go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: security news and commentary

Go to Homepage [0], contents or to navigation menu



The Who’s who directory update its pretty fake now a days but once true

Hello everyone, welcome back to the blog.

Well, the day of finding out what is going on with the who’s who directory now comes to an end.

According to Kim Komando, this particular directory was once prevelent about 30 years ago.

While we don’t know what happened, Kim indicates that something must have happened because now they do want to charge up to $900 which is what I found in my research on this topic when I started getting email myself.

blog post

In the prior blog post, I linked to this AARP article which just seems to be the accurate info which is the basis of my research and confirmation from Kim.

I used to listen to Kim many years ago, and lost track of her when she left Los Angeles. I’m glad that we were able to connect, and the answer I got was precise and seemed to confirm what I’ve seen.

If you get any of these emails, just be skeptable, and don’t hand out info just because it says its a directory.

Thanks Kim, I hope that this is of value to our subscribers as well. You’ve been a great help!

Comments (0)

I’ve been bugged a bit, what is the who’s who directory and is it really real?

Hello everyone, welcome to the puzzle of the day.

I’ve been getting a bunch of email telling me that I’ve gotten an entry in to the whos who directory.

According to this aarp article ‘Who’s Who’ Directory Scams with a subheading of With vanity publishers, fame and honors can cost you a small fortune, we do have something to worry about.

Many many years ago, I was asked about what this was, and the person in question didn’t even respond.

In the recent sample, they’re apparently emailing from a domain called hospitaltests.com and links to some redirect page at whoswhodirectory2021.com which makes it very interesting.

According to the article linked, there may be very legitimate directories published, but some may want to take as much as $900 just to get you published.

I’m curious on whether anyone has gotten picked, filled out the form and what their experience was? Read the article I’ve linked from AARP and let’s discuss.

I’ve reached out to someone to see if they’ve heard of this. When I hear back, I’ll be in touch with any updates.

Comments (0)

Same Scam, different type of delivery method now

This is a typical scam. This is actually sent through my contact form? You’ve got to be kidding me. Who is Mrs. Anna? If Anna is only a first name, I know many anna’s or Anne or any other variation.

I don’t believe I have any family to my immediate knowledge who works for shell-development company.

While the 9.5 million dollars sounds nice, and I’d love to give you a bank account to deposit such an amount in my bank account, I can tell you that this scam is one of those that will have you send some money first before sending such money. That, I wouldn’t do. I believe that they ask for a certain amount, but I don’t honestly remember how this works.

Here is the contact form, as the network received it.


Below is the result of your feedback form. It was submitted by () on Tuesday, March 08, 2022 at 05:36:18

Name: Paco Martinez
phone: 85991688389
contact_method: phone
bug: no
additional_bug_info: I am a solicitor at law. I am the personal attorney to the late Mrs. Anna who used to work with Shell – development company . Hereafter shall be referred to as my client.

On the 29th December 2009, my client, his husband and their three children were involved in a car accident. All occupants of the vehicle unfortunately lost their lives. Since then I have made several enquiries to your embassy to locate any of my clients extended relatives.

After these several unsuccessful attempts, I decided to track his last name over the Internet, to locate any member of his family hence I contacted you.

The finance company where the deceased had an account valued at about 9.5 million euros has issued me a notice to provide the next of kin or have the account confiscated within the next ten official working days.

Sincerely,
Barrister Paco Martinez (Esq)
Tel/Fax: 0034-604-197-938
Reply To:
comment_or_question: I am a solicitor at law. I am the personal attorney to the late Mrs. Anna who used to work with Shell – development company . Hereafter shall be referred to as my client.

On the 29th December 2009, my client, his husband and their three children were involved in a car accident. All occupants of the vehicle unfortunately lost their lives. Since then I have made several enquiries to your embassy to locate any of my clients extended relatives.

After these several unsuccessful attempts, I decided to track his last name over the Internet, to locate any member of his family hence I contacted you.

The finance company where the deceased had an account valued at about 9.5 million euros has issued me a notice to provide the next of kin or have the account confiscated within the next ten official working days.

