go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: security news and commentary

Go to Homepage [0], contents or to navigation menu



A company that has been hacked for 5 years? Is This Crazy?

I thought this story about a routing company being hacked for 5 years was quite crazy, but yet, that’s what it talks about. I know that a breach can take up to 191 days to be discovered, but this hack was from 2016 to 2021 when it was discovered.

My question is, how is this possible?I think this is the first I’ve heard of this.

The article is titled Company that routes SMS for all major US carriers was hacked for five years and our good buddy Michael posted this to our TSB list. This is absolutely crazy and I hope they come out and tell us whether SMS was affected by this hack. People can send anything through SMS, and this is going to get interesting if sensitive info were to be given out or leaked somehow as part of this whole mess. Better check this one out, we all need to watch this one.

Comments (0)

IOS 15 is now released, lots of things to be aware of

AppleVis has a great writeup found by the article title Apple Releases iOS 15 and iPadOS 15; Bringing Focus Modes, Live Text, and Enhancements to Multitasking, Notifications, FaceTime, Safari, Privacy, and More that covers podcasts, blog posts for the blind and deaf blind, as well as Ipad specifics.

I did read the post The Accessibility Bugs Introduced and Resolved in iOS 15 and iPadOS 15 for Blind and Low Vision Users which details the bugs AppleVis knows about that might impact users. The one that might be of concern details the wallet and multiple items and only having access to the first one, but the others may be of concern in the critical section if you use those options.

Under moderate, there are 9 potential issues including Voice Over not speaking apps while in the app switcher. It does it for a couple of them, but more than so many, it has problems. I try only to have two or three open at any given time, but this one does concern me.

If you use a braille display, the 2nd item in the list may be of importance.

Need to edit an alarm? You’ll probably have to delete it and recreate it, says the post. I personally don’t do this often but knowing this is annoying but at least we can work around it. I’ve not used alarms much since the Pandemic, and mine are pretty set anyway.

There are 12 different items under minor that might be of concern for people. I’m not sure what might be of importance to you, I didn’t see anything that might be a problem for me but we’ll see.

There are other bugs that have been reported but have not been seen that is also part of this post.

I’m only seeing this blog post titled What’s New in iOS 15 Accessibility for Blind and DeafBlind Users and as I write my own blog post, I’ll have to give this a perusal to see what is up that might be of value.


The main blog post linked above talks about how to update your IOS device, and I’ll probably do it after all of my meetings for the week conclude. I’d rather be stable on a version that I don’t have to worry about a lot of things while I deal with TSB, PSAC Wednesday night and the board meeting on Thursday.

Comments (0)

Security Now! podcast 836: The Meris Botnet

We are going to talk about this botnet thanks to this article by Krebs On Security called KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” but I did hear the end of this week’s Security Now which I intend to listen to and may have other thoughts put in to the notes for the podcast which I’m now working on.

The description of this program is taken from This GRC Security Now page which you can download the program from.


This week we’re going to note the apparent return of REvil–not nearly as dead and gone as many hoped. We’re going to look at a new and quite worrisome 0-day exploitation of an old Windows IE MHTML component. Even though IE is gone, it’s guts live on in Windows. We’re going to share the not surprising but still interesting results of security impact surveys taken of IT and home workers, after which we’ll examine a fully practical JavaScript based Spectre attack on Chrome. I have bit of closing the loop feedback to share and a surprisingly serious question about the true nature of reality for us to consider. Then we’ll finish out today’s podcast by looking at the evolution of Internet DoS attacks through the years which recently culminated in the largest ever seen, most problematic to block and contain RPS DDoS attack where RPS stands for Requests Per Second.


I urge people to download and listen to this show (57mb) as it may contain news that may be of importance for you. Most importantly, you should listen to the final segment, but I’m not going to hold your hand, so if this interests you, go for it. Enjoy!

Comments (0)

There was an event today, which I did see an email about from apple but didn’t read it. We’ll see if a blog post comes up on it but here’s some news from AppleVis about this important update.

Ahead of tomorrow’s “California streaming” event, Apple has released iOS 14.8, iPadOS 14.8, macOS 11.6, and watchOS 7.6.2. The main changes in these releases are two security updates. Apple has also released a security update for macOS Catalina, however, this has just the one security fix.

Comments (0)

Here’s something I’ve never seen, selling email addresses in bulk?

I saw the following email sent to me yesterday. Like I’m going to get an email account from someone like this?


from: Summa Khatun
Hi, hope you are safe from corona.

I am a gmail and yahoo id(large amount) seller with password. Me and my team able to open 5k mail id per day. If you want to buy large number of newly opened or old gmail and yahoo id please response me.

Thanks


It is clear your english is not perfect, the English here is broken and not worth my time.

If you get 5k email per day, than you’ve got problems. While it doesn’t take much to get an Email ID, gmail and Yahoo! addresses are free, you don’t need to buy them. Do you want to try again?

Comments (0)

We’re now running on full SSL redirect, here’s what I’ve found

Michael in Indiana has asked us why we are not running on “forced redirect to SSL” and I honestly thought that our control panel provider cpanel was to do it for us.

Honestly, I think they’re right, giving us the choice on whether we want it or not. The bad news is that my testing shows that it now comes from my server’s IP when we receive forms now, protecting your IP which may not be a bad thing. I think though it is my provider making a change and not an SSL issue because of the fact that one site is not SSL protected yet.

Searching Google for SSL and redirecting web sites popped up this cpanel video which was very well described by the person who made it. I’ve turned on SSL redirect for MENVI, this site, jaredrimer.net and the mix so far.

Once I fix one of my other domains, I’ll be testing this to determine whether I can still utalize the domain for that purpose, or if I need to include other instructions.

I want to pass this along to people so they are made aware of this in case they don’t already.

Thanks Cpanel for giving us the opportunity on following guidelines that are best practices today. You guys are awesome!

Comments (0)

Don’t Click! This definitely looks like a scam, asking for credit card or payment info

Check this one out. The blog will put the URL as a clickable link, don’t click or press enter on the link.

Are you kidding me? I clicked to look and it asks for a name and payment information such as credit card or debit card. This has got to be a scam. The fact they’re sending it from one of my network’s IP addresses is full of it too. I contacted the provider about it, but they were asking about what code I was running and whether I have captcha which I don’t. I tried to implement one, but it didn’t go far.

Here you all go. Don’t click! They used HTML and the blog will put it in a clickable link.


Below is the result of your feedback form. It was submitted by () on Wednesday, June 09, 2021 at 18:43:35

Name: Marcoplusa
phone: 89457248477
contact_method: both E-mail and phone
bug: no
additional_bug_info: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
Detail: Official bank site/url] Official bank site Official bank site
comment_or_question: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
Detail: Official bank site/url] Official bank site Official bank site

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Edg/83.0.478.37
REMOTE_ADDR: 198.37.123.246

Comments (0)

Let’s talk about Cyber Security … really, let’s talk about it

On Podcast 44, Jennifer was along with a segment on how she almost got taken in the form of Bitcoin.

Here are those notations directly from podcast 44’s show notes.

A true story of a telephone number not to call and why

Jennifer is now along with a very interesting story, with a very interesting twist and yes, it is a true story.

I recently found a video on Ted Talks that was quite interesting, and also is being talked about through those comments on the video. But it was also mentioned by the twitter discussion that I have been having in regards to the Hydra discussion we had last week where I mentioned that I found this video. At the time of this posting, the video is two days old, and I think we do need to talk about it. I’ll be tweeting the link to the person in question once I’m done with this post.

The talk is called Better cybersecurity starts with honesty and accountability and it was given by Nadya Bartol. It is well worth the listen. I’ll be playing this on my next podcast for the box. What do you guys think?

Comments (0)

Post-Mortem report: 986themix.com had an unexpected outage

At roughly 6 PM US Pacific Time, the Jared Rimer Network was called in regards to a web site outage from the person who runs and pays for hosting for 986themix.com. Below, we’ll detail what we found, the steps to resolve the problem, and information on how to contact the network for further questions.

What happened?

We aren’t completely sure what happened. We were getting download requests to the main site and the files were strangely named. The JRN doesn’t understand how this could be the case when the site was visited several days prior by the network in curiosity of something else they saw.

What did you find?

What we found were multiple .htaccess files located on the server.

Apache Configuration: .htaccess

Some of the files were located in user specific directories for podcasts that are hosted on the mix. The link we provide you is to Mozilla’s developer site where they talk about this file in more detail, so please check it out if you’re interested in what these files are and what they can do. Its a very powerful thing, but something that can possibly damage your web site.

The .htaccess files were dated from February 28th to today at 9:36 am. While I don’t understand the .htaccess file in full, what I can tell from each of them was that there was some redirect happening, where I don’t know. Some even had cpanel things in it that had a statement of not deleting those lines.

How many files were found?

I think there were about a half dozen of these files or so with varying similarities of what I described above.All of them had different time stamps however.

What did you do?

After determining that none of us who manage the web site wrote these files, or even have the knowledge of writing said files, I felt it safe on deleting these files as clearly they were redirecting somewhere and causing the browser to download strange files. No web site should ever ask you to download strangely named files. All files being downloaded off the Internet needs to be clearly marked as to what it is and placed on a page or clearly indicated in communication with intended recipients.

Per policies marked by our provider, files may not be left on our server without being linked.. This can be loosely taken though, because if you’re sending a link to a file to someone, you’re sending a link.

After I deleted all of these files, I instructed the owner to change the password to the account, as I thought that it was a possibility that someone got in through the control pannel and uploaded these files through the file management interface.

The site should now be up and operational at this time.

Who should I contact for questions?

Please contact the Jared Rimer Network’s Jared Rimer at 818-921-4976 or text/whats app 804-442-6975. Please use this contact and bug reporting form for email communication.

Thank you for your continued support. We’re as safe as possible under these circumstances. We hope that this doesn’t happen again. If it does, rest assured that the JRN will take the necessary steps to fix the problem quickly and efficiently.

Comments (2)

Perpetrating vaccine hysteria to get people to click

I just got the following via my contact form through jaredrimer.net. I believe I call this false because they are linking to a bunch of google drive links which are not linked here on the blog.

Whoever filled this out filled out both sections of the form with the same information, and the news I’ve heard through Indiana news indicated nothing of these things this perpetrator is trying to portray. I pass this along so if you see something similar in your email, you’re aware of it.

Now, please find below the ruler, the contact form I received. I’ll have more analysis after the ruler that ends the form.


Below is the result of your feedback form. It was submitted by () on Wednesday, May 05, 2021 at 19:37:31

Name: Percy
phone: 03525 95 66 51
contact_method: both E-mail and phone
bug: yes
additional_bug_info: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/1rcMJCIcovq6irpRqG8WH9CfiPvU5StY_?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1Dzpq9Or5YiaC1dCjrZLWLBmEdNOEmJeA?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/185voD3JpfqT0Mv0mK4G_H8T4JJQjzC_h?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/15W69ki3JpKjKcJ12biI9gQke4ggyJMta?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1sPnfAOF7uBTHbRFTBc5T_7mG0MTNrVIS?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/162StvFISP1q_qboiG6DrsuoZJC0uNnvF/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1sdB1F4N8lStj5me8mKYDixse1zdtlbRJ?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/1XrxCzR5H6XF0au3XaxetTSLVEyFnJhGc?usp=sharing

Vax Fake Videos and Deaths:
https://drive.google.com/drive/folders/140SjULX6cP4_qMj2GRor0Nb42UBCt4ad?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man
comment_or_question: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/15qhTeGgfxz2wFJNv54lpc3OHRT0OxB8X?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1USOoIV2jQrXEkqza6_bVQ3OvKA5taP9X?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/16NrE63dTZduOtYMmaS3Ao41s0MmnWv-v?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/1NyDIkSK1VrD_fbjEB5ohk3nefFcXdUZF?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1FjTBIarbl4ACjWnIP5A7e-y0LlhP8LSv?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/1T7ttih2mx73e1GzMT9ixBxNUqwhjzWhH/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1vdxr743t8uFzJ4Jw74idY3RqFqmcUcsq?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/193UIIgV105QH1EEUzLPPjh6ZNihBd9d8?usp=sharing

Vax Fake Videos and Deaths:

https://drive.google.com/drive/folders/10YTwUbW2YZIHgJPOn-xAyusjXi-bVquD?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/42D0C6
REMOTE_ADDR: 77.93.25.153


I know there are some complications that could arrise by the vaccines, but your pharmacist or person giving you the shot will discuss those things. People who have talked to me about what has happened tell me everything from being tired to nnauseousness as side effects. They usually last a day or two from what I’m told, so this is trying to get people to click and possibly get infected.

77.93.25.153 has been reported to abuse IP and is a fixed line service. At this time, there are three reports. All of them deal with hacking attempts. When I report this, I’ll be reporting this as email spam and indicate the potential for false news about the vaccines to scare people to click.

  • ISP JSC Balticom
  • Usage Type Fixed Line ISP
  • Hostname(s) balticom-25-153.balticom.lv
  • Domain Name balticom.lv
  • Country Latvia
  • City Riga, Riga

These can be filled out by anyone anywhere in the world. And also notice the googlemail address. There is no googlemail, it redirects to gmail.

Comments (0)

Turning the Tide: Security Predictions 2021

This video was done by Trend Micro and was quite interesting. This is the first time I’ve seen a video on their predictions for 2021, usually its in writing. This definitely was a very interesting video to watch, and you might find it of value too. If possible, we’ll be playing the video on the Security box for people to listen to and comment. The video lasts 40 minutes, and if you watch it and comment here, let us know if we can air your comments and I’ll be happy to put it together.

Here’s the link to the video.

Comments (0)

IOS and WatchOS have updates

Hi all,

I was perusing Applevis on my telephone last night, and they had a post about IOS and WatchOS updates which cover security things. For full information, please read their post and I hope that this information is of value to you all.

Comments (0)

Be on the lookout, forms now leading to trust web sites for fake web sites

I know it has been awhile since the blog has been touched. I really need to get back in to blogging, and news notes will prove it.

This time, I want to highlight yet another email I got through my contact form over on the main network’s web site, jaredrimer.net.

This contact form is quite interesting as it leads to trust web sites, one of which caught my attention. Reading the email on my phone, I clicked on the second link from within this form because I was curious. The first link I checked out via the computer on my main connection, and the profile was removed. It leads to this page: Action We Take which has a heading on fake reviews.

You may also want to check out this wikipedia page on Country code top-level domain to learn more. Here is the form.


Below is the result of your feedback form. It was submitted by () on Monday, February 15, 2021 at 17:01:54

Name: Mattie
phone: 445 1406
contact_method: both E-mail and phone
bug: no
additional_bug_info: The best fake id maker in the market for over 15 years

read our reviews and testimonials
https://www.trustpilot.com/review/idgod.ch
https://scamadviser.com/check-website/idgod.ch
https://www.sitejabber.com/online-business-review?url=idgod.ch

comment_or_question: The best fake id maker in the market for over 15 years

read our reviews and testimonials
https://www.trustpilot.com/review/idgod.ch
https://scamadviser.com/check-website/idgod.ch
https://www.sitejabber.com/online-business-review?url=idgod.ch


HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 172.94.125.11


According to the IP lookup at abuse IP database it is belonging to purevpn with the company of Secure Internet LLC. It is a Data Center/Web Hosting/Transit . The country is Germany. I’m the first reporter of the IP. As I said, I looked at the first two links and the site in question for fake ID’s is just outright wrong. I would’ve never done this anyhow, but this is just another tactic for people to get you to go over to their site.

Site Jabber looks to only allow people to review, and I went to the site carefully to see what it was about. ID God looks like it has a lot of info about what you should do so they can do their job. So far, from the scam advisor, I’d recomend people to read that since thats all we’ve got.

This is only going to get more interesting.

Comments (0)

White Cane Travel expiring tomorrow? Nobody called me to tell me about it!

I just love these types of forms. In the following example of things really to watch for, I’m going to show you a little bit of information about when my web site white cane travel expires. According to the form, it is to expire later on tonight if no payment for registration is made. I checked with a registration database and it expires in March, which means, I’ll be billed at some point next month. Have you seen anything like this before? Here’s the post for you to see.



I love these types of forms. First of all, its the 22nd of January as I am seeing the following form, and my domain is still active. The registration expiration date for the domain is 2021-03-06 which is March of this year. I’ll be billed next month at some point to renew the domain. This guy didn’t even get anything right as domains just don’t get expired due to non-payment. I have a valid telephone number in the who is directory, which we’ve talked about on the Security Box. I believe it is all hidden now from most people, but I have contact info on the site for those who need it. Check out this contact form i just received on January 22, 2021 as it was sent last night. What fun!


Below is the result of your feedback form. It was submitted by () on Thursday, January 21, 2021 at 21:32:37

name: Joe Miller
phone: +1542384593234
method: Phone
to: Jared Rimer
bug: No
additional_bug_info: Notice#: 491343
Date: 21 Jan 2021

YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY!

YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED WITHIN 24 HOURS

We have not received your payment for the renewal of your domain whitecanetravel.com

We have made several attempts to reach you by phone, to inform you regarding the TERMINATION of your domain whitecanetravel.com

CLICK HERE FOR SECURE ONLINE PAYMENT: hxxps://domainregister.ga

IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED

CLICK HERE FOR SECURE ONLINE PAYMENT: https://domainregister.ga

ACT IMMEDIATELY.

The submission notification whitecanetravel.com will EXPIRE WITHIN 24 HOURS after reception of this email.
comment_or_question: Notice#: 491343
Date: 21 Jan 2021

YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY!

YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED WITHIN 24 HOURS

We have not received your payment for the renewal of your domain whitecanetravel.com

We have made several attempts to reach you by phone, to inform you regarding the TERMINATION of your domain whitecanetravel.com

CLICK HERE FOR SECURE ONLINE PAYMENT: htxxs://domainregister.ga

IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED

CLICK HERE FOR SECURE ONLINE PAYMENT: hxxps://domainregister.ga

ACT IMMEDIATELY.

The submission notification whitecanetravel.com will EXPIRE WITHIN 24 HOURS after reception of this email.

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/87.0.4280.141 Safari/537.36
REMOTE_ADDR: 158.51.121.225


The IP: 158.51.121.225 is a data hosting transit IP according to a site I use and found called abuse IP database. I’ll talk about it in a future podcast of some sort.

According to the records, the IP belongs to GlobalTelehost Corp. . the domain listed is gthost.com . They show it in Canada. The IP was reported 20 times with a 32 percent rate of it being spam.

Comments (0)

January Ouch is now available from Sans

I’m going through email and Ouch from Sans is here talking about Securing WIFI. Lots of us are on WIFI, so read the newsletter for this month and see if anything is needing to be done for you.

Comments (0)

Security post-mortem report: CustomTumblers.us

The following report has been submitted to my main live journal, the journal to the blog and this blog. The network wants to be transparent in the security of our sites, and we were made of a potential issue which turns out to be a false report, but one which we looked in to. Below, please find the report, and please contact the network with further questions using the contact information at the end of the report.


On December 21, 2020: an email caught my attention that sounded a little alarming.

The email said:

Hi Jared. Can you please check and make sure I have a valid certificate for customtumblers.us.

I signed up for a free thing that can help me with things to know on my website and it says I don’t. It says I have no valid security certificate. I don’t know how to look.

Thank you

I’ve removed the name of the customer to protect their identity, and I promptly responded to the customer. I advised them that certificates for the domain in question were installed, how to access the area in question, told them to take a look and have them report back to me.

At 8:40 am, I got the following question:

Ok thank you. Are you also saying they are installed?

The short answer is yes. The control panel in question looks for new domains and gets what is called a domain validated certificate and installs that. At 10:01, the customer wrote:

It’s there.  I’ll write back to the company and see what they say.  Weird!

There was a little more discussion with a question on who the provider was that was recently installed. Earlier this afternoon, I was advised that the provider service is DIIB which has services for search engine optimization, web site analysis, works with over 100 different platforms including wordpress, shopify, and more as well as a scanner to scan web sites for security alerts. It looks to have a free plan for one site, but the professional plan is $30 and allows you to have 30 web sites monitored.

In no way is the Jared Rimer Network blaming DIIB for this mistake, I bet it can happen to anyone. I’m hoping that the issue will be promptly resolved and that the network and this web site and other sites that belong to it are as covered as they can be in today’s environment.

Should you have any questions about any of the sites, please go to the Jared Rimer Network web site and fill out a form and ask questions.

While the report given by the provider here was negative, I bet this isn’t the first one, and it won’t be the last. I’m glad that the customer here reached out to verify things were as secure as possible, just in case.

This domain did have some issues to start with, but were resolved within a week after being created. We set up the account July 24th of this year. The Jared Rimer Network does not believe the account is in any jeopardy.

Contact:
Jared Rimer
The Jared Rimer Network
Contact: 804-442-6975 for voice and text
Email: Please use the contact form on the web site
imessage: please use the tech address for the tech podcast tech at menvi.org (remove spaces and add appropriate punctuation)

Comments (0)

Here we go with another fakery of scare tactic

I saw the following on my phone yesterday. These types of emails I’ve seen before, and I’m still here. They’re trying to scare you in to paying moneyy and as far as I’m concerned, this network is safe.

On top of this, they fill out both portions of the form with the same thing, and my web site has been stable since I fixed all the bugs after developing it in 2008.


Below is the result of your feedback form. It was submitted by () on Tuesday, November 24, 2020 at 21:50:32
—————————————————————————
Name: JimmyCom
phone: 86266635738
contact_method: phone
bug: no
additional_bug_info: Your reputation and business are at stake!

We on your behalf in the message your website address jaredrimer.net and your contact information (including in social. Networks and messengers) will send:

+ on 15,897,318 sites, threats with insults to site owners, US residents, Europeans, LGBT and BLM.

+ 790,000 messages to bloggers with threats and insults

+ 2 367 896 public figures and politicians (from the USA and Europe) with threats and insults

+ 70,000 negative reviews about you and your website jaredrimer.net

+ 23 467 849 contact forms of sites with threats and insults

+ 150,000 emails messages to people with disabilities with threats and insults, many of them will definitely sue you

+ 57000 emails of messages to veterans with threats and insults, FOR THIS YOU WILL BE EXACTLY SITTED

Following from all of the above, you will get a lot of losses:

+ an abuse from spam house, amazon and many webmasters (for spam, insults and threats) will come to your site jaredrimer.net, as a result, your domain will be banned and blacklisted

+ people will sue you because you threatened and humiliated them

+ in court you will not prove anything, everything will look as if you did it all, MOST YOU WILL GO TO PRISON

+ internet will be inundated with negative reviews about you and your website jaredrimer.net

+ threats and reprisals from BLM and LGBT community members, in fact, these are dangerous community guys

Total: you will lose your business, all your money, you will spend on lawyers and compensation for court decisions, you will go to jail, your life will turn to hell …

We already have everything ready to launch all of the above, but we decided to give you a chance to avoid all this, you can buy off a small amount of money.

Make a payment, transfer 0.39 Bitcoins to this address

1JDYfBMP3vg8TcuFuwSHc1Wop3rREqupC4

We are waiting for the transfer from you until November 27, on Saturday November 28, if payment does not come from you, we will begin to destroy your business and you along with it.
comment_or_question: Your reputation and business are at stake!

We on your behalf in the message your website address jaredrimer.net and your contact information (including in social. Networks and messengers) will send:

+ on 15,897,318 sites, threats with insults to site owners, US residents, Europeans, LGBT and BLM.

+ 790,000 messages to bloggers with threats and insults

+ 2 367 896 public figures and politicians (from the USA and Europe) with threats and insults

+ 70,000 negative reviews about you and your website jaredrimer.net

+ 23 467 849 contact forms of sites with threats and insults

+ 150,000 emails messages to people with disabilities with threats and insults, many of them will definitely sue you

+ 57000 emails of messages to veterans with threats and insults, FOR THIS YOU WILL BE EXACTLY SITTED

Following from all of the above, you will get a lot of losses:

+ an abuse from spam house, amazon and many webmasters (for spam, insults and threats) will come to your site jaredrimer.net, as a result, your domain will be banned and blacklisted

+ people will sue you because you threatened and humiliated them

+ in court you will not prove anything, everything will look as if you did it all, MOST YOU WILL GO TO PRISON

+ internet will be inundated with negative reviews about you and your website jaredrimer.net

+ threats and reprisals from BLM and LGBT community members, in fact, these are dangerous community guys

Total: you will lose your business, all your money, you will spend on lawyers and compensation for court decisions, you will go to jail, your life will turn to hell …

We already have everything ready to launch all of the above, but we decided to give you a chance to avoid all this, you can buy off a small amount of money.

Make a payment, transfer 0.39 Bitcoins to this address

1JDYfBMP3vg8TcuFuwSHc1Wop3rREqupC4

We are waiting for the transfer from you until November 27, on Saturday November 28, if payment does not come from you, we will begin to destroy your business and you along with it.
submit: Submit comment or question to the Jared Rimer Network
—————————————————————————

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
REMOTE_ADDR: 188.126.94.179


The IP belongs to an ISP, why are ISP’s allowing things like this to look like they’re coming from them? This is a data center web transit IP, one that should not be visiting any web site. I’ve seen and reported many of these through an abuse web page that tracks these types of things.

According to the reports, it has been reported 92 times and a 100 percent spam risk. So, what is going to happen next? I can surely block the range of IP on my domain, but that isn’t going to solve anything. ISP’s should not be allowed to have their networks being used like this. Take a look at this, and let’s come up with a solution we can present somewhere to fix this. This aught to get interesting.

Comments (0)

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

Malware can easily exploit the feature and send people’s data directly to remote servers, posing a massive privacy and security risk, researchers said.

Source: Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

This is the beginning of a very interesting article. Still need to see what Herbie sent me, and I retweeted this at him. This threat post article covers this very dangerous behavior, and boy, apple is getting slammed for this and I can see why. Let the comments begin on this Apple recent development.

Comments (0)

Look alike domain webinar

Hello folks, I had the pleasure of attending the look alike domain webinar that was hosted by Phishlabs. It was very interesting, and definitely covered quite a bit. As they indicated, not all attacks are going to have look like domains or domains that might mimic your web site or brand.

One of these that didn’t mimic anything except copyright per see was the email host security domain that I talked about last Friday in this blog post titled: Just saw the best email ever … in my inbox … domain is relatively new which talks about this in a spam email through my forms. Just to give you an update on that case, it looks like now that the domain is still registered but shows a blank page. I don’t know what was done, but I do know that the domain is still existing. According to the icann who is look up web page it is still registered and had pointed where I saw it through Ultrahost.

According to the webinar, this type of thing can be used to keep tabs on domains, although I think the presenter forgot that the who is directory doesn’t seem to show anything anymore on address, phone number, and the like. I’ve tested that on my domain and on one I have a who is protection on.

There was a lot more, and I know that they’ll provide a recording. Maybe at some point, I’ll record it and present it on a podcast. Thanks for reading, and we’ll chat soon!

Comments (0)

Just saw the best email ever … in my inbox … domain is relatively new

So I decided to have a little bit of fun today. I got the following email through jaredrimer.net’s contact form.


Below is the result of your feedback form. It was submitted by () on Friday, November 06, 2020 at 10:00:57

Name: WalterGlype
phone: 81976922431
contact_method: both E-mail and phone
bug: no
additional_bug_info: Unusual login details

Country / region: Lagos, Nigeria

IP address: 41.73.224.0

Platform: Windows 10

Browser: Chrome

Click here to check for more detailed activities. http://emailhostsecurity.com/?page_id=26

Failure to update might lead to permanent deactivation of your email account.It looks like they have privacy turned on based on my lookup, because it doesn’t even list a company.


The creation date was November 4, 2020 UTC. It expires in three years. There is a little bit more information listed like where it is pointing, and who registered the domain I.E. Enom, Godaddy, etc. but I am not interested in sharing all of what is listed publicly, you can look that up on your own. I just thought this was quite interesting, a domain claiming to be a host security domain blatently asking for email address and password, and nothing on its web site on who they were. Quite interesting.
comment_or_question: Unusual login details

Country / region: Lagos, Nigeria

IP address: 41.73.224.0

Platform: Windows 10

Browser: Chrome

Click here to check for more detailed activities. http://emailhostsecurity.com/?page_id=26

Failure to update might lead to permanent deactivation of your email account.

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.51
REMOTE_ADDR: 143.244.38.159


When I went to the URL base domain, the page looks to have an image. Nothing more. It also has a supposed copyright C pannel that is linked. When I went to the address in this email, it asked for an email address and a password.

I just decided to have a little fun. I gave them an email address all right, and I even gave them a password. The site said: “Thank you for your trust. You’ll receive an email from us shortly.”

No, I didn’t give them anything on my domains, in fact, they won’t be finding me where I sent them.

Updated 11:25 am PT to clean up slight errors.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu