go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu



Time to get your M-braille On

After some time away, M-braille is back and working for those of us who like it. I like it because i can hear what I’ve typed. While I’ve used braille screen input, my hands prefer the ease of m-braille and what it has to offer.

I know a lot of people were wondering what was going on, and nobody knew until now. I saw the update to m-braille yesterday in my update list. I’m now using the iphone 11, and it works great on it with the new update and IOS 14.0.1.

I thought i’d take this opportunity of letting people know that it seems to be working now, so go get it and enjoy!

Comments (0)

Yahoo! Groups to close on December 15, 2020

I can’t believe this news, although some of us have used this and Topica for years. Topica closed their free service with no email to us free users, and now they brand themselves as one of the paid options for mail delivery.

Now, I can dispose of my email lists page, as those lsists I was trying to promote for subscribers to join.

Yahoo! has this post on their help pages and I as well as Shaun will be talking about our experiences with these services on a future edition of the technology podcast.

We’re sad that these services have gone, but the sad fact is, that companys need to make money. Providing a free service is nice, but between the abuse through the years, and the decline as the announcement I read had said, it may not be that effective anymore. Topica didn’t let us list owners know, and they monitored that list.

Now, to go to work on that page, i suppose.

Have you used the service? Want to send me a file with your experiences between either service? You can use dropbox, google drive, sendspace, your own web server, or even my sendspace dropbox and I’ll have it played. You can go in to as much or little detail as you wish.

If you put contact info, make sure its something you want to be given out, and if you want to be identified, put in a name you want to be used if you use a name other than your own. You don’t have to even put any contact info or name if you don’t want, the choice is yours.

The page has a question and answer format which pops out and is accessible.

Thanks for reading, and make it a great day.

Comments (0)

Windows Update is now a problem

In this blog post from early September I talk about Windows Defender being able to download files through a specific command. A little over a month later, Shaun Everiss sends me Windows Update can be used in a bad way to execute malicious programs which later links to a Bleeping Computer article. Now what?

Comments (0)

the best antivirus of 2020

Hi.

This appeared from the local news paper.

https://www.stuff.co.nz/technology/300127221/the-best-antivirus-software-of-2020

The main catigries were security, false positives and performance.

Lacking is accessability and in particular the targeting intentionally
or unintentionally of blindness related products.

Of interesting note are the spots at the top.

1.  norton.

The price tag is quite good.

I have not used it for ages but when I did, norton had a stranglehold
around performance and users.

Certainly had a lot of issues with norton anything.

2.  caspersky.

The only comment is that politics and security shouldn’t mix.

If they do then everything we own including our clothes are a threat
because they are made in china.

3.  on the 3rd spot was mcaffee.

Have we forgotton?

Its been only a year or 2 since the last major stuff up from mcafee
where it killed systems, there are major definition screwups, and yet we
still use it.

F secure and avira were in the 4th and 5th spots and had no comment.

Interestingly, avast, and avg were not even mentioned though some still do.

I do wander if the installing on everything plus the microsoft blocking
avast on some systems as addware itself has discouraged it from being on
this list.

Sadly there were a few things not added to the article.

1.  easy to control and exclude stuff you don’t want.

I have a patchwork of excludes, from data drives to entire directories
of blindness and other software.

If the viruschecker says I have a virus, then I am more likely to
exclude it than actually get rid of it especially if its something I use
myself.

The only good thing out of this is that if your a smart user that
follows all the instructions and does not click links microsoft windows
defender is a good choice.

Sadly it is the only accessible non performance draining thing the blind
can use.

It also allows us to clear out of all the issues with excludes though
its false positive scan especially among accessibility software is
really high.

Sadly an added definition needs to be added to the usual definition of
antimalware and security tools and also to malware, viruses and ransomware.

1.  what is a virus.

A virus is a piece of software that is not generally liked by any big
software company even if its usefull.

What is malware.

<Malware is anything not liked by software companies unless you sue or
something.

What is ransomware.

Ransomware is something software companies do to others to get them to
buy their stuff else they will trash the systems which they may do anyway.

Malware can also be a right.

Accessibility is malware, a screenreader is malware, games for the blind
are malware, certain files for windows can also be malware.

How to solve this.

1.  exclude everything you use and leave just the os folders alone.

Antivirus is not your friend.

Looking at mozilla and their language on accessability was the reason I
pushed out of using firefox.

They toned it down a little, but suggesting that accessibility vectors
could be used as malware is not the issue.

Saying that turning off accessability support will protect people means
that people will get the wrong idea that accessability equals compromise.

If this is the issue its mozilla's implimentation surely.

The latest quantom firefox doesn't use standard accessability controls
and just what mozilla uses.

Now some of this may be fine, but to be honest abandoning old, stable
tech because it may be a problem to include new, so called secure and
issue ridden tech that has accessability issues is going to become a
real big issue soon enough.

The only solution for those that need it is to use older, less secure
software, or modified software, or hacked software.

Have we not tried everything or is the industry not willing to learn.

If they are not, then maybe I should use accessible software and pay the
hackers for my data and not have the issues with the good guys.

Judging from support I have got from various support agencies over the
last little bit they either are really good or they aren't.

If they arn't they can turn a broken system with a broken and possibly
buggy bit of software into a completely broken system fixed only with a
complete reformat.

Maybe I can just pay a hacker to secure my system.

Maybe its time to focus on companies that previde for the users because
they are users to and not for a cash gain.

I feel that in our race to beat the bad guys we have become our worst enemy.

Comments (0)

What has been read, blogged, and talked about the last week, news ending October 9, 2020

Quite a bit has been blogged about and even read this week, so let’s get started.


Let’s get started with the News Notes for the week provided by Trend Micro.

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This
week, learn about how cybercriminals secure their assets and survive in the business in a new Trend Micro report. Also, read about a how cybercriminals
are tapping into Amazon’s Prime Day with phishing and malicious websites that are fraudulently using the Amazon brand.

Some of these items I may not have read as of press time, but they may interest you. I think the biggest thing if you read nothing else, is dealing with French companies being attacked by the infamous BEC or Business Email Compromise attack. Are you surprised that Prime Day on Amazon had more Phishing and fraud attacks?

For the full blog post,This Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks


I’ve been pondering this since I read this on the 5th, and I mize well post about it even though it is near the end of the month. We’ve talked on the technology blog and podcast about this Trick Bot, and boy does it have new tricks and it has had new tricks for quite awhile. In this blog post from Krebs on Security, we learn that it had at least at that time, the luxury of being hobbled.

At the time of the article’s writing, Krebs on Security wrote:

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two
million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware
within compromised organizations.

I wonder how successful this has been? I wonder if we are getting closer to finding out who is responsible for this bot and can bring them to justice? Attacks Aimed at Disrupting the Trickbot Botnet is the article.


Back near the end of September, and on the first podcast of October, I mentioned briefly a new multi-staged attack going on. While it is almost a month since I’ve read this, I know that this really should be braught out.

Royal Ripper’s attack begins with a lure that impersonates either a government agency, telecommunications company, or online payments service via text.
In the example below, the initial SMS lure poses as a tax return notice from HM Revenue and Customs.

There are images with this one, and as with all Phishlabs stuff, they really do a great job. https://info.phishlabs.com/blog/royal-ripper-multi-stage-phishing-attack-adapts-to-victim-input is the article and one I’d recommend you look at.


In a recent post, I blogged about an article where video game hackers were taken down. Its about time we get some good news for a change, and I know we can use it after the long year of nothing but bad news. Video Game Havkers getting picked up is the article although it should say hackers. Its all good.


NCSAM is not even close to being done. I penned an article talking about passwords recently. It also linked to an article from Lastpass where passwordless authentication is talked about. Its hard to implement, but the majority would love to see this come in to practice. Let’s talk a little bit about passwords is the blog post where I talk about passwords, the linked article and my thoughts.


In the ongoing Saga of John Bernard, I pen a blog post asking if he’s done for now. In the next installment, we learn what he’s really like, although a company hopes he’ll come through on his promise even if his web site is closed. Is John Bernard done for? I hope this is the end links to the next article in this series. You be the judge!


There are two articles from the beginning of October that I don’t know were mentioned in news notes, and they’re worth it. Phishing won’t stop, just because of the election talks about the election and mentions an article that talks about phishing in this landscape. This is definitely of interest because voting must be done by mail this year. The second is the title piece What’s going on with the Phishing Landscape? Plenty, and it isn’t looking good where we talk about the Phishlabs article from APWG where they are a member. I highly recomend this article, it could be my best work yet in this space for this blog.



Is there anything else that you have found that I may have missed? Get it over to me by email/imessage/text/whatsapp. All info is available through listening to the podcast or looking about the blog pages for it. Thanks so much for reading, and make it a great day!

Comments (0)

This had to be the best, fascinating talk ever!

Today was the ATTACK AND DEFENSE: EXPERTS TO DEBATE CYBERSECURITY THREATS ON PODCAST and it was quite interesting. Both sides really had things well covered. There were two sides, a red team and a blue team, similar to a boxing match. The discussion talked about what the attackers would do, and how the defenders would protect their network if possible against the attack. The Twit Events page will have a copy of the podcast when it is complete. The program lasted an hour, and I’m opening the comment boards to see if you listened and what you thought. We’re listening.

Comments (0)

Let’s talk a little bit about passwords

For the last few years, I’ve been hearing about the potential of going passwordless. This would mean that people would have to authenticate through another method such as an app, biometrics, or something else that they may have.

In the upcoming podcast for the Security Box, I think it is appropriate to talk about the Lastpass article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future as it is this year’s article dealing with this topic.

In the show notes for the upcoming podcast, I quoted the following paragraph.

Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations
transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password
through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password
problem? 

This is a definite beginning to a definite promising article.

Last year, 4 hours a week were spent on passwords, this year, 5 hours, a 25 percent increase according to the article. 85 percent of organizations surveyed say that they need to find a solution to reduce the number of passwords they have.

Here at the Jared Rimer Network, my administration set includes passwords for specific email lists ran by the Mailman software. It also has a control panel log in, and a way to create other accounts and access to the ones I have without those passwords.

Passwordless authentication enables employees to login to devices and applications without the need to type in a password, and can offer benefits for both
employees and IT. The research found the benefits of deploying a passwordless authentication model are twofold – for the employee it largely eradicates
the frustrations of using passwords and for the business it increases security. 65% agree that the biggest benefit of passwordless authentication for employees
is quicker authentication, whereas 69% agree the benefit for IT is increased security.  

Businesses Also See Potential Challenges with Passwordless Authentication  

However, with potential benefits comes potential challenges. The top challenges of deploying a passwordless authentication model include the initial financial
investment (43%), regulations on the storage of data (41%), and the time it would take to deploy such an authentication model (40%). Do the challenges
outweigh the benefits, and is passwordless authentication a realistic solution to address the password problem? 

Since I’m not fully understanding what is involved in deploying passwordless authentication, and I read these numbers, what would be the answer of deploying such a strategy across an organization?

I currently share the necessary passwords to specific mailing lists with their URL through private dropbox. Because the people I work with may not understand a password manager or even whether it is accessible, I think this is the best solution for me. I think the passwords are only shared with a couple of users. If i had more, I might adopt the password manager effect because there would be more to manage.

The meat of the matter?

completely. Are passwords and passwordless authentication mutually exclusive, or does there need to be a combination of password management and passwordless authentication to address the password problem? 

This is only going to get interesting.

Comments (0)

Video Game Havkers getting picked up

I recently read an article about a group of hackers getting picked up for hacking and video game piracy.

This Cyberscoop article is quite interesting in its coverage of this and I think its been awhile since we’ve had some good news.


The alleged leaders of an international video game piracy group apparently didn’t do enough to protect their scheme from the prying eyes of the feds.

The Department of Justice says two men have been arrested on felony charges of helping run Team Xecuter, which sold modification kits and other tools that allowed users of the Nintendo Switch and other gaming
devices to play pirated versions of games.

This is going to get interesting now, as we always need to find some good news to cover.

There are other links within this, so trying to take parts and copy this to make it make sense is going to be tricky. US arrests suspected hackers accused of video game piracy is the article. Thanks for reading!

Comments (0)

Is John Bernard done for? I hope this is the end

In a multi-part series I’ve been following through Krebs on Security, looks like the person behind this alias walked away with 30 million dollars. There have been quite a number of people who have been interview as I probably would have suspected. A portion of one paragraph says:

John Bernard is in fact John Clifton Davies, a 59-year-old U.K. citizen who absconded from justice before being convicted on multiple counts of fraud in
2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his third wife on their honeymoon in India.

When I braught this up as part of podcast number 10 when we first talked about this, one of our callers indicated that this was interesting and it prompted quite a bit of questioning. I was confused by this and reread that section again and it makes me wonder why he only got 16 months for that. Its not known.

To make this story more interesting:

Bernard found a constant stream of new marks by offering extraordinarily generous finders fees to investment brokers who could introduce him to companies
seeking an infusion of cash. When it came time for companies to sign legal documents, Bernard’s victims interacted with a 40-something Inside Knowledge
employee named “Katherine Miller,” who claimed to be his lawyer.