Sincerely,
Barrister Paco Martinez (Esq)
Tel/Fax: 0034-604-197-938
Reply To:

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
REMOTE_ADDR: 188.126.73.208


Are you kidding me? An account wouldn’t be open for more than 10 years

When dad died, I know it took some time for things to settle down and for things to be closed, but I believe that they’re all closed by now and it has been almost 4 years since that tragic death. I know I have a podcast, but I can’t find it right now. Regardless, he might have seen this too and just deleted it like most people should. What a shame. I’d love this money, but I know its not mine, and I know if I even responded, that I probably wouldn’t see it.

I’d bet they need name, address, phone number, etc. although this one was sent directly through my contact form. How fun. I wonder what the name of this scam is?

According to Abuse IP DB this belongs to GleSYS AB who has an unknown domain name. This is a data center web host according to the lookup.

Also, reports indicate that it is the same report as mine, claiming to be an attorney. I’ll just add mine to the mix. 93 reports from 32 sources.

The country is Sweden.

Comments (0)

Spam that links to a file that is not detected by anyone: file is a zip with excel files in it

I find this interesting. I just got the following in my email tonight.


Below is the result of your feedback form. It was submitted by () on Thursday, February 03, 2022 at 22:33:32

Name: Christa
phone: (08) 8993 0154
contact_method: phone
bug: no
additional_bug_info: Get the entire LinkedIn Now.

https://cutt.ly/EntireLinkedIn
comment_or_question: Get the entire LinkedIn Now.

https://cutt.ly/EntireLinkedIn

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 144.126.217.72


It goes to a stripe page where they will charge you $99 and links to a sample zip file of excel files that are not malicious according to virus total. The file was scanned two months ago, but I call bull on this.

This is interesting that nobody has flagged it. If I opened the excel file, am I going to get bit or am I better off opening it in google docs under their spreadsheets?

I sent the thing to Trend Micro, maybe they’ll be interested in this one. Very interesting.

Comments (0)

I call Spam on this one: telling someone to email to a domain that doesn’t exist among other things

I’ve received one cease and desist article in my entire life, and while I know why, it was something that I didn’t find threatening. It was many years ago and it was in regards to sinulcasting a station I happened to listen to at the time.

This, however, is very suspicious. Asking Siri about the 88 number, it indicates that it is a prefix for Bulgaria.

This guy also puts the same message in both sections of my form, as well as asking if I got his prior email. I didn’t because I don’t even recognize the name. There’s more I’ll talk about, but get a load of the message below.



Below is the result of your feedback form. It was submitted by () on Tuesday, January 18, 2022 at 15:30:59

Name: John Lucas
phone: 88486517526
contact_method: phone
bug: no
additional_bug_info: Greetings, My name is John Lucas, I have been waiting for your response regarding the message I sent you about my late clients investment/assets. Please kindly get back to me because I have received the final notice by the bank regarding his assets If you happen not to receive my previous message, let me know so that I can resend it for you to read and understand the deal in full and what is required of you. Contact me strictly on my E-mail: Kind Regards, Barrister. John Lucas (Esq) Legal Practitioner & Solicitor. SPAIN, UK, SWEDEN, USA & GERMANY Address: Castellon de la Plana 201, 28006, Madrid ? Spain
comment_or_question: Greetings, My name is John Lucas, I have been waiting for your response regarding the message I sent you about my late clients investment/assets. Please kindly get back to me because I have received the final notice by the bank regarding his assets If you happen not to receive my previous message, let me know so that I can resend it for you to read and understand the deal in full and what is required of you. Contact me strictly on my E-mail: Kind Regards, Barrister. John Lucas (Esq) Legal Practitioner & Solicitor. SPAIN, UK, SWEDEN, USA & GERMANY Address: Castellon de la Plana 201, 28006, Madrid ? Spain

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.54
REMOTE_ADDR: 195.246.120.147



Next, this guy puts the text of my form within the body to submit the form to the network. My legit forms don’t have that, I’ve never seen it, so don’t understand why they put that in there.

The IP adress according to abuse IP DB is coming from Sweeden, and the first abuse report matches what I see.

Now, the domain. I went to the web site mentioned., it doesn’t even exist! You can’t send an email to a domain that doesn’t exist! I figured there must be a new business around so figured I’d call them and tell them that someone was using their domain for Spam. But the domain doesn’t even exist.

And, why do they have to put the same message in the bug reporting section of my form when they indicate there’s no bug? That is irritating. Just saying!

Anything else you saw about this that you don’t like? Sound off in the comments or send me an email! Contact info is on the blog, I forget which page its on though. Have a good one!

Comments (0)

A company that has been hacked for 5 years? Is This Crazy?

I thought this story about a routing company being hacked for 5 years was quite crazy, but yet, that’s what it talks about. I know that a breach can take up to 191 days to be discovered, but this hack was from 2016 to 2021 when it was discovered.

My question is, how is this possible?I think this is the first I’ve heard of this.

The article is titled Company that routes SMS for all major US carriers was hacked for five years and our good buddy Michael posted this to our TSB list. This is absolutely crazy and I hope they come out and tell us whether SMS was affected by this hack. People can send anything through SMS, and this is going to get interesting if sensitive info were to be given out or leaked somehow as part of this whole mess. Better check this one out, we all need to watch this one.

Comments (0)

IOS 15 is now released, lots of things to be aware of

AppleVis has a great writeup found by the article title Apple Releases iOS 15 and iPadOS 15; Bringing Focus Modes, Live Text, and Enhancements to Multitasking, Notifications, FaceTime, Safari, Privacy, and More that covers podcasts, blog posts for the blind and deaf blind, as well as Ipad specifics.

I did read the post The Accessibility Bugs Introduced and Resolved in iOS 15 and iPadOS 15 for Blind and Low Vision Users which details the bugs AppleVis knows about that might impact users. The one that might be of concern details the wallet and multiple items and only having access to the first one, but the others may be of concern in the critical section if you use those options.

Under moderate, there are 9 potential issues including Voice Over not speaking apps while in the app switcher. It does it for a couple of them, but more than so many, it has problems. I try only to have two or three open at any given time, but this one does concern me.

If you use a braille display, the 2nd item in the list may be of importance.

Need to edit an alarm? You’ll probably have to delete it and recreate it, says the post. I personally don’t do this often but knowing this is annoying but at least we can work around it. I’ve not used alarms much since the Pandemic, and mine are pretty set anyway.

There are 12 different items under minor that might be of concern for people. I’m not sure what might be of importance to you, I didn’t see anything that might be a problem for me but we’ll see.

There are other bugs that have been reported but have not been seen that is also part of this post.

I’m only seeing this blog post titled What’s New in iOS 15 Accessibility for Blind and DeafBlind Users and as I write my own blog post, I’ll have to give this a perusal to see what is up that might be of value.


The main blog post linked above talks about how to update your IOS device, and I’ll probably do it after all of my meetings for the week conclude. I’d rather be stable on a version that I don’t have to worry about a lot of things while I deal with TSB, PSAC Wednesday night and the board meeting on Thursday.

Comments (0)

Security Now! podcast 836: The Meris Botnet

We are going to talk about this botnet thanks to this article by Krebs On Security called KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” but I did hear the end of this week’s Security Now which I intend to listen to and may have other thoughts put in to the notes for the podcast which I’m now working on.

The description of this program is taken from This GRC Security Now page which you can download the program from.


This week we’re going to note the apparent return of REvil–not nearly as dead and gone as many hoped. We’re going to look at a new and quite worrisome 0-day exploitation of an old Windows IE MHTML component. Even though IE is gone, it’s guts live on in Windows. We’re going to share the not surprising but still interesting results of security impact surveys taken of IT and home workers, after which we’ll examine a fully practical JavaScript based Spectre attack on Chrome. I have bit of closing the loop feedback to share and a surprisingly serious question about the true nature of reality for us to consider. Then we’ll finish out today’s podcast by looking at the evolution of Internet DoS attacks through the years which recently culminated in the largest ever seen, most problematic to block and contain RPS DDoS attack where RPS stands for Requests Per Second.


I urge people to download and listen to this show (57mb) as it may contain news that may be of importance for you. Most importantly, you should listen to the final segment, but I’m not going to hold your hand, so if this interests you, go for it. Enjoy!

Comments (0)

There was an event today, which I did see an email about from apple but didn’t read it. We’ll see if a blog post comes up on it but here’s some news from AppleVis about this important update.

Ahead of tomorrow’s “California streaming” event, Apple has released iOS 14.8, iPadOS 14.8, macOS 11.6, and watchOS 7.6.2. The main changes in these releases are two security updates. Apple has also released a security update for macOS Catalina, however, this has just the one security fix.

Comments (0)

Here’s something I’ve never seen, selling email addresses in bulk?

I saw the following email sent to me yesterday. Like I’m going to get an email account from someone like this?


from: Summa Khatun
Hi, hope you are safe from corona.

I am a gmail and yahoo id(large amount) seller with password. Me and my team able to open 5k mail id per day. If you want to buy large number of newly opened or old gmail and yahoo id please response me.

Thanks


It is clear your english is not perfect, the English here is broken and not worth my time.

If you get 5k email per day, than you’ve got problems. While it doesn’t take much to get an Email ID, gmail and Yahoo! addresses are free, you don’t need to buy them. Do you want to try again?

Comments (0)

We’re now running on full SSL redirect, here’s what I’ve found

Michael in Indiana has asked us why we are not running on “forced redirect to SSL” and I honestly thought that our control panel provider cpanel was to do it for us.

Honestly, I think they’re right, giving us the choice on whether we want it or not. The bad news is that my testing shows that it now comes from my server’s IP when we receive forms now, protecting your IP which may not be a bad thing. I think though it is my provider making a change and not an SSL issue because of the fact that one site is not SSL protected yet.

Searching Google for SSL and redirecting web sites popped up this cpanel video which was very well described by the person who made it. I’ve turned on SSL redirect for MENVI, this site, jaredrimer.net and the mix so far.

Once I fix one of my other domains, I’ll be testing this to determine whether I can still utalize the domain for that purpose, or if I need to include other instructions.

I want to pass this along to people so they are made aware of this in case they don’t already.

Thanks Cpanel for giving us the opportunity on following guidelines that are best practices today. You guys are awesome!

Comments (0)

Don’t Click! This definitely looks like a scam, asking for credit card or payment info

Check this one out. The blog will put the URL as a clickable link, don’t click or press enter on the link.

Are you kidding me? I clicked to look and it asks for a name and payment information such as credit card or debit card. This has got to be a scam. The fact they’re sending it from one of my network’s IP addresses is full of it too. I contacted the provider about it, but they were asking about what code I was running and whether I have captcha which I don’t. I tried to implement one, but it didn’t go far.

Here you all go. Don’t click! They used HTML and the blog will put it in a clickable link.


Below is the result of your feedback form. It was submitted by () on Wednesday, June 09, 2021 at 18:43:35

Name: Marcoplusa
phone: 89457248477
contact_method: both E-mail and phone
bug: no
additional_bug_info: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
Detail: Official bank site/url] Official bank site Official bank site
comment_or_question: You received a money transfer of $ 89.44! PREPAYMENT! To receive funds, go to the payment page
Detail: Official bank site/url] Official bank site Official bank site

submit: Submit comment or question to the Jared Rimer Network

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Edg/83.0.478.37
REMOTE_ADDR: 198.37.123.246

Comments (0)

Let’s talk about Cyber Security … really, let’s talk about it

On Podcast 44, Jennifer was along with a segment on how she almost got taken in the form of Bitcoin.

Here are those notations directly from podcast 44’s show notes.

A true story of a telephone number not to call and why

Jennifer is now along with a very interesting story, with a very interesting twist and yes, it is a true story.

I recently found a video on Ted Talks that was quite interesting, and also is being talked about through those comments on the video. But it was also mentioned by the twitter discussion that I have been having in regards to the Hydra discussion we had last week where I mentioned that I found this video. At the time of this posting, the video is two days old, and I think we do need to talk about it. I’ll be tweeting the link to the person in question once I’m done with this post.

The talk is called Better cybersecurity starts with honesty and accountability and it was given by Nadya Bartol. It is well worth the listen. I’ll be playing this on my next podcast for the box. What do you guys think?

Comments (0)

Post-Mortem report: 986themix.com had an unexpected outage

At roughly 6 PM US Pacific Time, the Jared Rimer Network was called in regards to a web site outage from the person who runs and pays for hosting for 986themix.com. Below, we’ll detail what we found, the steps to resolve the problem, and information on how to contact the network for further questions.

What happened?

We aren’t completely sure what happened. We were getting download requests to the main site and the files were strangely named. The JRN doesn’t understand how this could be the case when the site was visited several days prior by the network in curiosity of something else they saw.

What did you find?

What we found were multiple .htaccess files located on the server.

Apache Configuration: .htaccess

Some of the files were located in user specific directories for podcasts that are hosted on the mix. The link we provide you is to Mozilla’s developer site where they talk about this file in more detail, so please check it out if you’re interested in what these files are and what they can do. Its a very powerful thing, but something that can possibly damage your web site.

The .htaccess files were dated from February 28th to today at 9:36 am. While I don’t understand the .htaccess file in full, what I can tell from each of them was that there was some redirect happening, where I don’t know. Some even had cpanel things in it that had a statement of not deleting those lines.

How many files were found?

I think there were about a half dozen of these files or so with varying similarities of what I described above.All of them had different time stamps however.

What did you do?

After determining that none of us who manage the web site wrote these files, or even have the knowledge of writing said files, I felt it safe on deleting these files as clearly they were redirecting somewhere and causing the browser to download strange files. No web site should ever ask you to download strangely named files. All files being downloaded off the Internet needs to be clearly marked as to what it is and placed on a page or clearly indicated in communication with intended recipients.

Per policies marked by our provider, files may not be left on our server without being linked.. This can be loosely taken though, because if you’re sending a link to a file to someone, you’re sending a link.

After I deleted all of these files, I instructed the owner to change the password to the account, as I thought that it was a possibility that someone got in through the control pannel and uploaded these files through the file management interface.

The site should now be up and operational at this time.

Who should I contact for questions?

Please contact the Jared Rimer Network’s Jared Rimer at 818-921-4976 or text/whats app 804-442-6975. Please use this contact and bug reporting form for email communication.

Thank you for your continued support. We’re as safe as possible under these circumstances. We hope that this doesn’t happen again. If it does, rest assured that the JRN will take the necessary steps to fix the problem quickly and efficiently.

Comments (2)

Perpetrating vaccine hysteria to get people to click

I just got the following via my contact form through jaredrimer.net. I believe I call this false because they are linking to a bunch of google drive links which are not linked here on the blog.

Whoever filled this out filled out both sections of the form with the same information, and the news I’ve heard through Indiana news indicated nothing of these things this perpetrator is trying to portray. I pass this along so if you see something similar in your email, you’re aware of it.

Now, please find below the ruler, the contact form I received. I’ll have more analysis after the ruler that ends the form.


Below is the result of your feedback form. It was submitted by () on Wednesday, May 05, 2021 at 19:37:31

Name: Percy
phone: 03525 95 66 51
contact_method: both E-mail and phone
bug: yes
additional_bug_info: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/1rcMJCIcovq6irpRqG8WH9CfiPvU5StY_?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1Dzpq9Or5YiaC1dCjrZLWLBmEdNOEmJeA?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/185voD3JpfqT0Mv0mK4G_H8T4JJQjzC_h?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/15W69ki3JpKjKcJ12biI9gQke4ggyJMta?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1sPnfAOF7uBTHbRFTBc5T_7mG0MTNrVIS?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/162StvFISP1q_qboiG6DrsuoZJC0uNnvF/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1sdB1F4N8lStj5me8mKYDixse1zdtlbRJ?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/1XrxCzR5H6XF0au3XaxetTSLVEyFnJhGc?usp=sharing

Vax Fake Videos and Deaths:
https://drive.google.com/drive/folders/140SjULX6cP4_qMj2GRor0Nb42UBCt4ad?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man
comment_or_question: Doctors and scientists are trying to understand a troubling new phenomena called virus shedding. Those who have been inoculated with the experimental mRNA vaccines are causing those around them, predominately females, to suffer from some of adverse side effects that those who have been vaccinated are. Women who have been through menopause are once again having monthly periods accompanied by very severe blood clotting and head aches. Others are having still births and experiencing strange bruising on their legs. Those effected are warning others to stay away from the vaccinated. It remains to be seen if other dangerous side effects will also be transferred as well. A whistle blower from a Vaccination Task Force says the doctors on the panel are very concerned about prion diseases showing up in the vaccinated months after taking the jab. Prion Diseases are fatal brain wasting diseases.

For Visual Pictures and Videos on Vax death and side effects see the following links below:

Vax Shedding:

https://drive.google.com/drive/folders/15qhTeGgfxz2wFJNv54lpc3OHRT0OxB8X?usp=sharing

Vax Death and Problems folder:

https://drive.google.com/drive/folders/1USOoIV2jQrXEkqza6_bVQ3OvKA5taP9X?usp=sharing

Vax Misc Death:

https://drive.google.com/drive/folders/16NrE63dTZduOtYMmaS3Ao41s0MmnWv-v?usp=sharing

More Vax Jab Death:

https://drive.google.com/drive/folders/1NyDIkSK1VrD_fbjEB5ohk3nefFcXdUZF?usp=sharing

Vax Death & Illness Pics:

https://drive.google.com/drive/folders/1FjTBIarbl4ACjWnIP5A7e-y0LlhP8LSv?usp=sharing

Mark of the Beast PDF:

https://drive.google.com/file/d/1T7ttih2mx73e1GzMT9ixBxNUqwhjzWhH/view?usp=sharing

Vax PDFs

https://drive.google.com/drive/folders/1vdxr743t8uFzJ4Jw74idY3RqFqmcUcsq?usp=sharing

Vax URLs:

https://drive.google.com/drive/folders/193UIIgV105QH1EEUzLPPjh6ZNihBd9d8?usp=sharing

Vax Fake Videos and Deaths:

https://drive.google.com/drive/folders/10YTwUbW2YZIHgJPOn-xAyusjXi-bVquD?usp=sharing

Revelation 13:16-18 King James Version (KJV)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/42D0C6
REMOTE_ADDR: 77.93.25.153


I know there are some complications that could arrise by the vaccines, but your pharmacist or person giving you the shot will discuss those things. People who have talked to me about what has happened tell me everything from being tired to nnauseousness as side effects. They usually last a day or two from what I’m told, so this is trying to get people to click and possibly get infected.

77.93.25.153 has been reported to abuse IP and is a fixed line service. At this time, there are three reports. All of them deal with hacking attempts. When I report this, I’ll be reporting this as email spam and indicate the potential for false news about the vaccines to scare people to click.

  • ISP JSC Balticom
  • Usage Type Fixed Line ISP
  • Hostname(s) balticom-25-153.balticom.lv
  • Domain Name balticom.lv
  • Country Latvia
  • City Riga, Riga

These can be filled out by anyone anywhere in the world. And also notice the googlemail address. There is no googlemail, it redirects to gmail.

Comments (0)

Turning the Tide: Security Predictions 2021

This video was done by Trend Micro and was quite interesting. This is the first time I’ve seen a video on their predictions for 2021, usually its in writing. This definitely was a very interesting video to watch, and you might find it of value too. If possible, we’ll be playing the video on the Security box for people to listen to and comment. The video lasts 40 minutes, and if you watch it and comment here, let us know if we can air your comments and I’ll be happy to put it together.

Here’s the link to the video.

Comments (0)

IOS and WatchOS have updates

Hi all,

I was perusing Applevis on my telephone last night, and they had a post about IOS and WatchOS updates which cover security things. For full information, please read their post and I hope that this information is of value to you all.

Comments (0)

Be on the lookout, forms now leading to trust web sites for fake web sites

I know it has been awhile since the blog has been touched. I really need to get back in to blogging, and news notes will prove it.

This time, I want to highlight yet another email I got through my contact form over on the main network’s web site, jaredrimer.net.

This contact form is quite interesting as it leads to trust web sites, one of which caught my attention. Reading the email on my phone, I clicked on the second link from within this form because I was curious. The first link I checked out via the computer on my main connection, and the profile was removed. It leads to this page: Action We Take which has a heading on fake reviews.

You may also want to check out this wikipedia page on Country code top-level domain to learn more. Here is the form.


Below is the result of your feedback form. It was submitted by () on Monday, February 15, 2021 at 17:01:54

Name: Mattie
phone: 445 1406
contact_method: both E-mail and phone
bug: no
additional_bug_info: The best fake id maker in the market for over 15 years

read our reviews and testimonials
https://www.trustpilot.com/review/idgod.ch
https://scamadviser.com/check-website/idgod.ch
https://www.sitejabber.com/online-business-review?url=idgod.ch

comment_or_question: The best fake id maker in the market for over 15 years

read our reviews and testimonials
https://www.trustpilot.com/review/idgod.ch
https://scamadviser.com/check-website/idgod.ch
https://www.sitejabber.com/online-business-review?url=idgod.ch


HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 172.94.125.11


According to the IP lookup at abuse IP database it is belonging to purevpn with the company of Secure Internet LLC. It is a Data Center/Web Hosting/Transit . The country is Germany. I’m the first reporter of the IP. As I said, I looked at the first two links and the site in question for fake ID’s is just outright wrong. I would’ve never done this anyhow, but this is just another tactic for people to get you to go over to their site.

Site Jabber looks to only allow people to review, and I went to the site carefully to see what it was about. ID God looks like it has a lot of info about what you should do so they can do their job. So far, from the scam advisor, I’d recomend people to read that since thats all we’ve got.

This is only going to get more interesting.

Comments (0)

White Cane Travel expiring tomorrow? Nobody called me to tell me about it!

I just love these types of forms. In the following example of things really to watch for, I’m going to show you a little bit of information about when my web site white cane travel expires. According to the form, it is to expire later on tonight if no payment for registration is made. I checked with a registration database and it expires in March, which means, I’ll be billed at some point next month. Have you seen anything like this before? Here’s the post for you to see.



I love these types of forms. First of all, its the 22nd of January as I am seeing the following form, and my domain is still active. The registration expiration date for the domain is 2021-03-06 which is March of this year. I’ll be billed next month at some point to renew the domain. This guy didn’t even get anything right as domains just don’t get expired due to non-payment. I have a valid telephone number in the who is directory, which we’ve talked about on the Security Box. I believe it is all hidden now from most people, but I have contact info on the site for those who need it. Check out this contact form i just received on January 22, 2021 as it was sent last night. What fun!


Below is the result of your feedback form. It was submitted by () on Thursday, January 21, 2021 at 21:32:37

name: Joe Miller
phone: +1542384593234
method: Phone
to: Jared Rimer
bug: No
additional_bug_info: Notice#: 491343
Date: 21 Jan 2021

YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY!

YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED WITHIN 24 HOURS

We have not received your payment for the renewal of your domain whitecanetravel.com

We have made several attempts to reach you by phone, to inform you regarding the TERMINATION of your domain whitecanetravel.com

CLICK HERE FOR SECURE ONLINE PAYMENT: hxxps://domainregister.ga

IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED

CLICK HERE FOR SECURE ONLINE PAYMENT: https://domainregister.ga

ACT IMMEDIATELY.

The submission notification whitecanetravel.com will EXPIRE WITHIN 24 HOURS after reception of this email.
comment_or_question: Notice#: 491343
Date: 21 Jan 2021

YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY!

YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED WITHIN 24 HOURS

We have not received your payment for the renewal of your domain whitecanetravel.com

We have made several attempts to reach you by phone, to inform you regarding the TERMINATION of your domain whitecanetravel.com

CLICK HERE FOR SECURE ONLINE PAYMENT: htxxs://domainregister.ga

IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN whitecanetravel.com WILL BE TERMINATED

CLICK HERE FOR SECURE ONLINE PAYMENT: hxxps://domainregister.ga

ACT IMMEDIATELY.

The submission notification whitecanetravel.com will EXPIRE WITHIN 24 HOURS after reception of this email.

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/87.0.4280.141 Safari/537.36
REMOTE_ADDR: 158.51.121.225


The IP: 158.51.121.225 is a data hosting transit IP according to a site I use and found called abuse IP database. I’ll talk about it in a future podcast of some sort.

According to the records, the IP belongs to GlobalTelehost Corp. . the domain listed is gthost.com . They show it in Canada. The IP was reported 20 times with a 32 percent rate of it being spam.

Comments (0)

January Ouch is now available from Sans

I’m going through email and Ouch from Sans is here talking about Securing WIFI. Lots of us are on WIFI, so read the newsletter for this month and see if anything is needing to be done for you.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu