go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu



T-Mobile is not done, now class action suits are coming

Michael in Tennessee sent this article titled How angry T-Mobile subscribers responded to the latest data breach and its time for t-mobile to come up to the plate and tell us the story. While the show notes of this coming podcast has earlier articles, I infdicate we’re still learning more and this lawsuit hopefully will get t-mobile to think about this long and hard.

I’m not sure we’re done, but there are millions of t-mobile customers who will never see any kind of money. Better read this one if you’re a T-Mobile customer. This is only getting started.

Comments (0)

Chaos Ransomware is something to be afraid of

Hello folks,

One of our other topics as part of this coming week’s podcast is talking about the Chaos Ransomware Development kit. In some similarities, it did at one point resemble RYUK, although its early days resembled more of a Trojan than ransomware activity, but now, they’re in line with the ransomware activities.

Trend Micro indicates that there are no victims yet that have been affected, and its already on its fourth iteration.

For the complete details, please read Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications and prepare for a long list of file extensions it can target. Some you may be familiar with, others you won’t. Just know you’ll be in serious trouble if you do get this.

YOur typical file extension like .txt, .htm, .asp, .mp3, .mpeg, .mp4 and many others are listed. Better look at the article, we sent this to the Security Box list already and finally getting a chance to write about some stuff.

Comments (0)

What’s going on with T-Mobile?

Here is the article list which was read in the past week dealing with the recently reported T-Mobile breach.

We’re still in the informative stages, but we’ll be talking about this on the tech podcast known as the security box for this next week.

I talk about some info from several of the below articles, but they are still in the informative stage, as you’ll see from the titles.

Please protect yourself.

Comments (0)

The Security box, podcast 57: the name game of Ransomware Gangs, Windows Update, and CSAM and apple products

Here is the Security box, podcast 57 as a download. Here is our RSS if you need it.

The file size is 115.7mb for those who want to know.

Here are the show notes for this program.


Welcome to the security box, podcast 57. We have three topics for you today, and I hope that you will enjoy them. The first topic for this podcast will be talking about the name game of the ransomware gangs we have out there. The second topic which was totally forgotten is of course Windows Update and what is happening with that operating system. Finally, probably the most contravercial topic we have to date, Apple and how they’re handling the images that people may have that are backed up in to icloud that deal with children and the potential of abusive images of a sexual nature. We will also have news notes and commentary as well, buckle up as you don’t know what’ll happen with these topics! The program may contain adult content, and listener disgression is advised.

Topics

  • Apple says it will refuse gov’t demands to expand photo-scanning beyond CSAM Ars Technica
  • News and Notes from around the landscape

    The following are items that will be linked here and discussed in news notes for this week. There may be items that are not article related that may not be shown here in the notes.

    There may be more, please check out our blog and email list for more. Thanks for reading and listening to our show!


    End of program

    Comments (0)

    Security News ending August 6, 2021

    I’ve been meaning just to blog the This Week in Security News – August 6, 2021 which was last week’s news. I’ve been getting bad at doing this, and I have this past week’s still to go and look at. This is beyond repair and I must get better.

    • Browser Notification Spam Tricks Clicks for Ad Revenue
    • Survey of 3,600 businesses worldwide calls cloud computing an ‘elevated risk’
    • Homeland Security Releases New Cybersecurity Rules
    • Your Facebook Account Was Hacked. Getting Help May Take Weeks — Or $299
    • The First Half of 2021 Cyber Risk Index
    • 14 Top Cybersecurity Trends to Expect at Black Hat Conference
    • Supply Chain Attacks from a Managed Detection and Response Perspective
    • Ransomware Attackers Eying ‘Pure Data-Leakage Model’
    • US Government Agencies Are Failing to Meet Even Basic Cybersecurity Standards

    Above are the article titles, links are in the article I linked to already. Find something of interest you want to have discussed? Bring it up!

    Comments (0)

    Ransomware gangs change names, lots of old names here

    So I’ve been trying to figure out what to write about this very interesting article titled Ransomware Gangs and the Name Game Distraction and I find it difficult.

    While I wrote some stuff from the article in regards to some of the names, it goes back as long as we’ve been covering some of this stuff.

    I may have covered this stuff more in audio, mainly because I didn’t know what to write about them, unless I shared articles. Brian links to tons of stuff, so you’ll want to read it.

    If you’re sighted, you may want to check out the graph. I’d be interested on what the graph is about as its a visual thing. Feel free to send me an email.

    Is the name game all that? Sound off in the comments.

    Comments (0)

    my responce to recent comments and posts

    Hi.
    Well for whatever reason my comments just don’t take and not sure why.
    Also I can’t seem to be able to comment it just wants me to sign in nothing wrong but oh well I have 2 things to comment on.
    1. zoom.
    I have never had issues with zoom and use my google account.
    I like google knowing about my meetings and calendars notifying me, usefull as hell.
    I don’t do many meetings though.
    I have never had a zoom bomb but maybe I was just lucky.
    Zoom is new, but yeah I am in 2 camps about sharing information with google.
    Its actually not that bad, by going on google/amazon/facebook, etc you are sharing information.
    What information were you sharing exactly.
    Email addresses can be easily gotten its after all the main form of communication.
    Addresses and phone numbers while a little harder, well address can be gotten easily enough.
    Phone numbers I am unsure but probably easily enough.
    I’d be concerned if my credit card was being sold or something like that but its hard to get to pissed about whats already in public record.
    Becides we share most of that just by being online.
    The apple things yeah I have read about it but I can’
    ‘t be any judge as even my little country is not as stable as some would like and some of those are on the other side and others are on the other side and I am in the middle.
    Any tech can be used incorectly by anyone.
    Even the most secure can be hacked, have we forgotten about all those breaches in helifax and yahoo?
    At any rate it appears that you would have to hack apple and the databases in question and somehow bypass the human checks so no one notices to actually modify the images.
    Apple aint going to scan all images it would impact on performance and becides I’d doubt they would last long, no company is that stupid even the most corrupt.
    So the only thing is look before you click.
    And if you wana go there, use a vpn and don’t use your phone not that I condone any of this shit of course.

    Comments (0)

    Apple, Images and NCMEC’s work

    There are several articles out there about a new feature coming to IOS 15 and Mac updates in the fall. The updates revolve around images that are known in NCMEC’s database of images that may be inappropriate.

    Each company may have their own solution of how they deal with this problem, but people are at arms about Apple’s solution.

    While I’m not an expert, but yet I am unaware of anyone trying to solve the problem of inappropriate images floating around the Internet and harming people, I think Apple may be on to something.

    Here are the articles, and we’ll talk about this on the Security Box with one of them.

    All of these articles talk about this problem, but I don’t know if we have a solution that could look at solving this. If you were a tech company, what do you think you’d do?

    Comments (1)

    Windows Update is around the corner, here are the articles

    This week is Windows Update, and it is around the corner for our computers. The good news is that we have at least 50 patches to apply if applicable. Both Krebs and Trend have articles on the subject, so read the one you want and get yourself informed.

    Both are detailed and links to various things that may be of interest to you. Read them and apply the patches that are needed for you.

    Thanks for reading!

    Comments (0)

    The Security Box, podcast 56, What’s going on with the lifecycle of a breached database?

    Here is the download of yesterday’s Security Box. It is 145.9mb in size.

    Do you want RSS? Here is the RSS for you.

    I’ll be getting more on the blog later, but for now, here is the show notes with links to today’s topics and the like.


    Welcome to the security box, podcast 56. Two comments will start us off as someone commented on the replay of our show from last week. Both are good comments worth bringing up. Next, we’ve got a topic that might be of interest talking about the lifecycle of a breached database. Next, let’s find out how the government is doing with their Cyber Security. What did the senate report find? Find out in our second topic. We’ll have news notes and commentary as well.

    Topics

    News Notes read from around the landscape

    There is more news, but this is some of what we’ve read throughout the past week. I’ll be blogging some more news, and of course, the list will have plenty more.

    End of program

    Comments (0)

    Zoom to pay $85M for lying about encryption and sending data to Facebook and Google

    How do i get involved in this lawsuit? i’ve used zoom for a year now and it did say that it was end to end encrypted. While I’ve never had problems, I bet others have the same question, but $15 to $25 is not enough on what Zoom did.

    Zoom users to get $15 or $25 each in proposed settlement of class-action lawsuit.

    Source: Zoom to pay $85M for lying about encryption and sending data to Facebook and Google

    Comments (0)

    A US official explains why the White House decided not to ban ransomware payments

    I read this article A US official explains why the White House decided not to ban ransomware payments from Cyberscoop which sparked some discussion on the new Security Box email list. Unfortunately, I think this may be the only way to go, as it does fuel the enterprises to continue.

    I do see the point however that it can drive them more underground, but maybe they’d just do everything in cash with mules and the like. They call them money mules.

    We know that criminal activity is already done in many different ways, but crypto currency only fuels it because the money is untraceable. If we go back to the tracing of it, maybe we can pick up these guys. Problem is that they’re overseas, and they can’t easily do this ransomware thing if they don’t have crypto because other methods can be traced and investigated. That, I think we need.

    Comments (0)

    Sans News Bites for august 6

    Here is the link for Sans News Bites for August 6, 2021. There are several things that are in here, including one in the topic category for the next box. I’m not going to do headlines this time for Sans, but i’ll link it here. What did you find of interest in this newsletter?

    Comments (0)

    Google Play Protect fails Android security tests once more

    Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against.

    Source: Google Play Protect fails Android security tests once more

    This is quite interesting, and one of the headlines from Trend Micro’s news notes for the week.

    Comments (0)

    We’ve not done news notes from Trend Micro in awhile

    We’ve not done news notes from Trend Micro in awhile, and saw this one. Its for July 30th and we see news about Black Matter among other items. Here is the article titled This Week in Security News – July 30, 2021 for your perusal.

    • Threat Actors Exploit Misconfigured Apache Hadoop YARN
    • BlackMatter Ransomware Claims to Be Best of REvil, DarkSide
    • Islands of Telecom: Risks in IT
    • Outlaw Installer for Windows 11 Infected with Malware
    • A Cloud Migration Strategy with Security Embedded
    • Google Play Protect Fails Android Security Tests Once More
    • 5GAA & Global Certification Forum Connect on New Cert
    • Ransomware: These are the Two Most Common Ways Hackers Get Inside Your Network
    • Newark Tech Product Company Reveals 2021 IoT Trends
    • White House Calls on America’s Most Critical Companies to Improve Cyber Defenses
    • New Collaboration with Adobe and MAPP

    I think the article on android and its insecurity of play protect should be a good one. Find something you want to cover? Get in touch!

    Comments (0)

    Hackers got past Windows Hello by tricking a webcam

    Researchers used infrared photos and third-party hardware to best facial-recognition tech.

    Source: Hackers got past Windows Hello by tricking a webcam

    This is a quoted section of a very well-written article that we must look at. I don’t have a web camera on this computer and it doesn’t interest me to get one. With that said, we can’t forget that we have all types of readers here on the blog so this should be shared.

    With Windows 11 coming out this fall, we need to know what it has to offer, and the “hello” option seems like an interesting face id option if it works correctly.

    Even I got IOS to work on my Iphone, and it can be done as a disabled person unless you’re so disabled that it just isn’t practical. We’ll see how this goes.

    Comments (0)

    Another article dealing with government agencies

    Besides the one I blogged about from Ars Technica that Michael sent, I can’t forget Federal agencies are failing to protect sensitive data, Senate report finds is written by Cyberscoop.

    I want people to be able to see all parts of the story in various delemas and writings, and since I published the one, how about the other?

    Depending on which one you read, you can comment on one or both. Both of these are good.

    Comments (0)

    The State Department and 3 other US agencies earn a D for cybersecurity

    Michael sent this our way to the Security Box email list, its quite interesting. Several agencies are C’s and D’s. This is supposed to be government, correct? How about other governments from around the world? How are they like?

    Two years after a damning cybersecurity report, auditors find little has improved.

    Source: The State Department and 3 other US agencies earn a D for cybersecurity

    Comments (0)

    The Security box, podcast 55: Who is Plugwalk Joe? What’s going on with Black Matter? News Notes and commentary

    The The RSS has the program, feel free to subscribe if you wish!

    This is the link to today’s podcast of the Security Box. I hope that you all will enjoy it.

    While there were no calls, I did cover everything I wanted to cover.

    Below, please find the show notes which has links to the various topics and news items.

    Thanks so much for listening!


    Welcome to the security box, podcast 55. On this edition of the podcast we’ve got two Sans News Bites headlines, topics including a very interesting story on someone named “PlugwalkJoe” I.E. Joseph O’Connor, a topic on a new ransomware gang called Black Matter, and we’ve also got several news items including one that isn’t an article but intrigued me when listening to the TWIT network. All of this plus anyone who had questions, comments or took part in the discussion, as podcast 55 gets started.

    Topics

    Here are the topics for today.

    Sans News Bites

    These are the Sans Newsletters that have been read. Links to them are also on the blog.

    News Notes read from the web

    End of program

    Comments (0)

    Here’s something I’ve never seen, selling email addresses in bulk?

    I saw the following email sent to me yesterday. Like I’m going to get an email account from someone like this?


    from: Summa Khatun
    Hi, hope you are safe from corona.

    I am a gmail and yahoo id(large amount) seller with password. Me and my team able to open 5k mail id per day. If you want to buy large number of newly opened or old gmail and yahoo id please response me.

    Thanks


    It is clear your english is not perfect, the English here is broken and not worth my time.

    If you get 5k email per day, than you’ve got problems. While it doesn’t take much to get an Email ID, gmail and Yahoo! addresses are free, you don’t need to buy them. Do you want to try again?

    Comments (0)

    « Newer PostsOlder Posts »

    go to sections menu


    navigation menu

    go to sections menu