The Technology blog and podcast

The Security box, podcast 146: Putting a face to the faceless proxy service

Hello everyone.

After dealing with some issues and being gone the afternoon and in to the evening, I’m here to announce TSB’s podcast release.

If you didn’t get it off of RSS, its OK. I have the 206.4mb file for those who need it on this post.

Please find the show notes with links to the potential morons, the article for the main discussion and of course ways to support this podcast should you wish to do so.

By listening, you do support the cast as you get to learn about things that may be of interest, and it is not required for you to do anything else unless you wish to do so.

With that said, please feel free to let us know what’s on your mind and we’ll be catching you all later!

---

Welcome to the security box, podcast 146. On this podcast, we may have multiple morons; one is a definite, news, notes and a very interesting topic about the proxy services and what they’re up to.

Potential Morons

• 48 States Sue Phone Company That Allegedly Catered To Needs of Robocallers talks about the majority of the U.S. and how they’re suing a telephone company in Arizona who seems to be catering to the robocallers by allowing customers to spoof caller ID among other things.
• Free VPN Service SuperVPN Exposes 360 Million User Records. was found on Monday, the 29th. Class, what can we learn from this article?

Topic

This time, we’re going to talk about a very interesting KrebsOnSecurity article titled Giving a Face to the Malware Proxy Service ‘Faceless’ which was quite interesting.

The first paragraph says:

For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

TSB, podcast 145: Bablock Ransomware

This program may contain some adult language, but it is infrequent. We have the disclaimer in place and we’ll make sure it is there if it is more than one occurrence.

With that said, we put the show on RSS, but it is not up on the blog yet. We’re going to fix that.

Download the 176.6mb file for your enjoyment and thanks for participating and listening!

Below, please find show notes which may include links to things as necessary.

---

Welcome to the security box, podcast 145. On this podcast, we’re going to talk about anothr Ransomware group that is out there that may be of value because while they may ot be targeting the states yet, they’re attacking and we must be aware of what’s happening.

Besides this, we may have at least one moron, maybe more, we’ll see what others have to say, we’ll talk about the landscape and we’ll also make sure you’re informed the best we can.

Topic

Bablock is a very interesting piece of ransomware out there. The ransomware is based off of Lockbit, but may be different. Trend Micro will help us with this one. An Analysis of the BabLock (aka Rorschach) Ransomware is the article title and we hope you enjoy the program!

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Security box, podcast 144: Its an open forum

Hello folks,

We had a great time on our open forum for this show. Here is the 171.2mb file for those who do not have RSS capability.

Here are the show notes.

---

Welcome to the security box, podcast 144. This show is an open forum. We had no particular topic in mind, but we talk about books, the landscape and more. The show may contain some adult themes, but it is very light at all. This may contain language or other situations. Please be aware of it. Thanks for participating and make it a great day!

---

We’ll see you next time!

Comments (0)

The Security Box, podcast 143: Let’s discuss the relationship between Ransomware and Phishing

Hello everyone,

Welcome to the security box. I was alone, although Nick was listening to the show live. Thanks for listening, Nick!

Here is the 157.4mb file for you to grab if you don’t have RSS.

Let’s see what you think of the program, even though I was alone. Your thoughts are most valuable.

Now, here are the show notes, which accompanies the program. Thanks so much for listening!

---

Welcome to the security box, podcast 143. Today, we’re going to have a very interesting discussion about the Relationship between Ransomware and Phishing. We know of at least one moron of the podcast, and there is possibly going to be one more. Of course, we’ll have news, notes and any questions from the Clubhouse audience.

---

Morons of the Podcast

First Moron, a Russian on the Run

There are two different articles out there about this one. One from Krebs and the other from Cyberscoop.

• $10M Is Yours If You Can Get This Guy to Leave Russia Krebs on Security
• Russian national charged for role in stolen credit card verification scheme Cyberscoop

How Not! to notify people of a databreach

I saw a boost on Saturday about a breach with a company named Western Digital. That’s nice, we have covered many breaches before. What I found was disturbing from Western Digital according to the boost. While they sent email out, the email was not accessible for those of us who use access technology; namely screen reading technology.

I don’t know about you, but I would expect the info not in graphical form, I would expect it in text just like you and I communicate already. Here is my blog post from May 6th that mentions this. As of show note creation time, we do not have any official articles from the tech press, but when we do, we’ll be sure to pass it along. Don’t put breach notifications in picture form! It doesn’t do anyone with disabilities any good.

---

Our main Topic

The main topic comes from Phishlabs. The article is titled What is the Relationship Between Ransomware and Phishing? and was written at the end of March, 2023. This is going to get interesting.

---

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Security Box, podcast 142: The New U.S. Cybersecurity Strategy highlights

Hello everyone, welcome to the security box, podcast 142. A slow start to the program turned out to be a nice discussion of topics from around the landscape.

There are some occasions of strong language, so I put the disclaimer in, even though there are two spots, I believe. Better safe than sorry.

I hope you enjoy the program as much as we have bringing it to you, and do find the complete show notes below the ruler. Thanks so much for listening!

---

Welcome to the Security box. This is program number 142 of the series and this time, we’ve got a topic which hasn’t been covered before at least on our podcast. The topic covers a very interesting endeavor by the government to deal with Cybersecurity. Besides this, we’ll see who gets a moron, we’ll cover the landscape, and we’ll see what else is of value. Hope you enjoy the program!

Morons of the podcast

One may not completely be a moron, but it qualifies as a group not just what the first item covers. The second, however, you’ll just have to read to believe.

---

1. I’ll put this one as a moron, but I really don’t understand what seems to be going on over at schools lately. Its ok to keep information on children that have nothing to do with you giving them an education, and that information may include behavioral issues, SSN’s and more.

blog post

Brian Krebs boosted (retweeted) the following to his followers. Note that my blog post has the linked article, so I’m not going to link it within this section. It says:

Doug Levin: NBC: Students’ psychological reports, abuse allegations leaked by ransomware hackers https://www.nbcnews.com/tech/security/students-psychological-reports-abuse-allegations-leaked-ransomware-hac-rcna79414 #edtech #databreach @brett via @kevincollier

---

1. Our second moron is more of the moron than the first, but here’s a blog post titled T-Mobile, do you still want me as a customer? I don’t think so! which has the latest on what they have been up to. It links to yet another article, talking about yet another breach. Should we be surprised in this industry?

---

Topic: Highlights from the New U.S. Strategy

This is a Krebs on Security article that we’re taking from. He was tooting (tweeting) about this on Mastodon.

The article is titled Highlights from the New U.S. Cybersecurity Strategy and it was interesting. I wonder what will eventually happen with this? Haven’t seen anything since this article was written, but maybe they’re working on it and we’ll see something soon. Only time will tell.

---

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Security box, podcast 141A: The Billion Dollar Scam

On this special edition of the program, we’re going to have a video in which we found of interest. The show notes, which will be within this post, will have the link to the video if you want to watch the visuals that the video has.

The BBC has this one.

Do you not have RSS? Here is the 47.4mb file that you can download.

Contact information is available at the end of the podcast, and no music.

Now … here are the show notes.

---

Welcome to the security box, podcast 141A. On this podcast, we’re going to provide you with a video. This video comes from the BBC, and it does leave some very interesting questions. Contact info is given at the end.

What sparked this? This toot from Brian Krebs is what sparked this. It says:

https://www.youtube.com/watch?v=w6JXZ3GzSCQBrianKrebs: Simona Weinglass of The Times of Israel is my new hero. Her video reporting on crypto investment scams is well worth watching.

Tl;dw, it appears the biggest crypto investment scams targeting people in the UK were promoted by at least a half dozen of England’s premiere football (soccer) leagues. These scammers managed to rake in at least a billion dollars, and could afford lucrative sponsorships that got their brand everywhere. As the former scammers explained, there’s nothing real about the investment “earnings” shown to people who get roped into these scams: It’s all just a digital mirage, and any money invested is gone.

Her video series on the BBC zeroes in on who’s responsible. Involves ride-alongs with German police as they worked w/ investigators in the country of Georgia to raid call centers working the phones for these fraudsters.

https://www.youtube.com/watch?v=w6JXZ3GzSCQ

If you’re just here for the video, this is the youtube link to the video we give in audio.

Thanks Brian for posting this! I found it very eye opening, and it even made me mad, but that’s probably what we’d expect with what you’ll hear. I don’t blame them though, but you should hear or watch this and make up your own mind.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Thanks for listening and make it a great day! Our normal show will be Wednesday.

blog post

Catch you later!

Comments (0)

The Security Box, podcast 141: Dark Bit, a new threat that starts with a grudge

Hello folks,

Welcome to the Security box for this week. Today, we’re going to talk about a new Ransomware group tht is out there called Dark Bit.

It was put up on RSS Wednesday, but I meant to get the blog updated the same evening but failed miserably.

Did you not pick it up on RSS? No problem! Here is the 207mb file.

Now, without any further ado, here are the show notes which includes the links to the various things we’re talking about.

Thanks so much for listening and enjoy the show! Note, some strong language.

---

Welcome to the Security box, podcast 141. On this podcast, Cyberscoop is along to help us diagnose yet another ransomware group. They actually start by attacking Israeli schools, but will it stop there?

Besides that, we’ll have the news, notes from around the landscape, possibly some morons, and of course your thoughts.

Our topic today comes from this Cyberscoop article titled New cybercrime group calling itself DarkBit attacks Israeli university which we sent to the list in mind February.

While we’ve not seen anything else on this, it isn’t for us to keep our mind down as they could attack anything they want.

We hope to see you on the show, thanks so much for listening!

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Whether you contribute or not, please know that we put the show for educational purposes and the money is not the point, but writing in or contributing other ways is always welcome. Thanks for reading and make it a great day!

Comments (0)

The Security box, podcast 140: The FDIC and banks

Hello folks,

We are a little over 4 hours, but not by much. This program has infrequent strong language.

On this program, we have a bunch of news and notes, two morons at least, the topic of the FDIC and banks, and a little bit of fun.

Don’t have RSS? Here is the 222.9mb file for you to have.

Below, pleae find the complete show notes with links to the topics where applicable.

---

Welcome to podcast 140 of the Security box. On this edition of the podcast, we’ve got two morons at least and a great topic that may still be relevant even though the SVB fiasco is now past us. We’ll also have the landscape from people who found things of interest as well. We hope you enjoy the show!

Morons of the podcast

We have two morons of the podcast.

• Trial and error in Kuwait tells the story of a cyber security expert who almost went to jail for tweeting on something he found which is part of protecting everyone. The article itself is quite interesting, but what is more interesting is the fact that the bank didn’t want this info out there to begin with. This came from Cyberscoop.
• Lawsuit Claims Mount Nittany Health Shared Private Patient Information with Facebook, Google (update1) comes to us from databreaches.net. The fact that you didn’t even notify customers or anyone else about the issue is just mindblowing. This definitely doesn’t make any sense.

The FDIC and banks

The FDIC did step up when it came to the SVB ordeal, but what about it and bank securituy? A watchdog says that they’re not doing enough.

The article Watchdog warns FDIC fails to test banks’ cyberdefenses effectively is one that you should read. We’ll be taking this article apart as part of the discussion. Do you think they’re doing enough?

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Technology podcast, podcast 373: Metro Micro

Hello everyone,

After our Metro Micro meeting where a couple of us were on a call talking about an app, I’m here to give you the podcast that I also sent to them.

Here is the 32.7mb file if you don’t have RSS or you don’t want to be bothered.

Some people may not necessarily care about this one because it is just in Los Angeles, but I do have listeners from around the world, and if you come here and find the demo of interest, its another way of going short distances.

Here are the show notes which includes a link to learn more.

---

Hello folks, welcome to the technology podcast. On this podcast, you’ll learn about an app called Metro Micro. It is a new project by Los Angeles Micro which they’re trying out.

You’ll have to search for Metro Micro in your respective app store if you want to take a look. You may also go to the Metro Micro page on metro.net to learn more.

While most people may not need this, I figured some might, and we reach a wide variety of people so I’m going to put it out there.

---

I hope you enjoy the program and thanks for listening!

Comments (0)

The Security box, podcast 139: Email, ransomware, Phishing and more

Hello all,

Welcome to the security box, podcast 139. On this edition of the program, our favorite topic of Phishing will be coming up as it is in big demand. Our RSS feed is updated, and we also have the 217.2mb file for those who want it directly.

The program is just shy of 4 hours.

See if your assessment of Nick is the same as mine during our final hour where we discuss this at length as an exercise in which he did do some of what I thought he would do in the simulated Jared Rimer Network Bank company.

Here are the show notes for your perusal.

---

Hello folks, welcome to program 139 of the security box. On this episode, let us talk about email for a bit. Yes, the thing you use to receive announcements about this podcast, maybe other programs you are interested across the network and other places and a way for businesses to communicate with you. According to an article, this method is still the best way to get ransomware and other things on your device. Why is that? We’re going to have news and notes as well, maybe we’ll find out as we post things between now and show time if there are morons, and we’ll also see what the landscape brings.

Topic: Email as a vector

Today, let’s talk about email. Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method comes from Phishlabs. We’ll step through this article and see what people think.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

This week on the Security Box

This week, we need to change to noon PT, 3 ET due to a meeting that I’m attending in the morning. The day is still Wednesday as usual.

This week, why do you think Email is so successful when it comes to delivering Ransomware and other Phishing attacks?

The article Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method from Phishlabs will help assist us in our discussion.

We’ll of course cover the week’s news as well as anything else listeners want to bring up.

Here is a link to the independent channel where you’ll get all kinds of options for listening.

The Clubhouse room is in the calendar so feel free to pop in and listen or participate as much or a s little as you want.

Thanks for listening!

Comments (0)

The Security box, podcast 138: Mimic Ransomware

Hello folks,

Welcome to the security box, podcast 138. Our main topic is going to deal with Mimic Ransomware.

There are a couple of spots where strong language may be used, but not enough for a full disclaimer.

Here is the 217.5mb file if you need it. The RSS is getting updated as I type this.

I just realized that the RSS says 137 although I’m editing the 138 notations. Sorry about that!

Here are the show notes for the podcast. EMHS’s page is already updated with the podcast too.

---

Welcome to program 138 of the Security box. We’ve got a very interesting musings piece which we’ve blogged as well as another threat we need to talk about.

Musing

I’ve started yet another musings post, and this one came from Mastodon. I am not going to put the older posts in this category but will put new ones in this category. A very interesting musing thought piece is the article. The boost is quoted with the links linked as numbers for you.

Maybe a Moron or just a news item?

No April fools joke, man arrested for making swatting calls, faces 10 felony counts was the only post posted on April 1st. This was no April fools joke. The gentleman in question used Discord to post and share these videos and luckily nobody got hurt. You’ll want to check out this article to determine what you think, and we’ll determine where it goes and do it appropriately.

Mimic ransomware

New Mimic Ransomware Abuses Everything APIs for its Encryption Process comes from Trend Micro. This may be just as bad as Sandworm, if not worse. We’ll discuss this Trend Micro article.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Thanks for listening and make it a great day!

Comments (0)

The Technology podcast, podcast 372: A webinar on Cybersecurity and a Metro Los Angeles update with Transit App

Hello folks,

Welcome to another tech podcast. I’ve decided not to use some of these files I’ve published on the Throwback program as they were a bit older, but now that we’re back to more current things, I could see myself doing something with them.

For today’s program, we have a webinar dealing with Cybersecurity which is quite good. Besides that, I’ve got a Los Angeles Metro aarticle and thoughts on it as it relates to Transportation.

This isn’t necessarily security related, although their app was pretty good in that regard anyhow.

For those who need it, here’s the 74.1mb file for you to have.

Now, here are the show notes. Thanks for listening!

---

Welcome to the technology blog and podcast. On this edition of the podcast, we have got two different items.

<
• Roger Grimes has written a bunch of books, and he’s also taught for as long as I have if not longer. He has a webinar on Cyber Security, and yes, we could play it on TSB but TSB is more for you to communicate with us on what you have questions on and what things we see. Take a listen to this and see what might be of value to you.
• Los Angeles Metro and Transit App are ending their partnership. Is this a great move? I don’t honestly know. Metro did have a pretty bad app which I hated to use. The data was the samem, but I really like Transit App’s interface. Los Angeles Metro will be discontinuing partnership of Transit App as their official app is my blog post after reading the source’s post on this.

Contact info is given at the beginning and end, feel free to utalize any or all of it. Enjoy!

Comments (0)

This week on the Security box

This week, New Mimic Ransomware Abuses Everything APIs for its Encryption Process comes to us from Trend Micro. We posted this to TSB’s list back in late January, and it may be as tough as Sandworm has been.

We’ll also cover the news, we’ll see what others have, and we’ve got a very interesting thought piece.

This is the link to the independent channel. The show will be starting on Wednesday at 11 am PT, 2 PM Eastern.

See you there!

Comments (0)

This week on Throwback Saturday night’s security hour

Hello folks,

Starting this week, Throwback’s security hour will include show notes as part of the upload process.

This week, we’re going to talk about that big story about the breach that occurred in two countries and of course the team will talk about the other topics that were posted to TSB and other places they may read.

Want to listen to Throwback Saturday Night? Go over to the listen page of the mix and select server 2.

The program starts at 8 central time, 6 pacific time for the security hour portion of the show. Throwback itself goes from 7 PM to 9 PM station time, 5 to 7 PM pacific time.

Here are the notations for tomorrow’s program.

---

On this edition of the program the blog post linked herein is titled Kiwibank counting customers … major breach at Latitude lending company. If you are in New Zealand or Australia, you must read this because you might be affected. Kiwibank is not totally at fault here, but they must try to figure out what happened and help their partner in dealing with this issue.

Other articles that might be discussed may include but not limited to:

• Twitter’s source code leaked to GitHub
• Breach Forums has three articles
• your verification status
• Strange Texts pretending to be Google? Not so fast

Thanks for listening to the show, and do make your voice heard!

---

I hope you’ll come listen to us and email your thoughts about what is said. If you want to join us and you don’t have an account on TeamTalk for the mix, contact us and request one. We’ll get back to you as quickly as possible.

Thanks so much for listening!

Comments (0)

The Security box, podcast 137: What’s going on with Sandworm?

Hello everyone. Welcome to the Security box, podcast 137.

While I’m ok with this week’s program, I’ll be posting other podcast announcements. Sorry for any delays.

If you didn’t get the podcast through RSS, don’t worry. We’ve got you covered! Here is the 177.6mb file for you to have.

Now, without any further ado, here are the show notes for this program, and I hope you enjoy it as much as we have putting it together for you!

---

Welcome to the Security box. This is podcast 137 of the program and we’re not slowing down. At least, not yet. On this edition of the program, we’ve got at least one moron of the podcast, we’ve got a very interesting update on Sandworm and of course we’re going to have some great news items as well as anything else from the audience.

Morons of the podcast

This blog post titled Kroger has serious breach, affects 82,000 people of postal prescription issues should be spotted. While Kroger is well-known for their super market chains, they apparently have a pharmacy department and that is what we’re talking about here.

They have the capability of sending prescriptions through the mail, and 82,000 people were recently notified.

This is going to get very interesting.

Two U.S. Men Charged in 2022 Hacking of DEA Portal was sent to TSB. Hacking in to a DEA portal that many agencies use must be put in as the moron of the podcast for sure. Nick messaged while show notes were still being put together and this was mentioned via voice. Great one, guys!

Some news items

Some of the news items may include but not limited to:

• Opinion piece: article talks about how TikTok didn’t make a case for itself
• Move out of the way, 55 vulnerabilities tracked in 2022 and these are zero-days
• Another hacking forum shut down … this is the breach forums
• 306,000 plus out of 476,000 plus domains reported as phishing

Some we may have talked about, but these may be some that people could be braught up. Feel free to check out the accompanying articles and let us know what interests you!

I happened to pop on Facebook for my once in a while look. Someone I follow happened to like Q-Link Wireless. OK, that’s cool, but we need to remind people that Q-Link may be good for free cell phone service, but what about your privacy and safety? TSB will not tell you what you should use, just putting news out there about the things we read.

Why is there “no password required” when accessing accounts? What not to do when setting up accounts for services podcast 39’s blog post

NVDA is now released for 2023.1. This blog post talks about what’s up with it with a link to the release.

Topic: Sandworm

Did you read Sandworm? This is the blog post about the book titled: Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers and here is the book review titled: Book review: Sandworm.

We found a very interesting article which we may have blogged. The blog post is titled Russia’s Sandworm hackers blamed in fresh Ukraine malware attack from Cyberscoop’s site.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Thanks so much for listening, make it a great day!

Comments (0)

Last Week’s Security Box, podcast 136: Vice Society

We’re really late on this one, and I’ve got to get better at this. I’ve been busy of late, but I think we’ll be OK.

Last Week, we talked about a group called Vice Society. They’ve been the newest trouble maker out there, but they’re not the only ones to say the least.

While we got this on RSS, we’ve not gotten it up on the blog like we normally do. Truly sorry about that!

Did you not get it through RSS? Don’t have a way to get it through RSS? Here is the 170.6mb file for you to have.

We’ll make sure that we get the shows up in more timely manner and we apologize for the delay.

Here are the show notes for those who want to follow along and actually read what we were using and of course read the perfect moron of this podcast.

---

Hello everyone, welcome to podcast 136 of the security box. On this edition of the program, we’re going to talk about a group that has quite a bit up its sleve. We also have a bunch of news from around the landscape, a familiar foe that could in theory get the moron of the podcast yet again and much more. We hope that you enjoy the program and thanks for listening!

Possible moron

I wrote a thought article on my blog with no accompanying article. Here is that blog post titled TikTok says: “We’re embedded” in to the operating system. I am not sure if this will be it, and if someone puts something else in, we’ll add it to this list. We could in theory add this blog post about Bite Dance Surveiling journalists to this too.

Topic: Vice Society

This blog post titled Vice Society Ransomware Group Targets Manufacturing Companies is probably the beginning. This seems to be a new group and it seems pretty dangerous. While it hasn’t targetted the United States yet, we know that anything is possible in this crazy world.

Supporting our podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Thanks so much for reading, and make it a great day! We hope you enjoy the podcast.

Comments (0)

The Security box, podcast 136: Vice Society

Welcome to the Security box. As we write, the podcast is getting distributed across the network. Its been busy and there are things happening tomorrow, so let’s get the podcast up and running.

Below, please find a link for those who don’t have rss as well as a full show note segment.

For those who need a file, here is the 170.6mb file for you to download. Its got a few tracks at the end for your enjoyment, but it is definitely a packed show with lots of different items of news worthy delightfulness.

We owe you an EMHS update, but I’m pressed for time. I’ll be making sure that the resources are up to date this week, and I’ll try and get you a blog post on it within the next day.

Here are those show notes for you though, and thanks so much for listening!

Hello everyone, welcome to podcast 136 of the security box. On this edition of the program, we’re going to talk about a group that has quite a bit up its sleve. We also have a bunch of news from around the landscape, a familiar foe that could in theory get the moron of the podcast yet again and much more. We hope that you enjoy the program and thanks for listening!

Possible moron

I wrote a thought article on my blog with no accompanying article. Here is that blog post titled TikTok says: “We’re embedded” in to the operating system. I am not sure if this will be it, and if someone puts something else in, we’ll add it to this list. We could in theory add this blog post about Bite Dance Surveiling journalists to this too.

Topic: Vice Society

This blog post titled Vice Society Ransomware Group Targets Manufacturing Companies is probably the beginning. This seems to be a new group and it seems pretty dangerous. While it hasn’t targetted the United States yet, we know that anything is possible in this crazy world.

Supporting our podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Security box, podcast 135: The NSO group is now going to get sued, approved by the Supreme Court

Hello everyone, welcome to another edition of the Security box. I’m alone today, but that’s OK. Some shows are like that.

We’ve updated the RSS feed when the program was initially done, but for those that don’t have it, here is the 104.1mb file for you to have your copy.

Now, without any further ado, here are our show notes for today’s program. Thanks so much for listening!

---

Hello folks, welcome to podcast 135 of the security box. On this podcast, we’re going to talk about the court system allowing the lawsuit to continue against one of the most proliferated companies who continue to claim they don’t do anything wrong and their software that is used by law enforcement to solve crimes. Who is that group? The NSO group out of Israel. We’ll also have news, notes, at least one moron of the podcast, but rumor has it that we have a few, and much more.

---

Morons of the podcast

George Santos has some revelations that has come out and an investigation has since been started.

The blog post in question is right here, and is titled George Santos masterminded 2017 fraud case. It leads to a lengthy read about what the investigations entale although we don’t know what will eventually happen.

If you really want to talk about Morons, the FBI admitted to buying data which really should not be a surprise. We could possibly add Elon Musk apologizing for firing a disabled worker of twitter as well.

This blog post about twitter news covers the fact that the root certificate has now expired and Elon Musk has since fired everyone of alue including the one who has delbt with the Root CA which was internal to the company, so now … they’re screwed.

Don’t forget the Freenom ordeal too. This blog post leads to Krebs on Security talking about this. I also put in some discussion about this too.

Have any other possible morons? Do you disagree on some of these not being complete morons? I completely understand, but we do have at least two of them listed and others may just be complete stories within themselves.

---

Musing

I found this quite interesting in regards to Mastodon VS the rest of the Social Media universe such as Facebook, Twitter, Instagram and Tiktok. It says:

Earle Zwicker: Boosting Ethan Schoonover (ethanschoonover): Stop thinking of Twitter, TikTok, IG, (et al) as social media sites.

They are **Content Refineries.**

Like processed food manufacturers they take user content & extract the most addicting/engaging content. Brains eat it up but in an unhealthy “devour the whole bag of chips” way.

They make hyper-processed social media junk food.

Mastodon is more like a potluck. We’re all bringing dishes. It’s a mess. Kids are running all over. But we are, at least, real people sharing real things.

---

Our topic, the NSO group

Supreme Court clears way for WhatsApp case against NSO Group, opening spyware firm to more lawsuits is the article that comes to us from Cyberscoop. Its going to be a very interesting discussion. We’ll just have to see how it goes.

---

Supporting our podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

The Security box, podcast 134: News, Notes and the landscape as well as our topic: PBKDF2

Welcome to the Security Box, podcast 134. This podcast will not be containing any strong language, we’re getting better at that!

For those who want RSS, here’s a link to the RSS. Its best to be on your device to get the program that understands RSS to run as at least with modern browsers, you may have errors. You may also need to open the context menu and copy the link and paste it elsewhere.

With that said, for those who don’t have RSS, you’re in luck because we have the 117.7mb file for you right here!

Now that we have all of that out of the way, let’s get out our show notes and I hope that you enjoy the program as much as I have bringing it to you!

---

Hello folks, welcome to the Security box, podcast 134. This podcast is going to talk about PBKDF2, an encryption algorithm that is used in certain situations. We’ll also have a moron of the week, maybe two, maybe more! We’ll also dip our toes in the landscape and see what is on other folks minds.

Morons of the podcast

This first one is quite dumb. In fact, when I saw the boost which saw it, I had to title this the way I did. You Stupid F**k … its not going to look good for you now when you get picked up is my blog post on an article coming from a site called news24.com.

Not only is this guy found guilty, you’re going to read that he just chose not to even show up! How dumb can you be?

This second one comes from this blog post about TikTok’s newest challenge. There is some strong language with this post, and from at least two people, it is well warranted. I try not to use strong language in my posts, but this one is definitely beyond repair.

The short of this, for those who may be offended by strong language, is that scammers will stop at nothing to either get their wares out or to cause as much harm as possible. In this latest twist, we have someone going aroudn claiming they can turn loved one’s ashes to a sculpture or even a painting. They claim its free … but it isn’t. The article leads to this Kim Komando article talking about the TikTok Scam. If it isn’t mentioned as part of this segment, which it just may, please feel free to weigh in on this one.

Our topic, PBKDF2

PBKdf2 is one of many encryption types for passwords and the like. Here’s the Wikipedia article on it as we take from the first two sections for now. There are replacements for it and its covered within this article, but we’ll let you look this up later.

Book Selection: Tracers in the dark

I chose my next book. Tracers in the Dark by Andy Greenberg. During the podcast, we’ll check in with folks to see where they are in this … or other books that are on our list. This is my blog post talking about Tracers in the dark if you need it.

I finally got my book review up for If it’s smart, its vulnerable by Mikko Hypponnen. Here’s that blog post if you’re interested to see what I have to say about it.

Supporting our podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

Older Posts »

go to sections menu

---