go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: podcast announcements

Go to Homepage [0], contents or to navigation menu



The Security box, podcast 53: Better Get Your Windows Update on … especially if you print

Hello folks,

This is the link to podcast 53 for you to freely download. While we had trouble with what I thought would be a simple process of merging calls, but Skype broke it. It is 184.1mb in size.

Here are the show notes for this week’s program.


Hello everyone, welcome to the security box, podcast 53. On this edition, we’ll be talking about some of the things that articles talk about in regards to Windows Update that came out the week of July 16, 2021. Seems like we had good success with last week where we opened the phone lines for others to participate in an open forum, so we’ll do that again and see what happens and if people participate or not. You can always comment after the fact by calling our voice mail line at 602-887-5198 and letting me know you want your comments aired. We’ll also have some news notes and maybe a discussion on those as well.

Windows Update

Here are the articles that deal with Windows Update. One is by Trend Micro and one is done by Brian Krebs from Krebs on Security.

Sans News bites

News Notes from around the web

>


Thanks so much for checking out the program, and we’ll make it work. Its all a learning curve, and we all learn how this works. Thanks again for checking out the program! We’ll see what next week’s program brings.

Comments (0)

The Security box, podcast 52: The Security of our Water Supply, news notes and a very interesting robery story to boot

Hello folks,

I don’t have a link to one of the best interesting articles I’ve found to date in a news story heard on Michael in Indiana’s local news, but boy you’ll want to hear that. We talk about the water supply hacks and go in to password managers and other topics as Michael in Tennessee joins me.

Here is the link for this week’s program. The file size is 153.6mb.

Below, please find the show notes, which include links to the things we’re talking about.


Welcome to the security box, podcast 52. On this podcast, let’s talk about the water supply hacks and the growing threat of them through the help of an interesting article by Last Pass. After that, we’ll see if people partook in an open forum of topics they want to talk about and of course news, notes and highlights from the landscape that have been read.

Topic: The Water Supply and the landscape

News Notes

Below, find links to items that are of interest we’ve read from around the landscape.

Thanks for listening!

Comments (0)

The Security box, podcast 51: Domains and their Security

Hello,

The podcast had some comments, and thats cool. We hope that there will be more comments, and you can use the methods that are given out during the program.

Don’t have RSS? No problem! Download the file (80.1mb) at your convenience.

Below, please find the show notes with links to everything we covered, including some very interesting news notes we’ve come across. Thanks again for listening!


Hello folks, welcome to the security box, podcast 51. On this edition of the program, we continue with Phishlabs and their q1 Phishing and intellegence report talking about Top Level Domains and certificate abuse. Next, Michael in Tennessee sent me an article talking about one email which exposed hundreds of email addresses. We’ll also have news and notes, people can call and comment as usual, and we’ll see where the show takes us.

Topics

News Notes

We hope you enjoy the program!

Comments (0)

The Security box, podcast 50: 62 percent of free services are abused

Hello Folks,

Welcome to another edition of the Security Box. I know, I know, the RSS already got its copy, why haven’t we gotten ours when we can’t access RSS?

Part of it is that I’ve been a bit on the busy side which is good, but that is no excuse. The good news is that it is here, and I’ve got the link for you too.

Don’t fret, this isn’t the only thing I’ve neglected, trust me.

Here is the download link (113.9mb) for you to have.

Here are the links as part of our show notes.


Welcome to the security box, podcast 50. On the big 50th episode, we’ve got quite a bit of news notes to cover this week. Besides that, we’re continuing with Phishlabs and their ongoing rundown of the Q1 Intelligence Report, this time, talking about free tools and their abuse. We hope that users find this of interest like I did. Of course, the lines of communication are always open whether on the show or podcast.

Topic:

Sans News Bites

News Notes

Comments (0)

The Security box, podcast 49: Its time to really! keep your credentials secure, especially office 365 credentials

Hello folks,

The Security Box had a couple of very interesting topics, thanks to Krebs and Phishlabs for the articles where the topics were based from.

There was no news notes, but I’ll be sure to have plenty for next time.

Want to download the show and don’t have RSS? Go ahead and get the file (78mb) right here.

You may also go to the rss feed if you would rather do that.

Below, please find the Show notes for you which includes links to the articles we covered.



Hello folks, welcome to the Security Box. We don’t have news notes this week, however, we have two topics. We hope that news notes returns next week. This means that you, the listeners, might be giving us things you’ve read and your thoughts on it. We’ll see if that comes to pass.

Topics:

We hope you enjoy the show, and thanks so much for listening!

Comments (0)

The Security box, podcast 48: What the hell is going on with Russia’s security practices?

Hello folks, welcome to another podcast of the security box. I’d personally like to thank Michael in Tennessee for coming on our program for this one.

We’ve got quite a lot for you today in this 2 and a half hour podcast, and I hope that you enjoy the program as much as I have bringing it together for you!

Do you not have RSS access and want a copy of the show? No problem! Here is the 134.7mb file for everyone to use as your download.

Below, please find the show notes with links to all of the stories that we have for you today.

Some of the stories we have we did not cover in full for news notes, but some may have been covered on this blog in commentary by me.


Welcome to the Security Box, podcast 48. On this edition of the podcast, we’ve got two topics for you. The first is probably one you can file in the “I can’t believe I read this crap” department, while the second deals with Windows Update and what we had to look forward to there. We’ve got news notes with quite a number of very interesting items, as well as taking your calls, voice messages and stories to boot.

Topics

News and notes from around the landscape

We may have a lot of the things listed here in articles and commentary on the blog. Feel free to check out the articles and have your voice heard.

    Other Articles

    Here are other articles that we’ve read but can’t cover in full in the rundown. All articles are linked.

Thanks so much for listening, and do leave those comments!


Please leave comments via email/imessage/text or call 602-887-5198. Thanks again for all your support!

Again, Download TSB048_2021-06-16.mp3 from SendSpace if you do not have RSS capabilities.

Comments (0)

Security now, podcast 823: TLS may be in trouble and there’s nothing we can do

Just saw the following via Steve Gibson for Security Now.

Steve Gibson, “TCP Confusion Attacks”
Security Now! #823 show notes:
link to notes browser attacks, last week’s June patchfest, TikTok’s “privacy” policy change, the amazing ANOM sting operation, a BitLocker data recovery adventure, and a worrisome “unfixable” attack on TLS! 3 minutes ago, TweetDeck

This can’t be good, we’ll have to see what happens with TLS now.

The show start time is 13:30 PT, but since it is done live at TWIT live it may be delayed but it’ll be today. You can also use this twit live link if you want, both work.

Comments (0)

The Security box, podcast 47: Security is our theme with lots of stuff in regards to it

Download TSB047_2021-06-09.mp3 from SendSpace

Above is the link to today’s program which we started a little earlier than usual to account to taking an appointment today which worked out for me. While we had no comments, that is OK, you’re welcome to contact me any time.The file is 89.1mb.

Here are the show notes for everyone to read, with links to the stuff we covered.

See you next week!


Welcome to the security box, podcast 47. On this podcast, we’re going to talk about Security. A video which I found on Ted Talk’s youtube channel will lead this discussion. We’re also going to talk about an article from Lastpass talking about protecting your business from data breach trends. It talks about something we’ve talked about, supply chain attacks. Speaking of supply chain attacks, Jennifer talks about our top story from our show notes, and we’ll address any concerns from that as well. We’ll have news, notes, questions, comments and more. Want to leave a message by phone? Call 602-887-5198 to do so. Thanks so much for listening!

Topics

News Notes

  • FBI blames REvil gang for JBS ransomware hack as global meat supplier gets back to work Cyberscoop
  • Fujifilm shuts down computer systems following apparent ransomware intrusion Cyberscoop
  • Vulnerability in VMware product has severity rating of 9.8 out of 10 Ars Technica
  • Q1 2021 Threat Trends & Intelligence Report Phishlabs
  • Q1 2021 Threat Trends & Intelligence Report Phishlabs
  • Latvian national charged with writing notorious Trickbot malware
  • Tokyo Olympics organizers’ data swept up in Fujitsu hack: report Cyberscoop
  • SIM swapping victim alleges T-Mobile failed to stop $20,000 cryptocurrency scam Cyberscoop
  • Comments (0)

    Tech podcast 360: The Anatomy of an attack

    Its been some time since we’ve released a tech podcast, but its time.

    Here is the 66.6mb file for you to get if you don’t want rss.

    I hope to bring more podcasts out, I really need to do it. Here are the show notes for you to read.


    The Anatomy of an attack has been around for quite awhile. I think its within the last couple of years, and I think it is quite important now more than ever. I talk about what has happened with our staple of the box, and how it was an inbound call that started it, but thats not traditionally the case. Listen to this hour long webinar and let’s talk.

    Comments (0)

    A rerelease of podcast 43 show notes

    I meant to do this awhile ago, but I found an error where Sans News Bites included all of the rest of the news. I intended to have multiple covered, but put news in the wrong place.

    This is what I intended to do with the notes. Search the blog for podcast 43 of the security box for a downloadable link or go to the rss feed to get your copy.

    Here are the corrected notes.


    Welcome to the Security box, podcast 43. On this edition of the podcast, we’ve got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We’ll have news, notes, your questions comments and any catch up from any older podcasts.

    Topics

    >

    Sans News Bites

    Other News

    We hope you enjoy the program as much as we have bringing it together for you. See you next week!

    Comments (0)

    A rerelease of podcast 41’s show notes for the security box

    Hello folks,

    For some reason, I’ve decided to go through podcasts and finding slight errors in the show notes. This time, I found it in news notes where I didn’t put the proper list tag on one of the items.

    If you need a link to download, you can search the blog, or go to the rss feed to pick up a copy.

    Here are those corrected show notes.


    Welcome to the Security Box, podcast 41. On this edition of the podcast, we’re going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We’ll have news, notes and more.

    Topics:

    Both of these articles are from Krebs on Security and while they’re a bit old, you can’t deny that it is worth talking about. Company aught to be ashamed of themselves.

    A bit of sad news:

    🙁 Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years.
    Security Now! researchers know of Dan’s discovery of a critical weakness in the DNS servers at the time.
    He will be missed.

    News Notes

    Comments (0)

    The Technology podcast series presents: The security box podcast 46

    Podcast 46 includes a webinar from Sans I didn’t mention as I did it as part of the live program on the last minute. With that said, I hope you enjoy the program as much as I have bringing it together to you.

    Here is the 146.3mb file for those who want to download it and can’t use RSS to get it.

    Below, please find the show notes, and I hope that you find the program of interest.


    Welcome to podcast 46 of the Security Box. On this podcast, Michael in Indiana is along with an update about a company we talked about in News Notes on podcast 39. We’ve got a topic dealing with a company that has been able to take advantage of the dark marketplace as they dominated this space very quietly since 2018. We’ve got a topic also on Ransomware forcing a major speaker manufacturer you all may be aware of, Bose. We’ll have news, notes, questions, comments and more.

    During the program, it was announced that we would be switching telephone companies. Our new number is 602-887-5198. 623-263-8934 will give you this new number, probably for several days, but no more than that.

    Topics

    News Notes

    Have something to say? Let’s talk! Get in touch. 602-887-5198 or email/imessage/text. The choice is yours.

    Comments (0)

    The Security box, podcast 45: 4 Vulns in Android, Conti in the news double, news notes and more

    Welcome to the Security box, podcast 45. We’ve got the 92.47mb download for everyone to go and get.

    The RSS feed is also updated with this program for those who want it.

    If you’re a paid member of Live Wire, board 974 will have the podcast soon if it isn’t there already. It updates nightly with anything new on the feed.

    After the podcast was completed, Live Wire has made the announcement that we will be moving phone companies, more when I know more. I put a short item in news notes which is found below.


    Topics:

    News and notes from around the landscape


    As stated above, the announcement has been made, we just will wait for further detail before announcing anything publicly. Thanks for your continued support of our work to get good quality security discussion out there for the world to hear. Have a great day!

    Comments (0)

    The Security box, podcast 44: Windows Update, a true story to a listener, Philmore Productions at it again, News Notes and more

    Hello everyone, welcome to the security bocx. I hope you all enjoy the program as much as I have bringing it together for you.

    While we only had one call throughout the program, don’t fear. You can still participate if you wish.

    Here is the 145.04mb file for you to download. The RSS feed should also have the file as well as the entire notations you’ll see below.


    Breaking News! Just before we went to air yesterday, we were notified of something that people should know about when calling Philmore from the outside and participating in bulletin boards. It may or may not be a big deal to you, but it was something we just had to get in, and it was told to us the evening before broadcast day. This is not in the show notes.


    Welcome to the Security box, podcast 44. On this episode of the program, its time to make sure we’re all caught up on Windows Update and what may be important to you. Next, we’ll talk about a task force that hopes to disrupt ransomware payments. We’re not done with Experian yet, and we’ll have a things to ponder on this particular article I read about their API which is apparently disabled for at least one vendor. We’ll also have news, notes, commentary and questions from listeners if any, and yes, even podcast listeners can join the fun. Podcast listeners can dial 623-263-8934 to leave a voice message, just follow the prompts. Email, Imessage, text and whatsapp are all given throughout the show.

    Windows Update

    Windows Update is back, and Microsoft has given us only 54 different patches, but a lot of them are critical. 13 of them were from the ZDI program from Trend Micro.

    Things to ponder

    Looks like Experian is still being talked about. In this Things to Ponder, Experian API Exposed Credit Scores of Most Americans is the article which we’ll be picking apart as your things to ponder.

    A true story of a telephone number not to call and why

    Jennifer is now along with a very interesting story, with a very interesting twist and yes, it is a true story.

    A task force that is out there to disrupt ransomware

    I’m happy to read articles like this one, and I want to talk about it as part of the program. Its not too old, but its something of value to all of us. KrebsOnSecurity has the details. Task Force Seeks to Disrupt Ransomware Payments is the article to read.

    News Notes

    Comments (0)

    The Security box, podcast 43: 2 topics of interest as well as news notes and more

    Welcome to another Security Box program folks, I’m happy I’ve gotten some time to get this to you.

    The program lasts about 104 minutes and you’re welcome to participate as well.

    We’ve got a dial in number right in to my live wire box. Its 623-263-8934. Press the topion to leave a voice message if you wish to do so, or check out any of the programming I’ve got up there.

    Here is the 96.02mb file for you to go and download it if you can’t use the rss feed.

    Here are the show notes for everyone with links to the various topics and news items for this program.


    Welcome to the Security box, podcast 43. On this edition of the podcast, we’ve got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We’ll have news, notes, your questions comments and any catch up from any older podcasts.

    Topics

    >

    Sans News Bites

    We hope you enjoy the program as much as we have bringing it together for you. See you next week!

    Comments (0)

    Podcast catchup: links to podcasts 38-42 of the security box

    Hello,

    since I’ve decided to go ahead and have the podcasts as links, there are podcasts that are not linked.

    I’m going to link them here, feel free to download them!

    We have full show notes for all of the programs, let me know if you need a copy by sending me an email to tech at menvi.org. Thanks for reading, more soon!

    Comments (0)

    The Security box catchup, podcasts 41 and 42 show notes

    Hello all,

    After some technical difficulties and my decision on giving you download links, we’re happy to bring you the backlog of show notes and links to the last two podcasts.

    First, let’s go ahead and get the links out of the way.

    Now, let me bring you the show notes for podcast 41 which was last week’s podcast. Starting with this podcast, we’re only linking to the articles, as my notations are read to assist me in the discussion anyway and has caused problems with the show notes for the main RSS feed.


    Welcome to the Security Box, podcast 41. On this edition of the podcast, we’re going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We’ll have news, notes and more.

    Topics:

    Both of these articles are from Krebs on Security and while they’re a bit old, you can’t deny that it is worth talking about. Company aught to be ashamed of themselves.

    A bit of sad news:

    🙁 Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years.
    Security Now! researchers know of Dan’s discovery of a critical weakness in the DNS servers at the time.
    He will be missed.

    News Notes


    Now, let’s bring you today’s program and its show notes. I’m sure that we’ll have some comments, and I’ll be sure to ge the rss will be updated with today’s program. I hope you enjoy..


    Welcome to the security box, podcast 42. I think I’ve got two very interesting topics. One of these topics is the ongoing saga over at Experian. We know they had a big time breach, but do we really know what else is going on at the company? Brian has the entire details. Finally in the topic department, we know Ransomware has taken a big toll during the pandemic and there is no slowing down in that department. According to Cyberscoop, demands are higher by 43 percent so far in 2021. We’ll talk about it. I’ll also give you some news and notes, although it may be dated. Your questions and comments are always welcome, so please get in touch! I hope you enjoy the program as much as I have putting it together!

    Topics

    We used to put all of the notations within the file, but I’ve decided against that unless people want me to do that. I’ve heard nothing, so I’m reverting back to linking to the articles, and letting people decide on what interests them.

    News Notes

    In another blog post, I’ll link to podcasts 36-current for everyone in a list without any additional show notes. I hope that you guys enjoy, and thanks for listening!

    Comments (0)

    The security box, podcast 40: Windows Update and ransomware in the manufacturing industry

    The RSS has the updated podcast. Due to little download usage, we are not providing any more links for download.

    If you wish to have a downloaded copy and you don’t have RSS, let me know and I’ll upload and have an email sent to you from a service.

    At some point, we will disable all download links by cancelling Sendspace but it will not be done right away.

    Below, please find the show notes for today’s program.


    Welcome to podcast 40 of the Security Box. On this podcast, we’re going to have our main topic that deals with the Windows Updates which you may have been prompted to install. Instead of news notes, I’ll pick a few of the articles and we’ll see what you think about them as I’ll give my thoughts. No full news notes this week, but plenty of content to boot. We hope you enjoy the program, and thanks for listening!

    Topic: Windows Updates for April 2021

    Windows, like a lot of software, gets updated each and every month. This batch for April has a record high for this year, according to Trend Micro’s write up of the patches.

    According to the Trend Micro article, 114 patches were released for April with only 19 classified as critical, 4 were publically known, and one publically exploitable in the wild. 5 Vulnerabilities were submitted through Trend Micro’s Zero Day Initiative program.

    We know that the exchange server fiasco has really caused some headaches over at Microsoft. Exchange was dominated by 16 different problems dealing with RPC or Remote Procedure calls. Out of the 16 critical updates for exchange, the majority (12) were flaws in the RPC runtime. The RPC runtime has to do with programming, and not necessarily having to do with user behavior. There were 15 further vulnerabilities that effected the same runtime, according to Trend Micro.

    If we haven’t had any trouble with exchange before , we do now. Besides the RPC vulnerabilities, 2 additional CVE numbers were designated. They are: CVE-2021-28480
    and CVE-2021-28481. The CVSS score on both of the CVE’s are 9.8.

    Its interesting to note that according to the Trend Micro article, both of the CVE’s were credited to the National Security Agency (NSA) and it suggests that both should be patched as soon as system administrators are able to do it.

    Besides that, if you use the Windows Media Video Decoder, there are two vulnerabilities with it. The CVE numbers for these are: CVE-2021-27095
    and CVE-2021-28315. They could lead to remote execution if a specially crafted video was sent to you and opened.

    Besides these, Trend Micro’s article talks about some important updates which some may want to be aware of. If you use Visual Studio you should look at the Trend Micro article from these show notes, as there are CVE’s for it. For my normal computer users, Visual Studio is used for programming and is not used by the average user.

    Key networking components are also effected. Two of these, CVE-2021-28324 and CVE-2021-28325 effect the SMB component, which affects file sharing.

    There are several affecting the TCP/IP portion of windows, which deals with routing across the Internet. Two of these lead to denial of service problems, and a third leads to information disclosure. The Trend Micro article should be read to see if you need to worry about these as the CVE numbers are given within it.

    Krebs On Security gives highlights and even links to several CVE’s as well as a Microsoft blog post talking about the updates that may affect readers. Both articles are worth the read, especially Trend Micro’s so find the articles and see what is of importance to you.

    Topic: Ransomware hitting the Manufacturing Industry: Victims aren’t coming forward

    The sectors of business are starting to get hit with Ransomware. Ransomware is defined as malware that is intended to lock up a computer and force people to pay money in the form of bitcoin to get their files back. The ransom notes are usually on the screen and instruct the victim where to go to get help and even have support agents available to answer questions such as where to get Bitcoin from a retailer.

    Today’s article was read last week and talked about this now hitting the manufacturing industry. We’ve talked about numerous articles that mentioned how hospitals were affected by ransomware and two or so articles talking about how someone was killed because ransomware affected their care at a hospital and had to be transported some 70 miles away.

    The article, written by Cyberscoop’s Sean Lyngaas, starts out with a true story on how Norsk Hydro had to pay 90 to 110 million dollars because production haulted for weeks as they tried to figure out what was happening. Halvor Molland is the senior vice president of communications for the company, and he had to respond to this incident. Its unfortunate that this occurs, but with everything connected in one network, its not a wonder that they got hit. This company isn’t the only one that has gotten effected by this type of thing, look through the tech blog and find ransom articles. You’ll find story after story on companies getting hit.

    Norsk Hydro did something that nobody has ever done in this industry. They told their story and did it in vivid detail including releasing video interviews and telling their story of what happened. This is probably the first time we’ve actually heard of someone telling their story and we can get a picture of what they did, what they were doing, and how they were going to fix the problem.

    I understand and know that ransomware attacks are mistakes. Someone clicks a link because they believe whatever the email is that they get is real, and that can happen with anybody at any company, big or small.

    Even two years later, this candid reporting by this team at this manufacturing company stands out as ransomware continues to plague industries across the world during this aweful time. The actors have taken advantage of the pandemic like its the last thing they can do before the world blows up.

    You know what’s sad? Cyberscoop tried to contact many different companies that were compromised by Ransomware in the last 2 and a half years. Nearly all either declined or didn’t respond to the inquiry.

    To top it all off, Honeywell, a thermostat company that also endeavors in other things, declined to tell its employees and even us if we are affected by this breach at their facilities since data can be taken through the Internet these days. Honeywell has not said a word to anyone about their potential issue.

    There is more, including news on the Honeywell incident which indicated that they did have a problem but it “wasn’t a big deal.” You can read the article as part of these notes for the entire detail. Let’s open it up, and get uyour thoughts!

    Comments (1)

    The Security box, podcast 39 for April 14, 2021

    Welcome to podcast 39 of the Security Box. Looks like we’ve got commentary from the replay of broadcast 38’s airing. We’ll answer any questions from those comments if any, as well as talk about yet another story I read afterword in regards to Facebook and why it might be a good idea to remove your telephone number or use something like Google or Text Now as your number instead of your primary one. We’ll have news, notes, commentary and more. We hope you enjoy the program as much as I have bringing it to you. Thanks for listening!

    Topic: More on Facebook, why Brian Krebs deleted his Facebook account

    In an article that I read on April 7th, Brian goes in to detail on why he eventually deleted his Facebook account sometime in 2020.

    According to the article, a paragraph says:

    The phone number associated with my late Facebook account (which I deleted in Jan. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 billion active monthly users.

    We know that Facebook has never been trustworthy after any type of incident, and I honestly don’t believe that Mr. Krebs couldn’t be part of the 533 million people affected by the breach. Checking with the site, yours truly isn’t effected either, but I honestly wouldn’t believe it now-a-day especially since news of this is two years old.

    The supposed database has been kicking around the Internet Cybercrime community since Last Summer, according to the article. I’ve never seen any of these databases, and with the massive amounts of databases out there and what they contain, who could confirm every piece of data in it? I like what Have I been Poned and what it is trying to offer, so don’t get me wrong when it says that I’m not in there when I put my mobile number in the site to check.

    We now learn that the database was put up since June 2020 and include names, mobile number, gender, occupation, city, country and marital status. It includes data for 100 different countries and there is a link to a January 2021 twitter post within the article.

    KrebsOnSecurity goes on to talk about what might happen if someone with malicious intent gets ahold of your mobile number. One of the things that could happen is your phone number changing hands, otherwise known as a Sim-swapping attack. This happens because an employee at the store you got service is tricked in to changing the information to the attacker and you don’t find out until you use your phone.

    Brian talks about how it is probably time to remove your number from services like Facebook once verification of the account is complete. I’m almost tempted on doing this myself. There is a very interesting paragraph in which I got interested in. It says:

    Why did KrebsOnSecurity delete its Facebook account early last year? Sure, it might have had something to do with the incessant stream of breaches, leaks and privacy betrayals by Facebook over the years. But what really bothered me were the number of people who felt comfortable sharing extraordinarily sensitive
    information with me on things like Facebook Messenger, all the while expecting that I can vouch for the privacy and security of that message just by virtue of my presence on the platform.

    We can’t vouch for a presence of a sensitive message just because we’re on the platform. I’ve never used Facebook or its messenger client for anything secure anyway, but that paragraph is very important.

    Are You One of the 533M People Who Got Facebooked? is the question and article title we’re talking about in this segment, do read the article.

    News Notes and more

    • According to an article found on April 8th and written the day before, shopify let data go and it isn’t as we would think. According to the article, the California man, Tassilo Heinrich, is charged with identity theft and conspiracy to commit wire fraud; while two people outside the United States, were not charged. These other two were located in Portugal and the Philippines, according to the article. I don’t understand why these two outside of the United States aren’t charged, they received stolen data, and could have had the oppertunity of using it. California man indicted for stealing Shopify customer data is the article do give it a read.
    • Think Ransomware is going away? Not so fast! This time, an article talks about emailing customers of the companies that they hack to tell the customer that they got hacked. The purpose of emailing customers is of course to get the company to pay up, although as we know, that doesn’t necessarily mean anything as ransomware gangs are only in it for the money. Ransom Gangs Emailing Victim Customers for Leverage comes from Krebs on Security and is definitely a good read.
    • I blogged about this article on the tech blog, but it never made it in to news notes from what I can recall. Brian Krebs talked about someone who registered the domain krebonsecurity.top and what they’re using it for. I’ll just quote one of the paragraphs outright, it says: “Let’s just get this out of the way right now: It wasn’t me.” The article talks about the Shadowserver Foundation, who has tracked the exchange server attacks and their progress of getting patched or lack there of. According to the article, David Watson, a director of the Shadow Server Foundation Europe, tracked hundreds of unique variants of backdoors that allow the actors to keep access. What was very interesting to me, was the fact that an executable was called krebsonsecurity.exe and Brian talking about this plus the malicious domain made the article worth blogging. I just didn’t have a chance to put it in to news notes till now. Read No, I Did Not Hack Your MS Exchange Server for all of these very interesting details.
    • So there was a breach of a water utility in 2019. Cyberscoop’s Sean Lyngaas wrote this article on a Kansas man who was indicted because of that breach. Wyatt Travnichek is alleged to have done it, as they claim he logged in to Ellsworth County Rural Water District’s computer system
      in 2019 and it was unauthorized access. This unauthorized access lead to a shutdown of the facility in question. He is also charged with causing damage to a computer system. According to a customer service rep, Angela Naegele, said the issue was not effected in the drinking water supply. There is no word on whether he bypassed any security controls. Kansas man indicted in connection with 2019 hack at water utility is the article, go on and check it out.
    • Finally, in the “I can’t believe i heard this article” department, Michael in Tennessee read this article via arstechnica which really started me thinking about this company’s security posture. The company’s name is Q Link Wireless. They apparently had an app that allowed you to enter any customer telephone number which you had to know. After doing this within their application for IOS and Android, the person could see anything they wanted within the account with “no password required.” According to the article, this company known as a “Mobile Virtual Network Operator,” according to the article. They are based in the state of Florida. It provides government and subsidized phones to people who qualify under the lifeline program. They apparently serve at least 2 million customers, according to the article. I suggest you check jaredtech.help as I have a bunch more to say in regards to this story, suffice it to say, they apparently closed this hole by doing it server-side and no communication with any researcher or anyone who reported this to the company. For full reading of this disaster, I give you: No password required: Mobile carrier exposes data for millions of accounts: Q Link Wireless made data available to anyone who knows a customer’s phone number. is what you need to read. Have fun!

    We hope you enjoy the program as much as I have bringing it together, make it a great day!

    Comments (0)

    The Security box, podcast 38: Facebook at it again, news, notes and more

    Hello folks,

    The RSS is updated with today’s program that was aired on the Independent artist channel on the mix. Don’t have RSS? Don’t worry! Here is the 100.8mb file.

    Below, please find the entire show notes for all to read. The News Notes section is shorter due to time constraints, but good stuff too.


    Welcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren’t going to do that. Why? It looks like news has gotten about Facebooks’s 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We’ll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program!

    Topic: Has Facebook done it again?

    Michael in Tennessee sent me an article from Phone Scoop, as well as me seeing the article we’ll be taking from, which came from Cyberscoop. It looks like Facebook is really paying for a 2019 breach in which 500 plus million people’s information including phone number were exposed somehow and later patched by Facebook.

    The data, which comes from people from over 100 countries, includes users’ phone numbers, email addresses, full names, birthdates and location, among other
    identifiers, according to Insider, which first “reported the news.”

    The leak, was first reported by Motherboard, according to the article. The only thing that I’m unclear on is the section that talks about the fact that the leak was reported by Motherboard in January.

    The information was made available by paying a Telegram bot a couple of bucks for the details according to the article. According to the article, Facebook removed the ability of searching people by telephone number after the breach. Facebook will be probed by Ireland, and its unclear if the Unnited States will follow suit by the FTC.

    The article goes on on what the actors may do with the information now that the information has been made available for free. The website “have I been poned” has been updated by Mr. Troy Hunt with the information that was made available by the breach.

    For more information and to read the full article, 533 million Facebook users’ personal data leaked online is the article and do read this.

    News Notes for podcast 38

    • Office 365 is no stranger to attack. A Phishlabs article talks about the latest threat. This time, actors can mimic websites by using Google’s API through Google Ads that allow redirects to whatever they want. The issue with this one is that once you log in, they capture your credentials as well as sending you to your account. For complete information, Breaking Down the Latest O365 Phishing Techniques is the article, which will talk about this entire process.
    • Ubiquiti is back in the news. A post by Krebs on Security talks about the latest drama at the company who now has come out saying that there was a problem. After making a change that forced people to log in to their network, they were later told to reset their passwords because of a “third-party cloud provider” may have been breached. There’s more including the very interesting fact that this company should have invalidated all credentials. Ubiquiti All But Confirms Breach Response Iniquity is the article. This is going to get very interesting now.
    • Finally, due to time constraints, I’ve got some good news I want to pass along. Another web boss now has been pleaded and this guy pleaded guilty. This boss was behind selling heroin, firearms and hacking tools. He pleaded guilty on charges of money laundering. Tal Prihar was captured by French authorities. Read Cyberscoop’s article DeepDotWeb boss pleads guilty to laundering millions for more.

    Thanks so much for listening!

    Comments (0)

    Older Posts »

    go to sections menu


    navigation menu

    go to sections menu