So we have a woman involved in this as well, and there isn’t much known about her. There are a lot of links within this article linking to various things as this investigation continues. I am going to talk about this more for podcast 14 of the Security Box, as we talk about Scams and the like over here.

Want to read more and the very interesting details? Krebs has the third part entitled Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M and enjoy the continuing saga.

Comments (0)

The Security Box, podcast 13: Talking About Identity stuff of all kinds

The show notes are very very short, and the RSS feed is getting the podcast as we speak.

Here are the show notes, and I hope you enjoy the program.


Welcome to podcast 13 of the technology blog and podcast series known as the Security Box/. On this episode, we are going to cover NCSAM, week 1. The big thing now a days are your security and identity protection when it comes to your online safety. The first article Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis is discussed in a taped segment. Speaking of identity, Preston from Pensylvania is going to be on with an interview that I did with him talking about experience, stories, and the like. We’ll also cover some news if time allows. Please make sure that you tune in to the blog web site for all of the news, as NCSAM will be busy and lots of items will be posted. You may want to decide to subscribe so you don’t miss anything. Thanks for listening!


We’re looking in to getting sendspace again, the pro version of it so we can once again provide downloadable links. I had to get rid of it at one time and didn’t really want to do that because people were using it to download stuff. Anyhow, we’ll get it and I’ll supply a full list of downloadable links to the entire set for everyone soon, then include it in future podcast releases as part of the show notations here on the blog. See you all soon.

Comments (0)

Phishing won’t stop, just because of the election

In our title piece dealing with Phishing, we wanted to highlight the aspect of phishing and the fact that actors are stopping at nothing to get their wares out.

In an October 2nd article on Threatpost, Lindsey O’Donnell talks about the rise in Phishing due to the fact that voters need to submit their information on who they want to vote for and other aspects of the election via the mail. This article shows and demonstrates how the actors are perporting to copy portions of one site, but mass mail it to people not even in that state. As you continue to read the article, it shows you what the Phish may look like including the misspellings. It also talkss about the recent attack of an email provider which I now can’t find its name but I read it here.

Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy is the article and I hope that it finds you well.

Comments (0)

What’s going on with the Phishing Landscape? Plenty, and it isn’t looking good

On podcast 12 of the Security Box, we talked about a blog post that Phish Labs had talking about the APWG trends report. I covered that in a bit of a discussion, but maybe it is time to bring it up now as part of NCSAM’s discussion for this year.

In case you missed the Security Box, podcast 12, here are the show notes for that program.

Now, lets pick apart and discuss some things that got my attention in regards to the article dealing with Phishing.


The article that we’re going to talk about in this blog post is APWG: SSL Certificates No Longer Indication of Safe Browsing. Why specifically this article? Oh don’t worry, we’ll cover other Phishing articles but this one is quite important.

Let us start at the beginning of the Internet, where all we had were text browsers and we connected through Dos. Dos was an operating system that only had text. It did not have fancy graphics, although there may have been some, and it surely didn’t have video and other multimedia. It didn’t have the capability of filling out forms, making online payments, contacting people through forms besides putting other types of things online that we take for granted today.

While there were ways to get files like executables and other types of small files, the protocol has definitely changed. With that, comes the aspect of Phishing.

The protocol in the early days was just called http or hyper text transfer protocol. This protocol was used mainly to serve webb pages and back in the early 90s, and even early decade of the 2000s, that was really all we needed.

As time passed, it became clear that to do credit card transactions and the like, we needed a secure way to do it so they added the “s” for secure. This became the standard with SSL versions and now TLS. SSL is secure sockets layer, TLS is transport layer security. All it does it makes sure that the web sites are secure.

Later on in the last 10 years or less, they came out with firesheep to show that http connections were not safe and https needed to be the standard for true security even if you didn’t do online banking and the like.

Well, when the actors started, their pages were not using https where the S stood for secure. We were taught that if we wanted to put in data such as credit card numbers and other types of info like that online, we need to be on a secure connection. Sighted people looked for a padlock, disabled patrons checked the URL of the web page to hear that it had the S in it.

Examples: http://www.example.com VS https://www.example.com http://example.com vs https://example.com

This is how it has been until recently when the threat actors started to secure their pages thanks to services like Let’s Encrypt.

Without going in to any detail on Let’s Encrypt, let us just say that they do domain validation certificates and I believe they can now work on sites using the control panel we use on Linux boxes which was not the case before.

Let’s fast forward to recent times where recent Phishlabs articles kept indicating that the SSL rate was creeping up, and it was a matter of time.

Under the heading

SSL Abuse Continues to Skyrocket

here is the most important piece of information taken from this article.

PhishLabs, an APWG contributing member, is tracking the increased use of SSL certificates on phishing sites. Threat actors abuse HTTPS certificates to
enhance compromised sites by tricking internet users into believing the site is secure. Alarmingly, almost 80% of phishing sites used SSL certificates
during Q2, meaning users should no longer attribute the certificate as an indicator of safe browsing.

The portion continues:

“The number of phishing sites using TLS continues to increase,” said John LaCour, Founder and CTO of Digital Risk Protection company PhishLabs. “Most web
sites—good and bad—now use TLS. Phishers are hacking into legitimate web sites and placing their phishing files on those compromised sites.”

This exact thing happened to the Jared Rimer Network some years ago, and even effected several sites across my network. Somehow, actors were able to gain access to several of the sites across my network, upload their wares, and we’d be notified about it. I was notified one morning by Phishlabs directly by Email, and I promptly called them at 6:30 am on my way to my day activity. Indicating that I couldn’t get to the page from the email, they indicated that the issue was resolved, which was good news to my ears. I’m sure my provider was notified, cleaned it up, and that was the end of it. This is what needs to happen, because we may not even know that anything is going on.

To the providers credit, they learned quickly. This is because they sent me the reports, and I was to deal with it which I did not have access to do. I get it, its hard to maintain a network when you get reports like this and I did ask for assistance. I definitely thought there was a problem when I was told the passwords were as secure as humanly possible.

Under the section

SSL Growth

it talks about Extended Validation Certificate usage. If you put “Extended Validation Certificate” minus the quotes, a prominent provider named Digicert is mentioned. There are other places to learn about these certificates, and that is not the extent of this article today.

Let’s cover this section under SSL growth for a moment.

In addition, PhishLabs has noted the emergence of phishing sites using Extended Validation (“EV”) Certificates.

“The vast majority of certificates used in phishing attacks — 91 percent — are Domain Validated (“DV”) certificates,” noted LaCour. “Interestingly, we
found 27 web sites that were using Extended Validation (“EV”) certificates.”

In order to be issued an Extended Validation certificate, a site must provide verification of its legal identity. In theory, EV certificates indicate that
a site is more trustworthy, and their presence on phishing sites is significant.

It isn’t surprising that the majority of certificates issued today are domain validated. This is because this is the easiest. You either need to have something on a web server that you put up there, or a trusted authority like the control panel group issue validation certs for the domain which is done daily.

As for organization validated (ov) certs, I am not aware how those work, and that is for your research.

The article goes in to much more detail than I could ever cover in sections and give my thoughts on it. As part of NCSAM, check out this article in full, feel free to ask questions, the worst is that I won’t know the answer. I’d rather tell you that I don’t know than to lead you wrong.


Found this article of value? Why not search NCSAM while you’re here to see what else has been covered? We covered NCSAM last year with many articles linking to stuff, and I’m sure that it may be still of value today. I want to thank each and every one of you for coming by and checking out this blog. I hope you find the info of value, and if you have something to share, please get in touch. See you next time!

Updated 4:10 PM 10/6/2020 to fix a broken link

Comments (0)

Technology podcast 353: Identity Theft and the Corona virus, Google, and more

I know I haven’t done a tech podcast in awhile, and the RSS feed has the program. The show notes have links to a few blog posts that cover some of the topics, and of course, I plan on doing more blog posts in the future relating to all kinds of stuff that might be of interest.

Below, please find the show notes, and of course, thanks for listening!


Welcome to podcast 353 of the technology podcast.

  • NCSAM is out now, its the month of October and its definitely going to be an interesting month. Our first segment talks about the fact that identity theft may be more of a problem now more than ever. blog post
  • KNFB reader was intigrated in to newsline. People were griping about it on Apple Vis, and may have been in social media as well. I looked at the app one day, and I find it quite interesting but still easy to use. They griped because they had to reverify their info, otherwise known as reauthenticate. KNFB Reader lite works well, and I am glad I have choices. blog post
  • Michael in Tennessee taught me about Google and pairing to bluetooth devices. While I told my phone to forget the device, I had to go back in to google and get it repaired as I tried to demo how I got it to work. Be that as it may, this was kind of cool. Thanks Michael for this!
  • On a prior podcast, we covered SSL and what is happening with threat actors today. I intend to write a blog post with my thoughts, but the Security Box definitely covered this. Podcast 12 of the box covers this in a talk show format, but I figure it should be covered here for those who don’t want the longer program. Tell me what you think.

The full program lasts an hour, so I hope you’ll enjoy it. Thanks for listening! See you on another edition of the program.

Comments (0)

Here is some Google news for you guys … Accessibility news with Docs and more

I finally got around to reading a post on Blind Bargains talking about a Google announcement. Reading the lengthy list of articles around the web came across this Tech Crunch article Google Docs is now easier for visually impaired users to navigate which is cool. Now if they only made it work with Firefox and Jaws? That is completely broken, and for me to utalize that, I have to copy the URL then open chrome to get it to work. Freedom Scientific was not interested in having this fixed. While I have Chrome and know how to use it, I shouldn’t be forced to change browsers just to get it to work.

To be fair though, Anchor and firefox is somewhat broken and so is Mixcloud. I’ve got a mixcloud account but forget to upload there. I used to do that all the time, but have been lackluster at that. I figure if I upload to Anchor using Chrome, while I’m doing that, I should upload to the other.

Besides that article which made me want to blog about Google, here is Blind Bargains September 30 rundown on what this event was and all of the very interesting headlines. Maybe Googlers may find this resource of interest. Thanks for reading!

Comments (0)

What has been read, blogged, and talked about for the last week, security news ending October 4, 2020

In this week’s news, some of which may have been blogged about on the tech blog itself, find out what I’ve been reading including the highlights of the Security News from Trend Micro. It has been a doozie of a week with the news of UHS and I’ve got several blog posts on that and even finding one from Dark Reading through twitter which I didn’t blog about. Read on to find out what caught my attention of things within the past week.


UHS is known as United Health Care services. Many different articles on a search of this company name will yield results talking about the group which deals with hospital care in various locations being part of potential ransomware. Their reports are the typical ransomware type, but they stop short of this.

Article list:

This can’t be good in the Public Relations department, can it? I’m an outsider looking in, and trying to disperse info and pointing people to the articles so that they can be informed. Read these blog posts, accompanying articles, and come back and tell me what you think.


911 services were down in 14 different states on September 28, 2020. The particular digest of the day with that blog post ca,me back to me asking if we can cover this on the Security Box. While I’m not sure on time as of yet, it is unknown if this is caused by security problems. I bring it up here because Krebs on Security did a good job talking about this, and I feel that this is something that if it is a security problem should be talked about. I’m unsure how 911 services work, routed, and the like, so I can’t comment on this except for the article I read.

Article list:

This blog post has my thoughts with the accompanying article from Mr. Krebs. I really have nothing more to say, please refer to the article for your information on this one.


Ransomware is still hitting the news, and more than ever. One particular article that I blogged about talked about an insurance company that was hit, but it isn’t just insurance we’ve got to worry about. More recently, I read an article and just blogged on October 4th about a potential ransomware in Las Vegas. That particular article goes so far as to talk about other school systems and their problems too. Some of this may have been talked about through the Security Box program that is broadcasted through the Independent Channel of the Mix.

Article listing:

The second blog post made me wonder, and it leads really to a questionable study that I have questions on. The third is the 2nd in the NCSAM article set, and I’m sure that I’ll have more in this set as I try to get caught up.


This week in Security News from Trend Micro covers a few items in which I have read. Some of it I have not read. It talks about a cross-platform Modular Glupteba Malware how it got its name and the like. Netflicks and Amazon accounts are susceptible by a Phishing attack according to an article and it is started by a phishing attack which targets Microsoft 365 accounts. One article that we are covering this next week on the Security box covers Identity Fraud and how to protect your identity data. I blogged specifically about this one in my first NCSAM article which was sent and digested out.

The first NCSAM article linked within this section is the one that talks about the identity theft article that was linked within the news notes article linked first. Both are worth the read, there may be items that I am unable to read or doesn’t interest me.



Find something that you found of interest as part of the Security Landscape that I do not have, or I haven’t read as of yet? Please send those links! Contact info is on the blog on the “about the blog” page. Thanks so much for reading, and make it a great day!

Comments (0)

NCSAM: Schools are no longer safe, now PII on students are out on the surface and dark Web

I was looking at twitter and found an article talking about Las Vegas schools now being targeted with ransomware. The problem with this particular attack however, is that while the school system didn’t pay the ransomware demand, the data is reported to be on the surface and dark web. The surface web is the web we browse every day. The dark web is the web that is accessed through the TOR browser which we talked a little bit in our last post.

How do we hold these schools accountable?

Let us find a way to hold the school systems responsible in the first place. While patching and keeping data safe is key, the fact is that this database of student information including names, dates of birth, grades, and school attended are publically available in a database that is not protected by a password. Today, you just can’t do that, none of my customer information is available to the public internet, it never has been. This is where the school failed.

Its OK to make that kind of mistake if you are made aware of it and close it. But then you get hit with ransomware, usually delivered by Spam Email, and the entire network is owned.

What about the criminals?

Cybercriminals behind the Clop, DoppelPaymer and Sodinokibi are really doing their jobs here, and this can’t be good.

Other articles that might be of interest in this series

In that 2019 article I relink the 2017 Valley College articles as that effected me when I was at Valley College taking some non-credit courses as part of where I was at that time. What about this 2020 article in July called This is interesting, a study of k-12 and college breaches by the numbers where school systems were surveyed? What can we do?

Lets Get to work

First, if it is at all possible, lets get articles like these out to the administrators of these schools. If they can see what is going on in the landscape, they might be wondering what they can do. Then we can ask them about what they plan to do about their own student data whether it is elementary, middle, high or college student personally identifying information. This search page from the blog has postings about schools where podcasts mentioning them, plenty of articles, and I’m sure this NCSAM article will end up going too.

The main article here which I will link to in a moment talks about the various attacks through the last little while and some background. This is definitely something we need to be concerned about, especially if this article indicates that parents may sue the district or even the school. If that is the case, the system is going to be in a lot of trouble because of their neglegance of basic security issues.

The article that braught this post about is a September 29, 2020 article from threat post entitled Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack. Let us keep the pressure on by continuing to talk about stories like this because if we don’t, we’ll have bigger problems later. Your thoughts are welcome.

Comments (0)

ALL 250 UHS facilities were hit

An article posted on Security week indicates that UHS’s 250 facility places were hit with what they aren’t calling ransomware. According to the latest posted yesterday, the particular incident is still ongoing and Security week went on to relink to their release which is promonent on an attack on Ransomware. For the latest on this, Hacked Hospital Chain Says All 250 US Facilities Affected and chew on this one.

Comments (0)

What do you mean Ransomware incidents appear to explode in June 2020?

I want to start this article off with a question. The article’s title says that Ransomware incidents appeared to explode in June 2020, but why do you say that now? I’ve seen quite a number of articles this year alone talking about Ransomware. One of the most recent attacks actually killed someone (blog post) and yet two more articles indicate that there may be another potential death. (blog post 1) and (blog post 2)

If this is any indication that it exploded, the fact we might have two deaths may be an understatement. I can’t believe that this article says that this is the biggest explosion. Maybe in the number of ransomware cases with Sodinokibi attacks being talked about on programs like Security Now. They weren’t killing anyone! It may have been big then, but the article doesn’t even cover the recent potential attacks, and that bothers me. How can you say that Ransomware attacks exploded then when you have potential deaths now? That’s an explosion that I wasn’t looking for.

Granted, those attacks were big back then with 1 in three attacks, and these attacks I blogged and talked about here are small, I can give you that, but research needs to be mpore in to the bigger picture. It isn’t just one type of ransomware attack, what about the others since that group?

That group name as once under a different name which closed their doors if I remember correctly. If that is the case, then they’re no better than the former.

Want to read this full article from computer.co.uk and form your own opinion? Ransomware incidents ‘appeared to explode’ in June: IBM was published on the 30th of September. Have fun with this one!

Question, what has other research said about an article like this or is this the only research?

Comments (0)

NCSAM is back for another year, let us see what we can get in to … starting with Identity Theft

Folks, NCSAM or National Cyber Security Awareness Month is now back for another year. This year has been quite different because of COVID-19 and of course the wild fires around the western United States that has consumed our lives as well.

I want to start this month with an identity theft article which we’ll also talk about in the next Security Box. More specifically, this is talking about identity fraud, not theft per see, but still worth talking about.


The article does talk about covid-19 and the fact that we’re now online more than ever. This is because we can’t go anywhere, and some states have relaxed those rules though but I’d still be caucious. With the advant of us spending more time online, we have more risks.

The bottom line is that personally identifiable information (PII) is the currency of internet crime. And cyber-criminals will do whatever they can to get
their hands on it. When they commit identity theft with this data, it can be a messy business, potentially taking months for banks and businesses to investigate
before you get your money and credit rating back. At a time of extreme financial hardship, this is the last thing anyone needs.

I can’t agree more! I believe this is the perfect paragraph to quote because it is more true this year than in past years. I’m not saying that Identity theft or fraud was not a problem last year, the year before, or even the year before that. We just need to be more proactive now because we’re not outside enjoying the weather, doing our outdoor activities, and seening friends and family.

At-risk personal data could be anything from email and account log-ins to medical info, SSNs, card and bank details, insurance details and much more. It
all has a value on the cybercrime underground and the price fraudsters are prepared to pay will depend on supply and demand, just like in the ‘real’ world.

The question is, how would we be able to scour to see if we’re at risk? Well, there is TOR which is a browser that allows you to connect to addresses ending in onion. You actually need to know what these addresses are, and there is no Google like service to search these things out.

According to one blind individual who did use TOR once, they claim that it is accessible with access technology. The person, who will not be named in this article, does not use the service anymore, and I’ve asked them to come on and talk about their experience of usage, not necessarily what they found. So far, they have declined to do this, and I honestly do not blame them. It is a slippery slope that I definitely would probably not want to touch if I were asked, and I’ve never pushed the issue. The TOR project linked within this article is where you can learn more.

Here is some other information taken from this article which is why I want to cover it in depth.

There are various ways for attackers to get your data. The main ones are:

  • Phishing: usually aimed at stealing your log-ins or tricking you into downloading keylogging or other info-stealing malware. Phishing mainly happens
    via email but could also occur via web, text, or phone. Around $667m was lost in imposter scams last year, according to the
    FTC.
  • Malicious mobile apps disguised as legitimate software.
  • Eavesdropping on social media: If you overshare even innocuous personal data (pet names, birth dates, etc.,) it could be used by fraudsters to access
    your accounts.
  • Public Wi-Fi eavesdropping: If you’re using it, the bad guys may be too.
  • Dumpster diving and shoulder surfing: Sometimes the old ways are still popular.
  • Stealing devices or finding lost/misplaced devices in public places.
  • Attacking the organizations you interact with: Unfortunately this is out of your control somewhat, but it’s no less serious. There were 1,473 reported
    corporate breaches in 2019, up 17% year-on-year.
  • Harvesting card details covertly from the sites you shop with. Incidents involving this kind of “web skimming”
    increased 26% in March as more users flocked to e-commerce sites during lockdown.

There are links within this section which were removed from copy/paste, so I highly encourage you to click through to read the entire article.
The article goes on more to talk about the covid-19 challenge. Phishers and other actors are going to dull out information that talks about remedies and other possible credible info that they want to pass along. They do this by impersinating trusted agencies such as the CDC, the WHO, and other institutions that are trying to get out the information dealing with this virus. While people may question the WHO’s involvement in this ordeal, this is not what this post is about.

There is an entire article to read here, and I can’t cover every single thing here that I’d love to cover as part of the podcast. I don’t think I can even do that either. Just go on over and read the great article by Trend Micro entitled Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis and I’m sure we’ll be bringing this up for a nice debate on the podcast. Please stay safe, read the information provided, and learn what you can possibly do so you’re not a target that falls for these schemes. Remember, just because the FBI may have taken fraudulent products and merchandise off the market and out of the criminals hands for now, doesn’t mean they’ll try and come up with more and put up web sites and other ways of selling it in the future.

Want to talk about this? Please get in touch! The blog awaits comments, my email box is open, and awaiting your interaction. Text, imessage, Whats App, and other info is gathered for everyone throughout my web site. Thanks so much for reading!

Comments (0)

Another article on UHS and their catastrophy

Recently, I posted an article from Security Week in regards to UHS and their outage. Here is that blog post in case you missed it.

Sean Lyngaas also posted an article on Cyberscoop entitled US medical provider UHS blames ‘security issue’ for major outage which I found interesting. Sadly, I don’t think it says anything different that the first article didn’t, but I think that people can read different ways on how this was reported. There are links to various things, so qoting this is going to be hard because I don’t want to take away the links. I want to pass this along as another source of reading on the issue, and you can form your own thoughts. The boards await you.

Comments (0)

« Newer PostsOlder Posts »

go to sections menu


navigation menu

go to sections menu