google! What are you thinking allowing names like this with apps that already having the same name? I didn’t think that was possible to have multiple applications using the exact same name.

In this article, Cyber Scoop tells us that 24 different apps for kids are used to infiltrate the phone and have these guys making money while the app may behave as designed. 56 total applications, according to the article were flagged and 24 of them were targeted toward kids.

The app names I mention may or may not be there except for possibly hangouts, but actual app names mentioned were mentioned in this article. They include a cooking app, a game puzzle, and more.

Tekya is the name of this malware which clicked on adds for the scammers. The applications are not available anymore, they were removed in Early March, according to the article.

I seriously have a question. Hey Google, how come we’re hearing this more from you than we are in the Apple IOS and Mac ecosystem? Sure! We’ve got apps that Trend Micro have reported to apple which do some crazy things when it hits its target, and is normal everywhere else, but come on! Remember this writeup entitled NCSAM: Do you think Android is as secure as they claim? This Android app says not so much! This blog post from NCSAM 2019 coverage covered an application called Yellow Camera. I give some basic highlights of the article and you can search this app name on Google to pull up articles. I thought I linked to it from there, but I don’t think I did by the looks of it.

I believe this was an Android app, but I honestly don’t remember.

Another question, Michael in Indiana reminded me that Google hired mobile security firms to help them to keep these types of applications out. In this case, the developers cloned already existing apps. Google asks mobile security vendors to help keep hackers out of the Play Store is the article linked within the app discussion article. I think it is relevant to this discussion today because we don’t see many IOS apps, and that doesn’t seem right. I’m sure that mistakes like this on IOS are made. While we assume that apple looks at their apps, I personally can’t confirm or deny this, and with the many apps needing approval for updates and the like, a mistake can be made.

I’m OK with an app store making a mistake, maybe a few. It happens! But why are we seeing more of these types on Android if they hired people to help vet these apps on an open ecosystem? Apple is closed as you know, but yet, they still have made the mistake because of the apps behavior and of course, the same encoding code so people can’t see what it does is going to be a problem.

Scammers tried using kids apps in the Google Play store to generate cash is the main article I want people to read from this discussion, but Scammers, leave our vulnerable children alone! They don’t know any better, we do! We may get bitten because of the description, but once we learn, we’ll know what to look for. Children don’t know about these types of dangers. Hands off!

Comments (0)

web listings, a true or fake company? You decide!

I read this very detailed article last night by Krebs On Security. Aparently, this company or shell companies, has been around for many years. Remember those emails we got claiming that we can get search engine optimization services for $85 or so? I sent one of these emails to my domain register people and they said the email was a solicitation for service. Since I visited one of these pages once, I was curious because I didn’t order such a service, and search engine optimization is done by putting keywords together in the meta tags of your pages.

Because I understood that much, I knew something about this was not quite right. The phraise “receiving what looked like a bill for search engine optimization (SEO) services” leads to this December 10, 2018 story How Internet Savvy are Your Leaders? which is a great question now more than ever since a lot of them may need to work from home because they are asked to or by something else.

I know many people named Mark, and Mark is a common name among us. This post isn’t about any Mark I know, but Mark is the name in this article where Brian asks a question. Who’s Behind the ‘Web Listings’ Mail Scam? This is the question, and a very interesting one at best.

Have you had dealings with this scam company? Lets discuss it! This is well befor all of the debacle of today, this company has been around here I believe at least 10 years.

Comment boards are open.

Comments (0)

Mac, Watch, TV, and other updates

Apple Vis is reporting that Mac, TV, Watch, and other products have been also updated today as well as the IOS updates. Here is the Mac, Watch, and TV post: Apple Releases macOS Catalina 10.15.4, watchOS 6.2, and tvOS 13.4 for those who want to review it themselves.

Comments (0)

Firefox gets an update in firefox 73 for low vision users who use magnification

In non-corona news, Blind Bargains is reporting that if you use options to magnify the screen for your use with firefox, there’s now going to be a global option for that in firefox 73. This deals with a global zoom option and some backplate options. Tangela has the complete details on this Blind Bargains post: Firefox version 73 introduces several low vision improvements which you can find of interest like I did. While I use a screen reader, its important to cover news like this for those who use magnification. Thanks Firefox!

Comments (0)

IOS 13.4 is released

Several posts ago, I posted an apple vis post talking about IOS 13.4 and its release today. They braught it up to the front of their page, and I think it’ll be good to post this. [Update: Now Available] Apple to Release iOS 13.4 and iPadOS 13.4 on March 24; With Several New Features, but Mixed News for Blind and Low Vision Users is the updated post and there may be new things that may or may not have been covered before.

Comments (0)

COVID phishing trends and campaign updates

I read a very interesting article by Phishlabs, a company tht gathers phishing and intellegance data to share with its customers and us as a whole. Jessica talks about some of the latest campaigns including one going out there that discusses a cure for this very interesting disease.

While we grapple with containing this virus, on top of the attempts also braught up by Today’s Trend Micro webinar that discussed this and other things to keep safe, we know that Spam and Phishing campaigns will attempt to get us to look at what they’re sending because we’re all interested in this particular development right now. I’ve seen spam that say tht we need to buy masks that will protect us from this virus, and I get several of those a day.

There are three different lures that are discussed in this article COVID-19 Phishing Update – Campaigns Exploiting Hope for a Cure which is a must read if you read nothing else today.

Thanks so much for reading!

Comments (0)

IOS 13.4 to be released on Tuesday

Tuesday is going to be a big day, according to an apple vis post talking about the release.

There are some bug fixes, and regressions according to the post. While they’re a small team, I want to make sure that you understand that the post linked to here may not be the case for you, and may experience things differently you might. Yes, I wrote it that way on purpose.

In any light, I want you to see this post, and you’re welcome to look at it and determine if you want to wait, or whether you want to go ahead and update.

Apple Vis: Apple to Release iOS 13.4 and iPadOS 13.4 on March 24; With Several New Features, but Mixed News for Blind and Low Vision Users

Comments (0)

This week in security news week ending March 21, 2020

In no surprise news, Covid-19 is the main topic this week from working from home, protecting yourself using your home network, and other types of news in that variety.

There may be other things that I may not have seen or decided not to post as an article.

Have you seen something you’d like me to cover? Get in touch.

This Week in Security News: How to Stay Safe as Online Coronavirus Scams Spread and Magecart Cyberattack Targets NutriBullet Website is the article and I will await your ideas on what we should talk about.

Comments (0)

ISP Rogers, an unprotected database, and you, the customer

Bleeping Computer is reporting a breach with an unprotected database of Canada’s Rogers ISP. No credit card and password data were exposed, according to Rogers. “We’re sorry for the inconvenience” they say, but we’re sorry isn’t going to cover a mistake like this, because in my opinion, we’ve heard this before. I do give them credit on removing the offending database immediately, and putting out the statement, which is the best in circumstances.

If you are a Canadian and use this ISP, they will be in communication with you if they find that you are impacted by this. I’m confident that most may.

Bleeping computer: Rogers Data Breach Exposed Customer Info in Unsecured Database

Comments (2)

Mage cart at it again?

Apparently, according to an article on cyberscoop, Mage Cart is back and has been on one particular site for months. The site in question sells blenders as food processors to help make smoothies and other drinks. Magecart hackers have spent weeks lurking on NutriBullet’s website is the article, and is something we need to be aware of.

This particular threat puts code on web sites to take data as patrons do their online shopping. I’m unaware of how we, the general public, can protect ourselves because we don’t know what to look for. This is going to be more troublesome because of the nature of our work today and for the next several months.

Did you know ahead of time you could be potentially targeted by this gang by code scraping your data? How did you find out before it was too late?

Comments (1)

48 billion emails blocked in 2019 first half for phishing? This is only the beginning

48 billion emails blocked in 2019 first half for phishing? This is only the beginning

Trend Micro penned an article saying that they blocked 48 billion emails within the first half of 2019 alone. As the Corona Virus contnues to take hold, and we who don’t need to go anywhere stay put unless there is something to do, scammers will go at great lengths to make legitiment looking emails asking for money or other aspects of your life.

The blog post How to Stay Safe as Online Coronavirus Scams Spread has some tips. According to the blog, at the time of posting 174,000 were infected. According to statistics last I heard through Live Wire’s system which are updated hourly, the number was 180,000 globally.

As cases are continuing to come in, including one football coach today, we must stay vigilent and watch what we click. Phishing is now hard to spot because it has legitiment logos and the grammar is more up to snuff.

Have you seen this article? What did you think of what it said even though it is a day old now? Let me know your thoughts.

Comments (1)

Want a job? Not so fast says Krebs On Security

Krebs On Security is saying not so fast if you’re looking for work because you need something more to do, or your job currently doesn’t have anything for you to do during this trying time.

My goal here is not to scare anyone, however, this is the reality. Because we can not go out unless its necessary, we must look for other ways to make money or entertain ourselves.

According to an article penned by Brian, people are going around with job postings asking people to do tasks and they’d get paid so much. This is nothing new, except for the twist in this one. The twist is that you’re asked to look at masks, medicine, and anything else that might be needed to help stop the outbreak of this virus we’ve been talking about called the Corona Virus.

In the article, a sample message was put out that would have Canadians go to certain pharmacies to look at pricing to make sure there is no pricing problems such as price gouging. You get quite a bit of money and you keep some of it for reimbursement. In fact, the rest of the money you’re sending elsewhere may be stolen funds, according to the article.

This is known in this industry as “money mules” and is nothing new. The only difference is that you’re helping scammers who are supposedly trying to help stop the virus. The article goes in to more, including the charity that these people are impursonating. The real charity has already gotten calls and letters about this scam, and they’ve said that they don’t do such activity.

Want to learn more? Go on over to Kreb’s article: Coronavirus Widens the Money Mule Pool and I hope that this is something you’re interested in.

We want everyone to be safe here on the tech blog, and this is just another way th scammers are going to get our hard earned money that we must use to survive in these trying times.

Comments (1)

Prioritizing Corona Virus scammers? I don’t think so! What about the other scams we’ve seen over the years?

Why should we have prioritization of one crime over another? I just saw another email in regards to some mask or other device which will protect us from this unpresented virus that is sweeping the globe. While this post is not going to talk about the epidemic except for the fact that changes are happening day by day, the article caught my attention because Mr. Barr wants to prioritize this over any other scam thtat is out there.

All these scams these guys think of are bad, but I do see his point on prioritizing this now because this is going to effect us for some time now. It won’t be slowing down now, with over 180,000 cases and climbing, we’re damned if we do and we’re damned if we don’t. So we aren’t.

Attorney General Barr urges DOJ to prioritize prosecuting coronavirus scammers is up on Cyberscoop this morning, and it was definitely a good read. This is going to be very interesting.

Please feel free to leave those thoughts, and I’ll be back with more content soon.

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu