go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: security news and commentary

Go to Homepage [0], contents or to navigation menu



Microsoft sending email account problems? Better check that URL!

In the following example I’m describing, it leads to a web site which I do not want you to visit.

I’ve gotten now a second email from Microsoft.

Here is the latest one:


Unusual Sign-in activity

We detected something unusual about a recent sign-in to Microsoft account

Sign-in details

Country/region: Unted State
IP address: 107.170.166.118
Platform: Mac OS
Browser: Chrome

Please go your recent activity page to let us know whether or not this was you . If this wasn’t you. we’ll help you secure your account. we’ll trust similar activity in the future.

Review recent activity

The Microsoft Security Essentials
Microsoft Team office Center
all rights reserved © 2020


The view account information leads to http://office365-online.myvnc.com/cutomer/portal/ Don’t go here!

Firefox reports:


Deceptive site ahead

Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.

Advisory provided by Google Safe Browsing.


I was curious, as the email address apparently said or a similar address, but we know that this can’t be the case.

The email does look very authentic, and this is what will get people. As someone who is curious on what the trend is, I only click to look, nothing more. Having Firefox on your side is great, as they may see this and mark it bad as Google does, through their safe browsing feature. Thats awesome, Google!

Make sure to check your links.This email and another one came to us through our contact at menvi.org’s email address.

Here are the headers:


imap://menvi-webmaster%40menvi%:143/fetch%3EUID%3E.INBOX%3E43967
Return-Path: <>
Received: from cp1-benor.nocwest.net
by cp1-benor.nocwest.net with LMTP
id Nbd7Bi3Yh159JwAAIyXCCQ
(envelope-from <>); Fri, 03 Apr 2020 20:43:25 -0400
Return-path: <>
Envelope-to:
Delivery-date: Fri, 03 Apr 2020 20:43:25 -0400
Received: from static.26.106.130.94.clients.your-server.de ([94.130.106.26]:33651 helo=thindra1.info)
by cp1-benor.nocwest.net with esmtp (Exim 4.93)
id 1jKWuB-0002bW-1m
for ; Fri, 03 Apr 2020 20:43:25 -0400
Subject: Microsoft account unusual sign-in activity
From: Microsoft account teamno-reply@microsoft.com
Reply-to: no-reply@microsoft.com
To:
Content-Type: text/html; charset=us-ascii; boundary=CMF8FBR06Z2XNQEBJOR4.1200369.CMF8FBR06Z2XNQEBJOR4


Nice going guys, wanna try something I’ve not seen? Problems with an account that is a forwarder and on the proper server that is working isn’t going to fool me or my team any.

Comments (0)

Zoom is filled with problems, two in Mac and one potential in windows

If Zoom didn’t have enough problems, this article I’m going to link to indicates that you can have problems with the Zoom client for Mac. Zoom Bombing is when someone takes control of your meeting and does stuff that you’re not wanting. to happen. This is more to do with video conferencing and the different sharing aspects, so we may not have anything to worry about.

With the two Mac issues which can happen anywhere, I’m hopeful that the company will address and fix these vulnerabilities as a company in this space should do. The article Zoom’s Privacy Problems Snowball as Two Zero Days Uncovered should be read so you’re aware of it and take the necessary precautions as you see fit.

Comments (0)

Webinar on covid19 from a guy that should be giving this talk

Mikko Hypponen is the chief researcher at F-secure. This is going to be given on the first of April looking like Evening US time. I’m going to attend and see what he has to say. CYBER SECURITY AND COVID-19 is the page, please sign up if you can. I’ll try to tape this for future podcasting.

Comments (0)

Posting on a forum for credit card info: lets teach our kids

I’ve been trying to come up with a way for me to talk about something I saw on a forum, without making it sound like it is one of the worst things you can do.

While it isn’t advisable to be posting questions asking for different types of info, I want to be caucious at the fact that there are people here that may not know better and do something that could harm them.

We’ve all done it, posted something somewhere we shouldn’t have. Its a possibility that I did this, even in my adult years, so I’m going to harp on myself as well as part of this post.

One of the things in today’s internet we need to be aware of are sites called Dark Web sites. Sadly, the Dark Web and the Deep Web can be used interchangeably according to Wikipedia’s lookup on dark web.

Some of the things that can go on in the dark or deep web is credit card selling. Also, tons of personal information is sold in the dark or deep web. With that, what I saw was posted in a forum in the application Dice World, which would be considered the clear web, or the vast majority of the visible Internet.

I’ve talked about Dice World problems before with good news included. The latest bad thing was this post talking about cheating as it relates to games which would include Dice World. We’ve also talked about dice world in our podcasts like podcast 326 and podcast 341 just to name two of them.

I’m not going to talk about this on my podcast, but I want to highlight with this post that the information about asking for information can go on any type of forum or mailing list, and this should not be taken just from the forum on Dice World.

Someone posted on the forum for someone to give them access to a credit card because they could not pay for more space on their icloud. The person in question indicated that they were under the age of 18. I’m not going to mention the age, nor the user name because I do not remember the user name off hand, and the age would not be appropriate to disclose in case it is wrong.

I can tell you that I’ve never seen this type of thing, and responses indicated that people should not give them any information. I was caucious and said that you should only do this with people you trust, not from an open threat such as this.

Mistakes can happen, no matter what the platform is. We’ve talked about software stuff before and now the phishing attacks with the Corona Virus. I’ve also talked about scammers targeting the blind but I don’t feel that this was necessarily the case.

I feel that the report I was given was pretty genuine, this may have been a child. who didn’t know any better, and education is appropriate. If I were able to moderate this, I would educate them about the fact that this is not necessarily a good idea, and that their parent or legal guardian should be responsible for their spending. I know that my stuff is paid for in this way, although I do pay for other things as well.

I’ve made mistakes on mailing lists, and was talked to, so I’m not singling any person out when I say that this person should’ve been blocked. I would definitely hope that once the post was removed by Dice World, immediate communication comensed by Email or messaging through the application to explain that this was not a good thing to do.

We should teach the young, not give them harsh punishments. As it were, the account was created the very day that I saw the post. In part, “I don’t normally do this, but …” and it was followed by the request.

My blog tries to cator to everyone, so if the person effected was to read this, I’d love to talk to you about the Internet so you understand what is happening now especially since things are changing in this world.

Do you know anyone who may be doing this? Do teach them, lets not give them a hard time. They aren’t criminals, yet. Look at the intent and determine whether or not a harsh punishment is necessary.

Comments (0)

What is this? This is another scam … as the domain doesn’t exist?

OK, I saw this in my email. They’re saying that the site listed in the IP unblock request form is not posting how we’re not doing anything to protect our members of the public.

First of all, the sites along my network are open to the public at large, and do not serve any pbulic people coming in to buy, unless I’m unaware of it.

Due to the nature of the issues, if they didn’t receive notice, its because they probably don’t live here in the area?

I know sites are posting notices, but it is not important for general info like any of my sites are to post notices.

Check this out.

On another note, the domain doesn’t exist!


Below is the result of your feedback form. It was submitted by

() on Wednesday, March 18, 2020 at 15:00:47

name: Cassie Buzzard
phone: 077 4527 1363
user: Cassie Buzzard
domain: bccsc.net
how_did_you_get_blocked:
Hello,

I have not received an update regarding measures you’re taking to combat COVID-19. I hope to hear that you are following all recently released guidelines and taking every precaution to protect our community?

Please reference the CDC’s emergency page (https://emergency.cdc.gov) and please consider completing a “Coronavirus Precautions and Pandemic Planning” course (http://pandemicplanning.info).

Without strict measures and an educated community, the virus will increase exponentially throughout the (global) population, as it’s already doing!

Stay safe,
Cassie
other_comments:
Hello,

I have not received an update regarding measures you’re taking to combat COVID-19. I hope to hear that you are following all recently released guidelines and taking every precaution to protect our community?

Please reference the CDC’s emergency page (https://emergency.cdc.gov) and please consider completing a “Coronavirus Precautions and Pandemic Planning” course (http://pandemicplanning.info).

Without strict measures and an educated community, the virus will increase exponentially throughout the (global) population, as it’s already doing!

Stay safe,

Cassie

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36 115Browser/8.6.2
REMOTE_ADDR: 162.245.222.236


Please do not waste my time sending this to this network as clearly its spam. I know the phone number is fake and so is the domain. If there is a place I should be forwarding this, please let me know. This is why the world is scared because of messages through contact forms like mine.

Take this as your notice. I’m not interested in spewing notices that are not welcome, and if my members of my site are interested, they can contact me through my sites and ask specific questions.

Comments (0)

Working from home? Better look at this

AA20-073A: Enterprise VPN Security has been sent to me, and it is a bulletine put out by the government. This document covers the potential for people to work from home because of this unpresented disease that has come across the world. Alert (AA20-073A) Enterprise VPN Security is the article linked here, and it has some great tips if you are concerned.

This does not cover anything from CDC and other things that you can get from other places on how to protect yourself, but this does provide information when it comes to securing yourself while working from home and what Phishers may do to try and steal passwords.

While we continue to learn more about this dangerous virus, lets make sure that the security is not taken along with us.

Comments (0)

IS TLS 1.0 and 1.1 really ready to go?

Livewire says yes, and articles out there have more

The last several days on Livewire have been quite interesting. Last week, I experienced a technical issue which has since been resolved. On top of that, I was notified that the site was upgraded to only work on 1.2 or higher TLS connections. Sans News Bites talks about this in one of their segments and this blog post entitled: It’s the Boot for TLS 1.0 and TLS 1.1 is one post and it comes from Mozilla themselves.

After the technical issues were resolved in live wire, someone recently reported running Windows 8, Firefox, and Jaws 16.

  • Windows 8, to my knowledge is not getting any updates
  • Firefox may be old, and unable to understand the TLS infrastructure
  • Jaws 16 isn’t supported with bug fixes
  • Chrome can’t run on 8

In the next podcast, I talk about Live Wire a little bit, what it is, the basics on the LTN (Livewire Telephone Network) and that while I did have an issue, it was my own doing.

The person behind Live Wire understands the security well, and I believe more sites will be moving toward this aspect. I said this before reading this article, and this is Sans News Bites from February 11, 2020. If I had the chance to read this before that discussion, I’d be more up to date!

Browsers negotiate to the highest common denominator which can mask the presence of less secure connection options. Make sure you’re regularly scanning the encryption settings on your web servers to ensure older, less secure connections are disabled, or monitored and documented where enabled. Monitoring may show the need to support older less secure operating systems and browsers may not be as significant as thought, or worth the risk.

Livewire is the first site to my knowledge to have taken this step, and I believe we’ll have more.

There are other articles around the web that covers this, and I’m running 73 of firefox now and have no trouble with connecting to Livewire since my own technical issue was resolved.

Comments Off on IS TLS 1.0 and 1.1 really ready to go?

Phishlab’s webinar was very informative

Hello folks, i hope you were able to get to today’s webinar from Phishlabs. If you missed it, This blog post had details.

They covered quite a number of things, including some of the scams I’ve seen including the romance scams. This blog post for example covers technical support scams, and as that article covers, it isn’t just your typical scam where you call a number for a problem. The scammer will lock your files, than have you covered by you calling a number to get help.

This blog post talks about how the romance scam talks to other people in the blind community like what has happened to me with various podcast and blog posts on people asking me for gift cards and money.

When I’ve encountered these folks, I told them that I did not have the money, and if they wanted a relationship, calling me would be best so we can see where it goes. None of them ever called!

This blog post was posted when I saw the article on why social media is increasingly abused for Phishing and scam type behavior.

This blog post is a podcast announcement and the podcast can be made available. I believe I talk about one such scammer here and what they were trying to do to me. Millitary people asking for money in itunes gift cards?

I’m sure you can find more if you search for scam on the blog, or scammers. Books talking about scams are emntioned, and much more!

I’d love to get this webinar out to the public, but this is Phishlabs webinar, so time needs to be given to allow people who signed up at first dibs.

I’ll see if I can get a recording of this, as I had, but not sure if the other copy will be the better one to use.

Thanks for reading, and make it a great day!

Comments Off on Phishlab’s webinar was very informative

Scammers hitting the blind, same as my talks earlier

Dice World has been talked about on my podcast as well as it being demoed in various aspects throughout the podcast. I’ve been recently looking at the forums that have now been added, and it looks like the scammers are now targeting the blind.

On podcasts prior, I’ve talked about multiple people who have added me to twitter and have asked for my Hangouts. After getting me on Hangouts, they insist on either having me pay to get them here to see me, asking for gift cards, or even money.

One of these people I said that I couldn’t pay for anything, and that they’re a scammer. They were rude saying that I shouldn’t mess with their business and that their lawyer would contact me. I told them that I would tell them everything, and yet, still no lawyer. Its a business to scam people out of money and try to get people to have a so-called relationship with no voice or video communication?

While I’ve been on dice world for a number of years, it saddens me that the blind community is now being targeted with people who are doing this type of thing. I’ve not encountered them on my own through that platform, but the developer is encouraging players to report this to them by email.

Podcast 289 which is available upon request if you can’t find it through RSS, talks about one such person who followed me on twitter. As someone who has been on the Internet for quite a number of years, before some, I’ve read plenty of articles and even some books about what these people can do. This Blog Post talking about Scam me if you can is one such book, and I’m sure there are others.

Since this is a blog talking about all sorts of things, I want people to know what I’m seeing. If you think that scams like this could happen on a gaming platform like Diceworld, this article talking about employment scams may be a reminder that it isn’t just the above mention we should be talking about or even this tech support article where scammers will go after your hard earned files and even try to have you pay money to supposedly fix the problem they will or have already started.

Think thats all we have to deal with? > Phone Phishing, Data Breaches, and Banking Scams is something else, and you can search this blog for more.

The fact that the scammers, one of whom is changing their name from male to female, is coming over to a platform like Diceworld, means nothing. This is sad! Some of the people on this type of platform don’t know a whole lot about these people, and they can fall for whatever they ask, and question it afterword or even while communicating with them.

This is a sad state of affairs. I’m saddened that these people have nothing else to do with their lives. I think some of these people are very employable and can use their skills for good instead of getting money out of a community that relies on money to survive.

This is not going to go away any time soon, and if you search scam on this blog, you’ll find lot of articles besides the ones I’m linking here in this post. Use your gut. Its there to tell you if something is not right. Follow what it says. There’s a community out there who are bringing it up, and asking questions, and thats great! Keep it up!

If I can be of help, please feel free to reach out. I’m just an email, imessage, phone call, or text message away!

Comments Off on Scammers hitting the blind, same as my talks earlier

Security Now, podcast 750

Security Now, released podcast 750. Twit.tv’s sn page and the RSS for you here.

Below, find the stories talked about.


SN 750: The Crypto CurveBall
?Tuesday, ?January ?21, ?2020, ??6:41:14 PM
This Week’s Stories:

  • iPhones join Android in being a Google account security key.
  • How much “substantive assistance” did Apple provide in the Pensacola investigation?
  • A brand new serious Internet Explorer 0-day
  • Giving Windows an additional Edge
  • FBI says nation-state actors breached a US city government and a US financial entity by exploiting Pulse Secure VPN servers.
  • Critical new Windows Remote Desktop Gateway (RD Gateway) remote code execution vulnerability
  • SQRL for Drupal
  • Microsoft issues security update to fix “CurveBall” vulnerability
    Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Comments Off on Security Now, podcast 750

Use WordPress database? Better update it!

We do not use this plug in on the blog, but saw this article via Twitter called: This WordPress vulnerability could let hackers hijack your entire site and it talks about a plug in called word press database. It allows someone to manage the database, but the vulnerability makes the entire web site disappear if the hacker wanted. Read the entire article on this one, it sounds pretty serious enough.

Comments Off on Use WordPress database? Better update it!

Trend Micro’s January webinar

This month, Trend Micro will go through the predictions of 2020.

• What threats your organization needs to prepare for in the coming year.
• How to pitch your focus towards what issues matter most to you.
• How protections can be put in place to mitigate the risks these predictions may bring.

John Clay will be hosting this, Here’s a link to sign up and just fill in your info. It may have mine, just overwrite it with yours to sign up.

I’ll do my best to tape this webinar and get it out there. I’ve not forgotten the webinar I said I’d cover, it’ll be coming. Hope to have you join me!

Comments Off on Trend Micro’s January webinar

Security Now from last week

I started doing this last year, and now I’ll try again. Here are the notations of Security Now!

Here is their RSS feed and here is the web page if you wish.


SN 749: Windows 7 – R. I. P.
?Tuesday, ?January ?14, ?2020, ??7:18:33 PMGo to full article
This Week’s Stories:

  • Windows 7 support dies today, but 1 in 7 PCs are still running it
  • Cablehaunt- the remote exploit with the catchy logo that works on ALL cable modems
  • US government still wants backdoor access to iPhones
  • CheckRain iPhone jailbreak keeps getting better
  • How Apple scans your photos for evidence of child abuse
  • The sim swapping threat
  • Anatomy/timeline of the exploitation of an unpatched VPN bug
  • And speaking of patching right away… patch your Firefox browser right now!
    Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.


Hope this finds some interest on people.

Comments Off on Security Now from last week

Yahoo forcing random password resets … am I the only one supporting someone having trouble?

This is more of a curiosity thing than anything else, but I have a hunch from what I’m told that this has been going on for a number of years now.

The service AT&T has email service. When we started with this service it was known as SBC Yahoo! Through the years, some have gotten straight att.net addresses although the web site is a dot com for everything else.

In this world, we’ve got many types of people with varying degrees of capability in the technology world. We also know that Yahoo! email has been breached and that came to light three years after the fact.

When you authenticate as an SBC Yahoo! customer using mail, you go to the Yahoo! mail web site.

The authentication is your full email address I.E. which belongs to me. It also asks for your password, which is the account password for that address.

Here’s the problem. I was able to switch the account to a different interface two weeks or so ago. But for awhile now, ATT Yahoo! account holders need to reset their password every two weeks.

My grandmother has had an SBC Yahoo account for a number of years, and has never experienced this until recently. I never experienced it, although I don’t use my SBC address anymore, in favor of my accounts on my domain and my gmail. I understand this has been going on for a couple of years now, and enough is enough! The National Institute of Standards and Technology (NIST) folks changed the guidelines where passwords are not needing to be changed as often, as long as there is not a valid reason for the passwords to be reset.

My grandmother is older than most on this blog, reads facebook, comments on things, plays games, checks email, and does some shopping on amazon for things she needs. Nobody except ATT Yahoo! services have prompted her to change her password.

Here is my hunch based on what I know:

  • passwords may not be as secure as they should
  • company never sent email to my knowledge about said policy
  • too much time was spent on hold trying to get the issue resolved and
  • frustration as to why no email can be accessed and wondering why the account was locked out.

I’ve never seen any of this behavior with any company before. Unless there was a valid reason, I’ve never changed my password, even after all of these breaches. The fact my biological data is potentially out there now, its game over for me! I know this, and I’ve been working hard to make sure I don’t use the same password everywhere and thats why I have Lastpass, the last password you’ll ever need.

I’m thinking that this is targeted because of the potential weakness of the passwords given to me, yet my password may not be all that secure over there anyhow. I’m thinking it may be the same password i use somewhere else.

So ATT, what gives? Why are you making an elderly person who has no knowledge of why and what to do about the issue if you don’t tell them in writing or email or phone?

If this issue persists, I’ll have no choice but to help her either set up a gmail, or even set up an address on the domain purchased for her and hosted through me. Then, I’ll either have to show her that web mail, or set it up through Tunderbird.

For someone who has so much in the way of notifying people and companies, I’m not going to be impressed with having to have her do all of this, and I can hopefully have mail forwarded to the new address in the meantime, but this is enough! Was it the weak passwords? You can check the hashes without knowing the password, and if you notice its weak, reach out! There is no need to make someone change their password every two weaks without probable cause. I know nobody else who is going through this experience, and I’ve not been tipped off to any articles saying there is a problem of this scope.

If anyone else is experiencing this, I’d love to hear from you. Please get in touch!

Comments (2)

Bard express throws errors, fixes in the works

Hello all,

I just saw the following from BARD support today. For those who use the BARD express and have it installed currently, you aren’t effected. Any new users may receive a waring about it being from an unknown publisher.

This is because the certificate expired on December 2nd. NLS is going to precure a new cert and will release an update soon.

Here is the official email notice from NLS directly.


Hello List Subscribers,

The software that certifies BARD Express as “safe to install” expired on Monday, December 2, 2019. The expiration of this certificate does not affect current
users. It does, however, impact patrons who install BARD Express 1.2.4.72 on or after December 2, as they will be warned that the software is from an unknown
publisher. The software is safe to install.

NLS expects to procure a new software certificate in the coming weeks, at which point an update to BARD Express will be released, and users will no longer
receive this warning.

We apologize for any inconvenience.

The BARD Support Team


NLS should be ashamed of themselves letting the cert expire and not replacing it on a timely manner. It is too dangerous today to have software that is not signed as required now. I hope the fix comes sooner than later.

While this is specialized, we have to hold all companies that provide software responsible to fix their software whether its an expiring cert, or if it is a bug that effects functionality.

This can’t be good practice, and NLS is run by the government so I don’t expect any better.

If I hear any news, I’ll be sure to pass it along.

Comments Off on Bard express throws errors, fixes in the works

NCSAM: Have you read Kevin Mitnick’s books?

I’ve read Kevin Mitnick’s books, three out of the 4 are on BARD. Nice to see him writing again!

Recently I got really board and wanted to see what Kevin Mitnick was up to. I then Started this book entitled The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data and I read the first chapter as a free sample. This book is not available on BARD, however, it is available on Bookshare. I decided to buy the book here at Amazon, and when I did, it updated itself with some 2019 notes in regards to the various breaches that have been notable since the beginning of the year.

About the Book

Kevin Mitnick, the world’s most famous hacker, teaches you easy cloaking and countermeasures for citizens and consumers in the age of Big Brother and Big
Data.

Like it or not, your every move is being watched and analyzed. Consumers’ identities are being stolen, and a person’s every step is being tracked and stored.
What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge – and he teaches you “the art of invisibility”.
Mitnick is the world’s most famous – and formerly the most wanted – computer hacker. He has hacked in to some of the country’s most powerful and seemingly
impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded
as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.

In The Art of Invisibility Mitnick provides both online and real-life tactics and inexpensive methods to protect you and your family, in easy step-by-step
instructions. He even talks about more advanced “elite” techniques, which, if used properly, can maximize your privacy. Invisibility isn’t just for superheroes
– privacy is a power you deserve and need in this modern age.

If you’ve never read anything by this hacker turned security professional, then I highly recommend that you start with Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker which is on BARD and is also available on Bookshare. I actually started this book through Learning Ally, formerly Recording for the Blind and Dyslexic.

Abpout the book

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies-and however
fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through
cyberspace, always three steps ahead and labeled unstoppable. But for Kevin, hacking wasn’t just about technological feats-it was an old fashioned confidence
game that required guile and deception to trick the unwitting out of valuable information.

Driven by a powerful urge to accomplish the impossible, Mitnick bypassed security systems and blazed into major organizations including Motorola, Sun Microsystems,
and Pacific Bell. But as the FBI’s net began to tighten, Kevin went on the run, engaging in an increasingly sophisticated cat-and-mouse game that led through
false identities, a host of cities, plenty of close shaves, and to an ultimate showdown with the feds, who would stop at nothing to bring him down.

Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escape and a portrait of a visionary whose creativity, skills, and
persistence forced the authorities to rethink the way they pursued him, inspiring ripples that brought permanent changes in the way people and companies
protect their most sensitive information.

I thoroughly enjoyed this book, and thought I would see if there was anything else. The first book in this article I’m writing now, was not known to me, although it may have been recommended to me through my reading of Scotts book Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home Kindle Edition which I only found here and on Amazon. BARD does not have any of Scott’s books, and with the advancement of hacking, the blind and disabled reader must learn how to protect themselves. These books are not difficult, technical, and with Scotts book, was very short chapters.

In my recommendations after downloading Scotts book, I found something that really caught my eye and I’m also reading as well. How I can read two books at the same time, I don’t know. The book is by Paul R. Wilson. The Art of the Con: How to Think Like a Real Hustler and Avoid Being Scammed 1st Edition, Kindle Edition is the name of the book. This guy, in short chapters, talks about cons and scams that have gone on for many years. Some of these are still successful today!

About the Book

A sucker is still born every minute. In this modern and interconnected world, con-men are lurking everywhere – it’s never been easier for them to dupe
us, take from us, and infiltrate our lives.  

One of the world’s leading and celebrated experts on con-games takes the reader through the history of cons, how they’ve been updated to the modern age,
how they work, how to spot them, and how to protect yourself from being the victim of one.

R. Paul Wilson is a con-man who works for the other side – our side. He has spent a lifetime learning, performing, studying, and teaching about the ins
and outs of the con world in order to open up our eyes to the dangers lurking about us – and to show us how not to get taken. Paul has never made a living
as a con-man, profiting off of marks – he has used his expertise throughout his life to help people avoid cons.

In this fascinating book, Paul takes the reader through the history and developments of the con game, what elements from the past are based on basic human
psychology and have stood the test of time, what has been updated for the modern era and how it’s getting used in the computer age, the structure of how
these cons work, and – most importantly – how to recognize one, protect yourself and your loved ones, and avoid becoming just another sucker.

I’m not sure if this book is available on BARD or Bookshare, but you can look.

About BARD and Bookshare

BARD is the Braille and Audio Reading Download service by the National Library Service in the United States. This service is available to international patrons, but only if they initially live in the United States and are traveling internationally for some reason.

Bookshare is a paid service, although with the NLS partnership, they’re offering free accounts for those of us who have NLS memberships. You can get books in multiple formats including daisy, aduio mp3 (TTS) and braille files.

In this NCSAM month, I’m hoping that these books are a symbol of something that people should read, and get interested in. As I’ve discussed, we can’t do it alone, and the email scams and cons will only trick you if you don’t know what to look for.

Other Books you can find on Bard

I’ve read all of these books, and forgot about the other two. The following are books that BARD has on Kevin Mitnick, that are authored by him. There is one about Kevin’s takedown written by another author, but I’m not going to put that book here.

Note, that for this blog, I’m putting the DB number for reference and nothing else.

  • Ghost in the wires: my adventures as the world’s most wanted hacker DB74947
  • The art of deception: controlling the human element of security DB56450
  • The art of intrusion: the real stories behind the exploits of hackers, intruders, & deceivers DB60593

Have you read the linked books? What about the others not linked but are listed? What have you thought? Please discuss it in the comments! I look forward in reading what you’ve got to say.

Comments Off on NCSAM: Have you read Kevin Mitnick’s books?

NCSAM: scam or not? You Decide

NCSAM: looks like a scam or Phish, can you tell?

Hello folks,

In the following exercise, I’m going to give you the beginning of two forms. One of which came through the IP Unblock form for my customers, and the other that came from MENVI. In both instances, they filled out the bug reporting yes, and the comments section.

Out of curious instincts, I went to the link separately and there is a picture, I didn’t go any further to identify it or anything.

Can you tell if this is a scam?

Below is the result of your feedback form. It was submitted by
(
)
on Saturday, October 19, 2019 at 17:15:48
—————————————————————————
Name: Hellen[BqdeqwhVinejonuQ,2,5]
phone: 82919675993
contact_method: both E-mail and phone
bug: no
additional_bug_info: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

The next one was sent overnight.

Below is the result of your feedback form. It was submitted by
(
)
on Sunday, October 20, 2019 at 03:32:03
—————————————————————————
name: HellenInjex
City_State_Province: Avarua
country: Cook Islands
Phone: 81797884724
contactmethod: Please use both E-mail and telephone to contact me
contact: Please have Jared Rimer: (MENVI webmaster) to contact me
reporting_bug: No, I’m not reporting a bug with the web site at this time
reporting_bug_Yes: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

Both messages look exactly the same. Both are pleading for money, and I believe there are two different bitcoin wallet addresses.

REMOTE_ADDR: 92.63.100.62 is on MENVI’s and REMOTE_ADDR: 188.120.249.122 is on the IP unblock request form.

My hunch is that this is part of the Nigerian 419 scam, begging for money but with a different purpose. The purpose is to help a little girl but now I got curious. As I write this, I ran Jaws picture smart on the photo on the URL. It says:

Caption is a little boy wearing a hat.

I’m unaware of NVDA having a picture smart option, but Jaws now tells me through this technology that it is a boy, not a girl. Very clever they are. The fact they say they want money by a certain time frame before its too late is also a telltale sign of a problem.

This network has a donations page found both on the blog pages and our main web site. In no way are we begging for money on any page, and in no way are we saying to donate by a certain time point.

While we would like people to donate to the network to offset costs of running it, and to help offset the independent artist project of playing independent music from around the world, there is no urgency. I have mentioned it on my shows, and on my show notes, but I don’t make it a habit either. Its just the way it is, and the way it must be so that we do not get flagged as a potential target.

This network also does not solicit any type of donations by email like this even though we’d love to get some money as described above.

I believe the goal of the email is entitled Phishing but it is targeted phishing for money. Its a bate to part with your money, the term of which you could look up and correct me if I’m wrong.

I don’t claim to know the exact terms correctly, because I get confused of what they are, but I know two things.

  • I do not have a bit coin wallet.
  • I do not know how to buy bitcoin, and if I did, I’d be using the money for my own purposes, I.E. buying things, or sending it to paypal for spending later.

I think we can utalize this as a point of learning to show people what types of things are being sent today.

Have you seen these and determined that it was no good? If you’ve been bitten, what did you think of this one that could have made you pause to think … “This can’t be right.”

Lets discuss this!

Comments Off on NCSAM: scam or not? You Decide

Will Apple get hacked more in the future? Business insider says yes

With apples IOS 13, and very successful hacks in to the IOS platform, we’re starting to see Apple being targeted. According to this article from Business Insider entitled A cybersecurity expert explains why we’re likely to see more Apple hacks in the future we’re going to see more hacks toward IOS and Mac devices. Windows is also covered, and rightly so.

While my phone is older, and I’ll be looking to replace it soon, making sure our software is as up to date as possible is now more crucial. This is going to get interesting as we continue to see these types of issues including data breaches in general.

The fact that the article talks about whats app as an entry point, whats app developers need to fix that hole too. Its not all the operating systems fault, whether its windows, mac, ios, android, lynux, or any other operating system out there.

NCSAM

Comments Off on Will Apple get hacked more in the future? Business insider says yes

Alabama got hit with Ransomware, pays ransome

Hello all,

Well, the news this week deals with Alabama getting hit with Ransomware. According to this article entitled Ransomware attacks are insidious. Experts urged healthcare CIOs to invest in proactive security measures to combat the growing threat. Alabama was the target. Unfortunately, Ransomware is not going to be going away, and thats because its a great moneymaker.

I wonder how this type of thing is created to begin with? I’m not saying that I’d send it out and demand money, since my goal of the blog and podcast is to alert you all on whats out there so we can protect myself. We all need money, but we need to do it the right way.

For example, on one of the pages on the blog is a donations button I believe. But if not, thats OK. Money isn’t the object of this podcast, but if you’re interested in donation options, get in touch.

I’m confident when I reminisce about the story one of my buddies told me about one of our own in the blindness field getting targeted with Ransomware. Remember this article entitled ATPC Hit with Ransomware, Does Not Pay where I talked about a textbook case of doing it correctly? We should bring it out and show companies that a company serving the blind community did it correctly, and we should all learn.

Getting back to the article at hand, Security Now covered quite a bit of ransomware this week in their episode for this week. If that show goes in to ransomware mode, whereby they’re covering nothing but ransomware in the news, its going to be the whole entire show. This can’t be a good sign.

Here are the notations from that episode.

  • Ransomware hits schools, hospitals, and hearing aid manufacturers
  • Sodinokibi: the latest advances in Ransomware-as-a-Service
  • Win7 Extended Security Updates are extended
  • A new Nasty 0-Day RCE in vBulletin
  • There’s a new WannaCry in town

As you can see, there are lots of things going on here, and its not going to go away any time soon. The fact that the main topic of this blog is ta;lking about the Alabama case, there is a lot more happening that we should be learning about too, and thats why I find the story of value. This is going to get very interesting.

Comments Off on Alabama got hit with Ransomware, pays ransome

Trend Micro’s next webinar

The title of the next webinar is going to be “What’s Up with Web Threats?” It’ll be held on October 29th at 1 ET 10 PT and I am going to try and make it. If not, a recording will be provided afterword.

Today’s threats are now hitting us hard. Web threats, email threats, telephone calls, and more. Please sign up and learn how you can protect yourself and teach others what they can do afterword. We can do this together.

With the popularity of the web, and everything that is connected to it, there is no surprise it is the second most detected threat within our customer
accounts.

In this month’s threat webinar, I will review the numerous types of web-based threats affecting your employees, such as embedded URLs within emails, malvertisements,
drive-by downloads, and command and control (C&C) servers.

As well, I will be reviewing some best practices you can use to better protect your organization, employees, and web servers from these attacks. Because
when you can prepare for, withstand, and rapidly recover from threats, you’re free to go further and do more.

That’s The Art of Cybersecurity.

I’ll see you there!

Comments Off on Trend Micro’s next webinar

Older Posts »

go to sections menu


navigation menu

go to sections menu