Jared's Technology Podcast Network

tech podcast 290: IOS 12 coverage and are Internet telephone companies viable

Thu, 27 Sep 2018 19:39:43 GMT

Hello everyone, welcome to podcast 290 of the technology podcast series. IOS 12 with screen time, notifications, comments on the beta cycle process, and SIRI and shortcuts are discussed as part of the first 4 segments. Finally, are systems like Net By Phone and Internet Speech's Net Echo viable in today's internet? In the final segment, I talk about the net past, and the net today. I also talk about something still ongoing with one company's response to questions and concerns. Contact information is available on both sides of the podcast. I hope you enjoy the program and thanks for listening!

technology podcast 289: the end of the scammy behavior, transit app, and IOS 12

Tue, 18 Sep 2018 01:17:00 GMT

Hello everyone, welcome to podcast 289. Jared reveals who has been the culprite of the scammy behavior. Apple releases version 12 of IOS. Transit app has put back a feature, but after the podcast segment, I got a chance to look and connecting lines is not accessible. Finally, I invite Jennifer on board to discuss the revelation of Julia's behavior, and I use Jennifer as a blocking mechanism to show how easy it is to do that no matter the situation. Contact information is on the blog, and at the end of the podcast. I hope you'll enjoy the program.

Technology podcast 288: something thats bothering me about going after cybersecurity, Equifax one year later, and an interesting malware with a lot of file types being effected

Sat, 15 Sep 2018 19:06:02 GMT

Welcome to podcast 288, I'm hoping you'll enjoy this podcast. Why are we going after cybersecurity companies, and not the people who are actually doing the hacking? Articles I've read pose this question, and its your job to go find those. Next, Sound, Fury, And Nothing One Year After Equifax is discussed as we have more questions in regards to Equifax and one year later. Finally, Why don't we take a look at A Closer Look at the Locky Poser, PyLocky Ransomware as we learn about file types that are encrypted that I've never heard of. Contact information is at the end of the podcast, and I hope you enjoy this podcast.

The technology blog and podcast, podcast 287: we've got scammy behavior

Mon, 10 Sep 2018 15:16:23 GMT

Hello folks, welcome to podcast number 287. This is the first podcast on Anchor that will be released there. I talk about scammy behavior, even though it wasn't in email form, its good to be on guard. Transit App has their new version 5 of their app, and I demo a little bit to show you how it works now. Finally, we bring back the scammy behavior when we talk about an article from Phishlabs entitled Phishing 101: Targeted Phishing Attacks. Our contact information is also available at the end, as well as our public thanks to Anchor. Thanks for listening!

Tech podcast 286for September 3, 2018

Thu, 06 Sep 2018 23:34:38 GMT

Welcome to podcast 286 of the technology blog and podcast series with Jared Rimer. On this podcast:

Skype gets a repreave as Version 7 is loved by many in the blind and sighted alike. This is because its got global hotkeys that are loved by all. We learn some good news from Michael in Indiana, who lets me know about the Freedom Scientific podcast and from there, we learn that Skype is going to allow us to use Skype verson 7 for the foreseeable future.

Go to the blog to read the rest of the notes.

Tech podcast 284 for August 25, 2018

Thu, 06 Sep 2018 23:11:51 GMT

Hello everyone, welcome to podcast 284. This podcast has been in the making for almost a month, but it is well worth the wait. Here's what I have for you. First, I tell you a story about a gentleman who got kicked off of a phone line, and this gentleman claimed to be an independent artist who isn't doing anything anymore. The activity that got him kicked off is quite interesting, however, do you believe what he has to say in this story that I give you? Next, a teaching moment. This teaching moment is two stories in one in a related form. Third, Phishing and Social Media, Will it Over Take Email? This article was very insightful. Next, a youtube video: The rapid growth of the Chinese internet -- and where it's headed - Gary Liu which was quite interesting. Next, discussing innocent things that could gleam personal information, which includes a 5 minute segment

Tech podcast 282 for July 25, 2018

Thu, 06 Sep 2018 22:44:09 GMT

Welcome to podcast 282. our blog has the full show notes of today's program. Its packed with plenty of information that could be useful.

Tech podcast 278 for June 9, 2018

Thu, 06 Sep 2018 21:53:23 GMT

Welcome to podcast 278 of the technology podcast with Jared Rimer. I've got several articles I'm going to link to as part of this week's program, as well as a game update from audio game hub.

3 Charged In Fatal Kansas ‘Swatting’ Attack Krebs on Security
Kansas Man Killed In ‘SWATting’ Attack Krebs on security
Mobile Giants: Please Don’t Share the Where Krebs on Security
Why Is Your Location Data No Longer Private? Krebs on Security

Tech podcast 274 for April 1, 2018

Thu, 06 Sep 2018 21:19:08 GMT

There was a bit of a delay, but podcast 274 was released on the first of April. Welcome to podcast 274. Are you familiar with how someone who would get dressed could do it if they have a disability that prevents them from doing it on their own? A very powerful ted talk will talk about this, in what I'd call the low tech segment. Are you familiar with Philmore Productions? A customer gives me a file that was posted to one of their bulletine boards, and asks some questions. This 33 minute segment talks about my thoughts on the file, and it is not looking good. I'll let you listen to the segment and decide this on your own, but I call this my thought piece. Next, have you mistyped domains? We all have. In an article pened by Brian Krebs entitled Omitting the “o” in .com Could Be Costly gives some insites that I talk about. Finally, I started a M

tech podcast 273 for March 3, 2018

Thu, 06 Sep 2018 21:09:15 GMT

March 3, 2018 had an episode of the podcast. On this podcast, a ted talk bonus on jackpotting ATM's. Comments on the video with commentary on the Zone's closing, and finally why did we choose our phone of choice? Come have a discussion with us.

Technology podcast 272 for February 11, 2018

Thu, 06 Sep 2018 21:02:17 GMT

Welcome to tech 272. On this edition, an update to podcast 62, which was done way back in 2008. Our main segment is dealing with NVDA and its remote feature. We talk about how it can be abused and while no damage is done this time, people can get themselves in to trouble. We hope to talk about this more in future podcasts.

Technology podcast 271 for January 29, 2018

Thu, 06 Sep 2018 03:28:40 GMT

NVDA remote and a demo of the Healow app for IOS to communicate, book appointments, and check on your records from your doctors office.

Technology podcast 268 for January 5, 2018

Thu, 06 Sep 2018 02:52:18 GMT

Welcome to podcast number 268 for January 15, 2018. On this edition of the program, I talk about a cautionary tale of giving out personal information which I heard on a telephone line where someone gave out the address in which they live. Question: what might happen if you do this? I'll leave it right there. Next, the Kansas swatting incident. Krebs posted two articles which I posted to the blog, and I'll repost them here. Kansas Man Killed In ‘SWATting’ Attack is the first article and Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes is the second. Can this get any worse? Next, I talk about my thoughts on what we might see in the new year and beyond in the security landscape. Finally, we listen to a video in regards to spector and meltdown.

Tech podcast 306: lots of stuff here

Sat, 23 Feb 2019 22:15:25 GMT

On this podcast, we've got braille transcription, talk on articles of varying degrees, and does anyone have any common sense?

The Technology podcast: podcast 305: DNS, Pure Nature, and Ralphs

Tue, 29 Jan 2019 21:57:45 GMT

Hello everyone, welcome to podcast 305 of the tech series. On this podcast, I talk about the domain name system in the first segment. There is a very interesting issue that was recently disclosed, however, it isn't so bad unless you give your credentials out to someone you don't trust. Alert (AA19-024A) was posted to the blog which links directly to the advisory. Other news articles also talk about this as well as Security Now's Steve Gibson. Pure Nature and the Ralphs Supermarket app are also demoed. The podcast will last you about an hour and 40 minutes and I hope you enjoy this extended program. Thanks for listening, and make it a great day!

Technology podcast 304 for January 21, 2019

Mon, 21 Jan 2019 19:05:03 GMT

Welcome to podcast 304 of the technology blog and podcast series. Philmore Productions is back in the spotlight, this time, a very interesting voice mail saying that he's getting a T1 update, but yet, you tell me if he's describing voice ovr ip. I got a very interesting phone call, this happened in the middle of my blog post typing, so i stopped to answer the phone. The phone call didn't identify itself from a company, but yet, went on to talk about the fact I was due 0 percent APR if I acted immediately. I talk about news notes, and things of interest that I've read including an article that was very interesting in court cases and jail time. Also, File Mail is a service that was discussed briefly from Security Now. Dice World has an update of interest, and of course contact information is available at the end of the program. I hope that you enjoy the program as much as I have putting it together for you. The program lasts 74 minutes.

Tech podcast 303: swatting, a braille question, and blindfold games interview

Mon, 14 Jan 2019 07:09:35 GMT

Hello folks, welcome to podcast 303 of the technology blog and podcast series. I'd like to start the podcast with something that came across my desk. This first segment deals with Swatting, and its a very interesting topic as now we've got a very interesting story that has a happy ending. Facebook cybersecurity exec victim of swatting call is the name of the article that sparked this discussion. When I retweeted this article, I got some likes and a conversation from someone who has been effected by swatting. The individual, whom I'm not naming talked to me about some things he's been doing to learn, and he wrote an article A decidedly creepy story of how social media can impact your life. I told him my story of someone who had been wanting information from me, but yet, that individual was talked about on my podcast, and had to serve some time. He was able to gather that I'm blind, however, that isn't top secret as its posted on my personal page, among other places as well. I sent some related articles his way which were written by me: Bullying, Is This Just a Disability Problem? and Can Social Media Really Be Bad for You? People need to think about their actions no matter whether they were targets of social engineering or swatting, both can have their own consequences. I think we really need to continue the conversation, and I'd love to hear from you on ways to curve the swatting and social engineering epidemic that has plagued us for way too long. Knowing that swatting has been a dacades long problem as of late isn't going to make me feel better, thats for sure. Next, I found someone with an interesting braille question, dealing with a contraction we've known for the longest time. While the contraction in question has not changed from English American Braille to Unified English Braille, the question was asked why the word here was spelled out with the "er" contraction and not the "dot 5, h" as we were taught. I'm curious on whether we have found an issue with the book with an error, or whether it was written that way by someone who doesn't know the rules? I'm not going to speculate, but I'm putting it out there. Next, Marty at Blindfold Games comes on the podcast to discuss his company Objective Education. I talk to him about some of the popular games, some that have dropped off, and about the new company. He gives his contact information at the end of that segment. Finally, contact information as a whole, and a teaser on whats coming up on the next available podcast. The podcast runs you 76 minutes, and I hope you enjoy! Thanks for listening!

The Technology blog and podcast, podcast 302: Live wire, BevMo gets Hacked, Skype, and more

Fri, 11 Jan 2019 04:00:00 GMT

Hello everyone, welcome to podcast 302 of Jared's technology blog and podcast series. How many of you know about Live Wire and its sister system Ground Zero? If you don't, I have a short segment in regards to both, and include Live Wire's web site for you to go peruse its offerings. Next, BevMo payment breach affects thousands, with researchers pointing to Magecart is talked about, but yet, BevMo did the best they could. Next, Skype has some changes, and a potential bug that happened to me could happen to you. Finally, lesson 8 of the braille transcription course, and reading with Braille 2000 with JFW is demoed, as there is something that I've found that isn't a show stopper, but yet, I've provided the file to Braille 2000 for their review and hopeful resolution. Contact information is at the end, and please feel free to utalize it. Thanks for reading the show notes, and enjoy your day!

Tech podcast 301: news, notes, San Diego School District, and more

Tue, 01 Jan 2019 18:00:00 GMT

On this extended edition, the podcast has some lengthy segments. We ask you what we should cover. Question, are you keeping up with your finances? News notes, what else did we miss? The San Diego school District got breached, the tech blog links to the breach via an article. Finally, our predictions and how things have changed through the years. Contact information is available at the end of the podcast, and the podcast is extended running an hour and 40 minutes (100 minutes) long. Thanks for listening!1

tech podcast 300: braille transcription, DDOS and bomb threats get you in trouble, and more

Sun, 16 Dec 2018 22:00:00 GMT

Meet a bomb threat person who also does Denial of Service attacks as the first segment talks about an article entitled Bomb Threat Hoaxer, DDos Boss Gets 3 Years which comes from Krebs on Security. We also have a braille transcription update in regards to my grade on lesson 7. I also have a landscape for the podcast, recapping the last several years, how things haven't changed, but yet, we must press on talking about the things that must get out including breaches, and my thoughts on those too. All of this on a packed podcast. This is tentitively the last podcast of the year, unless something breaks where we need to get the info out. Until the next podcast, make it a great day.

tech podcast 299: braille transcription, the weather, FTP, and breaches

Thu, 06 Dec 2018 23:51:21 GMT

This episode has FTP going away for web browsers, two segments on assignments 5 and 6 of the transcription course, and breaches updates for this time.

Technology podcast 298: a cautionary tale, braille transcription overview, and blind alive

Mon, 26 Nov 2018 18:04:49 GMT

On this podcast, a cautionary tale in regards to a credit card situation, the braille transcription course is talked about in a multi part series, and blind alive news.

tech podcast 297: lots of newsy things of interest

Mon, 19 Nov 2018 18:00:08 GMT

Hello everyone, my name is Jared, and I want to take this opportunity to welcome each and every one of you to my technology podcast. On this edition of the podcast, I have lots of news type items including domain registration news, Aira, of course a braille transcription course update, and other newsy types of things. The following are links to various items that I thought should be linked for you to read at your own time.

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards Krebs on Security
NOAA team sees Florence and Michael storm surge devastation first-hand NOAA
Cooking and Technology technology blog and podcast blog, links to two items from blind bargains
AIRA Killing Unlimited Plan, Raising Prices for Others, Adding $29 Intro Plan blind bargains

The program lasts 64 minutes. Contact information is available at the end of the program. Thanks for listening, and enjoy your stay!

technology podcast 296: braille transcription in a different form, and news items

Sat, 10 Nov 2018 20:22:18 GMT

On this edition of the podcast, braille transcription takes a different turn, where I discuss my struggles and show you what was going on. Talk about work arounds, and other things of interest. One of the things that I talk about is the information about the program I chose, Braille 2000 which is done in such a way, where it could be considered true WYSIWYG. I talk about other programs, but since I don't know much about one, and have used little of the other, I do mention them by name. I also have news notes items as well. One of the items effects the mac, whereby, you must be using a crypto wallet, and a very specific one. Spam campaign targets Exodus Mac Users is the article referenced in the second news notes file. I hope you enjoy the program as much as I have putting it together for you.

Tech podcast 295: Trick bot is back, Philmore Productions, and more

Tue, 06 Nov 2018 17:47:12 GMT

Hello folks, welcome to podcast 295 of the Technology blog and podcast series, I'm Jared Rimer. We're packed with a wide variety of stuff. We've also got several articles that complement the podcast content for you.

IOS 12.1 is out. blog post from the tech blog links to the apple vis post where you can read more.
What do you get when you update a banking trojan that we've not heard from in a long time? The banking trojan is trick bot, and its packed with new features. Trickbot Shows Off New Trick: Password Grabber Module comes from Trend Micro.
30 years ago, someone released a program to do something. It lead to what we now know as Ddos. 30 years ago, the world's first cyberattack set the stage for modern cybersecurity challenges is the article, and it was quite interesting.
This Stuck in traffic video from last month talks about Ransomware. It is back in the news, as I saw an article from Trend Micro that says that we are on the decline, but yet, we could see an increase in Ransomware in the future. This blog post leads to the article from Trend Micro that discusses this.
Philmore productions must love the negative press. In podcasts 212 and 213, a big time issue was talked about, and it was downplayed as not a big deal. Instead, the people who talked about the issue were trashed, and one of them was called when they talked to me non the phone. This time, I hear about a story where someone wanted to cancel service, but yet, someone else was braught up in a term the company uses called "dirty pool." This blog post is an article I pened in regards to that issue.
SMS is short for short message service. This is how we send and receive messages via the cellular network. Its now being used for profit in an article Krebs on Security pened entitled SMS Phishing + Cardless ATM = Profit and while it isn't new, its becoming more prevelant. This is quite interesting.

The podcast lasts you 76 minutes in length. I hope you enjoy the program, and I'll see you on another edition. Thanks for listening!

Tech podcast 294: braille transcription, Yahoo, and Rutgers

Thu, 01 Nov 2018 18:47:13 GMT

Hello everyone. Welcome to podcast number 294 of the technology blog and podcast series. We're packed with two braille transcription segments, one talking about Unified English Braille changes that I'm learning as part of taking the braille transcription course. The 2nd file that talks about the transcription aspect of things talk about my report for lesson 3, something that may actually happen to anything, including some oversite issues. Between the two files, we've got Yahoo! having to pay a large amount of money for dealing with their breach issues, and Rutgers University has an update in regards to a story with an interesting technological aspect. This has nothing to do with the 8 football players that got arrested or suspended by the law or school due to the bitcoin issues with putting money on a school card. Our contact information is at the end of the program. We've got articles to which you may want to read as part of today's program. They're linked below.

Former Rutgers U. student hacker gets home confinement, has to pay $8.6M in restitution NJ.com
Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks Krebs On Security
How to Change a Drive Letter lifewire.com
Yahoo to pay up to $85m to settle data breach lawsuit Cyberscoop.com

Thanks so much for listening, and remember to leave that feedback. It is important. I want to know what you think.

Tech podcast 293: braille transcription, bounty hunting, and the supply chain issues

Thu, 25 Oct 2018 01:35:46 GMT

Welcome to podcast 293. On this podcast, I continue the braille transcription course coverage by talking about my thoughts on lesson 2's report. Each report is going to be different, but I talk about moine and how I can understand what they want us to do. Since that taping, I've talked to a transcriber, and they also gave me some tips, but definitely getting the braille version of the book I need will be more helpful than the braille formatted files for the note taker. I'll be working on that. Next, J. Wolfgang G. had a very interesting talk that I had listened to. Bounty Hunters is the talk, and I hope that you enjoy this. Finally, I talk about something that I found of interest, but did it a little bit differently. The third segment is talking about the supply chain. I talk about the articles, but also put it in to daily life. Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It? is the first article and Supply Chain Security 101: An Expert’s View is the 2nd. Both articles are good, and I hope you enjoy the talk. Contact information is at the beginning and the end of the program. Enjoy the program, it runs you 84 minutes. Thanks for listening!

Technology podcast 292: braille transcription, security researchers turn cybercriminal, drones and w

Mon, 22 Oct 2018 01:56:14 GMT

We have a lot for you. Here are the show notes for each and every one of you. Welcome to podcast 292 of the technology blog and podcast series. We've got a bunch of stuff for you, and i hope you enjoy the program as much as I have bringing it to you. The program is 83 minutes in length.

Braille Transcription course and learning UEB. My thoughts on learning UEB as a transcriber, and not just as a reader. I also have some corrections from last podcast.
A very interesting article which is entitled When Security Researchers Pose as Cybercrooks, Who Can Tell the Difference? and boy it gives a real true tale that happened to Brian. The article was written on the 2nd of October, and I discuss my thoughts on it.
The third segment deals with a Youtube segment, and it is a short video. drones verses the california wildfires is the video and I introduce this one. I honestly don't remember where I saw it, but I think it is quite interesting.
Winamp gets an update. Winamp's web site has an announcement that I was tipped off to in regards to its development. Not being touched in quite awhile, Winamp 6 is coming soon, but they gave us a functioning 5.8 which I was provided. I'll let you know how it works. Hopefully, the new company who is doing winamp, keeps the accessibility in place we in the blind community are accustomed to. Wishing and hoping.
Finally, Voice Phishing Scams Are Getting More Clever caught my attention. I do talk about something I got by a voice message a few weeks ago, where I've not returned the call, and yet, I'm also still here. Do you want to learn more about voice phishing? If you do, please go to the voice phishing page on Wikipedia so you are educated.

Our contact information is at the end of the program as well, as well as briefly at the beginning. Please remember to utalize the info if you have any comments, questions, or concerns. Thanks so much for listening to this program, and I hope you'll join me for another podcast soon. More great interesting info is coming I thought you'd enjoy too. Thanks for listening!

tech podcast 291, facebook, braille transcription, chips and implants, and more

Sun, 14 Oct 2018 23:30:41 GMT

On this podcast, we welcome a new podcast provider, welcome aboard! I briefly describe what the podcast is. Then, we start the program talking about facebook's bug. After that, two files dealing with braille transcription, chips with implants, or do I have it backwards, microsoft's big time error for windows update, and vorail making a change. When we have more info on vorail's change, we'll post it on the blog and make sure the podcast is updated. Thanks for listening and make it a great day!

Tech podcast 285 for August 29, 2018

Thu, 06 Sep 2018 23:25:43 GMT

Hello folks, welcome to podcast 285 for August 29, 2018. On this extended edition of the podcast, we've got quite a number of items for you, and the podcast will last you 113 minutes.

We start with a demo of Mixcloud. Mixcloud can be considered similar to streaming services like Pandora except they have the advantage of you listening to podcasts. I talk about the web site, demo the app, and the app is interesting but some accessibility issues are present.
Stuck in traffic has a series called stuck in traffic. In this segment, Wulf talks about tech support scams. Here's the youtube link for those who want to watch it.

There's more, go to the the blog to read the full notes.

Tech podcast 283 for July 30, 2018

Thu, 06 Sep 2018 22:52:43 GMT

Hello everyone, welcome to podcast 283 of the independent technology podcast, different than other tech podcasts. I say we're different because we don't do things the same as other podcasts, and if you've not given the podcasts this year a listen, you might want to and see what interests you. This week, we're going to talk about a virginia bank who got hacked twice, Lifelock had a problem luckily that was reported by a security researcher, I demo the wells fargo app. Hope you enjoy the show.

LifeLock Bug Exposed Millions of Customer Email Addresses Krebs on security July 25, 2018
A Virginia Bank Breached Twice and No Fix 01.media July 26, 2018

Thanks for listening!

Tech podcast 281 for July 20, 2018

Thu, 06 Sep 2018 22:15:27 GMT

On this podcast, we link to quite a few different articles and other things that may be of interest. Go to the blog under podcasts, to see the complete show notes. Thanks for listening!

Tech podcast 280 for July 15, 2018

Thu, 06 Sep 2018 22:07:01 GMT

Welcome to podcast 280. My name is Jared Rimer, an I hope that you enjoy the program as much as I am bringing it to you. Three segments but they are good segments and they include links. The links are as follows:

Chinese-linked hackers breached top Australian defense university, report says Cyberscoop
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground Kindle Edition amazon.com
Multi-Factor Authentication: More Important Now than Ever lastpass.com and their blog

Thanks so much for participating in the program, and feel free to leave those thoughts!

Tech podcast 279 for July 8, 2018

Thu, 06 Sep 2018 22:00:21 GMT

Welcome to podcast 279. This podcast is long awaited, and I need to get back to doing things more promptly. The news here is not so outdated, but I definitely need to work on getting stuff out more timely. Today, I talk about learning a braille transcription program which I'm continuing to learn. Next, do you know about top level domains? ICANN is allowing new TLD's to be released, and in this article entitled Bad .Men at .Work. Please Don’t .Click published on the 11th of June, talks about several bad domains, over 50 percent of whose URL's are "bad" and the word bad is in quotes because it needs to be. Finally, since time had elapsed, a compilation of various news items. Each segment is over 20 minutes, but maybe of interest. I'll try to get more podcasts out more often. Thanks for listening!

Tech podcast 277 for May 22, 2018

Thu, 06 Sep 2018 21:43:50 GMT

Welcome to podcast 277 of the technology podcast series with Jared Rimer. Is diction a security risk, especially when it comes to habits as dictating medical and other history that you may text to someone that you feel isn't a problem? A podcast I heard dealing with the disabled braught this up, and I thought about it. Its quite interesting, and the security experts call this a trade off. Next, we have a 6 part series dealing with cyberland, and its many adventures. F-secure posted this in their youtube channel, and I thought it should be shared. Next, T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram Account is discussed. I've also put similar thoughts out on the phone lines. Finally, our contact information. I hope you'll enjoy the program as much as I have, and I'll be back soon with another one.

Technology podcast 276: the tech retrospective, one week later

Thu, 06 Sep 2018 21:31:58 GMT

Published on April 29th. On this podcast, I talk about dad, what he did in regards to me and technology. I also talk about a tech glitch that I found through some comments, and how I'm planning to fix it. I hope you enjoy the podcast. Read the full 2 and a half page letter to dad including any comments by clicking on the link. Thanks for listening!

tech podcast 275 for April 10, 2018

Thu, 06 Sep 2018 21:26:35 GMT

There is a lot on our notations for this podcast. It would be best to find the show notes on our blog under the podcasts category. Thanks so much for listening!

technology podcast 270

Thu, 06 Sep 2018 03:20:40 GMT

On this edition of the podcast, we've got a mac demo, a bonehead award of the day, and an interesting video on how cybercrime hides in the underbelly of the internet. Hope you enjoy!

technology podcast 269

Thu, 06 Sep 2018 03:12:46 GMT

UEB, better late than never. Can Augmented reality and tech help with surgeries? Fake handbags are nothing new, but can this type of fake item really funnel crime rings? An interesting ted talk by someone who investigates such things. Also, comments on an article about Alexa being a blindness specific tool. It can help, but it should not be just a blindness tool. Contact info at the end.

TikTok and Jacket.fm on podcast 384 of the technology blog and podcast

Mon, 14 Apr 2025 20:30:14 GMT

Welcome to podcast 384 of the technology blog and podcast. This is Jared Rimer.

What the hell is going on with TikTok and our government? On April 9, 2025, we celebrated the fact that it has been one year since the publication of what TikTok collects. Here is that blog">https://technology.jaredrimer.net/2024/04/09/are-you-still-using-tiktok-heres-something-you-need-to-know/">blog post if you want to reread that post from Kim and my reaction.

Stop">https://technology.jaredrimer.net/2025/04/05/stop-fucking-around-ban-tiktok-or-dont/">Stop fucking around … ban TikTok or don’t! is another post you should read as it is just new within the past little while known as a month.

Then we learn that TikTok">https://technology.jaredrimer.net/2025/04/04/so-tiktok-by-bytedance-not-following-competitive-bids-more/">TikTok hasn't followed competitive bids which makes it worse. And let's not forget to write in our notes that China apparently needs to sign off on the deal. Like they're going to do that.

Our final segment talks about a new application which is approaching 36 weeks as we write this up. Jacket.fm">http://www.jacket.fm">Jacket.fm is a new social media platform. Look for my profile on my web site under social media.

Here">https://technology.jaredrimer.net/2025/04/10/jacket-fm-an-audio-social-media-network/">Here is the write up I gave them.

Contact info is given, come say hello!

The technology podcast, podcast 382: contact forms, passwords and power school

Fri, 21 Mar 2025 20:30:11 GMT

Welcome to the technology blog and podcast, podcast 382. We're continuing where we left off last podcast by starting with something I posted from the blog, and we'll talk about something that probably should be old by now.

I’ve">https://technology.jaredrimer.net/2025/03/15/ive-been-getting-these-emails-all-day-today-it-seems-maybe-the-last-few-days/">I’ve been getting these emails all day today it seems. Maybe the last few days. shows one of many emails I've been getting as of late dealing with how you can get TikTok followers to come to your website. Sorry to break it to you, but that is not how this works, folks.

Next, can you believe that passwords are being handed out through the phone lines again? While this podcast was out on the lines for some time, we hear an announcement on how people are doing this and if caught, they will be removed from the line permanently. Learn">http://www.livewire.us">Learn more about Live Wire if you wih.

Finally, what's going on with Power School? They're not forthcoming on their breach they had. Here">https://technology.jaredrimer.net/2025/03/12/here-is-some-more-news-about-power-school-and-its-still-looking-grim/">Here is some more news about Power School and its still looking grim is the latest update including the accompanying article. Have fun with this one.

Please feel free to contact me through my">http://www.jaredrimer.net">my web site or contact info given in the cast. Thanks so much for listening!

TSB: episode dealing with AI and hallucinations

Fri, 03 Apr 2026 02:00:00 GMT

Welcome everyone to podcast 270 of the Security Box. I know that Sans is way behind, but I've been involved in other stuff and that the display has also had problems and we also have been busy.

We taped on April 1, 2026 and releasing on April 2, 2026.

But this podcast must continue and we will be talking about AI hallucinations.

Some of the discussion is tied back to podcasts 268 and 269 of this program.

We'e had several AI discussions, podcasts 267 and 270 as well as it coming up in other discussions throughout this series.

No videos or any other major updates this time, we've got plenty more to put out, so we'll try and get things out now that the computer seems to be back up and running in great form.

I hope that everyone enjoys, and we'll see you on April 22, 2026 as I have a meeting to attend on April 15, 2026 that might be of importance.

Thanks for listening, do make it a great day!

TSB: Why can't companies protect our Protected Health Information?

Thu, 12 Mar 2026 22:00:00 GMT

Welcome to the security box, program 269. On this episode, we've got several different items for you, and we'll redo one of our segments because our second file became an issue and we just didn't have time in dealing with rerecording it.

There was someone who posted a message to a phone line, who got our moron of the podcast. Its not necessarily about the content of the message, but where the message was posted in relativity to their location.

Three segments dealing with scams, scams and AI, scams and the inbox, and three questions you can ask which should thwart most scams. We'll redo this segment for podcast 270 as there were gremblins within the machine.

Nick Espinosa is along with one of the 11 videos we recently downloaded dealing with the NFL and an ad that could have privacy implecations.

Our main topic talks about our personal health information and why it is not being protected by companies even though they claim it is.

PHI actually stands for Protected Health Information, but this was written well before the Internet and well before the troubles we've seen in recent times.

Please listen to the show or find info on how to contact us through Jared's web site.

We hope you enjoy this 5 hour 51 minute podcast.

TSB: Why does MENVI and the JRN never have a breach?

Thu, 19 Feb 2026 00:15:17 GMT

The Security Box is back with another episode. We’re currently working through a continuing series, and when major developments happen, we may release additional episodes using an A, B, C format so we can respond quickly while still keeping the overall podcast structure consistent.

We also have several videos queued for discussion. Some of these may be released as supplemental A/B/C segments to keep regular TSB episodes at a reasonable length, since we are no longer broadcasting weekly.

Some of the topics discussed here were briefly introduced during this past week’s Throwback Saturday Night. The difference between the two programs is simple:

Throwback Saturday Night is more relaxed and conversational.

The Security Box goes deeper, offering detailed analysis and discussion.

Topics Covered in This Episode

ChatGPT and App Recommendations We discuss AI tools and productivity apps, prompted by serious accessibility and workflow issues with applications I rely on daily.

Video Segment: "Microsoft’s Backdoor Into Our Encryption…" This video was originally intended for Podcast 267 but did not air. We review and discuss its implications here.

Why Not Move to Gemini? — Training and Trust After DJ Terry asked why I couldn’t simply switch to Gemini, we take a deeper look at training models, ecosystem differences, and practical limitations.

Main Topic: Why MENVI and the JRN Have Never Had a Breach How have smaller organizations like the Jared Rimer Network (JRN) and the Music Education Network for the Visually Impaired (MENVI) avoided major security incidents? We examine operational practices, scale advantages, and why smaller entities sometimes manage data protection better than large corporations.

If you would like to contact me, please use the contact information available through the blog, my website, or the details mentioned throughout the podcast.

Thanks so much for listening!

The Security Box, AI and its usage

Sun, 08 Feb 2026 23:13:03 GMT

Hello folks, welcome to another edition of The Security Box.

This week’s program focuses on AI and its usage, where it’s helping, where it’s being misused, and where the risks are starting to show up in real-world security, privacy, and accessibility scenarios.

AI continues to move fast, and not always in ways users understand or consent to. We’ll talk about how AI is being deployed, what assumptions are being made on behalf of users, and where responsibility still needs to remain firmly human.

As part of this discussion, we may touch on:

AI in everyday consumer tools and services

Security and privacy implications of AI-driven systems

Automation vs. accountability

Accessibility impacts — where AI helps and where it creates new barriers

The growing gap between marketing claims and real-world behavior

As always, this is a discussion-driven program. Topics may evolve as the conversation unfolds, and recent events or examples may be referenced as part of the broader AI landscape.

If you’d like to support what we’re doing, you can:

Donate to the network

Subscribe to The Security Box discussion list

Reach out using the contact information mentioned during the program or available on the blog

We do have videos that will be mixed within the program from Nick Espinoza which include the following

AI regulation arriving

Governments Shouldnt Use AI For Pics & Vids

Microsofts Backdoor Into Our Encryption...

Tesla Cars = Super Hackable!

We Are Never Getting Rid Of Deepfakes

Your Breaches of the Week! January 12 to January 18, 2026

Your Breaches of the week, January 26, 2026 to February 1, 2026

Thanks for listening, reading, and learning with us. We can’t do this alone — and we appreciate you being part of the conversation.

6 ransomware strains decrypted, hundreds arrested, no end in site?

Thu, 22 Jan 2026 15:48:00 GMT

Hello folks, welcome to the next TSB, pprogram 266.

This week, we are going to talk about a 2025 story dealing with hundreds being detained and several ransomware strains being decrypted through tools available to the public.

The blog post leads to the article. The blog is titled 6 ransomware strains decrypted, hundreds detained which sparked some comment last podcast.

As part of discussion: Here we go again with more domains being registered, sits there with possible plans should be read from our November diatribes list.

We do have videos from Nick Espinosa which include items like the world cup being invaded by AI, breaches of the week, mobile phones being not very secure soon, and a question: Why does your supermarket need your biometrics? Preston Gaylor is along with comments as well.

When we were looking at blogs and articles, we saw something about a CSAM article that talked about a suspect who was involved in CSAM and actually getting some substantial jail time.

CSAM suspect jailed for close to 10 years is the blog post where I take this article apart.

Now to our question from last podcast. Did you get it correct?

The question last week was: Let’s get this Monday moving, Jared. You know how sometimes a name change can make everything feel new? Like when The Artist Formerly Known as Prince became a symbol, or when Dunkin’ ditched “Donuts” and got all minimalist on us.

Well, Mark Zuckerberg had a major rebrand moment, too, swapping out “Facebook” for “Meta” to match his metaverse vision. But in doing so, he triggered an awkward translation situation. Meta, in Hebrew, means what? A) Chaos, B) Nightmare, C) Dead or D) Broken. The answer is chilling at the end.

The answer: C) “Dead.” When Zuckerberg swapped “Facebook” for “Meta,” he might’ve been thinking “next-gen digital frontier,” but Hebrew speakers heard something closer to a funeral announcement. “Meta” sounds like the feminine form of the Hebrew word for “dead” (“מתה”), sparking a wave of memes and mock headstones.

Congrats to those who got this right! See you on another podcast coming soon and make it a great day!

The Security box, podcast 265: This is an open forum

Thu, 08 Jan 2026 18:42:47 GMT

Welcome to TSB, episode 265.

The Trivia Question this time is:

Let’s get this Monday moving, Jared. You know how sometimes a name change can make everything feel new? Like when The Artist Formerly Known as Prince became a symbol, or when Dunkin’ ditched “Donuts” and got all minimalist on us.

Please feel free to call and leave your guess at (888) 405-7524 and give us your name or name you want to go by as well as your guess.

Since we've been gone, we're trying to catch up the blog with podcast announcements with full length show notes of past programs including Sans and TSB.

Also, as we announced, we're going to change this show to every two weeks. We're doing this because this will give us more time to find something to talk about, but yet we won't feel burned out.

Here are things we might talk about during this open edition of the program.

Here we go … another click fix attack

Update on Crypto Currency thefts and an old breach

Covenant Health is covered in recent breaches of the week

The Stupid fucks of the year

Diatribes of 2025

Disney to pay a pretty penny for Coppa violations

Health breaches and denmark goes digital?

6 ransomware strains decrypted, hundreds detained

Its time for Year End stuff and sans talk for TSB

Thu, 18 Dec 2025 20:46:46 GMT

If you haven't gotten the picture yet, this will be the last TSB program of the year.

Feel free to visit the blog to learn more about what's going on and I may even post too.

Sans will not be going anywhere, and we'll continue to work on catching that up.

Some ADA stuff, end of year predictions and chatter about Sans stuff too.

Hope you enjoy!

The SECURITY box, podcast 254: its an open forum!

Thu, 25 Sep 2025 19:30:13 GMT

Hello gang! Its an open forum day today, talking about Metro specific stuff, the list, and lots more.

Here is my web site where you can learn more about me and if you want to donate, there's a link to do so. Its much appreciated!

Join the email list or send an email if you wish to do so.

We apologize for the delay in releasing podcasts as of late, I've been very sick but I'm doing better now and I hope to be on the mend.

See you next time!

The Security box, podcast 243: The Multi Billion Dollar Cybercrime Industry

Fri, 20 Jun 2025 19:32:47 GMT

Hello folks, welcome to podcast 243 of the technology program known as the Security Box. On this program, we've got plenty of news notes and the landscape, and a very interesting topic that deals with the economy of the Cybercrime Industry.

The title of the program is

Let's get started by talking about our Trivia.

The question this week is:

Which series predicted smartwatches decades before they existed: A) The Jetsons, B) Star Trek, C) Knight Rider or D) Dick Tracy? The answer awaits you at the end, no time travel required.

So what was last week's trivia?

According to the Kim Komando Newsletter in the Web Watercooler section, what is the percentage of Gen Zers who are OK of sharing their data for free?

A: 25%

B: 50%

C: 80%

D: 88%

E: 95%

F: 100%

G: less than 25%

Now, for the answer for last week's question if you'd rather read.

Answer: D: 88%

"That’s how many Gen Zers are cool with sharing their data for free. Now, Verb.AI’s giving them a reason to actually profit from the surveillance. Gen Z: simultaneously terrified of phone calls and totally fine letting a startup track their every digital move. “It’s not stalking if it’s opt-in,” apparently."

Thanks for playing!

We've talked about the criminal underground on a regular when it comes to the various groups that create ransomware and force your average person to pay because their files are locked up.

But there's another aspect of the underground that we have not talked about, at least not directly.

Did you know that the people that are used to scam you are actually taken from other parts of the country and held in places that are designed for them to do their job? They're promised that they'll get paid, and some may escape as they've never gotten paid but got kidnapped.

Multi-billion">https://technology.jaredrimer.net/2025/04/22/multi-billion-dollar-cybercrime-industry-moves-around/">Multi-billion dollar cybercrime industry moves around is the blog post I wrote, introducing the article Multi-billion-dollar">https://cybernews.com/cybercrime/multi-billion-dollar-cyberscam-industry-spreading-worldwide-un-says/">Multi-billion-dollar cyberscam industry spreading worldwide, UN says which came from Cyberscoop.

As part of this, I surprised the group and we talked about things that you can do to verify like looking them up through an application like Find My Friends, now known as Find My for IOS. I'm not sure, but there may be a similar app for Google, please consult someone with more experience. If we find something, we'll update in a future podcast, but I thought I heard of people using things like Find My to do this unless its only for devices. That's our research, if we find anything new, we'll bring it out.

TSB podcast 236: Open forum part 2 including a cautionary tale

Thu, 01 May 2025 19:30:08 GMT

Lots to ponder here on episode 236. This includes a cautionary tale.

A crocodile that can't be trusted: episode 234 of The Security Box

Thu, 10 Apr 2025 18:00:29 GMT

Hello gang, welcome to the security box, podcast 234. There is quite a bit of things coming down the pike as it comes to news including the extension of the ban which was supposed to take affect already. We've got a topic dealing with Crocodilus coming up, and of course our answer on the trivia from last week.

If you'd like to contact the show, contact information is available on the show, or go to the">http://www.jaredrimer.net">the web site to learn how to do so.

A">https://technology.jaredrimer.net/2025/04/03/a-hacker-within-the-mix-of-the-doge/">A hacker within the mix of the Doge?

Europol">https://technology.jaredrimer.net/2025/04/03/europol-took-down-a-vast-pedophile-network/">Europol took down a vast pedophile network

Find anything else not listed? Let us know! Other news will be posted that we go in to more detail on during the show but there is not room on these notes.

We don't name these, so don't yell at us. Crocodilus">https://technology.jaredrimer.net/2025/03/31/crocodilus-is-new-steals-crypto-wallets-abuses-accessibility-features/">Crocodilus is new, steals crypto wallets, abuses accessibility features is the blog post and New">https://www.bleepingcomputer.com/news/security/new-crocodilus-malware-steals-android-users-crypto-wallet-keys/">New Crocodilus malware steals Android users’ crypto wallet keys is the article itself.

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, program 233: OneRep

Thu, 03 Apr 2025 20:10:19 GMT

Welcome to the security box, program 233. On this edition of the podcast, we've got news, notes and the landscape. We've even got our topic dealing with 1rep. What are they up to and why is it hitting the news in such a bad way?

Full notes will be on our blog at http://technology.jaredrimer.net where you can read them without things breaking.

We've got tons of news, tons of notes, Trivia is in here and much more. Strong Language is possible. Its not heavy but its there.

Phishing and virtual wallets

Thu, 27 Mar 2025 15:00:42 GMT

Welcome to the security box, program 232. Phish data can be used in all kinds of things, including apple wallets. Google is also affected, so don't be complacent. Find out more about this within our podcast. This will be our main topic. We have news, notes and the landscape, some of which are highlighted within the notes on the RSS feed and full notes on the blog.

Full news notes will be on the blog.

Let's make things clear. This is not just an apple problem. This is also a Google problem. The article we're using for this topic is coming from Krebs on Security and is titled How">https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets/">How Phished Data Turns into Apple & Google Wallets so if you have not read it, you should. This is going to get very interesting and we know that this is not going to be over any time soon.

The Security box, program 226: The Stupid Jungle

Fri, 14 Feb 2025 18:40:22 GMT

Welcome to program number 226. On this program, we're going to have a discussion on what has happened across the network the prior month, including the scare of the fires. But the main topic does talk about a company in which did things completely wrong.

So, what should I read you ask? Read the post mortem report: Post">https://technology.jaredrimer.net/2025/02/11/post-mortem-how-important-are-mailing-lists-across-the-jrn/">Post Mortem: How important are mailing lists across the JRN? which will discuss the bulk of what we discuss.

We do cover news including some IOS 18.3 updates which Kim Komando says to go ahead and install on phones now.

We also have Trivia from last week and a very interesting question we did write down this time.

Sans newsletter for January 13, 2026 is finally here!

Wed, 08 Apr 2026 22:30:00 GMT

Sorry we're so late everyone, between being sick, technical issues with the PC, and other commitments, we're finally here. Some of this news still may be of value, and we're glad to still put it out.

Also, starting with this podcast, we're using transcripts. They may not be perfect, but hope they help people. Let me know if it is usable and whether they should be left on.

Welcome to Sans, episode 38. This will cover the newsletter that was released on January 13, 2026.

Sounds like a group we've talked about is back in the news as they're the top story in "top of the news."

We have an Instagram story that we saw through Malware Bytes, but we decided not to blog it. We'll talk about it anyway.

We've got some Privacy Protection news from California, it looks like we've got good news from Spanish authorities and we've got a whole lot more.

If you would like to read the newsletter, please use this link to do so.

Here is what is in the top of the news.

Salt Typhoon Threat Actors Reportedly Responsible for New Congressional Email Breach

Spanish Energy Company and Supplier Disclose Data Breach

LLMs and Healthcare: ChatGPT, Claude, and Google Overviews

What do you think about the LLM story which is item 3 of the top of the news section?

Here's what is in the rest of the news.

LLM APIs Targeted by Threat Actors and Gray-Hat Hackers

Instagram Password Reset Emails are Unrelated to Alleged Data Breach

BreachForums Member Data Leaked

California Privacy Protection Agency Fines Texas Firm for Failing to Register as a Data Broker with the State

Spanish Authorities Arrest 34 in Connection with Cyber Crime Network

Printing Error Prompts Recall of Nearly 13,000 Recent Irish Passports

CISA Retires 10 Emergency Directives

This can't be good in regards to the Irish Passport story.

Comment on the newsletter by leaving me your thoughts. Contact info is within the program. Thanks so much for listening!

Sans 36: The Newsletter that is for January 6, 2026

Sat, 10 Jan 2026 00:39:43 GMT

Hello gang, welcome to program 36 of the Sans series here at the Jared Rimer Network. I'm Jared Rimer. Here's the thing. We're not taking anything away from any other podcast, we just want to put out the news and things from this great educational institution and put our thoughts in to it. With that said, we'll see what happens, as the News Bites series continues.

Sans 35 covered ouch! for January Fake Tech Support: The Only Thing They’re Fixing Is Your Bank Account, so 36 will be the first News Bites of the year.

Here is the link to read the Newsletter online and we'd love to hear your thoughts! Again, this is the newsletter for January 6, 2026.

Call (888) 405-7524 and drop your messages there, or find contact information throughout the podcast.

Here is what is in the top of the news for this newsletter.

Patch MongoDB Now to Fix Exploited Memory Leak

Guilty Plea from Former Cybersecurity Pros Turned Extortionists

Fortinet CVE-2020-12812 is Being Actively Exploited Again

Guilty pleas within the top of the news makes my heart very happy. Let's see what else we can find good within this industry this year, shall we?

Here is what else is happening in the rest of the week's news section of the newsletter.

South Korean Government Report Says KT Mishandled Femtocell Security, Leading to Snooping and Micropayment Fraud

Check Local Network for Kimwolf Residential Proxy Botnet Infection

Sedgwick Government Solutions Acknowledges Cybersecurity Incident Affecting File Transfer System

KEV Additions: Digiever DS-2105 Pro Network Video Recorders and MongoDB Server

New Zealand Healthcare Portal Acknowledges Cybersecurity Incident

Covenant Health Breach Follow-up: Nearly 480,000 Individuals Affected

HIPAA Journal Lists Largest Healthcare Data Breaches of 2025; Aflac Updates Individuals Affected by June Incident to 22.65 Million

We thank you for listening to the tech series, and please let us know what your thoughts are. I do want to know!

Sans Institute talks about Technical Support Scams in January's Ouch! Newsletter

Fri, 02 Jan 2026 22:14:54 GMT

Hello folks, welcome to another Sans episode with Jared Rimer.

Today, we have Ouch, the newsletter for January 2026. In it, it talks about technical support scams. I've even heard some discussion on other podcasts including Scam Squad, so this means that they're back with a vengeance.

The problem is, they don't use the same tactics, techniques and procedures they used to. While the example herein is a popup from a website, it may arrive in an unsolicited text message, or even on social media. I don't think it has hit social media yet, but it could go there, so just be on the lookout.

We have headings that are within the newsletter. They include:

How a “Helpful” Call Turned Costly

What Are Tech Support Scams?

What Are They After?

How These Scams Work

How to Protect Yourself

Final Thoughts

Each section listed above has something for you, and of course the newsletter is now part of San's podcast series.

Here are other links you'll need.

Here is a link to the Ouch Podcast on Sans Institute's web site

Fake Tech Support: The Only Thing They’re Fixing Is Your Bank Account written by Jennifer Cox

Thanks so much for listening, and make it a great day!

Sans covers the newsletter for January 9, 2026

Thu, 22 Jan 2026 23:32:45 GMT

Hello gang, welcome to another Sans Podcast.

I know we're quite behind, and my goal was to do these podcasts between TSB episodes, but the week of the 17th had two meetings, one of which went to a second meeting I decided to stay for. For those who are not clear by this, the two meetings I were to attent happened on two different days, but then one meeting I stayed for happened on the first day and it isn't a regular meeting I stay for.

This podcast is going to cover the newsletter that was released way back on January 9th, 2026. My goal is to get us caught up, and I'm going to do my best.

Would you like to read the newsletter? Here is the link to read January 9, 2026 and its newsletter if you wish.

I believe one of the biggest stories may be this web page California residents can go to so they can opt out of stuff.

Let's see what is in the top of the news.

California's New Privacy Law Lets Consumers Submit One Demand for All Registered Data Brokers to Stop Collecting Their Information

Threat Actor’s Breach was a Resecurity Honeypot

Hospitality Staff, Beware ClickFix Attacks that Mimic BSOD

Here is what they covered for the rest of the week's news for this newsletter.

Cisco Releases Updates for ISE and Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities

n8n Releases Patches for Two Critical Vulnerabilities in One Week

Veeam Update Addresses Four Vulnerabilities

CISA KEV Adds Code Injection Vulnerabilities in HPE OneView and Microsoft Office PowerPoint

Critical Missing Authentication Vulnerability in WHILL Electric Wheelchairs

European Space Agency Acknowledges Infosec Breach

I hope you all enjoy the program as much as I am bringing it to you, and make it a great day!

Sans Newsletter for Dec 23, 2025is covered on this episode

Mon, 29 Dec 2025 00:00:37 GMT

Hello folks, welcome to Sans, episode 34.

On this episode, we will learn about a ten year anniversary of something that a certain nation state did, Russia. Looks like we've got a couple of more breaches to talk about, and much more.

While I will put in the info from the newsletter, the newsletter will have more info including links which I will not include.

This will be the last version of the newsletter for now. In the table of contents, under Internet Storm Center which are articles to various things, they mention this. Once recorded, that will be the last podcast until January 2026. Happy new year!

Would you like to read the newsletter? Here is the link for December 23, 2025 for your convenience.

Ransomware Attack on Romanian Water Management Authority Affected More than 1,000 Systems

Widespread Microsoft 365 OAuth Attacks

Patch WatchGuard Fireware OS for Exploited Critical Flaw

Nigerian Authorities Arrest RaccoonO365 Suspects

Indictments Charge 54 People in Connection with ATM Jackpotting Scheme Using Ploutus Malware

UK Foreign Office Says it is Investigating Breach

University of Phoenix Sends Notifications After Oracle Breach

Malicious npm Package Steals WhatsApp Data

University of Sydney Discloses Data Breach, Reviews Data Practices

NIST Internet Time Services May Be Inaccurate After Pre-emptive Power Outage in Colorado

Contact me through my my">http://www.jaredrimer.net">my web site or listen to the program to learn how you can contact me. All of the methods are available for you.

Thanks so much for listening, and make it a great day!

We have more maximum severity bugs in the newsletter of Sans for Dec 19, 2025

Wed, 24 Dec 2025 21:27:34 GMT

Hello folks, welcome to sans, episode 33. This is going to cover the newsletter for December 19th, which means we're pretty much caught up. Yeah!

would you like to view the newsletter to see what might be of interest to you? Here's the newsletter for December 19, 2025.

Here is what is in the top of the news and we've got to start with yet another maximum severity flaw.

Cisco AsyncOS Unpatched Maximum-Severity Flaw Exploited

SonicWall Addresses Actively Exploited Vulnerability in SMA 100 Series Appliances; CISA Adds Flaw to KEV with a One-Week Mitigation Deadline

Known Critical Flaws in Fortinet Products are Being Actively Exploited

Are you surprised about the fortinet stuff? Seems like they're in Sans practicly every newsletter it seems, even though we missed time due to illness.

Here is what is in the rest of the week's news and we start again with a maximum severity bug but this time with an RCE.

Patch HPE OneView to Fix Maximum-Severity RCE Flaw

ASUS Live Update Vulnerability Added to KEV

RAT Allegedly Discovered on Mediterranean Ferry

NHS Technology Supplier Discloses Cybersecurity Incident

Virginia Mental Health Authority Breach

Follow-Up: French Ministry of the Interior Cyberattack

Law Enforcement Dismantles Infrastructure for Alleged Ransomware Money Laundering Service

I can't wait to see what the update on the French Ministry is. It sounded like the beginning of a particular investigation which was just getting started last podcast and newsletter for December 16.

Please contact me through my web site or listen to the podcast to learn how to contact me. Thanks so much for listening, and make it a happy holiday season!

Remember Dan Kaminsky and the Newsletter for Dec 16, 2025

Tue, 23 Dec 2025 13:30:00 GMT

Welcome to the Sans program with Jared Rimer. I hope that everyone will enjoy the program this time.

This episode will be talking about the newsletter from December 16, 2025.

Would you like a link to the newsletter? Why not check out the newsletter for December 16, 2025 and we'll see what it covers.

At the top of the newsletter, they paid a tribute to Dan Kaminsky who was a security researcher and worked tirelessly to make things accessible and found a very serious bug within DNS. He was born in 1979 and died in 2001. The link is to his entry on Wikipedia.

Here is what's going on with the top of the news for this newsletter.

Apple WebKit and Google Chrome Zero-Days Exploited and Patched

More React Vulnerabilities

CISA Adds GeoServer and Sierra Vulnerabilities to KEV

If you've not patched apple, do so. I believe this only applies to 26.x as when I asked the phone, it gave me 26.2 and nothing in the 18 series.

Here's what is in the rest of the week's news for this newsletter.

MITRE 25 Most Dangerous Vulnerabilities of 2025

Microsoft is Deprecating RC4 Cipher

JLR Follow-up: Payroll Data Breached

Prosper and 700Credit Disclose Breaches

Coupang Follow-up

French Ministry of the Interior’s Email System Suffers Cyberattack

Want to contact me? Send an email to tech at menvi.org (put the symbol where it belongs) or give me a call at 888-405-7524. Do find other contact information within the podcast, or go to my web site and learn more about me and find info that way.

We thank you for listening, and do make it a great day. Thanks for listening, learning and participating with us! Learning is such a beautiful thing isn't it?

Sans Newsbites for December 12, 2025: CVE numbers and many CVSS scores of 9s and 10s

Sat, 20 Dec 2025 22:00:00 GMT

Hello gang, welcome to the Sans News Bites podcast covering the newsletter for December 12, 2025.

I know, we should've been continuing to release, but I also have been involved in other things too and taking some time off, but we plan on catching up as there are no meetings we need to attend until next year.

I've also been learning about how the RSS features work on getting things linked, and its not as simple as putting the links in place in HTML so we'll continue to improve our show notes and make them better.

Do you want to read what is in the newsletter? here is the link to December 12, 2025 if you want to read it.

Here's what is in the top of the news.

Microsoft Patch Tuesday for December 2025 Includes Exploited Zero-Day

Patch Fortinet, Ivanti, and SAP Products for Critical Flaws

Patch Fortinet, Ivanti, and SAP Products for Critical Flaws

Adobe Security Bulletins

Here's the rest of the news

Google Patches (Another) Chrome Zero-day

Unpatched Gogs Vulnerability is Being Actively Exploited

IBM Security Bulletins

CISA and Partners Warn of Attacks Against Critical Infrastructure

Gartner Warns CISOs to Block AI Browsers

Former Accenture Senior Manager Allegedly Lied About Security Control Compliance

Pierce County Library System Will Notify 340,000 Individuals Affected by April 2025 Data Breach

I hope that you all enjoy the program as much as I am bringing it together for you. Remember, this program reads the news items, and comments on them. We will bring in the editors if they say something I'm thinking as I'm reading the thing. Its quoted in the braille too.

Let me know if these show notes are better than past ones. Thanks for listening, make it a great day!

Sans News bites episode 30 for the newsletter that is December 9, 2025

Tue, 16 Dec 2025 02:00:00 GMT

Welcome to sans, episode 30. This will cover the newsletter that was released on December 9, 2025. I hope that people will enjoy the program.

This is the link to read the newsletter online.

Thanks for reading!

Sans News Bites episode 29: the newsletter for December 5, 2025

Mon, 15 Dec 2025 16:00:00 GMT

Welcome to program 29 of Sans. The link to the December 5, 2025 newsletter is https://view.email.sans.org/?qs=98500f4c8692dbb312c3051d77038920ed898ed6caa33e4500f4a980442386f2cf208d4038bc473ffe25a888f0f4e9ceafc60e447d83334645b34da0a9bbabbb26d0970656f95232cab5006f8703ffd75d056e09e13503c0">here for you to peruse if you'd like to take a look at it.

The top of the news deals with patching including a CVSS of 10 which is the maximumn on this score scale.

We've got a couple of breaches, India is rolling back their requirement for security software on phones, and more.

Thanks so much for listening to the show, and thanks for learning with us on what is going on in this landscape. It's a lot, but don't take it in all at once.

Sans News Bites for December 2, 2025

Tue, 09 Dec 2025 03:58:51 GMT

Welcome to Sans, episode 28 across the Jared Rimer Network. You'll notice a change in the podcast, its Jared's Technology Podcast Network. Same content as the tech blog and podcast, but now reflects what we're trying to do.

The Sans issue we're going to cover will be for the newsletter that was for December 2, 2025 as we work to try and catch up.

Its link is https://view.email.sans.org/?qs=62bd1cdfd2fc6a82768fc7e448b6600e769e048c38c79f4a6762d3a3d16721db97a1760ab11b741a2d8c43e81023b91a1e3e3812b3acaa8defb82ce5336053f54a245fed6321c85337657b9d082be466 if you want to view it.

Thanks so much for listening, reading the blog, and participating in podcasts!

The Security box, program number 263: The Worst Passwords of 2025

Mon, 08 Dec 2025 20:30:12 GMT

We are so sorry that this is being released late. Its been a bit busy lately.

This podcast was aired last wednesday and covers news notes from what people have found as well as our topic of the worst passwords of 2025.

Stop">https://www.forbes.com/sites/zakdoffman/2025/11/06/stop-using-every-password-now-thats-on-this-list/">Stop Using Every Password Now That's On This List is the title of this one.

Did I mention we have trivia too? To participate, call 888-405-7524 or follow instructions in the program. Enjoy!

Sans News Bites for the newsletter for Friday, September 21, 2025

Tue, 25 Nov 2025 17:13:07 GMT

We now come with the newsletter for September 21, 2025. We have three idiots going to be talked about, and we even talk about Pharming, that is P H, not F. We neglected it last podcast.

Welcome to Sans, episode 27. On this episode, we'll cover Farming, something I realized we didn't cover from last podcast.

Then, we'll cover the newsletter, and we'll see what types of comments I have.

Here">https://view.email.sans.org/?qs=f988f4249ca0dde285b162c304984dddee170f21a233dfd1669a01d16ebaf9cb60e47212daec371d9aa1ab1f2153e9a7da9c4ff4fd84984614ad984f92541af7431e0284ea2182095892b1d9085c4ef0">Here is the link to the newsletter for November 21, 2025.

Thanks so much for listening!

Sans News Bites episode 26 covering the newsletter for November 18, 2025

Sun, 23 Nov 2025 12:30:12 GMT

Hello folks, welcome to the program for Sans News Bites. This is episode 26 and it'll cover the newsletter for November 18, 2025. This">https://view.email.sans.org/?qs=a584bedbbeeab05256f36840ed3a3b5f6ebd043f83ccc0a22f51e1952fcbec363ca329ff413074db4293d2a42993b82060eaa63e867df6f38746d83b603a5ca54a02875e671648404d041881205efbfc8ea1d51d8b25b02a">This is the link to the newsletter if you want to read it.

Thanks so much for reading. Thanks so much for listening. And thanks so much for learning with us.

The Security box, program 262: Freight shippers and being targeted

Thu, 20 Nov 2025 15:36:46 GMT

Hello gang, welcome to the Security box, podcast 262. On this episode, we're going to learn about actors who abuse the privelage of day to day operations to get shipments from one place to another.

We did a deep dive of this through my blog and its a 7 minute read titled Hackers">https://technology.jaredrimer.net/2025/11/04/hackers-to-use-tools-to-breach-freighters-steal-shipments/">Hackers to use tools to breach freighters, steal shipments.

This leads to the full article titled Hackers">https://www.bleepingcomputer.com/news/security/hackers-use-rmm-tools-to-breach-freighters-and-steal-cargo-shipments/">Hackers use RMM tools to breach freighters and steal cargo shipments which comes to us from Bleeping Computer.

We'll have news, notes and the landscape, and an email which may be making a comeback. We'll have breaches of the week as usual and we'll also see what other stuff we can find as well.

I hope you enjoy the program, thanks so much for listening!

Sans News Bites returns with episode 25: Covering the newsletter for November 14, 2025

Sun, 16 Nov 2025 14:30:08 GMT

Hello gang, its been a long time since we did Sans, and I want to do Sans as it gives us insites in to the landscape. Insite that we don't have otherwise.

Let me know if you find a moron of the podcast.

Hope you enjoy!

Welcome to Sans, episode 25. Yes, its been awhile and I know it. I wanted to get back in to Sans in October but it just wasn't possible with what happened sick wise.

I was better in November, but lots of things have been going on but now I want to try and do an episode.

This">https://view.email.sans.org/?qs=37dfcc22b7a299ad2af3e3862f664503344a6f6a7b899e99e92e3318e2d7399f15d3ceefc5c91165fac68f723d04bf1924fc9d47b457a566030e6154718e161ce910174565545f09a5a5177fd85c131a">This link is for the newsletter put out Friday November 14, 2025. Since December will be a lot quieter, I hope I can try to get back in to these.

I think its a great edition to the podcast set and I've personally missed doing this show.

Thanks for everyone's support during my recovery. I greatly appreciate it!

The Security box, podcast 261: we've got a new malware in town and this one abuses API access

Thu, 13 Nov 2025 07:45:08 GMT

SesameOp seems to be new in town. This">https://technology.jaredrimer.net/2025/11/05/sesameop-malware-abuses-openai-api/">This is the blog post about it.

We've not had time to post to the blog, but I did post to the list a few items.

We hope you enjoy the show, and we do have a comment from Mr. J. about something we may talk about on our cast as well.

The Security box, podcast 260 for November 5, 2025

Sat, 08 Nov 2025 20:52:33 GMT

Sorry this podcast is so late. I merged the files on Thursday and never got the files up here. I may have dated the cast for Tjhursday and its still not here.

I'm fixing that now.

Welcome to the Security box, podcast 260. This is the first time we've done show notes since NCSAM, but that's OK.

On this program, we're going to run through the landscape as well as have another interesting topic on EDR stuff.

For those who are not familiar with EDR, and you're joining us for the first time, EDR stands for end point detection and response. This is part of some Antivirus tools.

There is malware out there that disables this technology and we've been talking about this for quite awhile, even though we've not uploaded to the TSB directory in quite while.

The article this time comes from Bleeping Computer and is titled New">https://www.bleepingcomputer.com/news/security/new-edr-freeze-tool-uses-windows-wer-to-suspend-security-software/">New EDR-Freeze tool uses Windows WER to suspend security software which caught Nick's attention.

If I remember, Windows WER stands for the "Windows Error Reporting" tool. So if this is the case, this is going to be bad.

We'll break this down and we'll see what else the team is going to want to cover.

Thanks so much for listening, and make it a great day!

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 259: NCSAM week 5: shopping, domains and erata

Thu, 30 Oct 2025 17:04:56 GMT

Hello gang. Final NCSAM for you and plenty of tunes at the end for you to enjoy. Several different videos too, to keep you on your toes.

See you next time!

The Security box, podcast 258: NCSAM week 3, Scams, social media and more

Thu, 23 Oct 2025 17:00:22 GMT

Hello gang,

I've started blogging again and we've got a few videos that might be of interest too.

This may be about 5 hours for the podcast but we've got stuff here including breaches, blockchain stuff, AI stuff and more.

Feel free to contact me using the contact information from within the podcast or web site.

Enjoy!

The Security box, podcast 257: week 3 of NCSAM talking about transportation

Sun, 19 Oct 2025 21:00:35 GMT

Sorry for the podcasting delay, its been a bit busy with a few items, hope we can get the podcast out in a better time frame this next week.

We talk about any news and notes from the landscape, and then we talk about transportation, apps and more.

My various web sites where things are linked are given including White Cane Travel and my Metro page but you can also search these things out too.

This coming week, we'll talk about social media. Hope you enjoy the NCSAM stuff and we'll be in touch!

The Security box, podcast 256; credit cards, debit cards and banking

Fri, 10 Oct 2025 17:50:09 GMT

OK folks, we're covering quite bit of things including news, notes, and different types of cards and options for banking.

TSB podcast 255: NCSAM week 1: Tying everything to the password

Thu, 02 Oct 2025 21:30:13 GMT

Did you know that a lot of attacks start with the first basic thing you do when you sign up for an account? That is ... setting up passwords.

Passwords are all over the place including, email, streaming services, banking, and even your favorite app which may include social media.

There are good practices and bad practices.

Each person will make their own decisions, but we tie all of this to the first line of your defense, the password.

Please feel free to find contact info on the JRN web site at www.jaredrimer.net or use what is available within the podcast.

Let's hear from you!

The Security box, podcast 253: Ramp and Dump for September 17, 2025

Thu, 25 Sep 2025 01:00:20 GMT

The goal was to release this podcast on the 20th but I fell ill again, and so we're releasing it today. Truly sorry for the lengthy delay!

Here, we talk about Ramp and Dump amongst other topics that either came across the list or the blog.

We've not touched the blog much due to illness, but that will change.

Here are our notes.

Hello gang, welcome to podcast 253. I've been under the weather, but trying to blog a little bit since I've been better.

We've got an interesting topic Nick picked out called Ramp and Dump and Nick picked this out. Its on an old scheme, but new too.

I hope we took enough of the article to discuss this one. Mobile">https://krebsonsecurity.com/2025/08/mobile-phishers-target-brokerage-accounts-in-ramp-and-dump-cashout-scheme/">Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme is the article and thanks so much for reading, participating and learning with us!

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Sans 24: No fanfare, just passkeys for Septembers ouch! Newsletter

Tue, 02 Sep 2025 01:50:45 GMT

Welcome to Sans,, episode 24. We know that News Bites is taking off, but it must be time for the Ouch! Newsletter. This time, they tackle something called Passkeys. Links for the podcast as well as translations are available.

Want to read ouch for the month of september? Passkeys">https://www.sans.org/newsletters/ouch/passkeys-simpler-safer-way-sign-in?utm_medium=Email&utm_source=HL-GL&utm_content=1517060_ouch_article_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757">Passkeys – A Simpler and Safer Way to Sign In is the newsletter title for this episode.

Enjoy learning!

Sans 23 for the newsletter for August 29th, 2025

Sun, 31 Aug 2025 03:00:12 GMT

Hello gang, welcome to sans episode 23. Just a side note, the next newsletter won't be till the 5th of September, they mention it in the newsletter.

Here">https://view.email.sans.org/?qs=6cacbd89bbf5b903451a7385bfe544edb7af35b8521cdf2f113018ed98ba04677685a3b1a3ec57721cb034ea7c7d44d19846c046cd1c795d3358e4535bb744c7e77f3d1697a6ab78ab606288f57dc279">Here is the link to the newsletter for August 29th if you wish to read it.

Per usual, we'll credit them where needed, but the comments are our own unless we specify.

We're bringing this to people so you get a wide range of coverage from around the landscape. If their thoughts align to mine, we'll put them and indicate its theirs.

Attribution on who edits Sans is at the end of every podcast.

Thanks for listening, make it a great day!

Sans News bites episode 22: the newsletter August 26, 2025

Fri, 29 Aug 2025 22:00:22 GMT

Welcome to Sans episode 22. This">https://view.email.sans.org/?qs=daf62d748db43a9471c4e1d5df1539428e593f2d162ab8d22432b38dec2ce1cc042855ab63a90ffe08d9b00e3cbeb5344c66e19b3eac67a79c2970f5dc40a516be0f0e5927998e08f79df9af8b567b44f2bfc29b429e680f">This is the link to the newsletter which was released on Tuesday, August 26th.

Don't worry, we're not going to try and catch up, sometimes its best to just move forward.

Find anything of value you want to comment on? Please do so! (888) 405-7524 or send an email or an imessage. Contact info is given within this program. Thanks for listening, make it a great day!

The security box, podcast 252: more EDR Killer stuff

Thu, 28 Aug 2025 17:08:16 GMT

Welcome to the security box, podcast 252. This is the second of two podcasts talking about the subject of EDR. We've got news, notes, the landscape, trivia and of course the said topic.

I even have something I found on Facebook that I thought was worth sharing that was posted to a group by a follower. I don't normally read these, but I think its worth sharing. Its not necessarily tech related, but still worth it.

New">https://technology.jaredrimer.net/2025/08/15/new-edr-killer-was-used-by-8-different-ransomware-groups-several-are-unknown-to-me/">New EDR killer was used by 8 different ransomware groups, several are unknown to me is the blog post. It links to New">https://www.bleepingcomputer.com/news/security/new-edr-killer-tool-used-by-eight-different-ransomware-groups/">New EDR killer tool used by eight different ransomware groups if you want to read it. That's the article for discussion and its a doozie.

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do

Sans news bites, episode 21: Newsletter for august 8, 2025

Fri, 22 Aug 2025 19:12:18 GMT

Sorry for the lengthy delay! Lots of stuff happening that pulled me away.

Hello folks, welcome to Sans episode 21. This">https://view.email.sans.org/?qs=8af3fac98aa539544a129d4670435689b58085cf821afd2661d81f113695359975b2496b59f270830a15c844dd5cfd36261a9910afd7d6520c5744e95837d90bd59234909e53e38dd10c32594e815063">This is the link for the newsletter. This is the newsletter for August 8, 2025 which will be more current. We hope you enjoy the program!

TSB 251 for August 20, 2025

Thu, 21 Aug 2025 16:48:15 GMT

Welcome to podcast 251 of the security box. Its interesting, we did pass 250 episodes but episode 250 had a tech issue I did not realize until I ended the program. We'll recap things so everyone can be heard, then we'll get in to the news, notes and the landscape.

Also this week, one of two EDR articles that we've come across, one by Nick and one by myself.

We may have trivia as well.

Hope you enjoy the program, thanks so much for listening!

TSB 250: FileFix

Wed, 13 Aug 2025 22:09:21 GMT

I realized that on our second segment, not everyone was heard. This is the first Ive done this, sorry about that! Follow the topic in the show notes and we'll recap next week.

Hello folks, welcome to the security box, podcast 250. We've finally reached our 250th episode! This is definitely a momentous day.

On this program, we're going to have any news, notes and the landscape; we'll have a very interesting trivia question, and we also will have a topic dealing with a brand new attack which we predicted after our June first look when in July we got the first attack of such a thing. The thing we're talking about is called file fix. First termed click fix, it was one of the top problems we've had but now its been revamped and its not good.

Thanks so much for listening, please make it a great day!

What does the word "malware" stand for? Its a two word phraise where all of the letters are used within the two words. (888) 405-7524 or find full contact information on our podcast you can use to submit your answer.

Well, we start in June when we posted New">https://technology.jaredrimer.net/2025/06/24/new-click-fix-may-soon-become-file-fix/">New! Click Fix may soon become File Fix which we talked about. Then, in mid-July, our prediction came true. We">https://technology.jaredrimer.net/2025/07/14/we-now-have-our-first-file-fix-attack/">We now have our first file fix attack is the blog post that we have which leads to the article in question that we'll be pulling from. Thanks so much for having an interest! We're not done yet.

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Sans episode 20: The Newsletter for August 1, 2025

Thu, 07 Aug 2025 22:20:11 GMT

Finally trying to get some sans done.

Hello folk, welcome to sans episode 20. This">https://view.email.sans.org/?qs=6c6bf7745a6e10ca90dbd3dfb79e37ee5b5b30285e0d2c7cb2a344b6be02a7874049916174aaccc38c9c3f27247f1b143d9e90df510dc717878006377296f8dbd7c6decc5f93c9673759879863a0e48afa6ccd62a9e98093">This is the link for the news bites if you'd like to read it. This is a very interesting episode where Dropbox discontinued their password manager, Project Zero from Google is becoming more transparent, St. Paul, Minnesota calls the National Guard and much more. This is crazy!

The Security Box, podcast 249: Anubis

Thu, 07 Aug 2025 19:30:12 GMT

Hello gang, this is going to be the show notes for TSB, podcast 249. We cover lots of trivia and their answers, something called Anubis, and something that I think developers need to know. Here are the full notes.

Hello folks, welcome to TSB, podcast 249. We've got a trivia question this week, maybe not so much news as everyone has been busy, but our topic this time is going to be on Anubis. This is a bit confusing, so maybe we can figure this out together.

We hope that you'll enjoy the program as much as we have bringing it together for you.

What">https://technology.jaredrimer.net/2025/06/14/what-is-anubis/">What is Anubis? is our blog. It leads to the article Anubis">https://www.bleepingcomputer.com/news/security/anubis-ransomware-adds-wiper-to-destroy-files-beyond-recovery/">Anubis ransomware adds wiper to destroy files beyond recovery coming from Bleeping Computer. I guess we'll see how this goes in trying to explain it.

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Sans 19: a familiar topic and job scams

Mon, 04 Aug 2025 22:00:16 GMT

Sans 19 covers August's Ouch! Newsletter. This">https://www.sans.org/newsletters/ouch/spotting-online-job-scams?utm_medium=Email&utm_source=HL-GL&utm_content=1509356_ouch_article_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757">This is the article that will be discussed in this 17 minute piece. Contact info is also given, and we'll be back with another podcast real soon. Stay safe out there!

Sans News Bites, episode 18: The newsletter that was published July 25, 2025

Sat, 02 Aug 2025 23:00:22 GMT

This">https://view.email.sans.org/?qs=d5a452bed9227bc10deec759d6d5eaa86319c4f6f9440a9c90ac7b315a8c2fb1025642285cbf040737242f66a1717b21f5cfac64627b67002e3113414820e2885dd2f8669a3e1c0ae26838bb19d29ebc1240ae6cecc299bf">This is the link for Sans News Bites for the 25th.

The Security box, podcast 248: I get interviewed

Thu, 31 Jul 2025 17:53:49 GMT

i get interviewed today. News, notes, the landscape and much more. We've also got trivia.

The Security box, podcast 247: Digital and Physical Security

Thu, 24 Jul 2025 01:00:31 GMT

Welcome to the security box, podcast 247. On this program, we've got lots of stuff for you today including Agentic AI enabled cybercrime, a very short diatribe from our very own Mr. J., trivia and more. The topic will be coming from Phishlabs and their article talking about digital and physical security.

We hope you enjoy the program as much as we have bringing it together for you, and make it a great day!

Millennials">https://www.komando.com/news/security/millennials-are-the-newest-scam-target/">Millennials are the newest scam target was in the newsletter. I went to record a file from the newsletter, but I had to resort to the web to get this one. Glad I finally got this recorded, we're continuing to see these scams ourselves.

When">https://www.phishlabs.com/blog/the-need-for-executive-protection">When Digital and Physical Threats Intertwined: The Need for Executive Protection is our topic for today. Can this be a real problem?

What was the amount of money that was stolen from a schoolteacher in North Texas? It was their life savings. Was it:

A: 15,000

B: 30,000

C: 32,000

D: 45,000

e: higher than 45,000

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 246: MFA can now be bypassed

Thu, 17 Jul 2025 18:00:24 GMT

Welcome to the security box, program number 246. We hope that you will enjoy the program as much as we are putting it together. On this program, Trend Micro and their podcast series on YouTube will talk about zero days and patches. Michael in Arkansas, formerly Indiana, will come along with commentary about the McDonalds debacle with the third party provider and one of the stupidest passwords we've found, Jared will be along with a portion of the diatribe about the same McDonalds story and our topic will talk about multi-factor and the criminals trying to break it.

Oh yes, we've also got our trivia, the news, the notes and the landscape.

We hope you enjoy the program as much as we are bringing it together for you. Enjoy!

This was actually posted to the list and maybe the title of this isn't quite appropriate. The Ars Technica article is titled Why">https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-ar=e-easier-than-ever-so-what-are-we-to-do/">Why MFA is getting easier to bypass and what to do about it which is a short article. Talks about a protocol I'm not too familiar with. We'll see how this goes.

News, notes, the landscape and lots more!

Sans News Bites, episode 17

Tue, 15 Jul 2025 22:00:20 GMT

After a couple of months, I'm happy to resume Sans. We cover the newsletter that was issued on July 11th. Lots of stuff here, hope you enjoy!

This is Sans number 17. Its been quite awhile since we did sans, but we'll pick it up with July 11th and this">https://view.email.sans.org/?qs=bf4c72d8e4d79fcfbd7bb8645afb5d302bc0f3fbe5225ebbbd25a27ed2a8e4dfa39085d69133f279fd41cfd0b9c7f0ca3790b9972ee217d5c6ba1cf173953d33f873167f49fca3168e6f4182886d98841dd9f0326997d2fe">this is the link to read the newsletter. Enjoy!

The Security box, podcast 245: Spain and their DDoS issues as well as news, notes and the landscape

Thu, 10 Jul 2025 03:50:11 GMT

Welcome to the security box, podcast 245. We ope that you have enjoyed your 4th of July holiday and we're glad to be back on the airwaves.

On this program, we're going to cover the news, the notes and the landscape since we have been away as well as any thoughts from anyone who may be joining us during the live taping.

We also have trivia as well, and we'll be sure to get the trivia to the list for those who want to participate through that method.

Files we'll be adding will include: a discussion on CSAM, otherwise known as child sexual abuse material, a joke I found on Mastodon that is not tech related, we'll read something that was found from DevaOnBreaches that is true today more than ever, and of course our topic being Spain and their DDOS being increased over 100 percent!

The blog will have links to topics as usual.

As I'm going through Mastodon, I find the following boosted toot.

Alex Chapman: Boosting mattcurtis (mattcurtis): trump mobile is the worst type of phone plan you can ask for, first you pay $61.00 for the sim, and then, you use your data up? your phone data gets shut off completely, want proof?

https://www.youtube.com/watch?v=KUtSo7dASg0

Here">https://www.youtube.com/watch?v=KUtSo7dASg0">Here is the link to the 30 minute video if you want to watch. This came in after we got the intro together, just take a look if you're interested in this service.

The blog post this time is DDOS">https://technology.jaredrimer.net/2025/05/07/ddos-attackers-targeting-spain/">DDOS attackers targeting spain and this is quite interesting. This is research from Group IB, who we've talked about on this podcast before. As I indicated in the intro created for this podcast, its well over 100 percent. In fact, its up quite a lot. The full article is titled DDoS">https://cybernews.com/security/moscow-aligned-hackers-drive-ddos-attacks-surge-in-europe/">DDoS attacks surge by 88% in March, Spain emerges as top target if you'd like to read it. It'll be helping us with this discussion.

We hope you enjoy!

TSB 244 for June 24, 2025

Fri, 27 Jun 2025 16:28:24 GMT

Welcome to the security box, podcast 244. On this podcast, its open forum. Lots of newsy items including some videos from the landscape. We even have Trivia.

I'm also working on tech issues, and hopefully I'll find something better. We push on.

This is another extended 4 and a half hour program.

There is no program for the July fourth holiday week. We're taking the week off.

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The security box, podcast 242: Cookie Bite

Thu, 12 Jun 2025 23:00:12 GMT

Hello folks, welcome to podcast 242 of the security box podcast. Do you want some cookies? Yes, I ate a whole box, but they were sma;ll cookies and I intended not to do that.

These cookies however are not to be eaten, and you'll find out all about it.

We'll have news, notes and the landscape as well as trivia.

We hope you enjoy the program as much as I have putting it together for you.

According to the Kim Komando Newsletter in the Web Watercooler section, what is the percentage of Gen Zers who are OK of sharing their data for free?

A: 25%

B: 50%

C: 80%

D: 88%

E: 95%

F: 100%

G: less than 25%

Call (888) 405-7524 or 818-527-4754 or find me on social media. You can also text/WhatsApp 804-442-6975 and leave your guess there too. Good luck!

You think of cookies as things that you eat. But there are cookies on your computer which tell sites that you're logged in to an account you control and they contain your preferences. But what would happen if someone was able to steal them and get in to those sites bypassing even the 2-factor authentication we have been telling you to use? Yes, if my memory serves me, that is what Cookie Bite does.

Blog post: https://technology.jaredrimer.net/2025/04/23/dont-bite-now-cookie-bite-proof-of-concept-extension-steals-session-cookies/

Read the rest of the show notes on the blog at http://www.jaredtech.help including the answer to last week's question and other things of importance.

The Security box, program 241: these things are continuing to be sent via email, text, and social media

Fri, 06 Jun 2025 12:30:20 GMT

Hello folks, welcome to the security box, program 241. We've got plenty of news, notes and much more. We've also got Trivia as well.

Trivia from last week:

Here's the trivia from this past week.

How fast did Nvidia-grade AI hardware cracked your 8-character password? Is the answer:

A: 5 minutes

B: 10 minutes

C: 15 minutes

D: 20 minutes

E: 25 minutes

F: 30 minutes

G: over 30 minutes

The answer:

30 minutes ... How fast Nvidia-grade AI hardware can crack your 8-character password. Hive Systems ran the numbers, and yeah, it’s bleak for your bare-minimum login. It can also crack a numbers-only string in about three hours. Pro tip: Save yourself some peace of mind by using the same password manager I do.

This week's question:

What is the percentage of email that comes out of the US that is considered spam? Also, out of that, what is the percentage that is malware or phishing?

A: 25% Spam 10% phishing and malware

B: 50% spam 75% phishing and malware

C: 57% spam 67% phishing and malware

D: 80% spam 100% phishing and malware

E: Higher than 80% on both

F: lower than 25% on both

(888) 405-7524 or find contact info in the podcast to submit your guess.

Our topic:

https://www.sans.org/newsletters/ouch/cybercriminals-exploit-your-emotions/?utm_medium=Email&utm_source=HL-GL&utm_content=1474676_spot_red_flags_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757 is the article for this episode taken from Sans 12. How your emotions are triggered by things we continue to see on a regular basis.

TSB 240: Dragon Force

Thu, 29 May 2025 19:50:07 GMT

Welcome to the security box, program 240. On this program, we're going to have the news, the notes and the landscape. We're also going to have our topic talking about Dragon Force. We're also going to review the trivia for last week and issue the question for this week too. We hope you enjoy the program as much as we have bringing it to you!

Trivia:

Here is the trivia for podcast 239.

Crypto hackers get crafty: A hacker group called FreeDrain has built an entire phishing empire targeting desperate crypto users. They do it by poisoning search results with over how many malicious links? Victims are lured by fake wallet support pages, asked for their seed phrases and drained faster than a Solana transaction. The heist? Already in the millions.

Is the answer:

A: 100,000

B: 250,000

C: 650,000

D: over 650,000

E: under 100,000

The answer

Crypto hackers get crafty: A hacker group called FreeDrain has built an entire phishing empire targeting desperate crypto users. They do it by poisoning search results with over 200K malicious links. Victims are lured by fake wallet support pages, asked for their seed phrases and drained faster than a Solana transaction. The heist? Already in the millions.

This week's question:

How fast did Nvidia-grade AI hardware cracked your 8-character password? Is the answer:

A: 5 minutes

B: 10 minutes

C: 15 minutes

D: 20 minutes

E: 25 minutes

F: 30 minutes

G: over 30 minutes

Call (888) 405-7524 and let me know what you think.

Also, last week, we asked about Gen Z and the percentage of those who use social media to get their news and the answer there according to Kim Komando is 60%. Problem much?

Our topic: Dragon force

https://technology.jaredrimer.net/2025/04/27/another-threat-actor-indicates-they-wont-go-after-hospitals-cancer-centers/ is the blog post leading to the topic for today and https://technology.jaredrimer.net/2025/05/27/dragon-force-is-causing-more-havoc-goes-after-msp/ is the link.

We hope you enjoy today's show and thanks for listening!

Sans 16: News that ended for their newsletter dated May 20, 2025

Tue, 27 May 2025 17:30:19 GMT

Sans 16 will have sans for May 20th. Sorry for the lateness folks, its been busy but we've got a free period and we'll try to get better here.

This">https://view.email.sans.org/?qs=b9ce492d9e364f03cc6d2c15c07ecf76c822c55539a6e5b086024ab2c7ea77da2671f8c503a8ae9cab0e48503bc10a79a4c1c930779487f0c1813f4e9ae58613008cd596529184a7ab8d51454a9a9ae1725b807810f4aee3">This is the link to read the newsletter in full.

On this newsletter, Voicmail, texts and deepfakes, a Cyberdefense law is passed, the UK gets breached again with law applicants getting owned and much more.

We hope that you enjoy the program, thanks for listening!

The Security box, podcast 239: Interlock

Thu, 22 May 2025 20:50:09 GMT

Hello gang, welcome to the security box, podcast 239. Our topic today is dealing with Interlock. This is something you don't want. News, notes, and the landscape as well. News, notes and the landscape as well.

Our topic is going to be on Interlock. https://technology.jaredrimer.net/2025/04/20/interlock-becoming-more-dangerous-threatens-legal-problems-if-you-dont-pay/ is the blog post leading to the article, but I don't think we mentioned that it will threaten legal action if you do not pay.

We've got two questions, one as part of news notes and one at the end as we discuss what we're going to do for the Security Hour on Saturday.

The full show notes link to some of the newsy items we've got that might be of interest, and those notes will have a lot of other linked items too.

See you all next week!

Sans news bites for May 13, 2025 episode 15 issued 5-18

Tue, 20 May 2025 01:00:14 GMT

Welcome to Sans episode 15. On this episode, we've got patch tuesday stuff from Microsoft and others, compitition between the EU and US when it comes to vulnerability databases, Gartner says we can't patch our way out of threat debt, Chrome gets updated, advanced protection comes to Android 16 and much more.

https://view.email.sans.org/?qs=e6fcbe2d6740edd4a19d81c2fb3dcb46d18f61723a828ac4ebaa209613a73b851b0e0afba8636113af8926df584ef00cdc38b22dd69d71d3476b4045f474f5c244016c8d96920354e414fa27fe797e94 is the link where you can view the newsletter as these are some of the lights of what you'll hear.

I need to continue to slow down, and try not to go too fast. There may be some mistakes, more than I usually do, sorry about that.

This episode is for the newsletter from Friday, May 16, 2025. Thanks for listening, reading and learning together!

I hope you enjoy the show!

TSN 12: Sans Ouch! May 2025

Fri, 16 May 2025 23:30:15 GMT

If you did not hear Sans 12, you get to on this Saturday Night's throwback Saturday Night program on the independent channel of 986themix.com

Direct link to the independent channel is at http://magnatune.jaredrimer.net and I hope you join us at 7 PM CT, 5 PT for music and more followed by 8 PM with the topic from May.

Didn't read Ouch! for this month? Find it here by using https://www.sans.org/newsletters/ouch/cybercriminals-exploit-your-emotions/?utm_medium=Email&utm_source=HL-GL&utm_content=1474676_spot_red_flags_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757 as your link.

Sans news bites, episode 14 for May 13, 2025

Fri, 16 May 2025 23:00:13 GMT

Welcome to Sans 14. We're skipping a week of Sans due to me being unavailable to tape.

This time, a big company in the education system is hacked, Apple secures IOS and other projects, Google Settles Texas privacy suit, Florida's E2EE crashes and burns and Asus gets fixed although the entry has the text from the prior item.

The newsletter can be found by using https://view.email.sans.org/?qs=f7031841e4a7fae735eb0784e9b805486cab63b0c33dcb06122c11704cd3a9b277e3e1c28433d3c50acc96485ed2a5c1c2b70935e5532d8b373d775d7fc8b1896e1c5bd430a4eeb1f821b01221a3899c if you wish to read it.

TSB 238: news, notes and the landscape; accessible security software

Thu, 15 May 2025 19:30:09 GMT

Welcome to the security box, program 238. On this program, we're going to have news, notes and the landscape as well as trivia and a discussion of accessible software and the lack there of when it comes to software we can use in the security landscape. Please feel free to contact the podcast by email, imessage, text and the comment line at (804) 442-6975. Thanks so much for listening!

Here's our trivia question for today. How many seconds does it take to crack a 6-character password? Is it

A. 15 seconds

B: 30 seconds

C: 45 seconds

D: less than a second

E: 1 minute

Call (888) 405-7524 if you have any guesses. Leave a name or the name you want to go by and your guess. Answers revealed next week.

Last week's question was:

It’s Thursday, friend. Ever notice those tiny bumps on your keyboard’s F and J keys? They serve a legit and genius purpose.

I’ll give you some hints for why they’re there: A) “Home base” for your fingers, B) Grip for high-speed typing, C) Braille, or D) Random factory defect we’ve all accepted. Go ahead, stare at your keyboard like you just discovered aliens. You can find the answer at the end!

The answer to the FJ mystery is, drumroll please … A) So your fingers know where to “home”! The little bumps on F and J are like miniature bumpers, guiding touch-typists back to center stage without even looking. So next time you’re speed typing that Yelp review, use the 50-year-old typewriter tech at your fingers’ disposal.

News:

A new dating app has been hiding the fact that it didn't keep its promise and revealed your data. https://technology.jaredrimer.net/2025/05/12/were-a-dating-app-and-we-just-fucked-up-by-exposing-your-data-to-anyone-who-wants-it/

https://technology.jaredrimer.net/2025/05/12/lockbit-bitten-again-but-not-by-a-takedown/

Our topic:

Is software that is to protect us from worms, trojans and the like accessible? A 2020 post shows it isn't and this hasn't changed. https://technology.jaredrimer.net/2020/07/06/what-is-the-state-of-antivirus-today-is-it-about-dead/ is the article, and let's see what you say.

One of the companies even went so far as to sell our data to advertisors. https://technology.jaredrimer.net/2024/02/24/avast-caught-collecting-lots-of-info-selling-it-to-other-companies/

If you search AntiVirus, you'll find other posts, but these are the big ones.

We hope you enjoy the show!

TSN 11: DevaOnBreaches with an item, news notes and the landscape

Sat, 10 May 2025 00:00:21 GMT

Hello gang, I recorded this on Friday for tomorrow's throwback Saturday Night show.

On the security hour, we're going to cover something we also covered as part of TSB 237 which also got released today because we've been busy.

We'll have news notes from the landscape if any and it'll mainly be an open forum.

Show is on Saturday, 7 pm CT, 8 ET on the independent channel at http://magnatune.jaredrimer.net so why not join?

See you next time!

TSB podcast 237 for May 7, 2025: CISA and Mitre contract

Fri, 09 May 2025 20:00:21 GMT

Hello gang, sorry for the late release its been busy.

We've got news, notes and trivia today.

Here's the Trivia for this week. It’s Thursday, friend. Ever notice those tiny bumps on your keyboard’s F and J keys? They serve a legit and genius purpose.

Call (888) 405-7524 if you want to guess. One guess per caller. Let me know if you want your guess aired. Leave a name or a name you want to go by so we can log the answer.

The topic is coming from the article titled CISA reverses course, extends MITRE CVE contract and whose link is https://cyberscoop.com/cisa-reverses-course-extends-mitre-cve-contract/ if you want to read it.

We hope you enjoy the show, thanks so much for listening! And oh yes, the answer to podcast 235 is also revealed too.

Sans episode 13: More vulns and some good out of the bad

Tue, 06 May 2025 00:00:46 GMT

Sans 13 will be releasing after 12, and we're now all caught up.

Welcome to Sans, episode 13. This">https://view.email.sans.org/?qs=6dc4120f1b77a95c7cf4ce4cd833f7454db9893d83c0674e789006dd8cd6812ed7fca17eaacce81bdd8dd2995972b696348c261f745add4e84cbc846682d8a7ee877e6dced0706bf45e756ebdaaf3091">This is the link you'll use to go to the newsletter.

If you use windows, look for the story dealing with remote desktop and their use and acceptance of old passwords that may have been changed. Apple has an RCE dealing with airplay, more breaches and two more British companies hit with a cyberattack.

Sans episode 12: Ouch! May 2025: Common scams we've seen before

Mon, 05 May 2025 20:00:25 GMT

Sans episode 12 is going to cover ouch! and its newsletter. They also just did a podcast too.

How">https://www.sans.org/newsletters/ouch/cybercriminals-exploit-your-emotions/?utm_medium=Email&utm_source=HL-GL&utm_content=1474676_spot_red_flags_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757">How Cybercriminals Exploit Your Emotions is your article. We'll have Sans News Bites coming in the coming days for this past Friday. I think this would be best as sans is lengthy and this may not be too lengthy. Ouch! was debuted in Sans episode 3 before Sans turned in to braille which is working out better for us. I just need to slow down.

TSN episode 10: DOGE and what they're up to

Sat, 03 May 2025 00:00:31 GMT

Lock and Code has a very interesting episode on the DOGE, the department of government efficency. Are they efficient? Is what they're doing legal? Its discussed within this episode you'll hear on the independent channel Saturday at 7 CT for music and 8 CT in the evening for the topic.

News, notes and the landscape as well.

Sans episode 11: more 2024 news out there we're now finding out about

Thu, 01 May 2025 23:00:22 GMT

Welcome to Sans episode 11. This">https://view.email.sans.org/?qs=e1a57787ccf48b69bad6f779276d2ce579777c139d486b992e76ab9f610665531d0543b63785c87f1c9d30b9bf212050c56944926bfe4f400976966986680bbcfeddf9c5f4ef689cf1ced4263e2dc8db8434c12165628f8e">This is the link to the newsletter for Apr 29 if you want to read it.

One of the items in the top of the news covers malicious USB chargers. Make sure you're using your own charger.

I heard about the power outage, but from what I have heard, it may not be cyber related at all.

We have more news on the city in Texas we recently talked about as well.

Make sure you leave your thoughts and we can have them aired.

Sans episode 10: here we go again with more health care breaches

Wed, 30 Apr 2025 12:30:14 GMT

Are we surprised about some of the stories in here? Several breaches and several may not be from any actor at all.

Here are the notes.

I know we're behind with another Sans to be released soon, but we're doing the best we can.

Lots of news including one that I did see an article about on Bleeping but I decided not to cocer it as I don't think the users here use the tool or software.

You can view">https://view.email.sans.org/?qs=d156b8f498db80b16c01cfc8a99db54de0cee1864496cd67ad1b0ebb85cd531ff9c12cebd324005d677cfd3bd5d1b06a7020a353ad15ee4c7c252b20f063d04256783637c912849d22c205c8bc2bf0f5">view the newsletter as a web page and this newsletter is for April 25, 2025.

Sans news bites episode 9

Tue, 29 Apr 2025 00:30:32 GMT

Episode 9 was for the newsletter for April 22nd. There was a comment to the accompanying blog post of one of the stories which was shared by TSB staff during a news notes segment.

Here are the notes for episode 9.

Welcome to episode 9 of Sans. This is for the Newsletter that is released on April 22. Several of these items are on the blog, and this">https://view.email.sans.org/?qs=e408d7e646202b4bf5159051ce27ed075e7e9bca62bb7605eea29fd3ce6542bef88e931db0bdebb0a927ccac6d682e8f2429704936d6b88a8f000f5b2bdadb6fdd02c2de82874e6eb46a26f15b698d16">this is the link to the newsletter you'll need. We hope you enjoy what's news, and we'll see you again on another edition of the program very soon.

TSN episode 9: Apple and the UK

Fri, 25 Apr 2025 22:00:31 GMT

Apple is in hot water with the UK laws indicating they need to have a backdoor in their software so they can see what's going on. Good or bad? This episode talks about some news we may have covered, but if we find other stuff, we're blogging it too if found.

TSB episode 235: open forum

Fri, 25 Apr 2025 07:30:11 GMT

There is going to be some srong language and a topic we try not to make too sexual in this program as sex and tech could mix.

Something airing twice, once as a discussion and once as a things to ponder.

Trivia, news notes and the landscape.

Sans NewsBites for April 18, 2025

Sun, 20 Apr 2025 21:10:07 GMT

Welcome to Sans, episode 8. The CVE program has gotten funding for another year, CISA needs to issue guidance after Oracle's latest disaster and the UK commissioners office is fining a law firm for a breach. Those are the top three stories of this episode. There are 6 others in the rest of the news. Oracle also gets a mention, and so does a company called the Landmark Insurrance company. Check jaredtech.help for some of what we have fund before the newsletter was issued.

Here">https://view.email.sans.org/?qs=480e4cfa3d0abec605627cc2ed396a5fc495dba430393f6a5b47a734fe3a9435b48f4aef28c72d83e9f2ba6ad75bd3d301b9a6ee3c16a9245348a301a8134c2c6d40c35b5ebac16f42fc7e23d3e7e1e5">Here is the link to the April 18th newsletter if you want to follow along.

See you next time!

TSN episode 8: TikTok is not banned yet?

Fri, 18 Apr 2025 23:00:17 GMT

Why is TikTok not banned yet? What is collected there anyway and what is the problem with it?

From episode 384 which was released on Monday, come learn what seems to be the problem. We played the podcast Friday the 11th, as we put it together, but for this audience, we'll go in to a discussion about it.

Sans episode 7: Microsoft, Hertz and More

Thu, 17 Apr 2025 19:00:14 GMT

Welcome to episode 7 of Sans. This">https://view.email.sans.org/?qs=9afad2caee0214f8be073cdcbaffd7d6cc9e6a4e911d1d73f0f3102f20acf07f1b89d7dd614732fe183bca679e49146662e6905c077fe1cc706ce0d9d3ca5b583d3463e36f15d4ff151d4ed73b745473c3c405f656d822bb">This is the link for the newsletter for April 15, 2025.

One of the things I found of interest is the rate of Certs to expire to be 47 days in 5 years. Very interesting. Found something you found of interest? Get in touch.

Thanks for listening!

Sans episode 6: Fortinet needs help, WhatsApp needs updating ... more

Sun, 13 Apr 2025 03:00:13 GMT

Welcome to Sans, episode 6. This">https://view.email.sans.org/?qs=20237604152745c3a8505cf5303ac7f4fe43d81bd4d4ccb4a5a65c3bd2e8c03821ac78c95fec019dabab841f3124326e562dcac84014fc59d33b69d3597a09e45b9947a13b95aec9852f656693e44e2e">This is the link to the newsletter if you wish to read it.

WhatsApp needs updating, Fortinet needs more help, Oracle denies having a breach, and more. Have fun!

We're going to try something different, read the newsletter that is of importance and add our own twist where applicable. After episode 5's mistake, its not worth making that mistake again.

TSN episode 7: are your devices listening?

Sat, 12 Apr 2025 20:42:42 GMT

On a recent Lock and Code podcast, they discuss whether your device i actually listening or not. While I have some initial thoughts, they may change based on what I hear from this podcast.

To join the conversation join us on the independent channel at http://magnatune.jaredrimer.net or email/imessage throwback@986themix.com. If you want your comments aired, let them know and it'll be taken care of.

TSN episode 6: How to protect yourself from social engineering

Sat, 12 Apr 2025 00:00:30 GMT

Gang,

This week, we're going to hear about how to protect yourself from social engineering attacks through the Proofpoint discarded podcast.

You can Go to the magnatune page to find links to listen on Saturday starting at 7 CT, 5 PT.

See you then!

Sans episode 5: UMMC, Apple, the UK and more

Thu, 10 Apr 2025 01:30:17 GMT

Hello gang, welcome to the Sans update from the newsletter for April 8, 2025.

This">https://view.email.sans.org/?qs=a8c8f1dfe2785f921ee2a5fe5035ead56b7fe073f3d5fc1f4f2c8e7971a0374ee04429146ebb9f485a18655db4d31e3aceb33dfe75136c02bc1ef7a5a044d7a7b1ff99f17772db75193ef0c0a3467d9b094f422858c95897">This is the link you'll need to access the newsletter.

If you've spotted something you want to comment on, please call the comment line at (888) 405-7524 and thanks for listening!

tech 383: Android talk and domains

Mon, 07 Apr 2025 21:30:16 GMT

Welcome to program 383 of the Technology blog and podcast series.

On this program, we're going to talk about an article I recently spotted that talks about malware and more abuse of the accessibility of Android for people who are blind or disabled.

This is a Bleeping Computer article and you can also find the blog post on our blog. Search Android accessibility if you wish.

The article is titled New">https://www.bleepingcomputer.com/news/security/new-crocodilus-malware-steals-android-users-crypto-wallet-keys/">New Crocodilus malware steals Android users’ crypto wallet keys if you are an Android user and are interested on what this does.

Finally, we're going to listen to Discarded and the threat research trenches dealing with Takedowns of domains and my thoughts on the domain industry as a whole.

This was aired on Throwback Saturday Night for March 8, 2025.

If you have questions, comments and or want to say hey, feel free to do so. The email is tech at menvi.org as well as imessage. Text/WhatsApp 804-442-6975 and feel free to leave a comment at 888-405-7524. Have fun with this cast!

Sans episode 5: Sans News Apr 4

Sat, 05 Apr 2025 03:30:17 GMT

Episode 5 is just the news bites for April 4, 2025. https://view.email.sans.org/?qs=2a1b51b9ae0bee328944ac35970ec9af0a176952e7e38295ad505b16775b786d5b41c6db58cd9c033854aac48663b94d77c05b9cf302a031f1d72eddd4a9397957d8096981d0014008fab9ba942f5a28 is its link.

Throwback Saturday Night preview episode 5: Dark Net Diaries and the Kill List

Sat, 05 Apr 2025 00:00:25 GMT

There is an apparent site out there where you can pay people to kill people. But is it really true and is it still out there today?

We know there's a paid podcast out there and the stories are quite shocking.

Join Throwback Saturday at 5 PT, 7 CT for music and conversation and Security stuff at 8.

http://www.darknetdiaries.com for dark net diaries.

http://magnatune.jaredrimer.net to listen to the server.

Sans news bites episode 3: Ouch! and the bites for Apr 1

Fri, 04 Apr 2025 19:30:12 GMT

On this episode of Sans, we're going to cover two items. The first, Sans Ouch! newsletter. https://www.sans.org/newsletters/ouch/account-takeovers-emotional-predators/?utm_medium=Email&utm_source=HL-GL&utm_content=1464682_ouch_article_button&utm_campaign=OUCH&utm_rdetail=Global&utm_goal=Community_Growth&utm_type=SSA&is=551b434744de4aefe4d6ece8bf1e298e24df99defd5f7ad7037383755fd2d757 is the link to the newsletter and they talk about social media takeovers and a few scams that you might see.

I do try to keep the spirit of the newsletter but make it my own by making up a story in which you could believe if my account(s) were taken over.

Alsoo in the newsletter, they introduce a new podcast. https://www.sans.org/podcasts/ouch/ is the link, and you can search Sans Ouch! (with the exclaim mark) to find it. Its the first one if you include the exclaim.

For Sans News Bites, the link to that is https://view.email.sans.org/?qs=2d679d7bbfaeb64102bc1d697d3ea79bde17cb508bee7d51ff425742f12bbc42f8e65e8fc776f58583b3340ae69a575df32b84f2ae487258f0180de03fabe871f14948f9d02c256fd23976cfbacab5a8 and as always, you can read what is of interest to you.

Thanks so much for listening, make it a great day!

Sans News bites episode 2 for March 28, 2025

Sat, 29 Mar 2025 19:30:12 GMT

Sans News Bites covers several different items, one of which we've read, another in which we have covered, and another in which might not be surprising.

Have you read the newsletter? What did you think?

If you have not read the newsletter, here">https://view.email.sans.org/?qs=a93c3ebf1ea9caac5b6981b78d834685e0662448439563b9098ea40f1f5dfb4e58d82edd90a7b75366d9e35fa3e240fc71de7dcba9b9d3907685d787d00f858e26ce086bcb663763a58270e2103023190adf2b30db0e328b">here you go. Have a great day, and see you soon!

Throwback Saturday Night's security hour, episode 4

Fri, 28 Mar 2025 23:50:08 GMT

Here, I talk about what's going on this week. We take the Cyber Wire Daily episode dealing with highjacking. More specificly, remote hijacking.

News, notes and the landscape too.

Sans News bites episode 1: a wordpress plug in needs to be updated, chrome and more

Wed, 26 Mar 2025 16:00:32 GMT

Sans News bites is going to be a news specific thing where we go through the newsletter and tell you what might be big from within it.

Here">https://view.email.sans.org/?qs=31db83278ea7bc191ebc9de98fb22ea413065346a3ba7095d2eb0f7a5640deba06764173c87ac4597e25dd6e77af58c2e3fdd5ecb14d6522005f56ecaa90b02c6e1826492158dd7121d788f2242fc9d1">Here is the link for March 25, 2025 and we hope you check it out to see what is of importance.

This short podcast will be released Wednesday and Saturday and this will give us time to get it read and recorded.

See you next time!

TSN 3: LLMS and scams?

Sat, 22 Mar 2025 00:00:24 GMT

While calling Preston one day, I heard about a podcast through N2K networks called the Fight Files. It covers AI and tech and the legal aspect of all of this. Listen to this 50 minute podcast as we wlearn about services that are used to make this possible.

The Independent channel will have the program at 5 pm PT, 7 CT and it'll be available through podcast through this link. We hope you can join!

TSB podcast 231: Encrypthub

Thu, 20 Mar 2025 18:30:10 GMT

Welcome to podcast 231. On this podcast, a very interesting ransomware program out there called EncryptHub. What can it do? This is bad in its own way. News, notes, trivia answers and more.

EncryptHub">https://www.bleepingcomputer.com/news/security/encrypthub-breaches-618-orgs-to-deploy-infostealers-ransomware/">EncryptHub breaches 618 orgs to deploy infostealers, ransomware is the article from Bleeping Computer. This may be the new type of Ransomware, and if so, this could be very bad.

Have you read this article or the blog post on it that I wrote?

The Technology blog and podcast, podcast 381: Trend Micro, a man getting potential prison and more

Mon, 17 Mar 2025 16:00:44 GMT

Hello folks, welcome to program 381 of the technology blog and podcast series. We are going to start with an interesting video with Trend Micro that talks about customer success. Making sure customers are happy is the key to having a successful company, and this does not matter what the business is.

Next, in our first article we're going to talk about, we're talking about one that should really have more of a punishment than 10 years. The article talks about a guy who basicly sabotoged his former employer after he got terminated. Thinking that he wouldn't be caught at whatever he got caught doing, he put in a kill switch which disabled the company computer network.

If you read the article titled Developer">https://www.bleepingcomputer.com/news/security/developer-guilty-of-using-kill-switch-to-sabotage-employers-systems/">Developer guilty of using kill switch to sabotage employer's systems from Bleeping Computer, what did you think of it? Do you agree with the 10 years he ould get if found guilty? Why or why not? Email, imessage, text, WhatsApp or call and leave a comment on the comment line. Let me know if your comments should be aired.

Microsoft">https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/">Microsoft: 6 Zero-Days in March 2025 Patch Tuesday comesfrom Krebs On security as we have a segment on Windows Update. If you can, get those updates going.

Email/Imessage tech at menvi.org

text/WhatsApp: 804-442-6975

Leave a message or talk to me: (888) 405-7524 or (818) 527-4754.

Enjoy the program!

TSN episode 2: Kim Komando

Sat, 15 Mar 2025 00:00:14 GMT

Lots of varying things coming from Kim Komando including a word not to use because its in scams, a DJI drone hit a plane used to deal with firefighting and much more.

TSB 230: Darcula, the next biggest threat

Thu, 13 Mar 2025 20:50:07 GMT

With the trivia, note that we can accept multiple answers today. Those who guessed already can't change their answers.

Welcome to program 230 of the Security Box. I can't believe we've made it to program 230, but here we are. Between this milestone, and the relaunch of the tech podcast releasing 380, this is going to get very interesting. On this edition of the program, we're going to hear from Preston in regards to one of the newsletters from Kim Komando. We're going to hear from Trend Micro about the threat landscape thanks to one of their podcasts through Youtube, and we also have an interesting video about a London Story with a guy climbing Big Ben. Yes, its not security related, but you'll see why we've included it here and i'll talk about it for those who did not see it.

If you'd like to watch this, let us know what's going on. We know it is a demonstration and I have no problem with it, but doing this with no shoes? Here">https://www.youtube.com/watch?v=SIkowhcFdfE">Here is the video from a news source if you wish to take a look.

Phishing">https://technology.jaredrimer.net/2025/02/20/phishing-as-a-service-darcula-may-become-the-next-best-thing/">Phishing as a service Darcula may become the next best thing is the blog post that leads to the article in which we're going to use. This is one of a few items that we will need to watch.

The Technology podcast, program 380: New Ideas for the program

Mon, 10 Mar 2025 16:30:16 GMT

Hello tech podcast subscribers. This has been awhile in the making, as i've been thinking of this podcast for awhile. I've already got some things lined up, but since now I can schedule items, I can put podcasts out once a week and have them dated too.

So now this feed has three items:

The Tech podcast

News on the security hour for throwback saturday night

Each show has a set release schedule. This program will be on Mondays. TSB on Thursday or Friday, 24-48 hours of it being recorded live on the independent channel. TSN, short for Throwback Saturday Night will be released 24 hours before airing on the independent channel talking about what we'll talk about on the show.

On this program, I'll talk about my ideas for the tech program, and we'll talk about the RSS feed and why it has changed from Anchor to where it is.

Where is it now, you say? We're on the plan for networks on a web site called rss.com">http://ww.rss.com">rss.com. Learn more about what they're offering.

I hope that this finds you well, and we'll see you on another edition of the program! This is going to be quite interesting and fun.

Throwback Saturday Night Security hour, episode 1: March 8, 2025

Sat, 08 Mar 2025 02:00:24 GMT

Discarded comes along this time and we're listening to how the defenders take down domains which may or may not lead to arrests. Its a disruption tactic which can work in examples given in the podcast.

TSB 229: Evading Antivirus Again?

Thu, 06 Mar 2025 19:40:07 GMT

Welcome to the security box, podcast 229. On this podcast, we've got three trivia questions from one Kim Komando Newsletter, we've got the news notes and landscape, and a topic dealing with a country that is messing with more stuff with something we definitely need to be aware of.

According to KMOX, identity theft is up. Here's">https://www.ivoox.com/en/identity-theft-resource-center-reports-massive-spike-in-audios-mp3_rf_127374273_1.html">Here's a link to the podcast from the identity resource center.

There is something out there called APV. Chinese">https://technology.jaredrimer.net/2025/02/18/chinese-hackers-are-abusing-more-microsoft-stuff/">Chinese hackers are abusing more Microsoft stuff leads to a blog that talks about this APV thing. Don't worry, if you think this is bad, than you haven't been reading the blog. We have more topics picked out so you'll want to give this a look and stay tuned to more podcasts for other topics that could be similar to this that you need to know about.

The Security box, program 228: What is going on with TLDs today?

Thu, 27 Feb 2025 19:00:41 GMT

Welcome to the Security box, podcast 228 for the last week of February. With 28 days in February, this will be the last podcast of the month. I can't believe it! On this podcast we're going to cover news, notes, the landscape and thanks to the Pennsylvania">https://patf.us/">Pennsylvania Assistive Technology Foundation we're bringing you a webinar that you're going to get something out of that talks about identity theft. We'll also talk about domains. Yes, we're seeing ones that were talked about in the past in new twists, so we better rehash this topic and talk about how you can stay safe.

The Security Box, podcast 227: Lifelock

Thu, 20 Feb 2025 13:00:32 GMT

Welcome to podcast 227 of the Security box. On this program, we're going to talk about Lifelock. They're now promoting how good their services are, but yet, we found a program through A&E and other channels. Let's see what you think. Also, there are going to be different findings either on Youtube or other places talking about experiences.

Bug">https://technology.jaredrimer.net/2018/07/25/bug-in-lifelock-exposes-millions/">Bug in lifelock exposes millions July 25, 2018

The">https://technology.jaredrimer.net/2023/01/18/the-fcc-is-to-strengthen-breach-notifications-it-cant-come-soon-enough/">The FCC is to strengthen breach notifications … it can’t come soon enough uly 18, 2023

Lastpass">https://technology.jaredrimer.net/2023/01/17/lastpass-is-not-the-only-one-target-norton-life-lock-is-now-the-next-victim/">Lastpass is not the only one target, Norton Life Lock is now the next victim January 17, 2023

TSB 225: Mastercard and its stupidity

Wed, 05 Feb 2025 23:01:36 GMT

Welcome to the security box, podcast 225. On this program, we're going to talk about a company that earned our stupid fuck award for January. We'll also cover the news, notes, landscape and more. Newsy items

Not that we care, but Microsoft Defender is disabling VPN. Microsoft kills of Defender Privacy protection VPN services for more.
Deep Seek is being abused, not much of a surprise here, but worth looking at. Should this not be surprising, DeepSeek now being abused for more.
Gemini and other tools are being abused, and some have been abused more than others. Enter the AI aspect of these tools and we've penned an article titled Gemini AI tools are being abused … so are others if you want to read it.
Globe Life is yet another breach with yet another update. Globe life confirms breach after investigation, 850k more affected if you wish.
Meta is in Chaos mode, it seems should not be surprising to some, maybe surprising to others. You decide.
Tata tech hit with ransomware
You’ve got to be kidding me … another two databases open but now closed? if you've not read it already.

Who got charged this podcast?

A Canadian Man got charged this month with pilfering $65m in Crypto. Our blog post Canadian man charged with stealing $65m using crypto exploits has the entire details.

Who got our stupid fuck award in January we're talking about now? We mentioned this as part of podcast 224, but it became our topic. Its the Krebs On Security article MasterCard DNS Error Went Unnoticed for Years which really is stupid. We'll stop to explain some things on the way, and we hope this leads to some great conversations. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 224: A day in the life as a voice phisher

Wed, 29 Jan 2025 23:26:45 GMT

Hello gang, welcome to podcast 224 of the security box. On this program, we're going to talk a little bit about something I spotted through Brian Krebs, an article that really goes in to how voice phishing really works. Also, we'll cover the news and landscape, with a brand new model which started a discussion from within the group which I saw a few items on and we'll see what else comes along. Our topic: Voice Phishing Have you read this interesting article titled A Day in the Life of a Prolific Voice Phishing Crew by Brian Krebs before? Its going to lead our discussion. Talk about an insight, this article I think does it. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 223: Q4 Social Media

Thu, 23 Jan 2025 00:37:30 GMT

I realize in one part of the intro I said 2024, but another I said 2025 as I wrote the show notes intro which were read. Sorry about that!

Hello folks, welcome to program number 223 for Wednesday, January 22, 2025. Its already been a busy month, and now its time to tackle our first topic dealing with a Q4 report from Phishlabs. We also have news, notes, the landscape and we also will talk about our new blog post talking about the stupid fucks of the year. Contact info will always be given throughout the program.

Our topic: Risky social media For the first major topic of 2025, an article talking about a Q4 report that Phishlabs did. Riskiest Social Media Platforms, Q4 2024 is tthe article. This is going to get very interesting. Please find full show notes including links to some of the news we talk about on our blog.

Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 222: Scams and natural disasters

Wed, 15 Jan 2025 22:05:31 GMT

Hello folks, welcome to podcast 222. This week, we take a look at the fact that we in California have had it bad in some counties and what scammers are up to. This is unfortunate, and while I'm in California, I think the bad news of what they are doing will not help. Here are some resources and articles covering the ordeal.

For complete details, please visit some of these news sites in no particular order:

The list here is not exhaustive and you can find other news sites that might cover this. Always use thes or other news sites to get your news, and also social media you trust with these and other sources you trust. Want to help out? Here's the link to the red cross. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 221: Happy New Year!

Thu, 09 Jan 2025 19:43:43 GMT

missing description

TSB podcast 220 for Dec 18, 2024

Sat, 21 Dec 2024 21:06:56 GMT

Sorry we're late on this, other commitments. We've got the news, the landscape and much more as the team takes the rest of the year off. Next scheduled program will be on January 8th. Happy new year!

TSB 219: 3 trivia questions and lots in the landscape

Fri, 06 Dec 2024 22:38:01 GMT

Lots of stuff in the landscape. Three thrivia questions and no show next week. We'll have one more in 2 weeks.

TSB 218: open forum

Wed, 20 Nov 2024 23:46:52 GMT

News, notes and the landscape. Other odds and ends too including a trivia question. (888) 405-7524 or 818-527-4754 iss the way to participate or use other contact info during the show.

TSB podcast 217: What the hell is the braille space and why is it being discussed?

Fri, 15 Nov 2024 17:42:39 GMT

Hello folks, welcome to the security box, podcast 217. Its been a long time since we did how notes, as NCSAM doesn't necessarily need show notes per see. We've got a great topic on something I blogged and we talked about awhile back about the braille space. No, not the way braille is written as you know it, but a hexidecimal character used to cause havoc. We'll explain on this podcast. Besides that, we're going to have the news, the notes, the landscape, answers to trivia and more. Please feel free to participate. Starting with this podcast, we're going to have our click to call wigit available so you can feel free to use it to call the comment line and leave your message or talk to us, depending on availability. Thanks so much for listening to the program, and we hope you enjoy! The braille space When writing braille, it is no different than writing print. But braille can be written with hexidecimal characters just like other languages using a computer keyboard. We found an article talking about the fact that this braille character is used to actually hide file extensions, amking you think you're opening one type of file, but opening another. On September 16, 2024: Robert Stepp responded to the email I sent him iquiring to the braille space as a character, and he wrote the following. Hi, There is nothing special about a "braille" space. The 0x2800 character is simply a space in the 8-dot braille page of Unicode (three bytes in UTF-8). Apparently 0x2800 is interesting because is shows as nothing but is parsed as non-whitespace. A bogus filename SomeName.pdfxxxxxxxxxxxxxxxxxxxx.hta where x is the braille space, when written to a FileName box (whose length is too short to show the final .hta without scrolling) appears to be a .pdf file when it is actually a .hta (private malware) file. Any Unicode character, not known by Windows controls to be whitespace (space, thin-space, zero-width- space, etc) would work just as well for this visualization spoof. To read the entire blog post including the article which will lead to our discussion, I did not know there was something called a braille space is the article in which I wrote, linking to the article from Bleeping Computer. For those that just want to dive in to the Bleeping computer article, Windows vulnerability abused braille “spaces” in zero-day attacks will be your article. Thanks Bob for your great insite! Its much appreciated. Contacting the podcast If you would like to contact the podcast folk, please use the following info which goes to Jared and can be shared with the rest of the contributors as needed:

Email/imessage: jaredrimer@986themix.com or tech@menvi.org which go to Jared.
Text or WhatsApp: 804-442-6975
Call the comment line at (888) 405-7524 or use the click to call button located in the show notes. If available, Jared can take your call below. You may also call long distance by calling (818) 527-4754.

TSB 216 reissue

Fri, 15 Nov 2024 17:36:20 GMT

This is a reissue. Unfortunately, it has come to my attention that the podcast was only 7 seconds, and I don't know why. So we're retrying the program upload again.

On this program, we've got the news, the notes and the landscape. We've got the book discussion and what we think. We apologize for the inconvenience this causes you!

More later.

The Security box, podcast 216

Thu, 07 Nov 2024 18:24:16 GMT

On this episode, we're going to cover the landscape, the news, the notes and even a very interesting email we got. Is this really a writer? I think not.

Want to participate during the trivia? Call (888) 405-7524 or (818) 527-4754.

No purchase necessary, learning is the key. Enjoy the show!

TSB 215: Lots of stuff including news, notes, the landscape, credit cards and more

Wed, 30 Oct 2024 23:31:14 GMT

Wooo! This podcast is packed!

On this edition of the podcast, we've got tons of topics including one we wrote about prior to going on air. We're going to cover the landscape and things that Nick has wanted to comment on since he missed a few weeks, participating only through SMS.

We even have a replay of a 36 minute segment from podcast 193 where we take you through the setting up of virutal cards on Capital One's app.

I hope that each and every one of you have enjoyed this extended version of the show as much as we have bringing it together for you.

Next week, books. We'll see you then!

The Security box, podcast 214: NCSAM continues with social media and more

Sat, 26 Oct 2024 17:54:25 GMT

Sorry for the late release. If I put this up before, I apologize for the inconvenience.

We talk about all kinds of stuff including our aforemention topic of social media.

We hope you enjoy the program.

The security box, podcast 213: upgrading software

Thu, 17 Oct 2024 18:00:06 GMT

Upgrading software is important. But sometimes it may not be so good, and we discuss thoughts as part of NCSAM. Trivia and more on this edition of the program.

The Security box, program 212: week 2 of NCSAM: scams

Thu, 10 Oct 2024 16:15:18 GMT

Scams are everywhere. We break down an article we found, talk about the news and the landscape and much more. We hope you enjoy the program.

TSB 211: week 1 of the 2024 NCSAM discussion

Thu, 03 Oct 2024 21:23:11 GMT

On this podcast, passwords, password managers, news, notes, multi-factor and more. Thanks for joining!

The Security box, podcast 210: OCR can be used for bad?

Fri, 27 Sep 2024 16:49:13 GMT

Hello folks, welcome to program number 210 of the security box. What do you think when it comes to OCR? If you're disabled, you know that it helps you identify print in to spoken word for you to know what is on the printed page. However, this is not what we're talking about. OCR is now being used to get information, and it may be information you don't want escaping. Besides this topic, we're going to have the news, the notes, and the landscape as well. We appreciate those of you who are downloading and listening to our podcast whether its through RSS, the direct links we provide through TSB's directory or blog, or even if you listen through replays through your respective channel or the independent channel directly. OCR used for bad Yes, we said OCR for bad. This is bad. How many Android applications are known to be using something to steal Crypto currency? is the blog post which leads to the article Found: 280 Android apps that use OCR to steal cryptocurrency credentials. I guess we'll have to see what happens with this, but if this is any indication, Android is going to be a big breed and IOS may end up following in their own way too. Stay tuned! Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 209: Volt Typhoon is back in the news

Fri, 20 Sep 2024 17:39:46 GMT

Welcome to the Security box, podcast 209. On this program, we'll do questions by hand, and some will be from the news. Of course besides the news, we've got to talk about Volt Typhoon again. If anyone has any questions we can answer, we'll do that as well. Volt Typhoon in the news again KrebsOn Security takes on a journey of New 0-Day Attacks Linked to China’s ‘Volt Typhoon’. which caught our attention. I wrote this up, in a way I think is fair, as we take the article apart. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 208 for Sept 11, 2024

Thu, 12 Sep 2024 01:36:37 GMT

missing description

The Security box, podcast 207: open forum

Wed, 04 Sep 2024 23:40:11 GMT

Open forum, an a very interesting set of emails.

The Security box, podcast 206: EDR Kill Shifter

Wed, 28 Aug 2024 22:14:24 GMT

Hello, welcome to program number 206. We've got tons of questions that could lead our news discussion, we've got an interesting discussion on a type of malware that could be disruptive and Antivirus may not help and more. Here are the questions.

What happens when someone decides to be a complete moron? We talk about it, and this story is just out of this world. Who was it, what did they do, and how much trouble will he be in?
Next, what happened to a telecom company who also did moronic things who also deserves our moron of the podcast?
What type of technique has been around since 2017 and is now being used for delivering something we've been talking about for a number of years now?
Who in Russia recently got arrested because he stole from a certain ransomware group? Name the group, and while we don't know the suspect, name him by the initials given within the article.
Speaking of arrests, which new ransomeware group which was once known as Conti had a member arrested? What was his position? What is his fine as a minimum and what might his prison sentence as a minimum according to the article be?
What type of malware is now going to break records if last year's number was 1.1 billion dollars alone? What was it that I thought could be the number for this year based on last year's number and what was the percentage?
Finally for our topic, what new ransomware might we be talking about this time, that kills a certain type of antivirus protection?

I hope that you enjoy the program as much as we are bringing it together. Thanks for listening and make it a great day! Our complete morons of the podcast Get a load of this for our first moron. This guy's name is Jesse Kipf and he's got a wrapsheet. Man sentenced for hacking registry to fake his own death is the first blog post and it did get a comment from Shaun. But that wasn't all. Once I went on Ars Technica, I found We’ve got more on the dad who refused to pay child support which I blogged after reading the story. On page 2 of the story, it talks about the wrapsheet he's going to face. Speaking of facing wrapsheets, Karakurt negociater arrested, sent to U.S. could be talked about because of that potential sentencing for the suspect, but we'll have to see about that. Speaking of morons, Telecommunications company to pay 1 million dollars should be read if you haven't read it already. We even found >Here’s more on the lingo telecom fiasco which has an update. Our Topic EDR Kill Shifter Our topic is quite interesting and one in which we also need to talk about. Ransomware gang deploys malware that kills security programs is the blog post in which we talk about this and it leads to the article. It leads to the article itself Ransomware gang deploys new malware to kill security software which comes to us from Bleeping computer. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, Magniber is back, old decryptors don’t work is the blog post that people can read. It leads to this article titled Magniber ransomware targets home users. This article leads to another article from Bleeping computer, so there's no need for us to link to it. We also talk about the reorganization of 6 different items. But wait, we even talk about our guide we wrote on how to check links if the malicious things you get are by links. Getting Link information via access technology is the link. Please utalize it! Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 204 for August 14, 2024

Thu, 15 Aug 2024 20:06:17 GMT

Welcome to the security box, podcast 204. What big story is coming out about a company who has apparently gained access to tons of data illegally? The names, potential relative information, possible address information and social security numbers may be affected. Our topic today talks about how IT workers are getting hit with a new ransomware strain called Rino. All of this as well as the news, notes, questions and comments from any participents that may come in. The next possible biggest breach There's a lot of conflicting information, especially when it comes to which particular group supposedly hacked the company to begin with. This particular incident reminds me of the OPM breach of 2018. search the blog for opm breach Here are our blog posts which talk about the subject as of writing these notes. There's still a lot for us to learn.

We’ve got more on this NPD databreach was written on august 11, 2024 and it links to a Bleeping Computer article. There are a lot of questions here including the exact number of people and the fact that there are conflicts within the data that was seen by the publication.
2.9 billion users, National public data gained data illegally is the blog post that links to the hackread article that Kim Komando linked to within her newsletter. This one talks about a lawsuit and that lawsuit deals with the fact that this company got the info illegally and orders the court to delete the illegal data. We highlighted this article on the Throwback Saturday Night program for August 10th. The RSS for that show is on this link.

What is Sharp Rino? Ransomware gangs target IT workers with sharp rino malware is the blog post which leads to today's discussion from Bleeping Computer titled Ransomware gang targets IT workers with new SharpRhino malware which should be a very interesting discussion. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 203: Data breach victims up 1k percent thanks to a study

Wed, 07 Aug 2024 23:28:33 GMT

What is the number of percentage points that we recently saw when it came to our data being pilfered as victims go? What email seems to be making a comeback that we've not seen in a number of years, yet a customer of mine has gotten two of them within days of each other? What might be the subject matter of these emails and what are they trying to get this customer to do? Hint, its something we talked about probably in 2018 when The Mix and the JRN got these types of emails. Besides all of these questions, we're going to cover the landscape and some of what we've blogged or spotted in the news. We hope that you enjoy the program, and thanks for listening! What percentage of victims are up when it comes to Data Breaches? We blogged our thoughts on this topic, as well as linked to the original Article thanks to MalwareBytes. The number is staggering, although it would be a lot less percentage wise except for a couple of breaches as part of a Q2 report. If you guessed close to 500 percent, you're not far off, that number is only there at 490% without the breaches at Snowflake and other companies. The correct answer is 1,000% and we played the article as part of Saturday's Throwback Saturday Night program. Here is the link to their RSS. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The security box, podcast 202: the CFAA, revisited

Wed, 31 Jul 2024 22:34:25 GMT

On podcast 202 of the Security box, we revisit a topic that we think isn't doing any good today. That is, the Computer Fraud and Abuse Act. We take from Wikipedia's article discussing it, and we discuss whether its worth having it or doing something else.

We also covered the news and the landscape, and yes, we had people out and about this week. We push on.

Enjoy the program and thanks for listening!

Thanks to our affiliates for playing our program, and those that provide the content for publishing it. See you next time!

The Security box, podcast 201: traffic lights and controlers on the Internet

Sun, 28 Jul 2024 20:37:14 GMT

Hello folks, welcome to the security box. There might be a light news week this week, but we do have now a topic which came out of something read over the weekend. Traffic lights on the Internet. We'll cover what news and notes we have, then dive right in to our topic and answer anything people have. Traffic lights Hackers could create traffic jams thanks to flaw in traffic light controller, researcher says is the article, we're taking from and it was read this weekend that passed. This is one of those theoretical things, and one that could be out there. The researchers were slapped with a legal threat with one company, was that right or wrong?

The Security box, podcast 200: Our 4th year anniversary show

Thu, 18 Jul 2024 14:19:16 GMT

Hello folks, welcome to program 200. On this edition, we're going to cover the landscape, one of the biggest breaches that will possibly affect everyone in one form or another, as well as hear from participents on what they found of value from the last 4 years. Thanks so much for listening! AT&T breach Snowflake is going to be the biggest talk in town. One of the biggest carriers got hit by this disaster. Here are blog posts that might be of interest.

Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 199: Don't be Blinded by Snowblind

Thu, 11 Jul 2024 16:19:37 GMT

Hello folks, welcome to the security box. On this edition of the podcast, we're going to talk about something called Snowblind. We also have news, notes, te landscape; and something I heard via a podcast that we can discuss in regards to scams. We also have a laugh that might have you laughing as well. We hope you enjoy the program! How about a laugh We have a good one that we will read. Its not necessarily tech related, but worth the share. We even have a comment on it by Shaun. Here's the link to the blog post. I hope you enjoy! Don't be Blinded by Snowblind Our topic this week comes to us from Bleeping Computer Here's my blog post and here is the article we'll be taking from.

The Security box, podcast 198: Week 2 of the 2 weeks of open forum

Thu, 04 Jul 2024 19:31:45 GMT

Hello folks, welcome to the security box. On this program, an open forum full of stuff from scams, to articles on the blog and the most important ones of those. Hope you enjoy the program. Running time, 4 hrs, 5 minutes.

The Security box, podcast 197 intermediate a: The Language of the Business

Thu, 04 Jul 2024 19:25:53 GMT

Welcome to podcast 197, intermediate A. J Wolfgang Goerlich is along with a very interesting talk. While I've not listened to it in full, I did think of putting this out as it talks about risk. Maybe its a risk you don't know much about, so let's learn together. J Wolfgang Goerlich: My RSA talk is up. Join me in dismantling the myth of the weakest link, and building human-centric and human-first security programs. The Language of the Business: Applying Behavior Science for Risk Management https://www.youtube.com/watch?v=BFkM9FxTP8g link to the video

The Security box, podcast 197: week 1 of two for open forum

Thu, 27 Jun 2024 02:20:35 GMT

We realize after the podcast was created that we did not put the file in for thanking our affiliates. This was an oversite and that should not happen again.

The podcast had lots of discussion though, and I hope you enjoy it. We'll have another week of open forum, next week. We hope you enjoy.

The Security Box, podcast 195: What Are .env Files and why should I care?

Fri, 14 Jun 2024 03:10:51 GMT

Hello folks, welcome to podcast 195 of the security box. Let's start off with a set of questions that came out of something we did not cover as part of last week's box. If you listen via the podcast, please submit your guesses before the answers are revealed. I'll personally give you credit where credit is due, and we can work out what you will get upon correct answers. The questions are: What 8 companies, 1 of which was part of the big ticket master breach were attacked? What small time actor group took responsibility for these 8 company attacks?which two companies disputed the hack? Finally, what was the most recent company that came out with confirming they were part of the actors fiasco? We also are going to cover the news, the landscape, Lastpass' recent fiasco that can happen to anyone and more. Our topic this week will be the talking about environment files that are used to store secrets including keys, usernames and passwords. Apparently these files, known as .env files are wide open and can be taken for use. Enjoy the program and thanks so much for listening! Our Scam of the Week Kelly, formerly Kelly Services has been targeting users who know the JRN's work. Kelly informed the JRN that this scam has been going around in this form for at least 5 months. The first report came from TSB's participant, Preston Gaylor. The second came from another subscriber who assists me in another capacity. Please read this blog post titled New scam from work provider, Kelly (formerly Kelly Services) for complete details on this. We link to the official web site where you too, can alert them about this scam. The representative informed me that they have over 500 copies of this and asked about the version that is going around. We'll be discussing this as part of the program, don't worry! Our Question If you intend to play, please do not look at the answers given below. We also are linking to sources of further reading too. Our Question What 8 companies, 1 of which was part of the big ticket master breach were attacked? What small time actor group took responsibility for these 8 company attacks?which two companies disputed the hack? Finally, what was the most recent company that came out with confirming they were part of the actors fiasco? The Answer: Skip if you intend to participate and win Answer: Snowflake, Anheuser-Busch, State Farm, Mitsubishi, Progressive, Neiman Marcus, Allstate, and Advance Auto Parts. Progressive and Mitsubishi disputed the threat actor’s claims while Advance Auto Parts recently came out with details of their breach. Sources from the blog:

The links lead to our blog, where you can read more. Lastpass needs a break here, this can happen to anyone This can happen to anyone. While people want to jump ship because of this most recent outage, I don't blame them. It turns out, it was because of their chrome extension that somehow went completely ape and could have sent a DDOS attack. I don't want to go that far, but it was a 12-hour outage if not longer. I recently had to sign in and I was successful, and this happened on Thursday, June 6, 2024. Over 90 malicious Android apps with 5.5M installs found on Google Play

Is Your Computer Part of ‘The Largest Botnet Ever?’

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Chinese national arrested for operating proxy service linked to billions in cybercrime

Police seize over 100 malware loader servers, arrest four cybercriminals

Microsoft: Windows 11 preview update causes taskbar crashes

Live Nation finally confirms massive Ticketmaster data breach

macOS version of elusive 'LightSpy' spyware tool discovered

TikTok vaguely disputes report that it’s making a US-only app

X tweaks rules to formally allow adult content

Crooks threaten to leak 3B personal records 'stolen from background check firm'

Data firm execs convicted for helping fraudsters target the elderly

Section 230 Lawmakers say Section 230 repeal will protect children—opponents predict chaos is a two page article on the subject of section 230 and its potential update. We'll try to do our best and give you a fair balance of both sides. If you have not read this, what do you think? Other coverage from the blog on section 230

The Security box, podcast 193: a discussion on AI and tools for the disabled

Thu, 30 May 2024 17:31:24 GMT

Hello folks, welcome to the security box, podcast 193. On this program, we're going to talk in an open forum about AI. We'll find some articles, but we aren't going to cover articles in full but in passing. We'll also cover the news, the landscape and more including a demo on the capital one application and virtual cards. Things to ponder

Capital One has added the ability of doing virtual cards to their mobile application. You can still use the Eno extension, but I never got that to work, so I've set up one for a demo and will be moving to merchant specific cards for better security.
Have I Been Pwned has a couple of updates while Exposed doesn't. Both sites are good for what they do, and both should be checked if you're interested.
Kim Komando is reporting that Vapes are being sent through the mail through secret words. Parents, check those packages. If an article is found on this, I'll be sure to publish it. Still think TikTok is safe to use?

News Lots of different things the news could bring up, some of which will be listed below.

AI articles These are more recent AI articles, but there are plenty of others we either don't have or don't know about. This section is going to be in open forum format.

AI companies promise to protect our elections. Will they live up to their pledges? Cyberscoop
Three bills governing AI in elections pass Senate committee Cyberscoop
AI gives new life to old scam targeting seniors KNX 1070 97.1 FM
FBI arrests man, charged with generating AI Child Abuse Mater

The Security box, podcast 192: Open Forum

Wed, 22 May 2024 23:51:29 GMT

Hello folks, welcome to program 192 of the security box. This week, its going to be an open forum. We'll cover the news, we'll answer any questions that people have, and we'll traverse the landscape. No major topic, but a big piece of news about an arrest. News, Notes and the landscape Incognito The biggest news coming out of the landscape is incognito's demise for good. the main man was arrested at a New York Airport. If convicted, he's going to spend a lot of time in jail. Each article is written a bit differently, and we want to be fair in our coverage and give you different perspectives.

Owner of Incognito dark web drugs market arrested in New York Bleeping Computer
The Press Release from the Justice Department: “Incognito Market” Owner Arrested for Operating One of the Largest Illegal Narcotics Marketplaces on the Internet The Justice Department
23-year-old man accused of running $100 million online narcotics marketplace | Ars Technica. Ars Technica

AI CSAM This blew my mind. I don't know about anyone else, but this was wild. FBI Arrests Man For Generating AI Child Sexual Abuse Imagery comes from 404 media. This will prove that doing something like this, even if you start with other perps will eventually get you in trouble. An Arrest out of Arizona Arizona woman arrested and charged in North Korean IT worker scheme comes to us from Cyberscoop. She was not alone, there's another suspect mentioned and it goes in to details on who gets what if convicted. More potential news The following are linked from the blog. Accompanying articles are linked within.

Our Things to ponder segment It seems as though Better Help is more in trouble than we thought. Besides the potential breaches, we spotted a video that talks about all kinds of stuff. Its 16 minutes, but I feel that this is of value. This is the link to the Youtube Video that we linked to from our blog post. If you want to see it, you may. This came from the mastodon account, Today I learned. Also read: Better help shares data to facebook as this is mentioned in the video. Our complete moron of the podcast This has to be the moron of the podcast. While you can carry around cards like drivers licenses digitlly, this guy who is named in the article did not. He also either stopped after starting a chase, or the owner was able through the app to stop the truck. Besides theft, the suspect has no license at all. Nice going! Black Basta breached over 500 organizations to date

https://technology.jaredrimer.net/2024/05/10/del-computers-had-a-databreach/

So … What’s going on with the vistamo guy and his sentence?

So, is lockbitsupp completely wrong in him saying they have the wrong man?

What’s going on with Ascension ?

Lockbit is still out there, sent through other network

Lax Dam Cybersecurity I thought we blogged this, but it looks like we did not. Luckily for searching this out as I knew I had it in my inbox, the article comes from Cyberscoop. The article is titled Congress sounds alarm on lax dam cybersecurity which was a good one. If you read the article, what did you think? Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 190: Is Age Verification Legal?The Security box, podcast 190: Is Age Verification Legal?

Wed, 08 May 2024 23:22:02 GMT

Hello everyone, welcome to podcast 190 of the security box. The big question is here on this week's podcast, and it is: "Is Age Verification legal?" Besides finding out the answer to this, we'll have the news, the notes and the landscape. Hope you'll enjoy the show as much as we are bringing it to you. LockbitSupp identified Huge news coming out of the press in regards to the mastermind of Lockbit. Don't be surprised if you find more coverage, but these are the articles from our sources.

LockBit ransomware admin identified, sanctioned in US, UK, Australia Bleeping Computer
LockBit gang leader exposed in FBI ransomware breakthrough CyberNews
U.S. Charges Russian Man as Boss of LockBit Ransomware Group KrebsOnSecurity
Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been ID’d Ars Technica

As stated, there may be more than this around the web and the JRN will be blogging two, possibly all three or more if we find them. In the second, we not only know who he is, but what he's charged with. At the time of writing this in to the show notes, the JRN has not read Brian's article yet and only spotted signs of it on Mastodon as he does. Other Newsy things from the blog These items may be braught up as part of the blog and news segment. They are in no particular order.

There may be others not listed here, and this could be a subset. Is Age Verification Legal? This segment may contain adult themes. According to an article that was read and blogged, age verification has been found to be legal. With Coppa in various parts of the world, and sites that need to make sure they're dealing with adults per content law, we think that this is a clear and cut open and closed case. But how do we do this now that most do the bear minimum but yet nothing in place to verify anything entered? For example, staff that do this show could say they're over age on a site like Live Journal when for example, the mix opened its blog there but yet the mix was not even of age. This could be an example used. What to read

Age Verification is lawful the technology blog and podcast
Court makes it clear – age verification on adult sites is constitutional Cybernews

What do you think? If this i

The Technology podcast, podcast 379: Xposedornot.com

Fri, 03 May 2024 21:50:25 GMT

missing description

TSB 189: eSIM and Sim Swapping

Thu, 02 May 2024 00:44:35 GMT

Hello everyone, welcome to the security box, podcast 189. On this program, we're going to cover news and notes, the landscape and esim whcih may or may not be as secure as you think. ESIM and sim swapping ESIM is relatively new, but one of my buddies has it. He says its much better since you don't need a Sim card. But is it? The blog post is titled E-sim is not as safe as you think and the article is titled SIM swappers hijacking phone numbers in eSIM attacks. We'll take the most important paragraphs I think, but the article is linked here. And now that we have the RSS working to show HTML, you can now follow along through RSS too. Woohoo! Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security Box, podcast 188: Incogni

Wed, 24 Apr 2024 23:06:45 GMT

Incogni claims that it can remove your personal info. How? We'll talk about it with an article that talked about them and I'll talk about where the JRN first heard of this valuable service. We'll also talk about the news, any notes, we've got corrections to xposedornot.com and the work I'm doing with them as testing is going well, and more. Xposed or not I'm not employed at Xposed, but I found some thing that got fixed.

The table as well as tree view of the exposures page not properly giving correct dates, I.E. the table was showing 2023 items while the default view was not quite showing current dated items added to the site.
We learn about the news page and its purpose while asking questions.
We found a very interesting post about data exposures and their categories. At the time of writing, I don't have a blog post on this yet.

Incogni I earlier blogged There are many data brokers, only one company that might help which links to an article titled Your data, their profit: the data brokers you know nothing about goes in to what's going on and who might be able to help. Yes, Incogni might just be the one that might do the job. Step on forward and learn. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

The Security box, podcast 187: What's going on with our drinking water?

Thu, 18 Apr 2024 01:28:47 GMT

Hello everyone, welcome to program number 187 of the security box. On this program, we're going to talk about our drinking water. No, not the fact that it could taste bad or that it is the best water ever, we'll talk about the security aspect of where our drinking water comes from. Besides that, the news, the notes and the landscape. Remember to contact us with your questions, comments or concerns. If we don't know, we've got people that do, so get those questions in.

Open forum: A New Service

Recently, the Jared Rimer Network discovered a service in which we are happy to use. While haveibeenpwned.com is good, I do find some things that don't work well accessibly. While I got the domains to work, and those instructions were easy to follow, I did have issues with the service I'm about to recommend. I got it to work and it is more accessible. Even the exposed breaches may not be that extensive, both services get their breaches through verification. To learn more about the service Exposed or not, please view the latest blog post We have a new service up, accessible too for complete details. The service is spelled xposedornot. Drop the E.

Some of the newsy items

Unconfirmed, trust wallet could be at risk with a zero day

Bot attacks as a top threat this year was supposed to be posted earlier but it missed its schedule

Sans News Bites for April 16, 2024

Lawfirms now have AI Generated lawyers?

Some may bring these up, but may bring other things as well. We'll have to see. Keep on reading!

Topic: Our Drinking Water

I've never really liked the taste of water. Especially from our faucets. But this podcast isn't talking about whether we like water, which we're told we should drink to keep ourselves healthy.

I know, I know, I'm just as guilty as the rest when it comes to that. But this podcast isn't about whether we like the stuff, its about the security of how it gets to us. We know it goes through pipes, but do we honestly know how it gets to those pipes to how we drink it, cook with it, or use it in our coffee? There's an elaborate system, but is it as secure as it can be?

Apparently, hackers can get in to these systems, and this is where we could be in some real trouble. The latest blog post I penned on this subject is titled Hackers interrupting critical drinking water which links to the CyberNews article US officials warn of hackers disrupting the “critical lifeline” of drinking water which was an interesting read.

If you search for water by itself, you'll find other blogs like:

Cyber Attack cuts off Water for 2 days

Iran hits Pennsylvania water

TSB podcast 186: Tycoon 2FA bypasses 2fa of major providers

Thu, 11 Apr 2024 17:24:04 GMT

missing description

TSB podcast 185: AcidRain and AcidPour

Thu, 04 Apr 2024 00:27:26 GMT

Welcome to the security box, podcast 185. We have several things in Erata that we'll read, one coming in just before I was supposed to leave although that trip got postponed. While that thing we'll read is a week old, its still valuable. We also put in the Facebook thing I saw prior which might get people to chuckle. Our topic today is one dealing with Russia, and another Wiper Malware. The article we take from is from CyberNews, and we also blogged the thing. We'll have news, notes and more.

Common Vector Tactics

While I still seem to be a week behind, I'm going to sites on my own to find things of value so I can try to keep up.

In my perusal of Mastodon, I found this, and thought it should be posted. Here are common vector attacks behind data breaches is the blog post, where Diva on Breaches takes us through 7 different items in her post.

This is also in our show notes and will be read out for those who listen but do not read the blog on a regular. Thanks Devanand for continuing to share the knowledge we can share. We recently read one of her recent posts in a prior podcast.

Knowledge is power!

Our Topic: Acid Rain and Acid Pour

Our blog post New Malware, AcidPour has a link to the Cybernews article. As usual, we'll take some of the paragraphs to aid in the discussion.If you just want the article without going to the blog, no problem. Russia unleashes dangerous new wiper is the article.

Supporting the podcast

If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Internet Radio affiliates airing our program

Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

TSB 184: PixPirate

Wed, 27 Mar 2024 23:04:19 GMT

Welcome to the Security Box, podcast 184. On this edition of the podcast, we're going to talk about PixPirate. Its an Android application known as a Trojan. It is hard to detect, and its hard to get rid of. Besides this, we'll cover the news, notes and and questions and answers that we may need to take care of.

PixPirate

This time, we're talking about a piece of malware known as a trojan. The article comes from Bleeping Computer and is titled PixPirate Android malware uses new tactic to hide on phones. If you want to read my pick apart on this, this is the blog post that'll let you do that. Its titled: PixPirate uses new tactic to hide on phone.

What do you think of the topic? Have you heard of it before?

Supporting the podcast

Internet Radio affiliates airing our program

TSB podcast 183: An update on Pig Butchering

Wed, 20 Mar 2024 21:36:00 GMT

After a week off, we're back with another podcast. We hope you enjoy!

Hello everyone, welcome to the Security Box, podcast 183. On this program, we're going to catch you up on the landscape from the last couple of weeks. We've also got an update on what's going on with our favorite topic called Pig Butchering. Of course we'll take your comments as well and of course those questions. Thanks so much for listening!

Our topic: What's going on with Pig Butchering?

Pig Butchering is not necessarily going anywhere, but there have been some studies and money recovered. The article US moves to recover $2.3 million from “pig butchers” on Binance is the latest article we've seen on the topic.

Of course, we had a topic but seemed to have lost it, but that's what happens some times. This article will be taken apart to help the discussion and of course comments and questions are welcome.

As a side note, we can probably tie this in to Phishing as a whole, as the deployment of the beginning of how this works is an email, text, or other platform of communication. What are your thoughts on that? We even talk about it as part of Throwback Saturdaynight for the 16th in our first segment.

Supporting the podcast

Internet Radio affiliates airing our program

TSB podcast 182: Savvy Seahorse

Thu, 07 Mar 2024 15:20:41 GMT

Hello folks, welcome to the security box, podcast 182. On this podcast, besides the news and notes of the week, we're going to learn about a new potential threat by a new potential actor called Savvy Seahorse. If you've read the blog, you'll already know, but if you only listen to the podcast, this is going to change the way malware is delivered. Of course we'll see what our participants want to talk about as well.

Our Topic, Savvy Seahorse

The article comes to us by our newest partner, Cybernews. Its titled Threat actor uses Facebook to lure victims, sends cash to Russia and covers Savvy Seahorse. This is going to be something we'll need to track, and we'll explain it all.

Let's just say that it uses the Cname aspect of domain hosting. Stay tuned!

If you want to read our blog post on it, Here is that post titled Savvy Seahorse uses facebook for investment scams.

Supporting the podcast

Internet Radio affiliates airing our program

The Security Box, podcast 181: Phishing Sites impersonating social media

Thu, 29 Feb 2024 01:38:24 GMT

Hello everyone, welcome to the Security Box, podcast 181. In Q4 of 2023, Phishlabs is reporting that a record of phishing sites impersonate social media to target victims. Question for the listener, what do you think you should look for when you get communication that talks about social media before you click, tap, double tap or press enter on a keyboard? We'll have the news and landscape as well as your comments and concerns. We hope you enjoy the show!

News, notes and the landscape

You have to be kidding me, 1 year later and the DOD is sending out notifications?

2.5 million private plane owners breached

911 proxy is back, new name: cloud router: still dangerous

Avast caught collecting lots of info? Selling it to other companies?

There are other smaller news items, but these might be the bigger ones. If yours isn't on this list, what fancies you? Contact me through jaredrimer.net and let me know. You can also send things to ponder files which can be played as well.

Our Topic: Phishing Sites up and impersonating social media

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4 comes to us from Phishlabs this week. Let us know what you think good, bad or indifferent.

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 180: Phishing as a Service

Thu, 22 Feb 2024 00:58:23 GMT

Hello everyone, welcome to the security box, podcast 180. On this podcast, Phishlabs will guide us through something I don't think we have ever seen. It talks about a service that is a web host service, but it is a completely different type of web host. They didn't classify it as bulletproof hosting, but something called phishing as a service. Two different companies are mentioned. Besides that, we've got news, notes, the landscape and your thoughts. Thanks so much for listening!

Big News of the week, Lockbit

The big news it seems that is coming out this week is talking about Lockbit. Looks like their infrastructure has been taken over by all kinds of law enforcement partners from all around the world. While we don't intend to give you an exhaustive list, here is some of the coverage we know about.

The Cyberwire Daily: February 20, 2024 will talk about this in their news notes for the episode. Here's a link to the Cyberwire.

Lockbit, your time is up! Now its time to go find real work is my blog post, leading to LockBit cartel disrupted “at every level” – Europol if you don't want to read mine. I am not offended. I do take this article apart though, so give mine a read if you wish.

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates comes directly from Brian Krebs. At the time of Writeup, the JRN has not read this yet.

Our topic: Phishing as a service

This week, we're going to talk about Phishing as a service. It is a new concept, and you can probably say it is similar to Ransomware as a service. This week's article is titled Phishing-as-a-Service Profile: LabHost Threat Actor Group and it covers two different hosts. This, will get interesting.

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 179: Romance Scams

Wed, 14 Feb 2024 23:49:15 GMT

Hello folks, welcome to the security box. This is program 179. This time, we'll venture off the path a bit and talk a little bit about romance scams. Instead of using the article as a guide, we'll talk about it in more general terms. Did you know that Valentines Day is one of the biggest times for this type of scam? Besides that, we'll have news, notes and the landscape as we always do. Thanks for listening and make it a great day!

Our topic: romance scams

With Valentines coming, romance scams are going to be on the rise. With Valentines Day coming, its time for the romance scams in full force is a blog post leading to the article we'll use for this discussion although we won't use it like we normally do. We'll use it as a starting point.

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 178: Let's Unravel the Threats of Social Engineering

Thu, 08 Feb 2024 00:47:18 GMT

Hello everyone! Welcome to the security box, podcast 178. On this podcast, we're going to talk about the landscape, the news, and the crazy. We are also going to talk about the threats of Social Engineering as well. We give you the best blog posts of the week as well. We hope you enjoy the program, and make it a great day!

Our topic and accompanying true story

Today, Lastpass will lead the discussion with Unraveling the Threats of Social Engineering which was a great find. I don't know about you guys, but we need to be on guard and ready as much as we can. We can all be phished, scammed and Cory Doctorow's article is linked to Even the Best can be Scammed, check this article out which I wrote in my response to the article. So since we can all be targets, it starts with knowing what to look for by reading Lastpass's article and learning what we could do differently and learning by the other true story.

Supporting the podcast

Internet Radio affiliates airing our program

For full show notes including things talked about, please see the blog.

The Security box, podcast 177: passwords, Oh My! The Perils of Employee Password Misuse

Wed, 31 Jan 2024 23:49:19 GMT

Welcome to podcast 177 of the Security Box. On this podcast, we seem to be on a password discussion, as lots of articles have come out in regards to the subject. Our topic even will include talking about passwords. We'll also have things to ponder, possibly some morons, and a great time as always!

These notes are annotated for RSS. Full notes on the blog.

Our moron(s)

Mercedes, its your turn. Apparently, you had something open on your Github account. The thing is, you're not the first car company to have issues, although you never said that there wasn't a problem, you did fix it with Github assisting as well. A password is mistakenly published, source code, blueprints and more once at risk is the blog post where you can read more about this one. Good job, guys!

Microsoft, you aught to be ashamed of yourself. You decided to give a test account admin privelages, then let the account go to legacy status. Then, because its an administrative account, someone finds it and abuses your systems. Great job! Ars Technica has the complete details. In major gaffe, hacked Microsoft test account was assigned admin privileges is the article.

Password reuse

We haven't blogged this at the time of these notes, but this is a good topic. The Perils of Employee Password Reuse comes to us from Lastpass and Amber Steel. Let us know what you think.

Supporting the podcast

Internet Radio affiliates airing our program

The Security Box, podcast 176: open forum, and one of the biggest breaches we've seen to date

Thu, 25 Jan 2024 01:58:43 GMT

Hello folks, welcome to the security box, podcast 176. This podcast is mainly going to be an open forum, but we will have some topics coming. We might have some morons, some things to ponder, and whatever is on the minds of those that come on live.

Things that might be talked about

This is not meant to be exhaustive, but the following blog posts may be talked about in no particular order. Some may be talked about but not listed here, so check the blog for complete details.

16.6 million people affected, no info on what was taken

Breach forums maintainer gets time served, never spent time in jail, lots of restrictions placed on him

Trezor gets owned for a second time

15 million Trello users apparently breached

TA866 is back to sending out email

New sets of data, including have I been pwned data out in the wild (naz.api breach)

Sans news bites for January 19, 2024

Three are three domains that I wouldn’t buy

Sans news bites for January 23, 2024

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 175: Threats targeting the airline industry through the dark web

Wed, 17 Jan 2024 22:24:22 GMT

Hello folks, welcome to the security box, podcast 175. I've been out sick, and now we're back to bring you what we wanted to bring you this past week. We've got news, notes, the landscape, two morons, things to ponder and a topic dealing with dark web threats targeting the airline industry. Thanks so much for listening and make it a great day!

Our Morons

We have to start with the moron who thought it would be a good idea that a database be left wide open for people to peruse the data. This database is a Mongo DB database, its similar to SQL where data is held and can be gotten at when needed. While this is a real estate app, this was definitely not done with security in mind.

blog post

If we've not had enough with Chat GPT, this aught to stand your hair right up. This data breaches article talks about how Chat GPT was made to give out ransomware software and now 4 are arrested. This aught to get more interesting.

ChatGPT-aided ransomware in China results in four arrests as AI raises cybersecurity concerns

Things to ponder

Carrying over some items that we just will run as part of this week's program, we've got some doozies. We'll blog anything we didn't yack about as I continue to recover.

23 and me must be wanting to play the blame game. They claim that their incident is our fault, and they then are going to fix whatever security holes were caused by whathappened? Yes, we are at fault with reusable passwords, but you don't have two-factor on any accounts, so its a double whammy and part of it is yours. Here's my blog post from 2023 about this particular problem. I don't think its gotten any better there and they haven't really been better.

Sans News Bites is back, and I still need to blog some others. My goal was to get two done, but I have the one from the 5th of January. As we move forward from my illness, we'll record them as we get them. Check the blog for ones not covered in audio. Here's my blog post for Jan 5th for those who want to find it easily.

We're interested in audio dealing with predictions and Trend Micro has one for their predictions. This comes from their trend talks threats podcast series on their youtube channel.

We also have top breaches that I found from Have I been Poned that I recorded before my illness took over. This list changes, and we'll bring this to you each week.

Find something that you want to talk about? Use a file sharing service to get us the audio and you'll be featured.

Our topic

Our topic this week comes to us from Phishlabs. Dark Web Threats Targeting the Airline Industry is the article and we'll step through this one. Hope you'll find it of interest as everyone travels.

The Security box, podcast 174 for January 3, 2023

Wed, 03 Jan 2024 22:13:15 GMT

Welcome to podcast 174. On this podcast, we're just traversing the landscape and some of our longer posts and things that caught our attention. In most ways, this isn't complete, but just some. Terry, Nick and I take you along for the ride. Enjoy!

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 173: HHS not doing anything except for ransomware

Thu, 14 Dec 2023 03:58:19 GMT

Hello folks, welcome to podcast 173. This is going to be the last podcast of the year as it comes to live programming. Don't worry, we'll continue to blog things of importance, and I'll look through our podcast notations for some good things and put out a final podcast of the year. Our next live program will be on January 3, 2024. On this edition of the program, we'll have our news and notes segments, the moron, two things to ponder which are extended versions and of course our topic dealing with the HHS and their fine on an agency who got breached.

Our Things to Ponder

We have two things to ponder segments and both are extended versions and information packed. The first one is being cross posted through this podcast and our Security Hour which may air it any time it wishes. The segment talks about 1 in 4 people falling for scams and getting in to trouble. Besides falling for scams, there is one thing most people don't do and it'll shock you. Read More on the tech blog with the blog post titled 1 in 4 fall for scams to learn what is going on and what is recommended. The second talks about a very interesting email I got and how it could actually fool someone. At recording time, the domain was unreachable, although the group was given a different file which could not be resurrected for airplay here. Here is the blog post titled Did you think you were going to get me? You’ve got to try harder if you wish to read it. It too, will be crossposted, but I didn't mention that here.

This is a complete set of morons

Our set of morons are completely interesting. They thought they'd steal a car, taking everything from one person, but yet doing something that they weren't expecting. These guys were expecting an Iphone, found an Android and handed it back. They still took the car and possibly other items. Read the blog post with the accompanying article. You won't believe this one. Or will you?

Our Topic: HHS settles with ransomware case

You must be kidding me, right? Lots of breaches, ransomware cases and the like yet the HHS doesn't do much to enforce anything in my opinion. We have several articles on the HHS settling in certain cases like the Ransomware we're talking about today, or the HIPPA violations in another case, but most of the time its unchecked.

This week, HHS announces settlement on ransomware case is our article. It is a good start, but as we've said, there have been a lot more. Let us know what you think.

Supporting the podcast

The Security box, podcast 172: The Q3 Payload report

Thu, 07 Dec 2023 06:00:00 GMT

Hello folks, welcome to the Security Box, podcast 172. On this podcast, we've got two different morons, a look at the landscape, a few things to ponder and our topic dealing with the Q3 report on the landscape which includes QBot and other variants out there causing havoc.

For things to ponder, check the blog.

Our Morons

These are the morons of the podcast.

Montana, you have got to be kidding me. We talked about this in May of this year, and now, it seems you lose. Seems like your law is unconstitutional and it questions what you're trying to do. While we support you, you've really got to prove why Montana should be allowed to ban the app as just banning it doesn't fix the overall problem. As we've asked, how are you going to enforce it? Here is the blog post titled Montana Loses battle to block Tiktok for now … still thinks they have a case which links to prior coverage and arguments. Have fun with this one.

We have two Ukraine stories in recent posts, but one of these is our moron. Ukrainian gets 8 years argues that 8 years is still not enough for stealing and selling personally identifiable information on the darkweb and profiting from it. At least this suspect got caught, and we can celebrate just a little bit. The JRN did not copy his name.

Topic: The Q3 Payload report

On this week's program, the Q3 Payload report is going to be the topic. Looks like QBot is still at the top, even though they were dismantled. This was quite interesting. There are two different Rats that are part of the problem now, and these aren't rodants. These are Trojans. In this terminology, Rat stands for Remote Access Trojan. Phishlabs has this article and its titled Q3 Payload Report and you should read it in full if you wish to do so. You'll thank us later.

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 171: The top level domain that harbors a malicious shortener is ...

Thu, 30 Nov 2023 09:30:00 GMT

Welcome to the Security box, podcast 171. We hope that each and every one of you have had a happy Thanksgiving and have recharged your batteries. On this edition, we're making it official and am bringing back the things to ponder. We'll explain what we're going to do and we put it in practice last podcast. If these things to ponder have blog posts, we'll link them from right within the program's show notes so you can read what we're talking about. We'll also have news, notes, any moron of the podcast and our topic talking about URL shorteners and a recent trend with them. We hope you enjoy the show as much as we have bringing the show for you!

For full notations, please see The Blog as we'll link to other things we don't have room here to cover.

The top level domain that harbors a malicious shortener is ...

According to a recent article from Brian Krebs, the most prolific domain now that has a URL shortening service that pumps out scams, phishing and just all around bad is the TLD that belongs to the United States. Read my thoughts and find a link to the article right here. The Top level domain for the United States now harbors malicious URL shortening service is the article title, and I hope you give it a gander.

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 170: Password managers

Thu, 23 Nov 2023 20:45:00 GMT

Hello folks, welcome to the podcast. We're talking about password managers in a big way today. Links to the major managers are given. Its not a complete list, and there may be others I'm not aware of that may be trusted or we don't know much about. We bring back things to ponder in a different way and you'll get a taste of this in this podcast. I hope you enjoy the program as much as we have bringing it together for you. Happy holidays from all of us at the JRN!

Things to ponder

Today, we've got two for you and they're both blog posts.

How much does social media cost underground?

Cleanup on Isle 1! Really Experian? You still can sign up and take one’s account over?

Want your opinion known in this segment? Send an audio file!

Password managers

Below, please find the list of managers we talked about. Again, this isn't a complete list. Make sure you listen to the first segment which explains why we decided to put this podcast together.

1password

Lastpass

Keepass

Supporting the podcast

Internet Radio affiliates airing our program

The Security box, podcast 168: Threat Actir %g1 Profile %g Strox as a service

Thu, 09 Nov 2023 02:13:52 GMT

Hello folks, welcome to the security box, podcast 168. On this program, we'll see if we've got any morons, a service that is a phishing service, news, notes and more.

The "You Stupid fuck" awards of the podcast

If this isn't a moron, I don't know what is. The blog post is titled Tech CEO sentenced to IP addressing scheme which is coming from our blog. It leads to the article we spotted talking about this guy. We may have talked about Micfo LLC before, but this is probably the end of this. Problem: the JRN thinks that 5 years isn't going to be enough and isn't a harsh sentence for the crime. Please sound off if you believe that this is the case.

-----------------------------

If you are prone to email scams, you might want to pay attention to this. One of my MENVI staff was smart enough to contact me to ask if they needed to do what the action in the email indicated. The bad news is that the site truly wasn't MENVI's, it looked nasty and never redirected as I thought it might. An email pretending to come from Cpanel, isn’t cpanel … can you smell trouble? has the complete details of this one. Sound off if you've seen something similar to this and whether you fell for it or not. Its OK if you did. There should be no shame!

----------------------------------------------------------

Solar Winds is getting sued. Seems as though they were never as secure as they should have been, and the CEO among others are getting sued. We thought that something was wrong, seeing how we later found out about how that compromise was completely done. Whether they were compromised by Russia or not isn't the point of the lawsuit, says the article, but boy ... this is probably as bad as you get when it comes to a supply chain attack. Here is the blog post titled SEC sues Solar Winds for fraud, says they are secure and the charges are baseless for your perusal. It can't get any better than this, can it?

Our topic: Phishing as a service

Today, we are going to have a very interesting topic that might be known later as a threat. This comes from our friends at Phishlabs. The article is titled Threat Actor Profile: Strox Phishing-as-a-Service and it was a good one. We'll break this down, as phishing as a service now takes hold.

Supporting the podcast

The Technology podcast, podcast 378: A True Story of a potential scam

Thu, 09 Nov 2023 02:09:09 GMT

Hello folks, welcome to another technology podcast. On this podcast, we're going to listen to a story on how someone who is blind was looking for something and how he got taken for $1,000. It isn't as simple as it could be, seeing how he used the Twitter web site and we know how that could be since Twitter, know known as X, got rid of their accessibility team.

Back in August, I blogged This is a true story of a blind man losing to a scam … this is a must read which links to a Wired article. The podcast you're about to hear comes from Discarded, a proofpoint podcast. It aired in October of this yeqar and I recently listened to it.

For those who are Apple, here's a link to the podcast. DISCARDED: Tales From the Threat Research TrenchesProofpoint

The podcast is also available through Overcast if you use that.

I hope people find this story of interest, and thanks so much for listening! We'll see you next time.

Tech podcast 377: Bec trends and impersonation webinar

Thu, 02 Nov 2023 19:52:53 GMT

This webinar in July covered email impersonation and BEC things for 2023. Hope you enjoy this webinar from Fortra.

The technology podcast, podcast 376: impersonation lookalike webinar

Fri, 27 Oct 2023 21:03:27 GMT

Domains. They're everywhere! In podcast 376 of the tech podcast, we're going back to a webinar that talks about impersonation and look-alike domains. This still happens today, and while it is over 2 months old, it is still valuable. I hope you enjoy the program for this time, and we'll have another webinar next time talking about BEC attacks and domains and email and the like. I hope you'll enjoy. Thanks, Fortra/Phishlabs for putting this together.

The Technology podcast, podcast 375: Chat GPT, the good, the bad and the ugly

Tue, 10 Oct 2023 00:35:00 GMT

While I love webinars, we must be mindful that they aren't mind and must give presenters the opportunity to distribute them. I believe this is Phishlab's webinar, although I could be wrong. Sorry about that if I am.

Welcome to podcast 375. On this podcast, we're going to give you a webinar. This webinar is dealing with Chat GPT. You'll learn the good, the bad and the ugly. It was a very interesting webinar.

Per usual, we give the presenters an opportunity to get it through their network. I believe this is a Phishlabs webinar but i could be wrong.

If I am, I apologize.

We hope you enjoy the program as much as I did listening to it and bringing it to you now. Contact info at the beginning.

Sorry for any tech issue sounding, I'm getting it rectified.

The Security box, podcast 163: NCSAM week 1: passwords and more

Thu, 05 Oct 2023 17:19:30 GMT

Hello folks, welcome to the Security Box, podcast 163. On this episode, we go through the news, talk about a very interesting interview and then tackle our first topic of NCSA

We talk briefly about this blog post about passwords, the reason why it isn't a good idea to share passwords

blog post

and a bit about Multi Factor authentication. This blog post will talk more about multi factor authentication.

You may see terms like two-step, two-factor or multi factor. All pretty much are the same thing.

We hope you enjoy the program as much as we have bringing it together for you, and make it a great day!

Supporting the podcast

The Security box, podcast 162: open forum, week 2

Fri, 29 Sep 2023 16:20:58 GMT

Welcome to the security box, podcast 162. On this edition of the podcast, we'll run through the blog and list, anything else on audience insights and more. This is week 2 of the open forum. Hope you enjoy the program!

The Security box, podcast 161: Week one of Open Forum

Thu, 21 Sep 2023 20:44:04 GMT

Welcome to the security box, podcast 161. On this podcast, we're covering a few notations of the recently released IOS 17, tons of articles from the blog, and having ourselves an open forum. We hope that you enjoy the program as much as we did putting it together for you.

Supporting the podcast

The Security Box, podcast 160: Freenom sued, drops free domains, more

Thu, 14 Sep 2023 00:12:30 GMT

Hello folks, welcome to podcast 160. On this week's edition, we'll reveal the sudden absence of TSB, we'll have news and notes from around the landscape that folks may have read, and aa very interesting topic that deals with Freenom and the phishing landscape. Apparently, Facebook is in this too. Of course, we'll have any questions answered that people have too. Thanks for your support of TSB and thanks so much for listening!

The Absense of TSB

The sudden departure of TSB was not one the JRN was necessarily prepared for. While we have from time to time rescheduled TSB, and/or took specific holidays off like the Christmas break, Thanksgiving week, and possibly others, this was so sudden.

While working on TSB's release and catching up its EMHS page we got a message on Dice World. While that wasn't out of the ordinary, as I have gotten messages on Dice World before, the source and what the message contained was one of shock and grave concern.

The short version is that the JRN's MENVI helper, Janet Quam, passed away on the 30th of the month of August. While I have been told numerous things, a letter which I published on September 10th goes in to what Janet did with the network from various podcasts which don't exist anymore, to tech skills and a willingness to learn.

There was no health related stuff discussed except to state that we were aware of health concerns. To read the letter, please read the blog post titled A death across the network, here’s a letter.

It links to a Youtube copy of the funeral. MENVI's links page also has a link to the Obituary. We thank you for your support! A song appropriate will be played at the end of the program when we play music.

Meta, Freenom and phishing domains

Our topic comes to us today from an article which was published to Krebs on Security on 5/31. Its titled Phishing Domains Tanked After Meta Sued Freenom. As we've talked about on Throwback, we've now got other issues because of this suit, and other top level domains that are now taking what the free domains did. We'll make sure to bring this up.

Supporting the podcast

The Security box, podcast 159: Fraudulent activity, Retail and the dark web

Wed, 30 Aug 2023 22:08:12 GMT

Welcome to the security box, podcast 159. On this podcast, we're going to have a two-part article discussion dealing with fraudulent activity when it comes to retail and the dark web. This came to us via Phishlabs. Besides that, we may have some stupid fucks to talk about, the landscape as usual, and your comments and questions if any.

The Stupid Fuck award

I found an article I posted to the blog on August 30th that talks about the U.K. wanting to ban IOS updates unless its approved. Like that's going to solve anything except problems for us useers who may either travel to the UK or live there. Here's the blog post I wrote that posted before the show. Good job, UK government for earning the stupid fuck award.

Fraudulent Activity on the dark web with retail

This is a two part article coming to us from Phishlabs.

Top Fraudulent Activity Targeting Retail on the Dark Web

Top Fraudulent Activity Targeting Retail on the Dark Web – Part Two

The Security box, podcast 158: The 1.3B Facebook fine

Thu, 24 Aug 2023 17:40:16 GMT

Welcome to podcast 158 of the Security Box. On today's podcast, we've got at least one moron, we've got an interesting topic that deals with Facebook getting fined, again, and of course we'll cover the landscape and what has been read and blogged as of late.

The You Stupid Fuck award section

Who the hell is Global phishing 16 service? Well, someone or multiple someones have been picked up. Karma Catches Up to Global Phishing Service 16Shop comes to us from Krebs on Security and was quite an interesting read. According to Krebs, this outfit has been around since 2017 and really had a name for itself when it came to having people pay on time, making sure their tools were not given to anyone who did not pay and more. While the concept was novel, people got caught, so please enjoy your stupid fuck award.

Nice to see some arrests of a couple dozen more stupid fucks in this one. Two dozen arrested, hundreds of malicious IPs taken down in African cybercrime operation comes to us from Cyberscoop. While the article isn't long, we now learn there is a new threat that knows what they're doing. Better read this one!

Topic: The 1.3 Billion dollar fine and what it means for privacy regulation

The article we're going to take from is an article we posted back in May. The title of this article is What the record-breaking $1.3 billion Meta fine means for the US-EU clash over spying programs and it comes from Cyberscoop.

I guess we'll have to see what happens with this, as I don't think we'll be done with this yet. If there are any updates, we'll be posting these updates to our list and blog where applicable.

Supporting the podcast

The Security box, podcast 157: A Different type of Ransomware Demand

Thu, 17 Aug 2023 21:09:19 GMT

Welcome to the security box, podcast 157. This week, we ay be talking about a very interesting topic coming out of connecticut which might or might be a moron. We'll talk about other news and notes from the landscape, and yes, today's topic is on ransomware groups and one which says you should pay the money to charity instead of the group itself.

Morons of the podcast

We are going to link to the stories that deal with our moron(s) of the podcast.

10 people, including 16-year-old youth arrested for suspected involvement in malware scams Databreaches

Five arrested in Poland for running bulletproof hosting service for cybercrime gangs — Europol databreaches

Florida Healthy Kids notified by Maximus of MOVEit breach databreaches

Diligere, Equity-Invest Are New Firms of U.K. Con Man Krebs On Security

Florida Healthy Kids is a very interesting story, mainly because of who they are partnering with. I guess we'll see what happens with them.

Ransomware group says: Pay a Charity

Today's topic comes to us from Cyberscoop way back in May. I've not seen another group do this, and I think its a one of a kind deal. I wish I were on that charity list, although I don't take crypto, but proof of donation would all that it would be.

Today's article is titled A different kind of ransomware demand: Donate to charity to get your data back which should be read just the same. If someone you know was hit by this group, did they get their files back?

Supporting the podcast

The Security box, podcast 156: What have we learned from the Russia/Ukraine war and how to protect ourselves?

Thu, 10 Aug 2023 00:00:00 GMT

Hello folks, welcome to the Security Box. This is program number 156. On this episode of the program, we're going to talk about a very interesting article that was published back in April on what we've learned about stopping Russia's hackers since the war has started. Also, this program will have news, notes, the landscape and much more.

Morons of thde podcast

The following two articles are related and one may have more than the other. Is possible sentencing guidelines enough that fit the crimes?

NYC couple pleaded guilty to money laundering in Bitfinex hack Cyberscoop

Husband and Wife Plead Guilty to Money Laundering Conspiracy Involving the Hack and Theft of Billions in Cryptocurrency databreaches.net

Topic: What we've learned from the war on Ukraine

This is an April article titled What we know about Russian hackers — and how to stop them — after a year of cyberwar in Ukraine coming to us from Cyberscoop.

Supporting the podcast

The Security box, podcast 155: What's going on with age Verification?

Thu, 03 Aug 2023 16:03:33 GMT

Welcome to the Security box, podcast 155. On this program, we've got an update to Age Verification which we've not seen any update since. This Verge article may be something that could be of interest if it turns out to be true. We'll also talk about the news and notes from the landscape and much more.

What's going on with Age Verification?

We've covered age verification through the years, and this blog post from May 2023 covers the Verge's article in which we're going to take from. This is their article titled Online age verification is coming, and privacy is on the chopping block which I link to in my post. What do you guys think?

The security box, podcast 153: 13 DDoS for Hire services shut down

Wed, 26 Jul 2023 21:42:26 GMT

Hello folks, welcome to program 154. On this edition of the program, come with us for some news and notes, a recollection of someone who can change after making mistakes, and a topic talking about DDoS for hire services that have been shut down within recent times which could be a good thing.

A Note on a passing of a recent Security Expert

Kevin Mitnick recently passed away on July 16, 2023. He did have an interesting career, a criminal in his early years to a security consultant after the fact.

Brian Krebs sent the news through on Mastodon, and we blogged about it on the same day ... July 20, 2023.

Below, please find the books Kevin wrote. Note that the blog post does mention these and what is available also on BARD. I attended one of his webinars that KnowBe4 put on and it was excellent!

The books

Kevin Mitnick, Steve Wozniak and William L. Simon

Ghost in the Wires: My Adventures as the World's Most Wanted Hacker

The Art of Deception: Controlling the Human Element of Security

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers 1st Edition

Kevin Mitnick and Mikko Hypponnen

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data

DDos for hire services shut down

We blogged about this on the blog, and now its time for it to be talked about. This is a Krebs on Security article titled Feds Take Down 13 More DDoS-for-Hire Services which I found was quite good. Let's see what you think and our contact info will be given throughout the program.

Supporting the podcast

The Security box, podcast 153: Bould Spy

Wed, 19 Jul 2023 22:33:45 GMT

Hello folks, welcome to the Security box. This is program 153 and on this edition of the program, we're going to talk about a potential new threat that we might need to learn about. We'll also have potential morons that has crossed our desk, news and notes from around the landscape and more.

If you don't read anything else, you should read this

Think I’m harping too much on checking your stuff? Here’s why you really should … this is a true story shouldbe read. It links to a file which will only be available for a limited time which has the story. This came from Cybercrime radio and thanks to DJ Terry for giving us a heads up on this one. Now people should be happy that I harp on making sure that you are as safe and secure as possible. Thank me later!

A Data Leak that went absolutely correct

There's a difference between a data leak and a breach. A leak may in most parts be an accident, where a breach was intentional. My blog post Data Leak at Virus Total was only a subset, data removed has a link to the story. Let's just say that Google did everything as right as they could. Once notified, they removed said data an d launched an investigation on how the info got on the popular AntiVirus scanning application. You can't have it any other way. If a mistake happens, fix it as quickly as possible!

Our Morons

Our first moron today comes from a company called HikVision. This blog post titled: Use Hikvision cameras? You might want to be made aware of this goes in to the fact that this company just doesn't understand what might be going on with their network and their devices. Having QR codes to basicly log in to the camera yields very interesting results. Better read the accompanying article for more. You might want to be sitting down for this one.

Second: From Cyber Crime radio: Magaine: Bangladesh Data Leak Exposes 50M Citizens. This is the topic for their July 13th airing and this has to be a complete joke. We'll play this file as part of the program.

Our topic

Move out the way … Bold Spy is right there with spy tools like Pegasus is the tech blog where you'll find commentary and an article that talks about something called Bold Spy. Its got tools that others are using and possibly more. Feel the threat yet?

Finally an extra

Did you read Think I’m harping too much on checking your stuff? Here’s why you really should … this is a true story yet? As an extra, we play the audio podcast from CyberCrime Radio which sparked the blog post. This is of course within the last music set. Listen to the Cybercrime Radio piece, it really hit home on why this accompanying blog post was written.

The Technology blog and podcast podcast 374: Adnroid accessibility discussion

Tue, 18 Jul 2023 18:39:52 GMT

On this podcast, a great video that was posted to Mastodon talking about what's coming to Android in 2023. But then I have questions dealin with the abuse of accessibility tools. Using Yellow Camera as an example, are these changes meant that people might be safer if they make a mistake? Contact info at the end. Thanks for listening!

The Security box, podcast 152: our three year anniversary

Sat, 15 Jul 2023 17:00:00 GMT

On this edition of the program, we've got an open forum of topics. Lots of them have been covered through the years while others have been covered on the blog or TSB's email list. We hope that you enjoy the program as much as we put this together for you. See you next time!

The Security Box, podcast 151: BEC is back, let's learn what might be new

Fri, 07 Jul 2023 20:10:42 GMT

Welcome to the security box, podcast 151. I hope that each and every one of you have had a great July 4th holiday. On today's podcast, we're going to have an updated discussion on BEC which stands for Business Email Compromise. On top of that, we'll see what else the landscape has to offer. We hope you enjoy the program and thanks for listening!

Stitcher closing

Stitcher is closing. If you are affected by the change, please contact me at jaredrimer at 986themix.com and let me know about it. Let me know what podcast you're coming from so I can get you a new link. They've let us know that they're shutting down as of August 29th, 2023. Thanks for your support of our podcast!

Our Topic: update on BEC

This time, our article comes from Phish Labs. Its a good one, and probably updates our stats on one of the businesses biggest problems, Business Email compromise. What to Know About Business Email Compromise (BEC) Scams was written in April.

The security box, podcast 150: Ransomware Gangs giving us ransomware witha helping of zero-days

Thu, 29 Jun 2023 00:00:00 GMT

Hello folks, welcome to the Security Box, podcast 150. We're made it! On this podcast, we're going to talk about Ransomware gangs and the fact they're now using zero days. We may or may not have a moron, we'll cover the news and we'll see what else people have to say as the program progresses. Some Strong Language.

Stitcher closing

Our topic, Ransomware gangs and zero days

This week's article comes to us from Cyberscoop. Its titled Ransomware gangs increasingly deploy zero-days to maximize attacks and was tagged as a topic. For the 150th episode, this couldn't be more appropriate.

Supporting the podcast

The Security box, podcast 149: Emotet is back, bigger and badder than ever

Wed, 21 Jun 2023 20:34:46 GMT

We did have some participation, full notes are here. No replay on Clubhouse though, sorry about that!

Welcome to the Security box, podcast 149. On this podcast, we may or may not have a moron, we'll definitely have news, notes and the landscape and a topic talking about a threat we thought was long gone.

Good Job India, welcome to the moron of the podcast

I stumbled across a video from a Youtube Channel which I am not familiar with. While Nick was in my JRN working room, I decided to see if there was an article about this. While the podcast gets a 9 minute video, check out this article titled India first democracy to ban encrypted messaging apps on massive scale. from a site called tutanota.com. They must be a news related site, name sounds familiar to me. Have fun with this one!

Here's the youtube video from Mental Outlaw if you want to watch this instead of listening to it.

Topic: Emotet is back, now a threat

The article comes to us this time from Phishlabs. Emotet Returns from Hiatus, Trails QBot in Q1 Volume is the title.

Are you surprised that this is the case? We know that Emotet was taken down in a crqackdown, but like most things, they come back in this industry. Feel free to view the article for complete details or download your copy of the show to hear our thoughts.

Supporting the podcast

TSB 148: Nation-State Actors go after cloud providers who have customers that have weak passwords

Thu, 15 Jun 2023 02:01:09 GMT

Welcome to the security box, podcast 148. On this podcast, I may have a complete moron with a company, we'll have news, notes and more. The topic deals with passwords and it isn't looking that great.

Morons

We stand in solidarity with you, Reddit users. Reddit is taking advantage of the situation just like Twitter did so many months before.

Apparently, Reddit has decided to do the same thing. One article says they're only charging $0.24 per 1,000 calls to their API, but people indicate its much different. The cost is $12,000 per month or roughly up to $20 million per year according to some estimates. Here are the blog posts as of writing in regards to Reddit.

Accessibility apps will be free for API use on Reddit

Reddit communities to go dark on June 12th, setting themselves to private

Reddit to charge $12k for 50k calls to API?

Its Official, Apollo shutting down

Here’s an ars article on Apollo

Van Nuys is not too far from where I live in a town called Woodland Hills. I go through there every time I take the bus. According to a KNX article which is very short, it says a guy from there was caught selling drugs on the dark web. Here is the blog post from the tech blog titled Van Nuys man pleads Not Guilty to selling drugs online which links to the KNX article.

In Case you Missed it

In Case you missed it, I finished Tracers in the Dark. It was a very interesting book, one I didn't want to put down until I did. Book Review: Tracers in the dark, by Andy Greenberg is the blog post and I'm not giving anything away.

Our Topic: Weak Passwords

Our topic comes to us from Cyberscoop. It was an interesting read. The article is title Nation-state actors are taking advantage of weak passwords to go after cloud customers, Google says and I found it interesting. This proves again that we need to make sure that our users are using strong passwords or pass phraises. Don't worry, Cyber Security Awareness Month is coming up, so TSB will be starting all over again with basic stuff when it comes to your security.

I hope that every single person will enjoy today's program, and thanks so much for listening!

Supporting the podcast

The Security box, podcast 147: Unpacking the Structure of a Ransomware Group's Business Model

Wed, 07 Jun 2023 22:01:57 GMT

Welcome to the security box, podcast 147. On this edition of the program, I believe I have a very interesting but true story that must be told with the names being changed to protect the innocent, or is it guilty? We've got a very interesting article talking about the structure of ransomware groups, and no, we're not talking about specific named groups, just something that probably wouldn't surprise someone who reads this type of news. We'll see what else the landscape has to offer with news, notes, questions and more.

A true story that might include a moron?

Someone recently got someone fired as part of a grudge where someone heard something they said and decided to look them up and email a copy of what they said to the employer. This is the first time we've seen this in the phone world and we hope it isn't going to happen again. Live version with names changed to protect the innocent, or are we protecting the guilty?

Topic: What's going on with Ransomware groups?

The following is a Trend Micro article which we found very valuable. Unpacking the Structure of Modern Cybercrime Organizations is the title of this article and well worth the read. Question for readers and listeners to the live or podcast edition listeners, are you surprised? Let's discuss this one.

Supporting the podcast

The Security box, podcast 146: A name to the faceless proxy service

Thu, 01 Jun 2023 03:40:40 GMT

Welcome to the security box, podcast 146. On this podcast, we may have multiple morons; one is a definite, news, notes and a very interesting topic about the proxy services and what they're up to.

Potential Morons

48 States Sue Phone Company That Allegedly Catered To Needs of Robocallers talks about the majority of the U.S. and how they're suing a telephone company in Arizona who seems to be catering to the robocallers by allowing customers to spoof caller ID among other things.

Free VPN Service SuperVPN Exposes 360 Million User Records. was found on Monday, the 29th. Class, what can we learn from this article?

Topic

This time, we're going to talk about a very interesting KrebsOnSecurity article titled Giving a Face to the Malware Proxy Service ‘Faceless’ which was quite interesting.

The first paragraph says:

For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

Supporting the podcast

The Security box, podcast 145: BabLock Ransomware

Thu, 25 May 2023 00:29:12 GMT

This program may contain some strong language.

Welcome to the security box, podcast 145. On this podcast, we're going to talk about anothr Ransomware group that is out there that may be of value because while they may ot be targeting the states yet, they're attacking and we must be aware of what's happening.

Besides this, we may have at least one moron, maybe more, we'll see what others have to say, we'll talk about the landscape and we'll also make sure you're informed the best we can.

Topic

Bablock is a very interesting piece of ransomware out there. The ransomware is based off of Lockbit, but may be different. Trend Micro will help us with this one. An Analysis of the BabLock (aka Rorschach) Ransomware is the article title and we hope you enjoy the program!

Supporting the podcast

The Security box, podcast 144: its an open forum show

Thu, 18 May 2023 15:15:48 GMT

Welcome to the security box, podcast 144. This show is an open forum. We had no particular topic in mind, but we talk about books, the landscape and more. The show may contain some adult themes, but it is very light at all. This may contain language or other situations. Please be aware of it. Thanks for participating and make it a great day!

The Security Box, podcast 143: Let's discuss the relationship between Ransomware and Phishing

Wed, 10 May 2023 23:22:12 GMT

Welcome to the security box, podcast 143. Today, we're going to have a very interesting discussion about the Relationship between Ransomware and Phishing. We know of at least one moron of the podcast, and there is possibly going to be one more. Of course, we'll have news, notes and any questions from the Clubhouse audience.

Morons of the Podcast

First Moron, a Russian on the Run

There are two different articles out there about this one. One from Krebs and the other from Cyberscoop.

$10M Is Yours If You Can Get This Guy to Leave Russia Krebs on Security

Russian national charged for role in stolen credit card verification scheme Cyberscoop

How Not! to notify people of a databreach

I saw a boost on Saturday about a breach with a company named Western Digital. That's nice, we have covered many breaches before. What I found was disturbing from Western Digital according to the boost. While they sent email out, the email was not accessible for those of us who use access technology; namely screen reading technology.

I don't know about you, but I would expect the info not in graphical form, I would expect it in text just like you and I communicate already. Here is my blog post from May 6th that mentions this. As of show note creation time, we do not have any official articles from the tech press, but when we do, we'll be sure to pass it along. Don't put breach notifications in picture form! It doesn't do anyone with disabilities any good.

Our main Topic

The main topic comes from Phishlabs. The article is titled What is the Relationship Between Ransomware and Phishing? and was written at the end of March, 2023. This is going to get interesting.

Supporting the podcast

The Security Box, podcast 142: The New U.S. Cybersecurity Strategy highlights

Thu, 04 May 2023 04:19:56 GMT

This show has sections of strong language, but not a lot. The disclaimer is in there just in case, but it is not much in the wake of strong language.

Welcome to the Security box. This is program number 142 of the series and this time, we've got a topic which hasn't been covered before at least on our podcast. The topic covers a very interesting endeavor by the government to deal with Cybersecurity. Besides this, we'll see who gets a moron, we'll cover the landscape, and we'll see what else is of value. Hope you enjoy the program!

Morons of the podcast

One may not completely be a moron, but it qualifies as a group not just what the first item covers. The second, however, you'll just have to read to believe.

1. I'll put this one as a moron, but I really don't understand what seems to be going on over at schools lately. Its ok to keep information on children that have nothing to do with you giving them an education, and that information may include behavioral issues, SSN's and more.

blog post

Brian Krebs boosted (retweeted) the following to his followers. Note that my blog post has the linked article, so I'm not going to link it within this section. It says:

Doug Levin: NBC: Students’ psychological reports, abuse allegations leaked by ransomware hackers https://www.nbcnews.com/tech/security/students-psychological-reports-abuse-allegations-leaked-ransomware-hac-rcna79414 #edtech #databreach @brett via @kevincollier

2. Our second moron is more of the moron than the first, but here's a blog post titled T-Mobile, do you still want me as a customer? I don’t think so! which has the latest on what they have been up to. It links to yet another article, talking about yet another breach. Should we be surprised in this industry?

Topic: Highlights from the New U.S. Strategy

This is a Krebs on Security article that we're taking from. He was tooting (tweeting) about this on Mastodon.

The article is titled Highlights from the New U.S. Cybersecurity Strategy and it was interesting. I wonder what will eventually happen with this? Haven't seen anything since this article was written, but maybe they're working on it and we'll see something soon. Only time will tell.

Supporting the podcast

The Security box, program 141A: The Billion Dollar Scam

Sun, 30 Apr 2023 23:49:37 GMT

This is an episode that affiliates can run, and the program is under an hour. We'd like to thank the BBC for doing this research. Its definitely eye opening.

The show notes, which include a link to the video on YouTube follows.

Welcome to the security box, podcast 141A. On this podcast, we're going to provide you with a video. This video comes from the BBC, and it does leave some very interesting questions. Contact info is given at the end.

What sparked this? This toot from Brian Krebs is what sparked this. It says:

https://www.youtube.com/watch?v=w6JXZ3GzSCQBrianKrebs: Simona Weinglass of The Times of Israel is my new hero. Her video reporting on crypto investment scams is well worth watching.

Tl;dw, it appears the biggest crypto investment scams targeting people in the UK were promoted by at least a half dozen of England's premiere football (soccer) leagues. These scammers managed to rake in at least a billion dollars, and could afford lucrative sponsorships that got their brand everywhere. As the former scammers explained, there's nothing real about the investment "earnings" shown to people who get roped into these scams: It's all just a digital mirage, and any money invested is gone.

Her video series on the BBC zeroes in on who's responsible. Involves ride-alongs with German police as they worked w/ investigators in the country of Georgia to raid call centers working the phones for these fraudsters.

https://www.youtube.com/watch?v=w6JXZ3GzSCQ

If you're just here for the video, this is the youtube link to the video we give in audio.

Thanks Brian for posting this! I found it very eye opening, and it even made me mad, but that's probably what we'd expect with what you'll hear. I don't blame them though, but you should hear or watch this and make up your own mind.

Supporting the podcast

The Security Box, podcast 141: Dark Bit, a new threat that starts with a grudge

Wed, 26 Apr 2023 23:43:12 GMT

Welcome to the Security box, podcast 141. On this podcast, Cyberscoop is along to help us diagnose yet another ransomware group. They actually start by attacking Israeli schools, but will it stop there?

Besides that, we'll have the news, notes from around the landscape, possibly some morons, and of course your thoughts.

Our topic today comes from this Cyberscoop article titled New cybercrime group calling itself DarkBit attacks Israeli university which we sent to the list in mind February.

While we've not seen anything else on this, it isn't for us to keep our mind down as they could attack anything they want.

We hope to see you on the show, thanks so much for listening!

Supporting the podcast

The Security box, podcast 140: The FDIC and banks

Fri, 21 Apr 2023 17:10:33 GMT

This program may contain some infrequent occurences of strong language.

Welcome to podcast 140 of the Security box. On this edition of the podcast, we've got two morons at least and a great topic that may still be relevant even though the SVB fiasco is now past us. We'll also have the landscape from people who found things of interest as well. We hope you enjoy the show!

Morons of the podcast

We have two morons of the podcast.

Trial and error in Kuwait tells the story of a cyber security expert who almost went to jail for tweeting on something he found which is part of protecting everyone. The article itself is quite interesting, but what is more interesting is the fact that the bank didn't want this info out there to begin with. This came from Cyberscoop.

Lawsuit Claims Mount Nittany Health Shared Private Patient Information with Facebook, Google (update1) comes to us from databreaches.net. The fact that you didn't even notify customers or anyone else about the issue is just mindblowing. This definitely doesn't make any sense.

The FDIC and banks

The FDIC did step up when it came to the SVB ordeal, but what about it and bank securituy? A watchdog says that they're not doing enough.

The article Watchdog warns FDIC fails to test banks’ cyberdefenses effectively is one that you should read. We'll be taking this article apart as part of the discussion. Do you think they're doing enough?

Supporting the podcast

The technology podcast, podcast 373: Metro Micro

Thu, 13 Apr 2023 19:49:16 GMT

This podcast may not mean much for some, but to others, it might. This app is still much in development and is called Metro Micro. Los Angeles Metro is also getting a copy of the cast for their review. Here are the full show notes. Hello folks, welcome to the technology podcast. On this podcast, you'll learn about an app called Metro Micro. It is a new project by Los Angeles Micro which they're trying out. You'll have to search for Metro Micro in your respective app store if you want to take a look. You may also go to the Metro Micro page on metro.net to learn more. While most people may not need this, I figured some might, and we reach a wide variety of people so I'm going to put it out there.

The Security box, podcast 139: Email, Ransomware and more

Wed, 12 Apr 2023 23:46:20 GMT

Hello folks, welcome to program 139 of the security box. On this episode, let us talk about email for a bit. Yes, the thing you use to receive announcements about this podcast, maybe other programs you are interested across the network and other places and a way for businesses to communicate with you. According to an article, this method is still the best way to get ransomware and other things on your device. Why is that? We're going to have news and notes as well, maybe we'll find out as we post things between now and show time if there are morons, and we'll also see what the landscape brings. Topic: Email as a vector Today, let's talk about email. Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method comes from Phishlabs. We'll step through this article and see what people think. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 138: Mimic Ransomware

Wed, 05 Apr 2023 23:42:39 GMT

Find news through the blog. Welcome to program 137 of the Security box. We've got a very interesting musings piece which we've blogged as well as another threat we need to talk about. Musing I've started yet another musings post, and this one came from Mastodon. I am not going to put the older posts in this category but will put new ones in this category. A very interesting musing thought piece is the article. The boost is quoted with the links linked as numbers for you. Maybe a Moron or just a news item? No April fools joke, man arrested for making swatting calls, faces 10 felony counts was the only post posted on April 1st. This was no April fools joke. The gentleman in question used Discord to post and share these videos and luckily nobody got hurt. You'll want to check out this article to determine what you think, and we'll determine where it goes and do it appropriately. Mimic ransomware New Mimic Ransomware Abuses Everything APIs for its Encryption Process comes from Trend Micro. This may be just as bad as Sandworm, if not worse. We'll discuss this Trend Micro article. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Technology blog and podcast, podcast 372 for April 3, 2023

Mon, 03 Apr 2023 21:11:42 GMT

I know I tried to get more podcasts out and this time I've got one. We'll see how things go, and thanks for listening! Welcome to the technology blog and podcast. On this edition of the podcast, we have got two different items.

Roger Grimes has written a bunch of books, and he's also taught for as long as I have if not longer. He has a webinar on Cyber Security, and yes, we could play it on TSB but TSB is more for you to communicate with us on what you have questions on and what things we see. Take a listen to this and see what might be of value to you.
Los Angeles Metro and Transit App are ending their partnership. Is this a great move? I don't honestly know. Metro did have a pretty bad app which I hated to use. The data was the samem, but I really like Transit App's interface. Los Angeles Metro will be discontinuing partnership of Transit App as their official app is my blog post after reading the source's post on this.

Contact info is given at the beginning and end, feel free to utalize any or all of it. Enjoy!

The Security box, podcast 137: What's happening with Sandworm?

Wed, 29 Mar 2023 23:26:07 GMT

Welcome to the Security box. This is podcast 137 of the program and we're not slowing down. At least, not yet. On this edition of the program, we've got at least one moron of the podcast, we've got a very interesting update on Sandworm and of course we're going to have some great news items as well as anything else from the audience. Morons of the podcast This blog post titled Kroger has serious breach, affects 82,000 people of postal prescription issues should be spotted. While Kroger is well-known for their super market chains, they apparently have a pharmacy department and that is what we're talking about here. They have the capability of sending prescriptions through the mail, and 82,000 people were recently notified. This is going to get very interesting. Two U.S. Men Charged in 2022 Hacking of DEA Portal was sent to TSB. Hacking in to a DEA portal that many agencies use must be put in as the moron of the podcast for sure. Nick messaged while show notes were still being put together and this was mentioned via voice. Great one, guys! Some news items Some of the news items may include but not limited to:

Some we may have talked about, but these may be some that people could be braught up. Feel free to check out the accompanying articles and let us know what interests you! I happened to pop on Facebook for my once in a while look. Someone I follow happened to like Q-Link Wireless. OK, that's cool, but we need to remind people that Q-Link may be good for free cell phone service, but what about your privacy and safety? TSB will not tell you what you should use, just putting news out there about the things we read. Why is there “no password required” when accessing accounts? What not to do when setting up accounts for services podcast 39's blog post NVDA is now released for 2023.1. This blog post talks about what's up with it with a link to the release. Topic: Sandworm Did you read Sandworm? This is the blog post about the book titled: Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers and here is the book review titled: Book review: Sandworm. We found a very interesting article which we may have blogged. The blog post is titled Here is that blog post titled TikTok says: “We’re embedded” in to the operating system. I am not sure if this will be it, and if someone puts something else in, we'll add it to this list. We could in theory add this blog post about Bite Dance Surveiling journalists to this too. Topic: Vice Society This blog post titled Vice Society Ransomware Group Targets Manufacturing Companies is probably the beginning. This seems to be a new group and it seems pretty dangerous. While it hasn't targetted the United States yet, we know that anything is possible in this crazy world. Supporting our podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 135: The NSO group can now be sued, says the Supreme Court

Thu, 16 Mar 2023 00:01:39 GMT

Hello folks, welcome to podcast 135 of the security box. On this podcast, we're going to talk about the court system allowing the lawsuit to continue against one of the most proliferated companies who continue to claim they don't do anything wrong and their software that is used by law enforcement to solve crimes. Who is that group? The NSO group out of Israel. We'll also have news, notes, at least one moron of the podcast, but rumor has it that we have a few, and much more. Morons of the podcast George Santos has some revelations that has come out and an investigation has since been started. The blog post in question is right here, and is titled George Santos masterminded 2017 fraud case. It leads to a lengthy read about what the investigations entale although we don't know what will eventually happen. If you really want to talk about Morons, the FBI admitted to buying data which really should not be a surprise. We could possibly add Elon Musk apologizing for firing a disabled worker of twitter as well. This blog post about twitter news covers the fact that the root certificate has now expired and Elon Musk has since fired everyone of alue including the one who has delbt with the Root CA which was internal to the company, so now ... they're screwed. Don't forget the Freenom ordeal too. This blog post leads to Krebs on Security talking about this. I also put in some discussion about this too. Have any other possible morons? Do you disagree on some of these not being complete morons? I completely understand, but we do have at least two of them listed and others may just be complete stories within themselves. Musing I found this quite interesting in regards to Mastodon VS the rest of the Social Media universe such as Facebook, Twitter, Instagram and Tiktok. It says: Earle Zwicker: Boosting Ethan Schoonover (ethanschoonover): Stop thinking of Twitter, TikTok, IG, (et al) as social media sites. They are **Content Refineries.** Like processed food manufacturers they take user content & extract the most addicting/engaging content. Brains eat it up but in an unhealthy “devour the whole bag of chips” way. They make hyper-processed social media junk food. Mastodon is more like a potluck. We're all bringing dishes. It's a mess. Kids are running all over. But we are, at least, real people sharing real things. Our topic, the NSO group Supreme Court clears way for WhatsApp case against NSO Group, opening spyware firm to more lawsuits is the article that comes to us from Cyberscoop. Its going to be a very interesting discussion. We'll just have to see how it goes. Support our podcast. Let us know what you think or suggest topics. Thanks!

The Security box, podcast 134: news notes and the landscape, as well as PBKDF2

Wed, 08 Mar 2023 22:09:06 GMT

Hello folks, welcome to the Security box, podcast 134. This podcast is going to talk about PBKDF2, an encryption algorithm that is used in certain situations. We'll also have a moron of the week, maybe two, maybe more! We'll also dip our toes in the landscape and see what is on other folks minds. Morons of the podcast This first one is quite dumb. In fact, when I saw the boost which saw it, I had to title this the way I did. You Stupid F**k … its not going to look good for you now when you get picked up is my blog post on an article coming from a site called news24.com. Not only is this guy found guilty, you're going to read that he just chose not to even show up! How dumb can you be? This second one comes from this blog post about TikTok's newest challenge. There is some strong language with this post, and from at least two people, it is well warranted. I try not to use strong language in my posts, but this one is definitely beyond repair. The short of this, for those who may be offended by strong language, is that scammers will stop at nothing to either get their wares out or to cause as much harm as possible. In this latest twist, we have someone going aroudn claiming they can turn loved one's ashes to a sculpture or even a painting. They claim its free ... but it isn't. The article leads to this Kim Komando article talking about the TikTok Scam. If it isn't mentioned as part of this segment, which it just may, please feel free to weigh in on this one. Our topic, PBKDF2 PBKdf2 is one of many encryption types for passwords and the like. Here's the Wikipedia article on it as we take from the first two sections for now. There are replacements for it and its covered within this article, but we'll let you look this up later. Book Selection: Tracers in the dark I chose my next book. Tracers in the Dark by Andy Greenberg. During the podcast, we'll check in with folks to see where they are in this ... or other books that are on our list. This is my blog post talking about Tracers in the dark if you need it. I finally got my book review up for If it's smart, its vulnerable by Mikko Hypponnen. Here's that blog post if you're interested to see what I have to say about it. Supporting our podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 133: Open forum

Wed, 01 Mar 2023 23:47:59 GMT

We have a round table today on the security box. Domains, schemes, scams, tiktok, the landscape and much much more on this open forum of the program. Hope you all enjoy the program!

The Security box, podcast 132: What or Who is Dark pink?

Wed, 22 Feb 2023 22:22:52 GMT

Welcome to the security box, podcast 132. On this edition of the program, we're going to talk about a newcomer I think, one that might be and up and comer. We have a rumor that we might have at least one moron, but who knows how many. We'll have news, notes and other commentary as well. Rumor has it, we've got a surprise while making a phone call before last Saturday's security hour that someone who I thought wouldn't read books is reading the same book several of us are reading. Find out as you listen to the podcast edition of the program. Moron of the podcast Nick, our normal staple now a day, mentioned this story in passing. Turns out that do have a moron as you'll see in the accompanying blog post. As it turns out, other articles about this 90 million dollar takeover can be found, but my blog post This was mentioned as our possible moron of the podcast … a suspect found guilty but attorney will appeal has the details and some very interesting questions I think we need to talk about as this gentleman, Vladislav Klyushin, is our moron of the podcast. You should've stayed with cybersecurity and you would have been OK. Enjoy your award, the hammer is down on you this time. Dark Pink This week, we learn about a new group out there called Dark Pink. Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations is the article and it comes from Cyberscoop. Come with us as we take this malware apart and talk about what its up to. It comes from a group as you've probably read if you found the article through our list or even blog. This is going to get very interesting. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Security box, podcast 131: The Q4 threat trends and intelligance report

Thu, 16 Feb 2023 00:07:18 GMT

One sware word within the first hour and 15 minutes. A note has been placed in the audio for folks who need to be aware of it. Full notes below. Hello everyone. Welcome to program 131 of the Security box. I hope you'll enjoy what we have to offer you today. On this podcast, we have a rumor that indicates that we'll definitely have at least one moron of the podcast, maybe more. We'll also have the topic of the Q4 threat trends Report from Phishlabs as well as questions, comments and more. We hope you'll enjoy the program and thanks for listening! Here's a moron set for you There were two articles in which broke this, and it definitely fits our Moron of the podcast. This blog post from February 10th has links to each of the articles and initial thoughts. Also, I'm not too sure about this one, but we could probly fit this IRS update from February 10th as well as this blog post talking about an article by Andy Greenberg and a guy who thinks that he won't be caught as he apparently got a mixer going on and he's supposedly taken the right precautions. If you have anything in this category, feel free to mention it by sending us an email, an imessage, find me on Mastodon and even text or whats app me. Our topic Seems like QBot is back in the news as the top threat in this last quarters report from Phishlabs and Fortra. The article is titled QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4 is the article we'll be taking from. It was posted to TSB's list last December, and of course, I do try and cover it. The threat may still be there, and with all of what we'll be talking about here, all of these threats have not gone away. Supporting our podcast and work If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The security box, podcast 130A: Tracers in the dark

Sun, 12 Feb 2023 22:36:51 GMT

Hello everyone. Welcome to podcast 130A. We're going to rebroadcast a podcast from Cyber Crime Magazine about the book Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency which is also linked on our resources page. I found the program of interest, and this could in theory be my next book. I hope that everyone enjoys this interview about the book!

The Security Box, podcast 130: Congress and the government can't fix Coppa?

Wed, 08 Feb 2023 22:31:16 GMT

Welcome to the security box, podcast 130. On this show, we're going to talk about a very interesting article that covers the fact that Coppa is out of date and congress hasn't done anything about it. We'll have news, notes, commentary and more. Who knows, will we have a bonehead award of the podcast? We'll have to see. Topic: Coppa and Congress I blogged this one, and on this podcast, we're going to discuss State legislators aren't waiting for Congress to regulate children's online privacy. It was quite interesting to see that Coppa is needing to be changed yet companies aren't really following it like they should. Adult disclaimer This program may contain some strong language. Parental desgression is advised. This means its an infrequent occurrence, but there.

The Security box, podcast 129: Government watchdog says there's more to do

Wed, 01 Feb 2023 23:04:40 GMT

There is one spot where some strong language is used within the following podcast. We want people to be aware of that. Its only one word, but due to rules and regs, we must bring this up to the listener. Hello folks, welcome to the security box podcast 129. Last week, we talked about the government, but there's more to the story in which people may not be aware of. Apparently, there has been a watch dog group out there taking reports on what the government has or has not done. The article is titled Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations and was covered by Cyberscoop. This is a very interesting article which we'll be stepping through. Besides that, my hunch may indicate that we'll have a moron of the podcast, people may have questions, and we'll see what the show has in store.

The Security box, podcast 128: What's going on with CISA?

Wed, 25 Jan 2023 23:12:51 GMT

Welcome to the Security box, podcast 128. On this podcast, we probably have two morons of the podcast, one of which should've gotten it before we came up with the idea. We also ask the question, What's going on over at CISA? This acronuym stands for Cybersecurity and Infrastructure Security Agency. Seems as though they don't know what's going on, or at least might be confused. Moron of the podcast We have listed both morons of the podcast by listing the basics of the story and links to the stories themselves. 1. It seems as though T-Mobile has had yet another breach with at least another estimated 37 million consumers, whether prepaid or postpaid.

New T-Mobile Breach Affects 37 Million Accounts Krebs on Security
T-Mobile investigates yet another data breach, this one affecting 37 million accounts Cyberscoop

2. The second moron goes to a guy in Russia that thought it would be fun to launder crypto currency. Not only was he funneling Crypto, but he was the founder of a crypto currency exchange. Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested comes to us from Cyberscoop and hasn't been blogged as of yet, but will be. Topic: What's going on at CISA? CISA has been known to send notifications via an email list that people can subscribe to. How I got on it, I don't remember, but it has since changed the way things are sent. Regardless, the article Insiders worry CISA is too distracted from critical cyber mission is our article that will help us with our discussion. It also comes from Cyberscoop. Other stuff I know that Nick missed last week's program so we'll give him an opportunity to get on the program and talk about anything from last week. We'll go through news, notes and other things too. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The technology podcast, podcast 371: Philmore video voicemail updates and lastpass and notifying customers on what's really going on

Thu, 19 Jan 2023 23:44:30 GMT

On this podcast, a video voice mail update and why didn't Lastpass let us know what's really going on with their breach? here is the blog post that I wrote with the accompanying article that I talked about during the second segment. Contact info is at the beginning and end of the program.

The Security box, podcast 127: Bullet Proof Hosting

Wed, 18 Jan 2023 21:24:44 GMT

Welcome to the security box, podcast 127. This time, we're going to talk about something I don't think any podcast has ever covered. What that might be? That would be Bullet Proof Hosting. What is it? Why is it such a problem? How can you stay away from companies that allow such a thing? We'll take from Wikipedia's write up on Bullet proof hosting but we aren't taking the entire thing. This term (written as bulletproof hosting) will be also included in this week's EMHS updates. The podcast will also have any news and notes, updates on the particulars of screen readers and what they have to help us deal with the ongoing threats for looking at links, and much more. If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The Technology podcast, podcast 370: Philmore Video Voicemail

Mon, 16 Jan 2023 20:38:20 GMT

We like innovation. Philmore Productions has now released Video Voicemail to the public. He first showed it at CES, the Consumer Electronics Show. Feel free to check it out, look it up and see if it is something you want to use. Commentary on what a caller experienced is given and thoughts on this as well.

The Security box, podcast 126: Your Security posture

Wed, 11 Jan 2023 21:49:47 GMT

This program does not contain any strong language or adult content. Hello folks, welcome to the security box. On this edition of the program, we're going to talk about your security posture. We've got two bonehead of the day awards and plenty of discussion both in news and our main topic! Stay tuned for our next podcast, we'll be here again soon!

The Technology podcast, podcast 369: What's going on with domain registries and the who is directory?

Mon, 09 Jan 2023 21:50:09 GMT

On this podcast, learn about the domain registry, a company who basicly lied to me and told me something I couldn't even do to begin with. Turns out this company is a liar, possibly a scammer and no, they won't be linked as their web site is not all that accessible as I asked.

The Security box, podcast 125: What happened in 2022 and what do you think about 2023?

Wed, 04 Jan 2023 23:30:50 GMT

Welcome to podcast 125 of the Security Box series. On this edition, let's talk about a new book we found during the break, one in which might be of interest since we're going to talk about security posture later. The book is titled The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime by Renee Dudley and Daniel Golden. While it doesn't cover your posture per say, it does cover a team who is behind you in the fight and understands the struggles. You see, its not all your fault, we understand that. You could even do everything right, including having the right training. Next, we're going to cover two articles that cover the year end review and what is coming up in predictions for 2023.

We may have blogged these, but if we haven't, they'll be blogged as part of the podcast show notes which these are. Besides that, we'll have plenty of things in news if we can remember it all, and of course, we'll have lots of discussion on things that might not be in the roundup. We hope you enjoy this edtion of the podcast, and thanks for listening!

The Technology podcast, podcast 368: Fintok ... or Financial advice on TikTok

Tue, 03 Jan 2023 18:59:24 GMT

Hello everyone. Welcome to podcast 368 of the technology podcast series. On this podcast, we're going to put out the file that talks abot Tiktok being used for financial advice. TikTok is at it again, now we have fintok was blogged on December 30, 2022 with an article talking about this by our digital goddess Kim Komando. While Social Media is not knew, TikTok has been treading on thin waters. You can search Tiktok for all of the news coverage we have on our blog. We've decided to put out this and other things for discussion and to keep this podcast going. I hope that this will be of interest, and we'll see how it goes. Contact information is available on the blog and within the podcast itself. Thanks for listening, and make it a great day!

The Technology podcast, podcast 367: Utech has updated to v2x of their app

Fri, 23 Dec 2022 20:53:56 GMT

On this edition, we talk about utech's update to version 2. We also have thoughts on how we might be able to keep this podcast going. This is the last podcast of the year from the network. Enjoy!

The Security box, podcast 124: Ransomware reaches a billion dollars

Thu, 15 Dec 2022 00:13:53 GMT

Welcome to the Security box, podcast 124. On this podcast, we've got news coming out of Security Now about another root Certificate company that is no more. We've got news and notes from around the landscape, and Ransomware payments have hit at least a billion dollars. All this, including questions, comments and other miscellanious activity on today's show. Trust Core Security Now podcast 900 is full of questions. One of which for this podcast talks about another trust certificate authority that isn't. The apparent company is called Trust Core. This reminds me of the Hong Kong post office and why they were a trusted certificate authority. We've never covered certificate authorities and maybe we need to. Let's just say that they intercepted traffic and installed malware. EUFY not telling the truth I don't have any articles, but SN 900 covered this and I saw a notice from Malware Bytes. They say that footage from their cameras are not send to the cloud, but an Ars Technica article mentioned by Stieve indicates otherwise. The company Anker (not to be confused with Anchor) says this is not the case. Ransomware costing a billion dollars Ransomware costs top $1 billion as White House inks new threat-sharing initiative is a Cyberscoop article and our main topic. If we can share intelligence, maybe we can better defend against these problems and maybe Ransomware can be slowed down. We'll see how it goes.

The Security box, podcast 123: The Passwords of psychology report, 2022 and more

Thu, 08 Dec 2022 01:11:18 GMT

I'd personally like to thank Herbie Allen for his time running the stream during our internet outage today. Thanks friend! Below, please find the show notes for today's program. I hope to see you all next week! Welcome to the security box, podcast 123. Today, we're going to cover the psychology of passwords 2022 report. We'll also have the news from around the landscape, maybe an asshole award of the podcast if one is warranted and much more. I hope you enjoy the program as much as I enjoy bringing it to you. The Psychology of Passwords report The article we're going to take from this time is New Report: 2022 Psychology of Passwords from Lastpass. Wile most people receiving some cyber security training during the pandemic probably learn a few things, 62 percent still reuse passwords. The article links to the full report but we'll only talk about what is in the article itself. Maybe we can apply it to this community and give our thoughts on how this community should shift its thinking.

The Security box, podcast 122: EBT cards and the disabled

Wed, 30 Nov 2022 22:27:55 GMT

Hello everyone, welcome to the Security Box. We did get a callin that we didn't know wanted to call in to let us know some things, but we got it all working out. This may affect may different people and we hope that this is a learning experience for you. Please stay safe. Welcome to the Security Box, podcast 122. On this podcast, we will be covering some news that came out of Freshbooks on Wednesday, November 23, 2022. We'll also be covering Card Skimming and how it disproportionately is a disadvantage to people who use EBT cards. We'll also have plenty of news and notes from around the landscape and we'll also see what else people want to talk about as we return from our Thanksgiving break. Freshbooks As we blogged on November 23, 2022, Freshbooks became victim to Phishing. The company itself did not get phished, but people who are customers and non-customers were hitting Freshbooks's Twitter asking if emails were real or not. Freshbooks reports that these emails are fake, and said that emails come from freshbooks.com or any of its properties and not from anywhere else. The technology blog and podcast's coverage of this event On November 29, 2022, they indicated to the JRN that while there was no incident, the phishing uses other domains that is outside of Freshbooks itself. They linked to an FAQ titled What Emails Are Sent Out of My Account? Please read this FAQ if you're a freshbooks customer or get email from them as a customer of someone who pays to send invoices. EBT cards are now a target In our main topic, we're going to talk about EBT cards and what is happening with them. We also learn that there's a lawsuit to get states to actually do something if something goes wrong. You'll understand why as the discussion is done. Here are the articles:

How Card Skimming Disproportionally Affects Those Most In Need Krebs on Security
Lawsuit Seeks Food Benefits Stolen By Skimmers Krebs on Security

We thank each and every one of you for listening, participating and most of all, reading the blog. Without your participation and listenership, this program wouldn't be what I'm trying to make it. Remember to check out email host security which is a site that'll help you navigate the Phishing landscape. This site is sponsored by the Jared Rimer Network and I hope people will learn what it is about, check out the companies and resources and of course the terms. Starting with this podcast, the podcast is commercial free thanks to a donor through the JRN. If you'd like to donate, go over to our donations page where there is a Paypal button and links available to use to donate one time. If you want to make a monthly donation using a credit card, let me know and we can make that work. We thank you!

The Security box, podcast 121: The Insecurity or lack there of when using check in services

Wed, 16 Nov 2022 23:29:52 GMT

On TSB 121, we're going to talk about whether it is a good idea to be using various services like 4sqare, facebook and other check in services to check in to places and post to social media. This started after someone complained on Facebook about how the auto checkin broke, and how they wanted to have it work so their friends on the other side of the world can be confident he made it OK. We'll also have news, notes and conversation about other things that people want to talk about as well. Thanks so much for listening! Asshole of the podcast We haven't blogged about this yet, but the article is titled LockBit ransomware suspect arrested in Canada, faces charges in US which comes from Cyberscoop. We'll be sure to blog this one. Other things I went through the blog and we discussed some of the things that have been posted. Make sure you check out the blog for other stuff including this linked article and feel free to comment.

The Security box, podcast 120: News notes and a discussion on how to shop safely

Thu, 10 Nov 2022 00:51:46 GMT

The Security box, podcast 120 has plenty in this program which is over 3 hours in length. We have at least one asshole of the podcast, possibly two, you judge. This podcast talks about the landscape and your money, talking about tools and techniques that you might be able to use to make sure you're as safe as possible. We talk about the podcast scheduling, what's coming up, and the scheduled breaks. Asshole award of the podcast and related content This blog post I title Hacker charged, hacked psychotherapy center, demanded ransome and went after patients to pay leads to an article with a very interesting story. This guy has been charged with ransoming and later bankruptring a psychotherapy center. Apparently, the suspect named has been convicted with over 50k of various cybercrimes since the age of 17. There's more, read the linked blog post and article for complete details. Also in a related asshole of the podcast this blog post tilted We’ve got an update on the raccoon developer talks about an article where the developer of the latest piece of malware got in trouble because his girlfriend decided to post their whereabouts on the all too famous "Instagram." Shoudlv'e thought about this possibly? There are other news things we cover, so visit the blog for complete details.

The Security box, podcast 119: The Intricacies of social media

Wed, 02 Nov 2022 22:55:54 GMT

On this podcast, we cover the launch of my newest project, then get in to social media and the intricacies of it. Hope you enjoy the show! I enjoyed doing this show, and this is one of those that may go over like this one did. Its not common, but it does happen. This is program 119 of this series. Thanks again for listening!

The Technology podcast, podcast 366: using technology independently

Wed, 02 Nov 2022 22:49:04 GMT

On this podcast, Armando from the Mix and I talk about technology and independence. In no way are we saying to be independent on everything, but research and contacting support when you need it is key. Enjoy the show!

The Security box, podcast 118: Let's discuss books Welcome to podcast 118 of the Security Box. On this show, we're going to talk about books. Not all books may be covered due to timein the industry!

Wed, 26 Oct 2022 21:44:55 GMT

Welcome to podcast 118 of the Security Box. On this show, we're going to talk about books. Not all books may be covered due to time constraints, but we'll list all of the ones here. Question is, what kind of books? These books are dealing with security in one way or another. The list may contain multiple books, and are split up in to authors. We'll have this in a multi-list format where the main list is in author, and sublist will have the books. Books may be available via other sources that the blind and disabled can access including Bookshare, the NLS, and apple books. The NLS Bard page can only be accessed by eligible patrons and will not be linked here. All linked books come from Amazon or its affiliates, but you can search the book titles separately to find the price that fits your budget unless bard has it already.

From this list, we do know that BARD only has one book, but that could change. Check Bard often, you never know what will be posted there. Besides that, we'll have news, notes and more. Now, here are the books and thanks for listening!

Mark Russinovich

Scott Schober

Kim Zetter

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

Mikko Hyponnen

beta of EMHS which is still in development, we finally touch on something I tried to cover in earlier podcasts. What is that, you say? That's DomainKeys Identified Mail otherwise known as DKIM. We've been needing to cover this for quite awhile, but I'm not familiar if whether we did, and while other topics we've covered on NCSAM this year we've covered in the past, this one I don't think we did. We also cover the news from the blog and other things on participents minds. I hope that you enjoy the program as much as I have bringing it together for you, and thanks so much for listening! We can't do the show without you.

The Security box, podcast 116: SMS and its interesting problems

Wed, 12 Oct 2022 20:18:23 GMT

On this program, I'm alone today talking about SMS and its very interesting issues. I'm not saying its a bad thing, but there are things about it that can be of interest. The linked article may need work, but can be used to gain knowledge. Knowledge is power, and we don't cover it word for word. I hope you all enjoy the program as much as I have bringing it to you, and we'll be back next week. The podcast today is sponsored comercial free by The Jared Rimer Network. Visit me on the web to learn more about me and maybe you'll find something of interest.

The Security box, podcast 115: NCSAM week 2, talking about domains

Thu, 06 Oct 2022 23:25:06 GMT

Welcome to program 115 of the Security box. Today, we talk about domains and SSL and plenty of news stuff too. The first hour and a half of the over 3 hour program is news related, check the blog for complete details on things or subscribe to the TSB list itself. Some of the stuff we talk about is already on the blog, others are not, but plan to be. As far as domains go, when we talked about Phishing we mentioned the fact that I published several resources on checking whether a domain exists and when it was registered and possibly by who. This was in reference to an article talking about Ian Phishing scams that might be out there now. Please be safe! Here are two resources:

There are other tools to look up domains, and we can't forget about the ICANN web site and their work to keep domains at least here in the states in good working order. Another thing we talked about but not in great detail is Transport Layer Security which SSL is now known as. We're providing the Wikipedia page as a reference since I didn't go in to a lot of detail on it. If people want me to, I can do that. If we've forgotten something that we should mention as part of this discussion, please send a note and let me know about it. There is always something to talk about in this space, and I can't think of everything, or think it may be too technical. You can always contact me through my web site and I thank each and every one of you for participating this week. See you next week!

The Security box, podcast 114: news, notes and NCSAM week 1

Thu, 29 Sep 2022 02:46:24 GMT

Welcome everyone to the Security box, podcast number 114 on the technology podcast series. On this podcast, we cover some of the news from around the landscape, and then we start NCSAM. What is NCSAM you ask? It stands for National Cyber Security Awareness month, and various countries call it something different, and may cover different things. On week 1, which officially starts on October 1, we talk about passwords. Besides learning about 10 passwords that you should probably not use, the artivle we take from takes this in to aidifferent demention, covering different categories like food and drink, curse words, sports and more. The article is titled Most common passwords: latest 2022 statistics and it comes from Cybernews. Looks like they did a great job with it! We hope you enjoy the program, and thanks so much for listening!

The Security Box, podcast 113: Violence as a service, this turns from Cybercrime to real world crime

Wed, 21 Sep 2022 23:36:47 GMT

Hello folks, welcome to the security box. We had 10 people in our room today, and we hope you enjoy the program. Here are the show notes of today's program, and we'll see you next week!

Welcome to the Security box, podcast 113. On this episode of the program, the biggest topic is "Violence as a service" as it is being talked about on multiple podcasts.

Have you read the article by Brian Krebs titled Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire and if you did, what did you think about it?

Seems as though this is going to get very interesting as actors as they're known in the industry will be changing their tactics to something like this.

Besides this, I hope that you'll come join us and comment as we'll have some news from around the landscape, thoughts on other things of interest and of course questions and comments from the audience.

Thanks for listening and participating and we'll see you on another edition of the program!

The Security box, podcast 112: Actors want our OTP codes, more in our business endeavors than personal

Thu, 15 Sep 2022 16:40:55 GMT

Who Knew! Podcast 112 is going to talk about one time passcodes being a corporate liability to business, as actors or cybercriminals can take advantage of the common user to give up these codes so they can log in and take control of one account. How 1-Time Passcodes Became a Corporate Liability is the article we'll be referencing, and there is no wrong answer when giving your opinion on this one. This article comes from Brian Krebs, shortly after the fiasco that we didn't talk about last podcast which the article that finally got published covered, his blundering mistake which wasn't IMHO. With that said, we'll have news from around the landscape and we'll see what others within the club have to say about this or anything else on their mind.

The Security box, podcast 110: Paypal Phishing scams use paypal invoices to trick users in to clicking!

Thu, 01 Sep 2022 03:15:00 GMT

110 is what it is going to be if not hotter this week, so podcast 110 is hot! Hello folks, welcome to the security box, podcast 110. On this edition of the podcast, we're going to cover news, notes and other things around the landscape. Besides that, it seems like Paypal may be in some big time scam problems as their invoicing system is being abused. Learn about it as we talk about the article PayPal Phishing Scam Uses Invoices Sent Via PayPal which was written by Brian Krebs. Besides all that, the news as mentioned above, and this topic, we'll see what other topics might come up as the show progresses. I hope you enjoy the program as much as I am bringing it to you! Thanks for listening!

Tech podcast 365: The U-Tec Pro smart locks

Fri, 26 Aug 2022 20:48:41 GMT

Welcome to podcast 365 of the technology blog and podcast series. On podcast 365, we talk about U-Tech and the recent new lock I got. Its probably not the best demo I did, and there are some accessibility issues and crashes but I thought I'd put it out anyway. I hope that you will enjoy the program as much as I am putting it together, and make it a great day!

The Technology blog and podcast, podcast 364: The Threat trends and intelligence report q2

Thu, 25 Aug 2022 18:33:56 GMT

On this podcast, learn about what threats we face as part of the q2 report from Phishlabs. Go over to the blog for complete details in articles and ways to download the report. Enjoy!

The Security box, podcast 109: August 24, 2022

Wed, 24 Aug 2022 21:55:12 GMT

Welcome to the Security Box, podcast 109. On this podcast, besides doing a recap of the news because of our tech problems, we're going to cover some court news that probably doesn't surprise some of us. The article is titled Federal courts left Americans' data exposed, senator tells Supreme Court chief justice and it comes from Cyberscoop. We'll also see who may be in clubhouse, brings up any questions to ask, and we'll see what else the program has to offer. Find something you'd like to have us talk about? Why not subscribe to our discussion list through the mix, or find a link on the blogroll for the security box email list. We would love to have you. Feel free to say hey!

The Security box, podcast 108: What Happened to all of these proxy services from another podcast?

Wed, 17 Aug 2022 22:13:40 GMT

The show got off to a rocky start, but what show doesn't have tech problems? We cover the news, and we cover two topics and we're comercial free. On podcast 103 of the Security box, we talked about some proxy services that could have been deemed bad proxies. Now, in another two-part section, we learn that all of these proxies are now down. What happened to these proxies?

Both of these articles are by Krebs on Security and both were very interesting to read. Besides this, we're going to cover the news, we'll see what people have decided to bring up, and we'll see what else we can find for this program. Hope you will enjoy the show, and thanks for listening!

The Security Box, podcast 107: Fileless Malware, what is it, how can it get on the computer and what is this Gootkit loader have to do with it?

Thu, 11 Aug 2022 17:22:47 GMT

Welcome to program 107 of the Security box series. On this edtion, we're going to talk about something not too many people know about. Its called Gootkit Loader’s and they can be very dangerous. These can contain something called fileless malware which makes detecting them harder. Trend Micro has talked about fileless malware before, and you can put in fileless malware plus adding trend micro to find postings covering this topic. The article we're going to cover on podcast 107 is titled Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike and it does come from Trend Micro. I hope that you enjoy this discussion, because it can affect you if you don't know the signs of what to look for as it can come in many forms including email. Besides this, we'll see what people in clubhouse or the list want to talk about, and we'll go through news and other things posted as well. Thanks for listening and make it a great day!

The Security Box, podcast 106: What Is Pig Butchering when it comes to the Cybersecurity Field?

Thu, 04 Aug 2022 15:35:00 GMT

Welcome to podcast 106 of the Security Box. No, we're not covering animals, but there is a new term called Pig Butchering that is now out there. According to the article, it seems to be covering a lot of varying scams which may include Crypto, romance, and investment just to name a few. Don't let me tell you about it in the show notes, the article is titled Massive Losses Define Epidemic of ‘Pig Butchering’ and it comes from our buddy Brian Krebs. Besides that, we'll go through the blog, we'll see what other things participents want covered, and maybe we'll answer any questions that might come across. Thanks so much for listening and make it a great day!

The Security Box, podcast 105: Vehicle Trackers are in deep trouble and there's nothing we can really do about it

Wed, 27 Jul 2022 21:42:06 GMT

Welcome to the Security box, podcast 105. On this program, we're going to talk about GPS systems and something that may affect everyone who drives and uses a certain product. This is a Cyberscoop article titled Attackers can surveil, disrupt vehicles outfitted with popular GPS tracker, CISA warns which was quite interesting. I also spotted this being covered by Kim Komando and her staff. I blogged about it in this blog post for those who want to link to it. We also will have news from around the landscape and whatever else people want to cover that they have read. Hope you enjoy the show!

The Technology blog and podcast, podcast 363: Scalars Publishing and their educational book and more

Thu, 21 Jul 2022 21:02:07 GMT

Hello flks, I am going to say that this is the first podcast we've done in about 2 months or so, maybe more. I'm happy to finally have something to present today, and this is going to get rather interesting for a 104 minute podcast. Here are the notes! On this episode, >Scalars Publishing has an educational book for learning UEB. They have other books as well, but we talk about the educational book today. How did I find out? Through a student who has asked for some help. Perky Duck from Duxbury Systems is discussed and demoed, and we also have some IOS news for those who don't know. This news is in regards to voices that some may know of, but some may not as we have sighted listeners that may not know. I hope to have another podcast soon! Thanks so much for listening, and I'll be back real soon!

The Security Box, podcast 104: Even Law Enforcement is not immune to the breach department and its probably not the first time either

Wed, 20 Jul 2022 21:40:16 GMT

Welcome to podcast 104 of the Security Box program. I hope that each and every one of you enjoyed our look back at the two year anniversary and what might have interested people during the past year. As I prepare for podcast 104, if you, the listener, want to contribute thoughts on what interested you from the past year or even since the show's inception, please contact me through the contact the DJ's page on 986themix.com or listen to the program for full contact details. On this edition of the program, we're going to talk about an older article titled DEA Investigating Breach of Law Enforcement Data Portal. Its a Krebs on Security article which was sent to the Security Box list in the month of May. The sad thing is, we've not heard anything since, and that may not necessarily be a good thing. Besides that, we'll check with listeners who have decided to join us on Clubhouse and other participants to see what has caught their attention through the landscape. If there are questions by people who are new to the program who have basic questions, we always allow those, so please submit them to us or participate live. I don't claim to know everything, and even the best don't, but with all of us working together, we can learn and give some advice to try that might help. I look forward in continuing this program, and I hope that people will at least check it out to see if they find it of value. I thank those people in the industry that post articles that we can ponder, discuss and possibly question. Thanks for listening and make it a great day!

The Security box, podcast 103: 1 person, multiple bad jobs

Wed, 13 Jul 2022 22:17:24 GMT

Hello everyone, welcome to the Security bbox, podcast 103. With only one week missed due to commitments, we've reached the two year anniversary of this program on the mix. I hope that we can continue to provide plenty of material as this community still needs to learn what is out there to protect themselves. Nobody is perfect, even yours truly has made mistakes. The question is, do you learn from yours? As we reflect, podcast 52 which was on July 14th of last year, delbt with the water hacks which could have done some serious damage. While we overcame that and learned from that, we've got a bigger issue and that has been the war that Russia has been involved with as Ukraine was its first target and now they're going ahead and targeting other nations. We talked about this war and its potential impacts on this very program and other rooms on Clubhouse. Now, some of what you might see and discussed on this and other circles will be coming true as predicted. No expert said when it would happen and if, but it seems that it is. With that said, today's main topic is going to cover two articles and one man. The first article is titled Meet the Administrators of the RSOCKS Proxy Botnet which was quite a read if I should say so myself. The second one even gets more interesting. Its titled The Link Between AWM Proxy & the Glupteba Botnet and maybe you'll have comments on this. Besides that, we'll have other topics that may not be listed here in our notes, like for example, things that caught people's eye from our list and or blog. Want to subscribe to our list? The Security Box list can be found by clicking on the link and going to its page through our partner, The Mix. I hope that you enjoy the program as much as the JRN and its participants enjoy bringing it to you. Remember, we can learn together. Thanks so much for listening, reading, and participating! Keep learning!

The Security box, podcast 102: July 6, 2022

Wed, 06 Jul 2022 23:02:43 GMT

Hello everyone! Welcome to podcast 102 of the podcast. On this edition of the podcast, we'll step through one of the best emails I've ever seen. I saw this at the end of June, and it woke me right up. It is the best email that would prompt an issue that may not be the case, if you actually stop, look and do your due dilligance. blog post As our topic, we're going to talk about the Cyberscoop article Lawmakers want to restrict user data sales to nations like China, Russia which was read. The article will end up getting blogged, so check the blog for thoughts on this one. We'll also see what else comes up in the landscape that people want to talk about as well. Hope you enjoy the program!

The Security box, podcast 101: Google finds Italian Spyware campaign that targets victimsWelcome to podcast 101 of the Security Box Podcast series. On this podcast, we did find another "Asshole of th

Thu, 30 Jun 2022 23:03:51 GMT

Welcome to podcast 101 of the Security Box Podcast series. On this podcast, we did find another "Asshole of the podcast" award. We also are going to talk about Google finding something very interesting in their research department. Asshole of the Week This time, our Asshole comes from an article by Brian Krebs of Krebs on Security titled “Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison which was quite interesting. Wondering why only two years when DDOS is quite significant and can cause a lot of headaches among what's going on and how to fix it? Google This time, Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan comes from Cyberscoop. Found this article quite interesting, and I bet you do too. Besides that, we'll see what the people on the Clubhouse have to say as well as possibly other things that might not be blogged or sent to the list. Thanks for listening to the show, and we'll see you on another edition!

The Security box, podcast 100 for June 22, 2022

Wed, 22 Jun 2022 21:31:11 GMT

Welcome to podcast 100 of the Security Box. I can't believe this series is already at 100, and its been growing strong with lots of discussion, and of course comments on things that people have found of interest. I hope that the show can continue to grow, and with partners in the industry, we will continue to bring you things that might not be covered elsewhere in much detail if any. Today, we're going to bring the bonehead award, with an article we'll summarize in a segment called interestingly, the "asshole award of the podcast." For this podcast, the article U.S. marshal used controversial cell phone location service to illegally access data, DOJ says from Cyberscoop. The Marshall definitely needs this award, and you never know who will be next. Don't abuse the privelage of the access you're granted to do your job or you'll possibly get caught. On this episode as well, we'll cover two different topics. The first, Privacy legislation might provide a powerful guard against online identity fraud might have some teeth if everyone is on board. I definitely think that this should be covered because we talk about the fact that companies have our data with no recourse if something goes wrong.. Maybe that'll change? In a related note, we've been getting calls from various folks about vehicle warranties, other notices from companies that don't identify themselves and the like. In an article titled INTERPOL raids hundreds of scammy call centers in sweep it talks about how many different people have been picked up due to the number one thing that gets people, social engineering. If you've not read this article, you should. It might be a start to something that hopefully should go down at some point. Of course, we'll have comments from others who participate in the taping and live broadcast on Wednesdays, and possibly other topics not listed here too. Thanks for reading, participating, and listening! I greatly appreciate your support.

The security box, podcast 99: Shields Up! The New Normal in Cyberspace

Thu, 16 Jun 2022 17:53:31 GMT

Welcome to the security box, podcast 99. We're excited to bring you another great show. First, in our chat section, we're going to talk about KrebsOnSecurity in New Netflix Series on Cybercrime which I've already bookmarked as I signed up for Netflicks. I also watched another movie titled Cyber Hell. (subscription required) Movies and documentaries like these are great to get out in the community, and the Cyber Hell movie I heard of somewhere, probably on clubhouse. There's more including one I talked about some time back, but this will get us started. If people have things they want us to talk about during other news, we can definitely talk about it. In our main segment, we're going to talk about Shields Up. No, not GRC's program, no not a submarine shield, but our shield. 'Shields Up': the new normal in cyberspace is our Cyberscoop article. All this, your thoughts, comments and other things on this week's edition of The Security box. Enjoy!

The Security box, podcast 98: China and 88 percent of searches on news sites

Wed, 08 Jun 2022 22:02:03 GMT

Welcome to the Security box, podcast 98. This is a bit of a technical difficulty show, starting with Clubhouse having some sort of trouble, and then the software too. Despite these, the show went on. We had a chat session that talked about social media and Paypal, see the blog for Paypal. The main topic is Chinese state media propaganda found in 88% of Google, Bing news searches which we step through. If you have any questions or comments, please reach out. Thanks so much for having an interest in our show, and we'll be back next week!

The Security box, podcast 97: Breach Fatigue

Thu, 02 Jun 2022 18:26:23 GMT

Hello everyone. Breach Fatigue is probably on everyone's minds, and I think its time that we talk about it. Luckily, there's an article titled Combatting Breach Fatigue comes from Lastpass and I thought it should be talked about. Even though last week's podcast had some good content and could in some minds be non-security related, between all of that stuff and this, who could blame me for last week? Besides all of that, we will see what people have for what they want to talk about in the news notes section. All of this and other thoughts will be part of the program. Enjoy what we have for you and I hope no tyraid today. Thanks for listening!

The Security box, podcast 96: 2 health care places targeted with ransomware

Thu, 26 May 2022 02:09:02 GMT

Welcome to podcast 96 of the security box podcast series. We're going to bring back news notes for this program, and we've picked out some good stuff. Some may be on this blog, other may not be on this blog. Our main topic is going to talk about the Health Care Industry and whether it is as secure as possible. The reason why we're going to talk about it is plain and simple, there have apparently been two more attacks on the health care industry, yet, one of them is a non-profit. The article is titled Ransomware group strikes second U.S. health care system in the last two months. I bet that there will be a lot of talk on this one, even as we read the notes on this. I've got plenty more things lined up for the podcast, so please feel free to stay tuned and learn with us. Some may be a bit older, but yet worth talking about. Remember to subscribe to The Security Box list as we post items and you're welcome to discuss them on list. We thank you for listening to the program and we'll see you on another edition of the program next time!

The Security box, podcast 95: A vulnerability of 9.8 in a Big-IP appliance

Wed, 18 May 2022 21:29:29 GMT

Hello everyone, welcome to the security box, podcast 95. On this program, we're going to talk about one vulnerability that affects big internet appliances at a CVSS score of 9.8. We'll see what else comes up including some Crypto news and things posted to our list and what type of order it'll all be in. The main article we'll be covering is titled Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating which comes from Ars Technica.. Ars is probably not going to be the only one covering this, there will be others out there too. The JRN hopes you enjoy the program, and thanks for listening!

The Security box, podcast 94: EDR's real or fake

Thu, 12 May 2022 01:08:08 GMT

Welcome to podcast 94 of the security box. On this edition of the program, we're going to talk about emergency direct requests (EDR's) as there are now actors out there that will use Fake EDR's for getting what they want. There are two articles, both which I read.

Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline Cyberscoop
Fighting Fake EDRs With ‘Credit Ratings’ for Police Krebs on Security

I read the Krebs article first, and some time later, I found the Cyberscoop article which was quite interesting. Besides that, we'll be seeing what others have read, although I've been working and not blogging much between podcasts. I hope that you enjoy the program as much as we are putting it together, and thanks for listening!

The security box, podcast 93: Earth Berberoka

Thu, 05 May 2022 16:45:53 GMT

Welcome to the security box, podcast 93. We do cover some very interesting topics today including the recent news about our Amazon devices.

blog post Besides our amazon devices, we're going to talk as well about an Antivirus program with interesting accessibility isues but also coming with a VPN that can monitor what you're doing. Maybe a problem much? Our final topic is a big huge problem which we need to be aware of. The article is titled New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware which is quite interesting and really worth the read. While it is only targeting gambling sites for now, this thing is packed full of problems and problems which can really cause you not to have a computer if you still have one. Have comments for the show? Contact details are in the program, and I hope you enjoy! This program was aired on the Independent channel on May 4, 2020 and was rebroadcasted on May 6, 2020 through Blue Streak Radio. It airs through their network on Fridays from 8 am CT until its conclusion. I hope that each and every one of you enjoy the program as much as I am bringing it to you, and next week, we've got a great topic dealing with emergency data requests. You don't want to miss it! See you all then!

The Security Box, podcast 92: Conti did not do what they said they would do, attacks health care providers and more

Wed, 27 Apr 2022 23:25:08 GMT

Hello everyone! Welcome to the security box, and this is program 92. On this program, we're going to talk about Conti, again. The article is titled: Conti’s Ransomware Toll on the Healthcare Industry which was quite interesting when I read it. Besides that, we'll see what others found of interest through the landscape and I'll talk about some stuff as well including the Who's Who directory and updates on it. I hope that you enjoy the program as much as I have bringing it to you, and welcome Blue Streak Radio to the program. They'll air this program on Friday morning Central time. Thanks so much for having an interest on the program.

The Security box, podcast 91: APT, the advanced persistent teenager

Wed, 20 Apr 2022 23:14:49 GMT

Hello folks, we're releasing two podcasts on the same day on two different set of subjects. This one, the security box. I hope you all enjoy the program, and below, please find the show notes! Hello everyone, welcome to podcast 91. We're dealing with the teenage hacker in two different articles. As I've determined, there is only one article on the advanced persistent teenager which can also be labeled APT. The first article we're covering is: A Closer Look at the LAPSUS$ Data Extortion Group which was read all the way back near the end of March. This will then lead us in to our other article The Original APT: Advanced Persistent Teenagers which was also good and in depth. I got confused by headings, but this article is only one article part long. We'll also be taking any comments and questions from the audience on Clubhouse and we'll see what else we have to offer. Make sure you check the blog for continuing article writing, we continue to post stuff although there was a lapse of posting lately, but it hasn't been that long. Thanks so much for listening and enjoy the program!

The Technology podcast, podcast 362: Michael in Tennessee

Wed, 20 Apr 2022 23:10:29 GMT

I'm looking to bring back the tech podcast after some time. On this podcast, we've got Michael in Tennessee. Here areh the notes from this program. Hello folks, welcome to the tech podcast. Its been quite awhile since we've done a tech podcast, but its appropriate seeing how the Security Box ran almost 3 and a half hours. Today on the first tech podcast since 2021, we're going to have Michael in Tennessee talking about some of the security landscape and what he's read of late. Lots to talk about and maybe there might be some solutions that people can think about here too. The program is over 1 and a half hours and I'm glad I did it this way. I'll be looking at releasing some more stuff soon! Thanks for reading, listening and finding what we have to say of value.

The Security box, podcast 90: 11 android apps to remove from your device and more

Fri, 15 Apr 2022 18:35:13 GMT

I thought the podcast was uploaded here, but I uploaded it to my other feed. Sorry about that folks! Here are the show notes. Hello everyone, welcome to podcast 90. On this edition of the podcast, we're going to have our main topic on Millions of Android users should delete these 11 apps after Google kicked them out of the Play Store which is an article talking about 11 different applications that we need to be aware of that may have been causing harm. I'd say that IOS users like myself should be aware of these in case these apps make it to the app store and we get messages from places to download them as well. Besides that, we'll have anything that comes from the community on things they want to talk about and I even think I can do my intros a little bit differently. I hope that you all enjoy the program and thanks for listening! If you go to the blog and you don't see it in RSS, please contact me so I can fix it quicker. Thanks.

The Security box, podcast 89: Spring4Shell that didn't spring

Sun, 10 Apr 2022 15:51:20 GMT

Hello folks, I thought I uploaded the show from Thursday, sorry about that. Notes are below. Hello folks, on today's podcast, we're going to cover Explaining Spring4Shell: The Internet security disaster that wasn’t as our main topic. We will cover some of the other landscape as well as any other topics the public has to offer. Note that today's program was done on Thursday to account for an event I attended the day before. We should be able to return to a Wednesday schedule next week. Enjoy the program and thanks so much for listening!

The Security box, podcast 88: The Different types of internet

Thu, 31 Mar 2022 16:16:45 GMT

Happy Thursday! The podcast file was created yesterday, but we're relasing now. I hope you enjoy the program and thanks for listening! The Internet is a complex thing. There are different types of internet connections, some are most common than others, but all are important. In a recent article I spotted, the connection known as Sattelite Internet was targeted apparently by Russia, but that is not confirmed. The article is titled A mysterious satellite hack has victims far beyond Ukraine. We'll also have other topics that might be of interest and we'll see what others have to say as well. Thanks so much for listening and enjoying the program!

The Security box, podcast 87: SMS PVA: What is it and should we be concerned?

Thu, 24 Mar 2022 20:27:50 GMT

Hello folks, welcome to podcast 87 of the security box. On this podcast, we talk about a wide range of topics, but we also talk about a three part article set dealing with SMS services that can be used to sign you, the consumer up for services that you may not even know about or even want. While the applications discussed here are potentially Android based, we need everyone to know what is out there in case something is developed for IOS or any other system you may use. Below, please find the links to the articles we are going to be taking from as part of this discussion.

What caught me on wanting to talk about this is the fact that the United States is affected by this, although we don't know by how much. Understand that I think everyone should be aware of what is out there, and hopefully the articles and information can give you a sense on how you can stay as safe as possible. Thanks for listening, reading and participating in this important topic.

The Security box, podcast 86: Windows Updates, emoticons potentially going to be an issue, books and more

Wed, 16 Mar 2022 22:17:47 GMT

Welcome to podcast 86. On this podcast, we'll cover Windows Update. I only have one article now instead of the two, so we'll have to see how I can get the other back. Besides that, we'll have comments from the Clubhouse room and other topics they may want to bring up.

Microsoft Patch Tuesday, March 2022 Edition Krebs On Security

I hope you'll enjoy the program as much as I am bringing it to you.

The Security box, podcast 85: A look at how I got in to this industry, some newsy stuff and more

Thu, 10 Mar 2022 00:11:04 GMT

Today, the Security box takes a break from day to day activity although we've covered some scam type activities and even went through how I got started in this industry and how I think information can be given out successfully. We also have some tracks that play as well. The program lasts almost 3 and a half hours, and I hope you enjoy it. I even talk about why we've temporarily retired the normal theme we use for the program. Check the blog for complete details on things that may have been mentioned.

The Security box, podcast 85: What's happening with Russia? They're at it again!

Thu, 03 Mar 2022 18:44:28 GMT

Russia is the hot topic right now, and with good reason. On this podcast, we'll talk a little bit about what we've learned, talk about the scams, recommend books and more. Here are the complete show notes for this week's podcast. Welcome to podcast 84 of the security box. This time, let's discuss Russia's involvement in pure problems. Now, they have decided to go to war, and its against Ukraine. They've been known to do DDOS attacks, ransomware attacks, spreading information that is not true or partially true or even completely false, denying many different things through the years ike the 2016 and 2020 presidential campaigns, and even more may be in the pipeline. Below, please find links to some of the recent blog posts that I've done since the war started. In no way am I linking to everything, but you need to understand what's going on so you can make the most informed decision on your needs based on what is actually happening.

I put the link to the video last, because while informative, we know that things are changing rapidly. I put McDonalds first because it was the last we posted and most viewed on linkedin. It got a retweet in France according to a comment. What should you read? There are several books you can definitely read.

All of these books are written by Mark Russinovich , someone who works at Microsoft. To learn more about Mark, the various books he's written including those I've linked in these notes, please visit zero day the book which is his web site. All books linked from his site I've read, zero day may be more of what we're dealing with possibly right now. Some books may be available through NLS's bard and Amazon as well as Apple Books.

The Security box, podcast 83: Sim Swapping and Trick Bot

Thu, 24 Feb 2022 01:18:28 GMT

Hello folks, This is Jared here, and its time for another Security Box. In this almost three hour program, we cover the olden days of Spam and what someone was seeing during our live program. Besides that, we've got Trick Bot and Sim Swapping as our two main topics. Here are the show notes with links, and we'll be back on another show! Hello folks, welcome to podcast 83. Let's start with something that came to my attention on Monday. Let's recap a little bit about Sim Swapping. This actually came up on Monday when someone who comes to assist me was saying to me that someone they knew had their phone cloned. They told me that T-Mobile, the company they were with, told them the phone was cloned. As we know, T-Mobile was breached, and I don't know about you, but I definitely don't trust them. Remember the following?

Remember too, that Podcast 47 covered this in news notes and comments came in too. So there is plenty I covered. Please also read SIM swap scam from Wikipedia. As our main topic, I want to catch people up on what is going on with Trick Bot. The article TrickBot developers continue to refine the malware's sneakiness and power from Cyberscoop will be used in this discussion. The public on Clubhouse got in to a Spam discussion with one talking about the spam messages they were getting. While educational, we did some good laughs in this program and we thank everyone for participating on clubhouse's platform. Tunes were also played during the program. We thank you so much for listening and make it a great day!

The Security box, podcast 82: Windows update, Scam talk and more

Fri, 18 Feb 2022 18:17:37 GMT

I ended up falling sick, sorry for the delayed release of Wednesdays program. I'll be fine and have already started the process of getting medicated. This past Wednesday, we had several people on Clubhouse and we talked about Windows Update and a bunch of other stuff too. Here are the show notes. Hello everyone! Welcome to podcast 82 of the Security Box. This week, we'll catch up on Windows Update, and we will also cover a lot of other stuff from the blog as well. We'll also see what else the listenership and participents in Clubhouse want to talk about. What happened in Windows Update? Our good buddy Brian Krebs from Krebs on Security has the full details. Microsoft Patch Tuesday, February 2022 Edition is the article. Lots of linked material that we links to some CVE numbers if you're interested.

The Security box, podcast 81: Fake Investor does not go away, Fake investor is back and still the same

Thu, 10 Feb 2022 02:56:15 GMT

Title: Fake Investor does not go away, Fake investor is back and still the same Hello folks, welcome to podcast 81 of the Security Box! It seems like its time for an update on a very interesting character isn't it? Its time for another update on the fake investor we've covered since podcast 10. I know that I've linked somewhere on the blog all of the podcasts we've covered John Bernard, and this is going to be one of those podcasts. What has he done lately? This article titled Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams from Krebs on Security has the entire details on what he has been up to now and a reminder of his past. Besides all of this, we'll step through the news that has been posted to the TSB list as well as on our blog. We also had a new person come in and aask some stuff they've heard and we debunk the myths and facts of everything. Want to subscribe to the Security Box discussion list? We'll post stuff we're reading, you can discuss it with us, and even post your own stuff too. Here is a link to the Security Box discussion list hosted through 986themix. Just put your email address and name if you wish, and hit that subscribe button. Follow any email instructions you get. Just subscribing will not get you on by default. Confirmations last about 3 days. I hope you enjoy the program as much as I am bringing it to you! Its going to be a great show.

The Security Box, podcast 79: This App is completely safe to use

Wed, 02 Feb 2022 22:57:17 GMT

Welcome to podcast 80 of the Security box. On this edition, let's talk about Wordpress. While it is a good platform for people to use for web sites and even blogging as I do, it can come with risks we need to be aware of. Part of those risks include keeping it up to date and of course the plug ins you install. A lot of plugins can be found through the install section of your plug ins management facility, but you can also install plugins manually. The article we're going to cover today comes to us from Ars Technica and was sent by our godd friend, Michael. Supply chain attack used legitimate WordPress add-ons to backdoor sites is the article. I hope that you find the discussion of interest, and if you saw the write up, you found it of value. We'll also touch on other things blogged as well as ask any audience members what they learned and/or read during our discussion today. Remember, you can always contact me through the tech blog or even through the show's contact info as well. Thanks so much for listening, and make it a great day!

The Security box, podcast 79: The Security Box, podcast 79: This App is completely safe to use

Wed, 26 Jan 2022 21:30:24 GMT

Welcome to the security box, podcast 79. I probably am not surprised really about what we're going to talk about, and it was talked about on Throwback Saturday Night's security segment. Now, we're going to take our time on it, because I feel we need to. What are we talking about you might ask? Toronto lab finds security vulnerabilities, censorship framework in Olympic app is an article talking about the olympics and a new app the IOC basically says is completely safe to use. Researchers are saying differently, and one major problem that two of us see brings this to full circle. I'd like to thank DJ Terry of The Mix for calling and asking about this after he heard very little on his news channel. With the games so close away now, this is the perfect time for someone to take advantage and do something they think is a good idea to do in their mind. Thanks for listening whether live or through the podcast or replay, and we'll catch up with you very soon!

The Security box, podcast 78: Windows Update includes a Wormable Flaw

Thu, 20 Jan 2022 17:52:56 GMT

The Security box, podcast 78: Windows Update includes a Wormable Flaw Welcome to podcast 78 of the Security Box. As we do typically on the podcast, we spend some time catching people up on what has been going on in Redmond, Washington with Windows Update. We've only got one article, however, News of the week for January 14th has the other article. ‘Wormable’ Flaw Leads January 2022 Patch Tuesday comes to us from Krebs on Security, and it covers this huge problem and others across Redmond and others too. Please feel free to send your messages, topics and the like for consideration. Thanks for listening!

The Security box, podcast 77: Google, this wasn't a critical bug?

Fri, 14 Jan 2022 02:17:58 GMT

I realized I said podcast 75 at some point in my audio, this is podcast 77. Too late for me to change it however. Below is the notations which include a link to today's program. We return to a Wednesday schedule next week. Hello folks, welcome to the security box, podcast 77. Google fixes nightmare Android bug that stopped user from calling 911 is our main topic of today's program, but I also cover other tech and other odds and ends too. We did have one guest available to chat with us, and we thank them for coming. We hope you enjoy the program and the few tracks at the end, and thanks so much for listening!

The Security box, podcast 76: Advertisers sucking up student data

Wed, 05 Jan 2022 20:52:48 GMT

Welcome to the Security box, podcast 76. On this podcast, we're going to talk about advertisers who are sucking up student data, even though legal action was taken. We'll also have comments and news items from the public if any, maybe some other topics if it turns in to one, and we'll see what else comes up. Topic

Advertisers are sucking up student data, even after legal action, researchers say Cyberscoop

The Security box, podcast 75: Predictions 2022

Thu, 23 Dec 2021 22:35:17 GMT

Besides the hour plus discussion we had, we've got music too for the holiday. Hope you have a happy holiday season. No TSB next week unless something breaks, see you in 2022! Welcome to the Security Box, podcast 75. On this edition of the podcast, come with me as we do a little predicting for 2022 with a Trend Micro article titled Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022. We'll also have thoughts on recent news read, and its been decided that the full news notes segment will be no more in favor of topics that need discussion. This doesn't mean that we won't cover news, but we'll cover it a little differently. Topic

Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022 Trend Micro

The Security box, podcast 74: Log4J

Thu, 16 Dec 2021 17:11:37 GMT

Hello folks, This is still developing and there are more articles than listed here. We'll provide the show notes as is, and check the blog and future podcasts for more. Thanks so much for listening! Welcome to the Security Box, podcast 74. On this podcast, something breaking this week called Log4j. We'll break down three different articles that talk about this. Instead of me doing news notes, we'll ask listeners if they have any thoughts on what they have read. There may be questions, comments and other topics not mentioned here for you to enjoy too. Topic

Log4J

The Security box, podcast 73: AT&T has a vulnerable device you need to know about, news notes and much more

Fri, 10 Dec 2021 16:29:03 GMT

Hello folks, welcome to the security box, podcast 73. On this podcast, plenty of news notes and a very interesting topic dealing with AT&T and appliances that are made to bridge the gap between the ISP and the managing of phone calls, conference video systems and similar real-time applications. We hope that you'll enjoy the program and thanks for listening! Topic Business customers need to be aware if they use AT&T products of potential malware.

Thousands of AT&T customers in the US infected by new data-stealing malware Ars Technica

News Notes Here are the links to News Notes. Some may be blogged already through the blog, so see if there is something that interests you.

There are two articles here talking about the same thing. This is a very interesting story about a guy that worked for Ubiquiti until he was recently arrested. Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” from Krebs on Security and Former Ubiquiti employee charged with stealing data, extorting employer from Cyberscoop are the two articles. They both are similar, but both worth the read.
US hacker jailed for role in multimillion-dollar SIM swapping campaign Tech Crunch
Is the UK government’s new IoT cybersecurity bill fit for purpose? Tech Crunch
Ransomware attack on Planned Parenthood steals data of 400,000 patients Ars Technica
Emails show what happened before Missouri gov. falsely called journalist a “hacker” Ars Technica

Please enjoy the program and thanks so much for listening.

The Security box, podcast 72: A Linux vulnerability, news notes and more

Thu, 02 Dec 2021 17:13:44 GMT

Welcome to the security box, podcast 72. On this program, we're going to play with Linux a little bit as we discuss a vulnerability in the way it works as it can cause DNS cache poisoning. We'll also have news, notes, commentary and more if people have things they want to share. Our Linux Vulnerability

Linux has a serious security problem that once again enables DNS cache poisoning Ars Technica

News Notes

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back Krebs On Security
Tech CEO Pleads to Wire Fraud in IP Address Scheme Krebs On Security
SMS About Bank Fraud as a Pretext for Voice Phishing Krebs On Security
Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny Cyberscoop
Apple sues NSO Group, spyware vendor known for helping governments hack critics Cyberscoop

More may be on the blog, thanks so much for listening and participating!

The Security box, podcast 71: Windows Update, Treat Trends Report, News notes and more

Thu, 25 Nov 2021 16:35:36 GMT

Welcome to the Security box, podcast 71. On this podcast, we're going to cover things we did not cover last podcast including windows update and a very interesting report dealing with the threat trends for November 2021. We'll have news notes and plenty of it too. Hope you enjoy the show! Patch Tuesday

Microsoft Patch Tuesday, November 2021 Edition Krebs On Security
November Continues Streak of Quiet Patch Tuesdays Trend Micro

Threat trends and intelligence report

new-quarterly-threat-trends-intelligence-report-available Phishlabs

News Notes Below, please find the links for the news items that are going to be talked about for this week. We may have blog posts on some of these, so make sure you check out the blog for complete details on things and maybe you'll find something you want to comment on.

The US closes Huawei loophole, will no longer grant exceptions for ISPs Ars Technica
More than 1,000 Android phones found infected by creepy new spyware Ars Technica
Malware downloaded from PyPI 41,000 times was surprisingly stealthy Ars Technica
US charges Ukrainian and Russian nationals over ransomware attacks Ars Technica
US says Iran-backed hackers are now targeting organizations with ransomware Tech Crunch
Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating Ars Technica

I hope you enjoy the program, we'll have more news notes and another great program next time. Thanks for listening!

The Security box, podcast 70: Its an open forum edition!

Fri, 19 Nov 2021 21:12:39 GMT

Hello folks, better late than never. We have a full open forum show for TSB for this week. While only two of us in the room, we cover quite a bit of various things. See you next week!

The Security box, podcast 69: Bullying over the phone lines?

Wed, 10 Nov 2021 22:58:11 GMT

Welcome to the security box, podcast 69. On this edition of the podcast, we turn our attention to another story, bullying over the telephone lines. We have some news, notes and commentary as well, but the bulk of this program is to think about what might go on these lines whether it is one you are on now, or one you've been on. Thanks for listening!

The Security box, podcast 68: NCSAM Extra! Social Media and other aspects to go along with it

Thu, 04 Nov 2021 16:21:59 GMT

Welcome to the Security Box, podcast 68. On this edition of the program, let's talk about social media and phone line issues as it relates to cyberbullying and other related topics. We'll also have news, notes and more. Social Media discussion In a very interesting turn of events, I wasn't necessarily going to put anything in to this section because I was going to do a full vocal discussion. But when I saw my own digest on my blog, I saw a very interesting post dealing with Social Media and other things related that I'll link here. I'll still do vocal talk with no notations, but this post is worth bringing up. ,

Don’t miss what’s happening People on Twitter are not the first to know. The Technology blog and Podcast's Shaun Everiss

News Notes

We hope you enjoy the program, and thanks for listening!

The Security Box, podcast 67: Protecting Your Children Online

Thu, 28 Oct 2021 18:28:38 GMT

Welcome to Week 4 of NCSAM. This week, we're going to cover protecting your children online. Notations are taken from a presentation I heard about the topic, and I've summarized it to tell possibly some stories that may be similar to something you've heard or seen. We'll also have news, notes and other comments as the program gets started. Protecting Our Children online

Protecting your kids online. Including topics like grooming, cyberbullying and more.

News Notes The following are some of the items that have been read within the past week. Feel free to read the ones that are of interest to you.

FBI, others crush REvil using ransomware gang’s favorite tactic against it Ars Technica
PurpleFox Adds New Backdoor That Uses WebSockets Trend Micro
Sinclair Broadcast Group suffers ransomware attack, the latest affecting media Cyberscoop
Candy corn producer says ransomware incident 'not likely' to sour Halloween supplies Cyberscoop
Conti Ransom Gang Starts Selling Access to Victims Krebs On Security

I'll try and blog some of this older news we've got, so stay tuned. Hope you enjoy the show!

The Security box, ppodcast 66: Verizon, T-Mobile, AT&TT, Oh My!

Sat, 23 Oct 2021 15:12:03 GMT

Welcome to the Security Box, podcast 66. Is 66 a lucky number? T-Mobile and Verizon are in the news with Spam messages, AT&T is in the mix as well in passing, Google is getting in the mix with two-factor authentication on more accounts, as well as news, notes and more. Topics

NCSAM

Google will enable two-step verification by default on 150 million accounts before year's end Phone Arena

News Notes read from around the landscape The following are links to stories that have been read from across the landscape. In October, we do news notes live so that you, the listener, can get a benefit of this being a discussion. If you like the way this is being done, please let us know and I may do it full time.

How Coinbase Phishers Steal One-Time Passwords Krebs On Security
Some versions of Android share users' personal data with no chance to opt-out Phone Arena
US gov’t will slap contractors with civil lawsuits for hiding breaches Ars Technica
Millionaire Twitch streamers react to their leaked earnings Ars Technica

Hope you all enjoy the program, and thanks for listening!

The Security box, podcast 65: Twitch, NCSAM, News Notes and more

Wed, 13 Oct 2021 22:25:11 GMT

A few technical issues, but what is a show without those? In this 3 hour episode, we've got quite a lot for you, so sit back and check out the links to the following items for your perusal. Welcome to the Security Box, podcast 65. On this podcast, let's discuss an article we read after the release of last week's program in regards to Twitch and their recent breach we were alerted to during the live taping of the program. After that, we're going to cover more NCSAM and even have some news notes. We'll do news notes the same as we did last week, as it turned in to a lively discussion. I hope you'll enjoy the program, and thanks so much for listening! Breach topics

NCSAM: Scam apps

Hundreds of scam apps hit over 10 million Android devices Ars Technica

News Notes read from around the landscape

The Security box, podcast 64: NCSAM week 1: News notes and more

Wed, 06 Oct 2021 21:50:01 GMT

NCSAM is now in full swing, this week, Are You Cyber Smart? A Checklist from Lastpass will be what you need to look at with 5 great tips and things that might be of interest to you. In my writeup of this, I talked about the Neiman Marcus breach and how people should be aware of it even if they aren't affected. We'll have news, notes and more. Hope you'll enjoy the show! News Notes

Police raid in Ukraine results in arrests of 2 alleged ransomware hackers Cyberscoop
The Rise of One-Time Password Interception Bots Krebs On Security

Thanks so much for reading and participating in the show!

The Security box, podcast 63: Psychology of passwords 2021, ransomware paid or not, news notes and more

Wed, 29 Sep 2021 23:18:26 GMT

Welcome to podcast number 63 of the Security Box series. On this podcast, come and learn about the password trends of 2021, thanks to lastpass's article. Next, a 5.9 million dollar ransomware paid by a farming co-op and a very interesting discussion I heard recently about this. We'll definitely have some news and notes from around the landscape, and even some commentary from any guests that participated through Clubhouse on the live program as well as anyone else through email, imessage and other contact points. Topics

New Report: 2021 Psychology of Passwords Lastpass
$5.9 million ransomware attack on farming co-op may cause food shortage Ars Technica

Phone scammers use COVID-19 vaccine appointments to try tricking victims into downloading malware Cyberscoop
Nation-state espionage group breaches Alaska Department of Health Ars Technica
Hackers are using CAPTCHA techniques to scam email users Cyberscoop
Apple users warned: Clicking this attachment will take over your macOS Ars Technica

Thanks so much for listening to today's program, and we'll be back for a month of NCSAM. Enjoy!

The Security box, podcast 62: Windows Update, a very interesting botnet, news notes and more

Wed, 22 Sep 2021 23:10:05 GMT

Welcome to the Security box, program number 62. On this program, we're going to cover Windows Update as well as a very interesting article from Krebs about a new botnet that seems to have done quite a bit of damage. It is an IOT botnet called Meris. We'll also have news, notes and lots more.

Windows Update

There are the usual two articles on Windows Update. This time, Krebs has quite a bit on these updates while Trend Micro covers the highlights but also gives some info of value too. They're both good for their reasons, so read them both.

Microsoft Patch Tuesday, September 2021 Edition Krebs on Security

September Patch Tuesday: 66 Bulletins, Only 3 Critical Trend Micro

Meris

There is one article which we're taking from for this one, but did you listen to podcast 836?

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” Krebs On Security

News Notes

Security researchers at Wiz discover another major Azure vulnerability Ars Technica

Apple patches “FORCEDENTRY” zero-day exploited by Pegasus spyware Ars Technica

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss Krebs On Security

Customer Care Giant TTEC Hit By Ransomware Krebs On Security

I hope you enjoy the program and thanks so much for listening!

The Technology podcast, podcast 361: A very interesting security discussion

Mon, 20 Sep 2021 17:14:48 GMT

Scott Schober is on Clubhouse, and he invited me over to his club which talks about cyber security topics. Here is a link to his Cyber Security club where members can join the conversation. The discussion started with whether we've gotten the vaccine or not, whether restaurants and other places are collecting that data let alone securely, and more. I decided to join the stage and while I applauded the conversation about covid-19 vaccines, what aout other problems we're still dealing with lik the open databases problem? Take a listen to this, and let's discuss whether I'm right, or whether we need to be concerned about this. I'll have more talks soon. Scott Schober's web site

The Security box, podcast 61: CSAM gets updated by Apple as they listened to some stuff from the security industry and much more

Sun, 19 Sep 2021 21:05:07 GMT

Welcome to the Security Box, podcast 61. On this podcast, let's discuss the updates on CSAM as it pertains to Apple. We'll have news, notes and more.

Topics

Under fire from privacy advocates, Apple delays controversial photo scanning plan Cyberscoop

News Notes

“FudCo” Spam Empire Tied to Pakistani Software Firm Krebs On Security

15-Year-Old Malware Proxy Network VIP72 Goes Dark Krebs on Security

Microsoft: Attackers Exploiting Windows Zero-Day Flaw Krebs on Security

IRS used vape store receipts to gather evidence against alleged Ukrainian scammer Cyberscoop

The Security box, podcast 60: The Security Landscape as it relates to the latest in T-Mobile land

Fri, 10 Sep 2021 16:52:02 GMT

The Security box, podcast 60: The Security Landscape as a whole from broadcasting software and web site services to T-Mobile's Fiasco What has changed on the security landscape? We learn about T-Mobile's recent failure, and even web sites are braught up as well as broadcasting software among other things. This turned out to be a very interesting show. What do you think has changed? What have we done wrong? What do you think it'll take to fix it if it can be fixed at all? No news notes this week, but they'll be back next week.

The Security box, podcast 59: Scott Schober, the q2 intelligence report and more

Fri, 03 Sep 2021 15:42:19 GMT

Hello folks, welcome to the Security box, podcast 59. On this edition of the program we have two different prerecorded segments for you. First, we interview Scott Schober of Berkeley Varitronics Systems, Inc. He's written various books which we talk about, as well as some of what is going on in the security landscape. Next, we have a talk that was done by Phishlabs, who did the Quarter 2 Phishing Trends report. To top it all off, we'll have news and notes from around the landscape as well as questions and comments after each segment if any. >

BV Systems

News Notes from around the web

FBI warns that Hive ransomware hackers are calling victims by phone Cyberscoop
What the Norton-Avast Merger Means for Cybersecurity Trend Micro
FCC proposes record $5 million robocall fine for voter suppression scam Cyberscoop
Poly Network fully recovers assets stolen in unusual $600M cryptocurrency hack Cyberscoop
Microsoft Azure vulnerability exposed thousands of cloud databases Cyberscoop
Scammers impersonate Europol chief in an effort to defraud Belgians Cyberscoop

Thanks for listening!

The Security Box, podcast 58: What the hell is up with T-mobile?

Thu, 26 Aug 2021 16:04:45 GMT

The Security Box, podcast 58: What's the matter with T-mobile? Why are system failures on the rise? News Notes and More Hello Everyone, welcome to the Security Box, podcast 58. Question: what the hell is going on with T-Mobile and their inconsistancies of containing breaches and lying about what they were going to do when they were granted the murger with Sprint? Who is ENISA and why are they saying that system failures are on the rise? Finally, what is the Chaos Ransomware and why could it have impacts beyond a proof of concept? We explore all of these topics, as well as news and notes from around the landscape on this edition of the podcast. Fasten your seatbelts! T-Mobile Here are the articles read that deal with T-Mobile to date. We're still learning more and nothing is very clear yet. The investigation continues.

T-Mobile apparently lied to government to get Sprint merger approval, ruling says Ars Technica
Hackers who breached T-Mobile stole personal data for ~49 million accounts Ars Technica
T-Mobile investigates potentially massive breach of consumer data Cyberscoop
T-Mobile Investigating Claims of Massive Data Breach Krebs On Security
T-Mobile: Breach Exposed SSN/DOB of 40M+ People Krebs On Security
T-Mobile confirms breach of more than 8 million customers' data Cyberscoop

The Security box, podcast 56: The Life Cycle of a breached database and government cybersecurity

Thu, 26 Aug 2021 15:57:59 GMT

Originally released on August 11th, we found out that I put it up in download form but not RSS. Sorry about that! Welcome to the security box, podcast 56. Two comments will start us off as someone commented on the replay of our show from last week. Both are good comments worth bringing up. Next, we've got a topic that might be of interest talking about the lifecycle of a breached database. Next, let's find out how the government is doing with their Cyber Security. What did the senate report find? Find out in our second topic. We'll have news notes and commentary as well. Topics

The Life Cycle of a Breached Database Krebs on Security
Federal agencies are failing to protect sensitive data, Senate report finds from Cyberscoop and The State Department and 3 other US agencies earn a D for cybersecurity from Ars Technica go hand in hand. Both articles are good, but ars has a very interesting table and other stuff too.

News Notes read from around the landscape

Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records

Criminals are using call centers to spread ransomware in a crafty scheme Cyberscoop

There is more news, but this is some of what we've read throughout the past week. I'll be blogging some more news, and of course, the list will have plenty more. End of program

The Security box, podcast 57: the name game of Ransomware Gangs, Windows Update, and CSAM and apple products

Thu, 19 Aug 2021 16:57:02 GMT

Welcome to the security box, podcast 57. We have three topics for you today, and I hope that you will enjoy them. The first topic for this podcast will be talking about the name game of the ransomware gangs we have out there. The second topic which was totally forgotten is of course Windows Update and what is happening with that operating system. Finally, probably the most contravercial topic we have to date, Apple and how they're handling the images that people may have that are backed up in to icloud that deal with children and the potential of abusive images of a sexual nature. We will also have news notes and commentary as well, buckle up as you don't know what'll happen with these topics! The program may contain adult content, and listener disgression is advised. Topics

Ransomware Gangs and the Name Game Distraction Krebs On Security
Windows Update

August Patch Tuesday: A Quiet Month for Microsoft Trend Micro
Microsoft Patch Tuesday, August 2021 Edition Krebs On Security

Apple says it will refuse gov’t demands to expand photo-scanning beyond CSAM Ars Technica

News and Notes from around the landscape The following are items that will be linked here and discussed in news notes for this week. There may be items that are not article related that may not be shown here in the notes.

Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants Cyberscoop
Phishing Sites Targeting Scammers and Thieves Krebs On Security
Four years after FBI shut it down, AlphaBay dark web marketplace claims it's back in business Cyberscoop
European police round up 23 suspected scammers accused of $1.2 million fraud Cyberscoop
Two members of QQAAZZ, which laundered funds from cybercrime, plead guilty Cyberscoop
Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Trend Micro
Hospitals hamstrung by ransomware are turning away patients Ars Technica

There may be more, please check out our blog and email list for more. Thanks for reading and listening to our show!

The Security Box, podcast 55: Who Is PlugWalk Joe?

Wed, 04 Aug 2021 22:19:19 GMT

Welcome to the security box, podcast 55. On this edition of the podcast we've got two Sans News Bites headlines, topics including a very interesting story on someone named "PlugwalkJoe" I.E. Joseph O'Connor, a topic on a new ransomware gang called Black Matter, and we've also got several news items including one that isn't an article but intrigued me when listening to the TWIT network. All of this plus anyone who had questions, comments or took part in the discussion, as podcast 55 gets started. Topics Here are the topics for today.

PlugwalkJoe Does the Perp Walk Krebs on Security
Threat intel firms suggest ransomware gang 'BlackMatter' has ties to DarkSide, REvil hackers Cyberscoop

Sans News Bites These are the Sans Newsletters that have been read. Links to them are also on the blog.

Sans News Bites July 27, 2021 Vol. 23, Num. 058 Sans Institute
Sans News bites for July 30, 2021 Sans Institute

News Notes read from the web

Software downloaded 30,000 times from PyPI ransacked developers’ machines Ars Technica
Feds list the top 30 most exploited vulnerabilities. Many are years old Ars Technica
New bank-fraud malware called Vultur infects thousands of devices Ars Technica
FTC's right-to-repair ruling is a small step for security researchers, giant leap for DIY hackers Cyberscoop

End of program

The Security box, podcast 54: Scammers Will Stop At Nothing

Wed, 28 Jul 2021 21:27:07 GMT

Hello Everyone! Welcome to podcast 54 of the Security Box. On this edition of the program, learn about Windows 11, the latest Microsoft operating system and what scammers are doing to monitize even while this version is still in beta. Next, come with us and learn about the latest in the average ransomware payments as it looks like they are declining, for now. We'll have news, notes, hopefully calls with questions or discussion throughout. If you want to leave feedback and you're listening through the podcast, call 602-887-5198 or email, imessage, whats app, or text your thoughts. The lines of communication are given throughout and I welcome what you have to say. Topics Here are the topics for today's program.

Sans News Bites Here are links to Sans News Bites, a newsletter by Sans Institute. While we may cover some of the items in these newsletters, you should read these to determine if something affects you.

Sans News Bites for June 20, 2021 Sans News Bites
Sans News bites for July 23, 2021 Sans Institute

News that have been read from around the web The following is news that have been read from arount the web. Some may be blogged, some may not have been blogged.

Serial Swatter Who Caused Death Gets Five Years in Prison Krebs on Security
Spam Kingpin Peter Levashov Gets Time Served Krebs On Security
Dutch police bust alleged 'Fraud Family' phishing service members Cyberscoop
Kaseya obtains decryption key for victims of massive ransomware attack Cyberscoop
An explosive spyware report shows limits of iOS, Android security Ars Technica

We hope you enjoy the program as much as we have bringing it together for you!

The Security box, podcast 53: Better Get Your Windows Update on ... especially if you print

Thu, 22 Jul 2021 15:25:20 GMT

Hello everyone, welcome to the security box, podcast 53. On this edition, we'll be talking about some of the things that articles talk about in regards to Windows Update that came out the week of July 16, 2021. Seems like we had good success with last week where we opened the phone lines for others to participate in an open forum, so we'll do that again and see what happens and if people participate or not. You can always comment after the fact by calling our voice mail line at 602-887-5198 and letting me know you want your comments aired. We'll also have some news notes and maybe a discussion on those as well. Windows Update Here are the articles that deal with Windows Update. One is by Trend Micro and one is done by Brian Krebs from Krebs on Security.

July Patch Tuesday: DNS Server, Exchange Server Vulnerabilities Cause Problems Trend Micro
Microsoft Patch Tuesday, July 2021 Edition Krebs on Security

Sans News bites

Sans News bites for July 15, 2021 Sans Institute

News Notes from around the web >

REvil ransomware gang sites go dark, for reasons that remain unclear Cyberscoop
Senate confirms former White House, NSA official Jen Easterly as CISA director after delay Cyberscoop
Facebook catches Iranian spies catfishing US military targets Ars Technica
Morgan Stanley discloses data breach that resulted from Accellion FTA hacks Ars Technica
day gave Chinese hackers privileged access to customer servers Hackers IDed Ars Technica

The Security box, podcast 52: What is going on with the water supply hacks? Password discussion, news notes and more

Thu, 15 Jul 2021 17:17:13 GMT

Welcome to the security box, podcast 52. On this podcast, let's talk about the water supply hacks and the growing threat of them through the help of an interesting article by Last Pass. After that, we'll see if people partook in an open forum of topics they want to talk about and of course news, notes and highlights from the landscape that have been read. Topic: The Water Supply and the landscape

The Growing Threat of Water Supply Hacks Trend Micro

News Notes Below, find links to items that are of interest we've read from around the landscape.

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax Krebs on Security

25 bogus Google Play store apps promised to mine cryptocurrency for a fee, scamming wannabe investors

The Security box, podcast 51: domains and their security, an email mistake and more

Wed, 07 Jul 2021 21:27:58 GMT

Hello folks, welcome to the security box, podcast 51. On this edition of the program, we continue with Phishlabs and their q1 Phishing and intellegence report talking about Top Level Domains and certificate abuse. Next, Michael in Tennessee sent me an article talking about one email which exposed hundreds of email addresses. We'll also have news and notes, people can call and comment as usual, and we'll see where the show takes us. Topics

News Notes

International cops seize DoubleVPN, a service allegedly meant to shield ransomware attacks from investigators Cyberscoop
Another 0-Day Looms for Many Western Digital Users Krebs on Security
DOJ files 7 new charges against alleged Capital One hacker Tech Crunch
US hits anti-robocall milestone but annoying calls won’t stop any time soon Ars Technica
Kaseya hit with suspected cyberattack, raising fears of major supply chain incident Cyberscoop
Chinese hackers suspected of using Dropbox to snoop on Afghan officials Cyberscoop
We Infiltrated a Counterfeit Check Ring! Now What? Krebs On Security

We hope you enjoy the program!

The Security box, podcast 50: 62% of free services are abused

Wed, 30 Jun 2021 23:59:23 GMT

Welcome to the security box, podcast 50. On the big 50th episode, we've got quite a bit of news notes to cover this week. Besides that, we're continuing with Phishlabs and their ongoing rundown of the Q1 Intelligence Report, this time, talking about free tools and their abuse. We hope that users find this of interest like I did. Of course, the lines of communication are always open whether on the show or podcast. Topic:

62% of Phishing Sites Abuse Free Tools or Services Phishlabs

Sans News Bites

Sans News Bites for June 25th, 2021 covers tons of stuff including Del, Vmware and more

News Notes

MyBook Users Urged to Unplug Devices from Internet Krebs on Security
“I’m totally screwed.” WD My Book Live users wake up to find their data deleted Ars Technica
Hackers are using bootleg copies of 'Grand Theft Auto V' game to mine Monero Cyberscoop
Tulsa police say 18,000 files are leaked after Conti ransomware hack Cyberscoop
NFC flaws let researchers hack an ATM by waving a phone Ars Technica via Wired
John McAfee found dead after Spanish court approved extradition to US Cyberscoop
Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison Cyberscoop
Ukrainian Police Nab Six Tied to CLOP Ransomware Krebs On Security
First American Financial Pays Farcical $500K Fine Krebs on Security
Russian hackers breached Microsoft customer support to try phishing targets in 36 countries Cyberscoop

the Security Box, podcast 48: Can you believe what is going on with Russia?

Wed, 16 Jun 2021 22:21:23 GMT

Thank you Michael in Tennessee for being our guest throughout the program! We really appreciate it. Welcome to the Security Box, podcast 48. On this edition of the podcast, we've got two topics for you. The first is probably one you can file in the "I can't believe I read this crap" department, while the second deals with Windows Update and what we had to look forward to there. We've got news notes with quite a number of very interesting items, as well as taking your calls, voice messages and stories to boot. Topics

Adventures in Contacting the Russian FSB Krebs on Security
June Patch Tuesday: Internet Explorer Finally Laid to Rest from Trend Micro and Microsoft Patches Six Zero-Day Security Holes from Krebs should be read for Patch Tuesday. Worth the read as usual.

News and notes from around the landscape We may have a lot of the things listed here in articles and commentary on the blog. Feel free to check out the articles and have your voice heard.

This is not a drill: VMware vuln with 9.8 severity rating is under attack Ars Technica
Trickbot indictment demonstrates how one hacking tool built on older malware Cyberscoop
Ransomware hits iConstituent, a service lawmakers use to communicate with voters Cyberscoop
Biden revokes TikTok ban, issues new guidance for evaluating foreign apps Cyberscoop
47% Phishing Increase in Q1 Phishlabs blog
Unpatched vulnerability in Samsung phones could let hackers read your messages Phone Arena
MoviePass settles with the FTC over exposing private information, misleading consumers Cyberscoop
RockYou2021 Breach: How to Keep Your Data Secure Now Lastpass

For full show notes including articles we didn't cover but read, check the blog.

The Security box, podcast 47: Security in the forefront of everything we do

Wed, 09 Jun 2021 23:19:08 GMT

Welcome to the security box, podcast 47. On this podcast, we're going to talk about Security. A video which I found on Ted Talk's youtube channel will lead this discussion. We're also going to talk about an article from Lastpass talking about protecting your business from data breach trends. It talks about something we've talked about, supply chain attacks. Speaking of supply chain attacks, Jennifer talks about our top story from our show notes, and we'll address any concerns from that as well. We'll have news, notes, questions, comments and more. Want to leave a message by phone? Call 602-887-5198 to do so. Thanks so much for listening! Topics

What do you think when you have Cybersecurity issues that keep croping up? Do you talk about your experience? Better cybersecurity starts with honesty and accountability is a Ted Talk done by Nadya Bartol which I think we need to talk about. Let's do so!
Protect Your Business From These Dangerous Data Breach Trends is a Lastpass article which I think we need to talk about as well.
Commentary from our top story from the News Notes program from last week

News Notes

FBI blames REvil gang for JBS ransomware hack as global meat supplier gets back to work Cyberscoop

Fujifilm shuts down computer systems following apparent ransomware intrusion Cyberscoop

Vulnerability in VMware product has severity rating of 9.8 out of 10 Ars Technica

Q1 2021 Threat Trends & Intelligence Report Phishlabs

Latvian national charged with writing notorious Trickbot malware

Tokyo Olympics organizers' data swept up in Fujitsu hack: report Cyberscoop

SIM swapping victim alleges T-Mobile failed to stop $20,000 cryptocurrency scam Cyberscoop

The Anatomy of an attack: tech podcast 360

Mon, 07 Jun 2021 20:29:25 GMT

The Anatomy of an attack has been around for quite awhile. I think its within the last couple of years, and I think it is quite important now more than ever. I talk about what has happened with our staple of the box, and how it was an inbound call that started it, but thats not traditionally the case. Listen to this hour long webinar and let's talk.

TThe Security box, podcast 46: q-link wireless updates, ransomware isn't going anywhere, billions of dollars and more

Thu, 03 Jun 2021 01:31:04 GMT

Welcome to podcast 46 of the Security Box. On this podcast, Michael in Indiana is along with an update about a company we talked about in News Notes on podcast 39. We've got a topic dealing with a company that has been able to take advantage of the dark marketplace as they dominated this space very quietly since 2018. We've got a topic also on Ransomware forcing a major speaker manufacturer you all may be aware of, Bose. We'll have news, notes, questions, comments and more. During the program, it was announced that we would be switching telephone companies. Our new number is 602-887-5198. 623-263-8934 will give you this new number, probably for several days, but no more than that. Topics

News Notes

Shortages loom as ransomware hamstrings the world’s biggest meat producer Ars Technica
Have I been Pwned goes open source, gets FBI data feed 9to5mac.com
Fighting, screaming as alleged ATM scammer known as ‘The Shark’ is arrested in Mexico from Cyberscoop and Boss of ATM Skimming Syndicate Arrested in Mexico from Krebs on Security are covering the same thing in slightly different contexts. This is big news!
Biden signs executive order to strengthen US cybersecurity from Ars Technica and Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber from Cyberscoop are related as Joe Biden seaks money to try and combat the horrific attacks of the past year.
Actively exploited macOS 0-day let hackers take screenshots of infected Macs Ars Technica
No, it doesn’t just crash Safari. Apple has yet to fix exploitable flaw Ars Technica
IN Ars Technica

Have something to say? Let's talk! Get in touch. 602-887-5198 or email/imessage/text. The choice is yours.

The Security box, podcast 45: 4 Vulns in Android, Conti ransomware and some news

Thu, 27 May 2021 15:43:15 GMT

Topics:

News and notes from around the landscape

How to Tell a Job Offer from an ID Theft Trap Krebs On Security
Recycle Your Phone, Sure, But Maybe Not Your Number Krebs On Security
Live Wire is looking at changing telephone companies once again. This is more to benefit callers on the system. If we change companies, the telephone number I've been giving will change. I will announce more if we are changing.

The Security box, podcast 44 for March 19, 2021

Thu, 20 May 2021 16:10:00 GMT

Welcome to the Security box, podcast 44. On this episode of the program, its time to make sure we're all caught up on Windows Update and what may be important to you. Next, we'll talk about a task force that hopes to disrupt ransomware payments. We're not done with Experian yet, and we'll have a things to ponder on this particular article I read about their API which is apparently disabled for at least one vendor. We'll also have news, notes, commentary and questions from listeners if any, and yes, even podcast listeners can join the fun. Podcast listeners can dial 623-263-8934 to leave a voice message, just follow the prompts. Email, Imessage, text and whatsapp are all given throughout the show. Windows Update Windows Update is back, and Microsoft has given us only 54 different patches, but a lot of them are critical. 13 of them were from the ZDI program from Trend Micro.

Things to ponder Looks like Experian is still being talked about. In this Things to Ponder, Experian API Exposed Credit Scores of Most Americans is the article which we'll be picking apart as your things to ponder. A true story of a telephone number not to call and why Jennifer is now along with a very interesting story, with a very interesting twist and yes, it is a true story. A task force that is out there to disrupt ransomware I'm happy to read articles like this one, and I want to talk about it as part of the program. Its not too old, but its something of value to all of us. KrebsOnSecurity has the details. Task Force Seeks to Disrupt Ransomware Payments is the article to read. News Notes

Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals Cyberscoop
Fintech Startup Offers $500 for Payroll Passwords Krebs on Security
A Closer Look at the DarkSide Ransomware Gang Krebs on Security
Ransomware Playbook: Defense in Depth Strategies to Minimize Impact Phishlabs
DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized Krebs on Security
Stop Ransomware Groups Who Weaponize Legitimate Tools Trend Micro
Worried About Ransomware? Turn on MFA Last pass

The Security box, podcast 43 for May 12, 2021

Wed, 12 May 2021 22:06:50 GMT

Welcome to the Security box, podcast 43. On this edition of the podcast, we've got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We'll have news, notes, your questions comments and any catch up from any older podcasts. Topics

> Sans News Bites

Sans News Bites for May 7, 2021
'Jugular' of the U.S. fuel pipeline system shuts down after cyberattack
Investment Scammer John Davies Reinvents Himself? See podcasts 10, 12 and 14 for other coverage in different aspects whether news notes or full discussions.
Florida homecoming queen faces up to 16 years after alleged scheme to hack high school contest
Malicious Office 365 Apps Are the Ultimate Insiders

We hope you enjoy the program as much as we have bringing it together for you. See you next week!

The Security box, podcast 42: Has Experian learned anything?

Wed, 05 May 2021 23:07:06 GMT

Welcome to the security box, podcast 42. I think I've got two very interesting topics. One of these topics is the ongoing saga over at Experian. We know they had a big time breach, but do we really know what else is going on at the company? Brian has the entire details. Finally in the topic department, we know Ransomware has taken a big toll during the pandemic and there is no slowing down in that department. According to Cyberscoop, demands are higher by 43 percent so far in 2021. We'll talk about it. I'll also give you some news and notes, although it may be dated. Your questions and comments are always welcome, so please get in touch! I hope you enjoy the program as much as I have putting it together! Topics We used to put all of the notations within the file, but I've decided against that unless people want me to do that. I've heard nothing, so I'm reverting back to linking to the articles, and letting people decide on what interests them.

News Notes

Sans News bites May 3, 2021 Lots of interesting things including IOS 14.5.1 on the heals of 14.5 fixing a zero day.
A Clubhouse bug let people lurk in rooms invisibly

The Security box, podcast 41: Ubiquiti and other stuff

Thu, 29 Apr 2021 18:36:55 GMT

Welcome to the Security Box, podcast 41. On this edition of the podcast, we're going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We'll have news, notes and more. Topics:

Both of these articles are from Krebs on Security and while they're a bit old, you can't deny that it is worth talking about. Company aught to be ashamed of themselves.

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

A bit of sad news: :-( Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years. Security Now! researchers know of Dan's discovery of a critical weakness in the DNS servers at the time. He will be missed. News Notes

The latest malware hiding in video game cheat codes

DeepDotWeb boss pleads guilty to laundering millions

Trend Micro + ROS-I: Building a more secure future

The Security box, podcast 40: Windows Update and Ransomware in the Manufacturing landscape

Wed, 21 Apr 2021 20:49:54 GMT

Welcome to podcast 40 of the Security Box. On this podcast, we're going to have our main topic that deals with the Windows Updates which you may have been prompted to install. Instead of news notes, I'll pick a few of the articles and we'll see what you think about them as I'll give my thoughts. No full news notes this week, but plenty of content to boot. We hope you enjoy the program, and thanks for listening!

As ransomware stalks the manufacturing sector, victims are still keeping quiet

For full notations, check the blog. Enjoy!

The Security box, podcast 39 for April 14, 2021

Thu, 15 Apr 2021 00:54:32 GMT

Welcome to podcast 39 of the Security Box. Looks like we've got commentary from the replay of broadcast 38's airing. We'll answer any questions from those comments if any, as well as talk about yet another story I read afterword in regards to Facebook and why it might be a good idea to remove your telephone number or use something like Google or Text Now as your number instead of your primary one. We'll have news, notes, commentary and more. We hope you enjoy the program as much as I have bringing it to you. Thanks for listening! Topic: More on Facebook, why Brian Krebs deleted his Facebook account In an article that I read on April 7th, Brian goes in to detail on why he eventually deleted his Facebook account sometime in 2020. According to the article, a paragraph says: The phone number associated with my late Facebook account (which I deleted in Jan. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 billion active monthly users. We know that Facebook has never been trustworthy after any type of incident, and I honestly don't believe that Mr. Krebs couldn't be part of the 533 million people affected by the breach. Checking with the site, yours truly isn't effected either, but I honestly wouldn't believe it now-a-day especially since news of this is two years old. The supposed database has been kicking around the Internet Cybercrime community since Last Summer, according to the article. I've never seen any of these databases, and with the massive amounts of databases out there and what they contain, who could confirm every piece of data in it? I like what Have I been Poned and what it is trying to offer, so don't get me wrong when it says that I'm not in there when I put my mobile number in the site to check. We now learn that the database was put up since June 2020 and include names, mobile number, gender, occupation, city, country and marital status. It includes data for 100 different countries and there is a link to a January 2021 twitter post within the article. KrebsOnSecurity goes on to talk about what might happen if someone with malicious intent gets ahold of your mobile number. One of the things that could happen is your phone number changing hands, otherwise known as a Sim-swapping attack. This happens because an employee at the store you got service is tricked in to changing the information to the attacker and you don't find out until you use your phone. Brian talks about how it is probably time to remove your number from services like Facebook once verification of the account is complete. I'm almost tempted on doing this myself. There is a very interesting paragraph in which I got interested in. It says: Why did KrebsOnSecurity delete its Facebook account early last year? Sure, it might have had something to do with the incessant stream of breaches, leaks and privacy betrayals by Facebook over the years. But what really bothered me were the number of people who felt comfortable sharing extraordinarily sensitive information with me on things like Facebook Messenger, all the while expecting that I can vouch for the privacy and security of that message just by virtue of my presence on the platform. We can't vouch for a presence of a sensitive message just because we're on the platform. I've never used Facebook or its messenger client for anything secure anyway, but that paragraph is very important. Are You One of the 533M People Who Got Facebooked? is the question and article title we're talking about in this segment, do read the article. News notes on the blog. Enjoy!

The Security Box, podcast 38: we've got Facebook in the spotlight, news, notes and more

Wed, 07 Apr 2021 22:07:12 GMT

Welcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren't going to do that. Why? It looks like news has gotten about Facebooks's 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We'll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program! Topic: Has Facebook done it again? Michael in Tennessee sent me an article from Phone Scoop, as well as me seeing the article we'll be taking from, which came from Cyberscoop. It looks like Facebook is really paying for a 2019 breach in which 500 plus million people's information including phone number were exposed somehow and later patched by Facebook. The data, which comes from people from over 100 countries, includes users’ phone numbers, email addresses, full names, birthdates and location, among other identifiers, according to Insider, which first "reported the news." The leak, was first reported by Motherboard, according to the article. The only thing that I'm unclear on is the section that talks about the fact that the leak was reported by Motherboard in January. The information was made available by paying a Telegram bot a couple of bucks for the details according to the article. According to the article, Facebook removed the ability of searching people by telephone number after the breach. Facebook will be probed by Ireland, and its unclear if the Unnited States will follow suit by the FTC. The article goes on on what the actors may do with the information now that the information has been made available for free. The website "have I been poned" has been updated by Mr. Troy Hunt with the information that was made available by the breach. For more information and to read the full article, 533 million Facebook users’ personal data leaked online is the article and do read this. News Notes for podcast 38

Office 365 is no stranger to attack. A Phishlabs article talks about the latest threat. This time, actors can mimic websites by using Google's API through Google Ads that allow redirects to whatever they want. The issue with this one is that once you log in, they capture your credentials as well as sending you to your account. For complete information, Breaking Down the Latest O365 Phishing Techniques is the article, which will talk about this entire process.
Ubiquiti is back in the news. A post by Krebs on Security talks about the latest drama at the company who now has come out saying that there was a problem. After making a change that forced people to log in to their network, they were later told to reset their passwords because of a "third-party cloud provider" may have been breached. There's more including the very interesting fact that this company should have invalidated all credentials. Ubiquiti All But Confirms Breach Response Iniquity is the article. This is going to get very interesting now.
Finally, due to time constraints, I've got some good news I want to pass along. Another web boss now has been pleaded and this guy pleaded guilty. This boss was behind selling heroin, firearms and hacking tools. He pleaded guilty on charges of money laundering. Tal Prihar was captured by French authorities. Read Cyberscoop's article DeepDotWeb boss pleads guilty to laundering millions for more.

Thanks so much for listening!

The Security box, podcast 37: The beginning of DKIM, other commentary, news, notes and more

Fri, 02 Apr 2021 21:29:50 GMT

Welcome to the Security Box, podcast 37. On this episode of the program, we're going to talk about something I don't think people know much about dealing with email, verification of domains in the process, the standards of what it is and how it came to be. We will also cover a very interesting webinar that I listened to by Trend Micro that delbt with the security predictions for 2021. We'll also have news, notes, questions, comments and more as the show progresses and the listeners choice on whether they have something to contribute. I hope you enjoy the show as much as I have bringing it together for you, and thanks so much for listening! For full details including links, check out the the blog and thanks for listening!

The Security box, podcast 36: Password Managers, what exactly do you need?

Wed, 24 Mar 2021 23:03:57 GMT

Welcome to podcast 36 of the security box. On this edition of the program, we'll be talking about password managers. Herbie Allen is along with a Things to Ponder section talking about Scams, one in particular dealing with Amazon. We also have a webinar that will be of interest from F-secure. We'll have news, notes and more. Hope you'll enjoy the program!

Full notations willbe provided on the blog so check back often for those. Enjoy!

Audio Centric applications for podcast 35 of the security box

Wed, 17 Mar 2021 23:52:19 GMT

On this edition of the podcast, audio-centric applications like clubhouse. News, notes and more. Read the blog for full notations.

The Security box, podcast 34: The Rest of the Key Logging discussion

Thu, 11 Mar 2021 00:29:21 GMT

Welcome to podcast 34 of the Security Box. On this edition, we'll pick up where we left off on the Key Logging aspect of our discussion and we'll have news, notes, commentary and more. We also have something from Michael in Tennessee who sent us a video of 12 Android apps you must get rid of. Some of these, are quite interesting. Hope you enjoy the program as much as I am bringing it together for you. News Notes will be on the blog and I did enjoy the program. Hope you do too. See you next week!

The Security box, podcast 33: Part 2 of the Keylogging discussion and more

Fri, 26 Feb 2021 18:35:44 GMT

On this podcast, we continue where we left off with our Key Logging topic, and we'll also have news, notes, questions, comments and concerns. Hope you'll enjoy the program as much as we have putting it together for you. Topic: Continuing Key Stroke Logging This may take several programs, but we must cover keystroke logging. We take from the Wikipedia page on keystroke logging so you can follow along. Different heading include, but not limited to: application, software based keyloggers, keystroke logging and writing processes, related features, hardware based keyloggers and history. There are 4 different headings for this article and a lot to read. I figured it would be a good discussion to have since it has come up in discussions of other things. I hope you enjoy the discussion as much as I am bringing it to you. There's more, news notes will be posted on the blog for everyone to see what links and items we have. Enjoy the show!

The Security Box, podcast 32: The Beginning of Keyloggers

Wed, 17 Feb 2021 23:26:16 GMT

These are the show notes. For full news notes, please check the blog. Welcome to the security box, podcast 32. On this edition of the program, we're going to taolk about keystroke loggers. I found a Wikipedia article which is detailed and there could be a possibility that this goes in to multiple weeks. We'll also have news, notes, questions, comments and even a "things to ponder" segment to boot. Topic, Keystroke logging: This may take several programs, but we must cover keystroke logging. We take from the Wikipedia page on keystroke logging so you can follow along. Different heading include, but not limited to: application, software based keyloggers, keystroke logging and writing processes, related features, hardware based keyloggers and history. There are 4 different headings for this article and a lot to read. I figured it would be a good discussion to have since it has come up in discussions of other things. I hope you enjoy the discussion as much as I am bringing it to you. Things to Ponder During last week's program, we were still learning about the possible issue in a small town in Florida that could've had some serious problems with its water supply if it weren't for a worker noticing something as simple as a mouse moving. In this things to ponder segment, I talk about what we've learned to date, and its quite interesting. To date, I have two sources you can read more, one an article by our good companion Brian Krebs, the other from CISA. You should read them both, and of course listen to what my thoughts are and participate.

I hope you'll participate in this interesting story.

The Security box, podcast 31: Domain discussion continued, news, notes and more

Thu, 11 Feb 2021 17:37:06 GMT

The show notes are full of links, and those will be posted to the blog as soon as we can. The program only has two tracks at the end, and I'm happy with how it turned out I think. While there were no calls, I know this show will have a lot of info, and the podcast notes will explain things by linking to various things. Welcome to the security box, podcast 31. On this podcast, we're going to continue the discussion of domains with several different things that we couldn't get to from last week. Also, we'll have news, notes, questions, comments and more. I hope you enjoy the program as much as we have putting it together for you. I hope you all enjoy the program, and see you for keyloggers next week.

The Security Box, podcast 30: Domain discussion, security segment, news, notes and Drama

Wed, 03 Feb 2021 23:22:38 GMT

Welcome to podcast 30 of the Security Box. On this security box podcast, the goal is to talk about domains. We'll talk about what a domain is, how they work, a little bit about the IP system, and some recent news in regards to domains, registration companies, look-alike domains and more. We'll have news, notes, questions, comments and Michael in Tenessee with a segment to boot. For full show notes, check the tech blog. Some tech issues occurred, but the show must go on. Enjoy!

Tech podcast 359 for January 29, 2021

Fri, 29 Jan 2021 19:42:57 GMT

Welcome to podcast 359 of the technology podcast. I'm Jared, and its time to bring you another podcast. Today, we've got something I think you'll be interested in as I talk about something that has been around awhile that seems to be finally dismantled, at least for now. What might that be? Its called Trick Bot. I heard a podcast about it and how it has pretty much fell, but yet, its still around according to an article I'll be talking about and reading later. Next, I talk about Weather Gods. Its one of many different apps on the app store. I posted on the tech blog and on Applevis in regards to this topic, and I chose this app because of my needs, and something I feel isn't fair called double extortion. There is a paid app, and then they want us to pay for a subscription for what I can get for either beta testing, or paying for the subscription. Thoughts are welcome. Finally, could Net Neutrality be coming back? According to a podcast, it might be, and I talk about it here instead of the security box. Contact info is at the end of the program as usual. What to read or listen to:

<Trickbot may be down, but can we count it out? The Cyber Wire Daily

Thanks for listening!

The Security Box, podcast 29: messaging apps and security, news, notes and more

Thu, 28 Jan 2021 20:01:00 GMT

Welcome to the security box, podcast 29. On this episode of the podcast, what seems to be the problem with messaging applications such as Whatsapp, Signal and others when it comes to their security? What do you think of for cloud security for 2021 as the pandemic continues? We'll have news, notes, questions, comments and more including bits from Sans News bites, Trend Micro and more. Topics

Security Now episode 802 was released and broadcasted the week of January 19, 2020. On this podcast, are we really concerned about what application we choose to use to message? Steve says that it doesn't honestly matter, as metadata isn't all that big of a deal. Who really cares if phone numbers, time of messages, and even how long audio messages may be? There are apps discussed for more private communication, but metadata doesn't cover the content of the message itself. From Steve's introduction taken from his security now page he writes in part: Then we wrap up by looking at various aspects of the frenzy caused by WhatsApp's quite predictable move to incorporate its users' conversation metadata into Facebook's monetization ecosystem. This segment lasts roughly 20 minutes as I play the segment for all to hear. What do you think about this?
What about cloud security for 2021? The Top Worry In Cloud Security for 2021 is the Trend Micro article, and I found a video on their youtube page that seems to voice the article. We'll play this video and we'll discuss. Cloud Dynamics: Top Cloud Security Challenges for 2021 is the video. Your thoughts are welcome.

For complete news notes, please see the tech blog for details. Thanks so much for listening!

The Security box, podcast 28: Year in Review items Teledildonics, and more

Wed, 20 Jan 2021 23:35:08 GMT

Welcome to the program. Full news notes will be on the blog, but here are the topics and what is talked about before news notes. Hope you enjoy! Welcome to podcast 28 of the Security Box. On this podcast, a couple of year in review items, news, notes, something called teledildonics or "The Male Chasity Cage" from a recent Security Now podcast, news, notes, questions, comments and more. Topics:

Year In Review: Ransomware
The Year In Review: How COVID-19 Has Changed Cyber Security
Security Now has a segment on something that I really don't understand, but yet, caught my attention. I believe the term used by Steve was Teledildonics. Something we should be concerned about? The Internet of Dongs
Covid-19 scam alert on vaccines

The Security Box, podcast 27: Trend Micro report, breaches of the year and more

Thu, 14 Jan 2021 16:46:40 GMT

Hello folks, welcome to the security box, podcast 27. Trend Micro has a report they do each year talking about the trends of the next year and its worth talking about. Did you know about any of the breaches of the past year? We'll go through that thanks to Solutions Review, as well. We'll have news, notes, commentary and more and even a guest to boot if everything goes well. Thanks so much for listening, and make it a great day! Topics:

The Security Predictions from Trend Micro is always something fun to read. We'll talk about some highlights that might be of interest, and of course, we'll take questions and comments in regards to this. You can read the article entitled: Takeaways from Trend Micro's 2021Predictions to learn more. I also posted a blog post with my thoughts on this one, and its available for everyone to read.
Are you aware of the biggest breaches of the year? There is a post with videos and text, and we'll talk about this. Ben Canner, a follower of mine on twitter, tweeted out Solutions Review Presents: The Top Data Breaches of 2020 and boy, is it something that I think we should cover.
Cyber Wire Daily has what they call Research Saturday. This is a link to January 9th's episode on Emotet and I will be summarizing this as part of this week's program. There is a link to read show notes, and thanks to Overcast for providing a link to the episode, I think its worth sharing.

News Notes: I think we're going back to the original format that we started with, its much easier to maintain it that way. If you liked the other format, please let me know.

According to Cyberwire Daily, a podcast, President Trump was removed from Twitter for several days, as well as removed from Facebook until he leaves office. The Washinton Post may have an article on this, as they site the post as being where the reports of him being kicked off. The January 7th program talked about the fact President Trump urged people to show their displeasure, although a tweet said to do it peacefully. It made no difference, as people demonstrated and caused problems on January 6th and caused the recount to be delayed. It was resumed later in the evening, and president elect Joe Biden was confirmed. Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says and Facebook, Twitter act on Trump's false messaging after violence at Capitol should be read in regards to the latest on this ordeal. These two articles were read after listening to the podcast.
This Week in Security News - Jan 8, 2021 has quite a lot of articles, some of which I had meant to cover but haden't had an opportunity to blog about.
Russian man sentenced to 12 years in prison for massive JPMorgan data heist is a bit of good news after a long bout of wondering if we are going to get some good news. While I published some good news recently, 2021 has gotten off to a great start with this one. This J.P. Morgan breach at the time was the biggest to date for that time, but Solar Winds today tops that. This was well orchestrated, and you should read this.

There's more, check the blog for complete notes. Enjoy!

The technology podcast, podcast 358: Stripe demo, people violating terms of service and more

Mon, 11 Jan 2021 17:48:45 GMT

The show notes are short for this episode, but the program is not short. I hope you enjoy the program as much as I have. On this edition of the technology podcast, a stripe demo for you on their app. Also, people getting away with blatently violating terms of service. Finally, Dark Net Diaries had an episode on the darknet and someone who got caught in the crosshairs of the law because they baught and sold drugs on the underground. I hope you all enjoy the program. This program lasts 84 minutes. Enjoy!

The Security box, podcast 26 for January 6, 2021

Thu, 07 Jan 2021 20:52:45 GMT

Welcome to the Security Box for this week. We continue with the breach that is, by catching up with some commentary from Security Now from two episodes. We also have a "things to ponder section" and some News and notes to boot. For full show notes, please go on over to the blog as there may be links to things that might be of interest to you. I hope that you enjoy the program as much as I have putting it together, and I'll see hyou next week! The topic of Shaken and Stir will get its wrapup from podcasts 21 and 23.

Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition
STIR/SHAKEN Wikipedia

This should be the last of this as we don't have far to go with it. There's more, so remember to check the blog!

The Security box, podcast 25: Year End part 2

Thu, 31 Dec 2020 01:00:00 GMT

Welcome to podcast 25 of the security box. This podcast was compiled on Christmas day, but was released on the 30th of December. On it, we go through podcasts 341-357 of tech, playing a few segments which were also covered on this podcast like catphishing, some of the security items throughout the year from the blog, and even other highlights. Highlights the security box and some of what we covered in podcasts including two interviews. This podcast is 167 minutes and is the last of the two podcasts before we resume the first week in January. Hope everyone enjoys the lookback, and thanks for listening!

The Security box, podcast 24: The breach that is, and year end stuff

Wed, 23 Dec 2020 19:00:00 GMT

Welcome to podcast 24 of the security box. This is a full podcast, as we're on a two week break. Here is what we have for the podcast.

The biggest item that we have in the podcast is the biggest breach in the Solar Winds feasco. We're still learning, check the blog for more. Here is a blog post to get you started with the whole fiasco, but there is definitely more.
Podcasts 333-340 is covered in different segments throughout the year in regards to what has happened throughout the year. We'll continue it next podcast.

The podcast is a little over 2 hours including our final track. Thanks so much for listening!

The Technology podcast, podcast 357: Weather Underground

Thu, 17 Dec 2020 19:39:28 GMT

On this edition of the podcast, the final podcast of 2020, we'll demo Weather Underground. I wanted to do two demos, but I think one is enough. I hope you'll enjoy it.Apple Vis has a post in their directory of apps about Weather Underground - Forecast which was written up. While I do like the app, I believe the person writing this has the same points I do. I do find it accurate, but there are definitely some accessibility issues which you'll hear about in the demo.The Security Box will have other podcasted content, so the feed will still be going strong in 2020. On podcast 358, I hope to have another demo of something i learned about, an app that'll assist me with billing credit cards. See you all then!

The Security Box, podcast 23: The continuing Education of Shaken and Stir, Philmore and more

Wed, 16 Dec 2020 23:50:03 GMT

Welcome to podcast 23 of the security box. Picking up where we leave off, we continue with Shaken/Stir and its discussion from podcast 21. Besides that, we'll go ahead and talk about a company which doesn't really care about the security of its customers. The name has been mentioned in passing, but now its time to talk about some very serious stuff on a podcast. We'll have news, notes, and more. Topic: Shaken/Stir was discussed on podcast 21 of the podcast, and podcast 23 will finish it off. Here are the links, taken from podcast 21's notations.

Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition
STIR/SHAKEN Wikipedia

News Notes and more will be on the blog version of the show notes. This address is given throughout the program. News notes was live. Enjoy today's program!

The Security box, podcast 22: BEC and what it is, a couple of guys who aren't safe and more

Wed, 09 Dec 2020 22:33:47 GMT

Welcome to the security box, podcast 22 picking up the podcast with business email compromise.

Besides that, we talk about a couple of people who have been a problem in the phone world, tie it in to phone security, and find out if these guys would be capable of using such tech. Comments also came in about scams when looking for a place to live, and of course some tunes come along with it. Enjoy! Delving into the World of Business Email Compromise (BEC) Business email compromise

The Security box, podcast 21: the beginning of Shaken and Stir

Wed, 02 Dec 2020 23:20:01 GMT

The beginning of Shaken and Stir, lots of news items and more. For full show notes, go over to the blog to do some reading of anything that interests you. Welcome to podcast 21 of the security box. This week, I thought it would be interesting to take you through the Shaken and Stir protocol. This protocol is supposed to go through and make sure we get adequate caller ID. Below, please find resources that we found on the Internet for the Shaken and Stir protocol, and I'll be working on braille material so that I have something in writing. We hope that you enjoy the program today. Topic:

Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition
STIR/SHAKEN Wikipedia

For full news notes, go to the blog and we'll continue shaken and stir in two weeks. Enjoy!

The Security box, podcast 20: PCIDSS, OCSP Stapling and more

Thu, 26 Nov 2020 17:48:22 GMT

Hello Folks, welcome to episode 20 of the technology podcast series known as the Security Box. A few tech issues but we press on. Please check The Blog for complete notations as we have segmented everything. Both Michaels are on with segments, I continue where we left off last week, and we even talk about an email I posted as part of protecting our security even though it is a little unrelated from the main topic. News, notes, and more. I hope you enjoy the program even though there was a few glitches, I still enjoyed the program. See you all next time!

The Technology podcast, podcast 366: Braille Transcription, a company in trouble, Mac, IOS, and More

Tue, 24 Nov 2020 19:12:10 GMT

Welcome to the tech podcast. Assignment 19 was a complete fail, and I know that I had a lot of failure but not all was my fault. You can search out this write up on the blog, but I talk about it here. Next, a company may be getting themselves in some trouble Forget going to a hotel … especially since records go back to 2013 … were you effected is the blog post I wrote, are you effected? Next, JFW 2021 and MAC version 11 are out and I taklk about both. Finally, I found some good news in the security field and I even have one more. Finally, a laugh and contact info at the end. Hope that you enjoy the program and I'll see you all later!

The Securoity Box, podcast 19: its all about the credit card: part 1

Thu, 19 Nov 2020 04:06:19 GMT

We're going to continue the credit card talk next week, but this should get you started. Welcome to podcast 19 of the security box. This week, let's talk about credit cards, PCIDSS, and more.

We're putting the Wikipedia link in for reference. Please do not rely on it alone, as the page talks about a lot of unsourced material. We also posted two of those sources as I liked them, and we'll use one of them to talk about what PCIDSS is, and what is required. News Notes

Thinking about getting an Android phone? Think that its security is better than IOS and what it may have to offer? Thats your choice, and we're not going to change your mind. According to an article from the Register, maybe you should think about this again. According to the article, Google is being sued because it is taking a couple hundred MB from you on your cellular data even if the phone is sitting there quietly not being touched. Why? Because Google is preparing potential ads that might be of interest to you after it collects data in the background. The article goes on to say that Google people agree to multiple terms of service, none of which talks about the passive collection of data that has nothing to do with your use. New lawsuit: Why do Android phones mysteriously exchange 260MB a month with Google via cellular data when they're not even in use? is the article, think about this when you decide which operating system you want.
This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs has a bunch of items in it, and we'll let you decide what you want to talk about.

Other news Looks like we've finally gotten something that might work. After some time, I am now back on MyTelespace, where they have a call in number for callers who do not have the other technology to use. That number is 720-787-1080 and my box number is 8347 over there. Just another option for people to use. Thanks so much for listening, and make it a great day.

The Security box, podcast 18: election stuff, updates on podcast 6, and more

Fri, 13 Nov 2020 01:19:32 GMT

The show notes are quite lengthy, so not everything is going to be listed here, but please check the blog under podcasts for the complete notes. Things to ponder Disclaimer: The following are going to be things to ponder. Some things could be posted as a blog post, others are just thoughts based on one topic or another and may not be linked to anything. The opinions expressed are those of the presenter, and may not necessarily be those of the JRN, its staff, providers of software and services, or the like.

I got the best email ever. What was so interesting about it was the domain. Normally, I don't comment on Spam, but Just saw the best email ever … in my inbox … domain is relatively new is the blog post. You'll see the domain, as well as my thoughts. I talk about this one.
Amazon put a little bit of a scare in me by sending me an OTP when I did not even request one. I did some quick investigating and found I was not compromised, but turn on two factor (2sv) on Saturday, the 7th. I checked my transactions, card history, and other log in activity and didn't find anything suspicious.
On podcast 6 of the Security Box, it was discussed that Michael in Tennessee had a security concern about his apartment WIFI setup. He isn't wrong, as on September 7th, he called in to Twit' The Tech Guy and asked Leo. On this podcast, we'll play said segment and play Michael's things to ponder segment as we give an update on the worst security ever. If you want to listen to podcast 6 from August 19, 2020 here's the link to use (162162.33mb) for your enjoyment. Also read the text from tech guy labs, the tech guy: episode 1743.

That is only some of what is up, the blog will have more.

The Security Box, podcast 17: Catch up, Trend Micro and more

Thu, 05 Nov 2020 00:07:06 GMT

Welcome to podcast 17 of the technology series known as the security box. Catch up

Michael in Tennessee makes an appearance as he was not able to make it last week. We talk about encryption, the lack there of from the government, and companies in general in the security landscape.We are not pointing our fingers at any one company, but mainly an open discussion.

Topics:

A subset of apps were targeted in an article that indicates that 76 percent of them have at least one vulnerability or bug. The goal is not to write perfect software, but software that can be fixed within a reasonable time frame. Different types of terms are used within this article, none of which I'm too familiar with, but the article I found quite interesting. It came from the folks at help net security. 76% of applications have at least one security flaw is the article, let us discuss.
Trend Micro has a program for free called House Call which is accessible. This was actually talked about this past Thursday with Andy and Josh. In the article Trend Micro HouseCall for Home Networks Trend Micro talks about what they've done with the program and how it can benefit you.
URL tracking systems like add words and add cents by Google can be abused just like the URL shorteners before it. How URL Tracking Systems are Abused for Phishing comes from Phishlabs, and its well worth the read. This should probably be talked about, because sites use these services including blindness related sites. Do you think it is time to move away from the services in the name of security?

News Notes and more

In some good news, we've definitely got some. Two Charged in SIM Swapping, Vishing Scams is the article penned by Mr. Krebs. Maybe this is a start to something, only time will tell what happens.

There may be more news that I didn't cover here or on the podcast of the box, let me know what you want covered. Books Due to space limitations, the books section of the show notes can't be reproduced here. The Tech blog will have the entire notations including the books for you to peruse. Thanks so much for listening and contributing!

The Security box, podcast 16: catch up work, domains, and more

Wed, 28 Oct 2020 22:58:26 GMT

We've got shorten short notes although detailed. Here goes. Welcome to broadcast 16 of the Security Box. Time to catch up: Jennifer, the staple it seems to this program, comes in with 8 different commentary pieces we'll step through in regards to last week's significant program on privacy, personal information online and the like. We'll see how this segment goes when it comes to whether there needs to be anything else said, or whether it'll speak for itself. Topics:

What do you think when it comes to your web host and what they offer? Some web hosts are Windows based, some are linux based, some may have both, and some ... well ... may just not care what they host no matter what the platform. In an article entitled Planetary Reef: Cybercriminal Hosting and Phishing-as-a-Service Threat Actor which comes from Phish Labs, we'll talk about a company that seems to be under multiple names, yet surves up all kinds of things that most web hosts would not tolerate. The group behind Planetary Reef leases IP space from a large reseller. I'm considered a reseller, selling space given to me, but a large reseller may be under a company that they buy their space from each month and they sell it to others. Let's talk about this as there is a history behind the web space market throughout the years.
In a related topic I covered and didn't originally cover under the rundown, we talk about this Krebs on Security article QAnon/8Chan Sites Briefly Knocked Offline and tie this and the first article together.
Has the Department of Justice not learned anything about why we need security today? I guess they really haven't because a Cyberscoop article entitled DOJ efforts to weaken encryption place national security at risk, congressman says was written by Shannon Vavra and it is quite well written. Rep. Ro Khanna has one message for politicians who continue to suggest technology companies should give law enforcement agencies access to encrypted data: This is a power grab. The U.S. Department of Justice has long called for technology firms to create software that would allow law enforcement agencies to investigate suspects who use encryption to hide illegal behavior. For Khanna, a California Democrat, the tradeoff is too dangerous Most in government do not understand this, and its time that someone really hit the hammer home with this nonsense and lets put it to bed once and for all.

News, notes, and more For a complete news notes overview, watch this space on the blog. I may have posted more than what is covered here, and what I do cover is only a few items from the subset of things I thought would be of interest. We're not going to link to everything, but maybe something else caught your attention that I did not cover. Let us see what you think of the news covered in the program, and of course, the comment boards await you. Things to ponder I honestly didn't see this coming. Now, … for a random breach … a psychotherapy center is something I bring up in news notes, but yet it is a serious thing. In things to ponder, I'll give my thoughts on this one. Its beyond repair.

The technology podcast, podcast 355: 2020 predictions, what do you think today?

Fri, 23 Oct 2020 21:40:16 GMT

As you listen to this podcast, what came true and didn't to date in regards to the 2020 report on what might happen in the security landscape? MyTelespace is currently down, blog posts are on the blog about it, and of course contact info as well. Enjoy!

The Security box, podcast 15: all about the privacy

Thu, 22 Oct 2020 00:56:08 GMT

This is episode 15, the show notes follow. Welcome to the Security box, podcast 15. It was mainly an open forum of privacy talk today.

Armando, a broadcaster here on the mix, was on talking about his experience with Covid and other privacy concerns he had in regards to that. We also got in to a twitter discussion with names we've seen. No mention of exact names are mentioned here but we do talk about this. The Melting Pot, October 9, 2020 and Armando's Testimony can be listened to. These files will eventually expire, so get them while you can. Within the Internet Radio program, go in 86 minutes to hear the discussion.
In hour 2, I start and it continues in to hours 3-4 where we talk about privacy, the Internet, finding information, and other aspects of the discussion as Michael in Tennessee and Indiana both join me for hours 3-4 as part of this discussion.

This week's show lasts about 4 hours, and I hope you enjoy!

The Technology podcast, podcast 354: m-braille, yahoo groups, and discounts for disabled

Mon, 19 Oct 2020 17:04:11 GMT

Welcome to podcast 354 of the technology podcast series. The segments on this podcast are mid-length, but quite interesting I think for a change in pace for this particular podcast. Let's tell you what we're going to cover.

Time to get your M-braille On is the blog post for written communication, but why gripe when this happens to many pieces of software besides M-Braille? It got fixed, and it now works again. All operating systems has its fallbacks when upgrading, and I talk about this.
Shaun Everiss and I talk about Yahoo. Shaun sent me an email which prompted me to create this blog post and segment 2 is all his. Segment 4 is mine.
Its always nice to have a discount, but why do we, the disabled, need a discount? Yes I get it, our software is quite expensive, especially if you use Jaws or the discontinued Window-Eyes. Other pieces of software which include Duxbury and even Braille2000 are expensive. There are discounts for specific cases, but why phones? This blog post: A petition on lowering the cost of an iphone for the disabled? Let’s discuss talks about This Apple Vis forum post: A petition asking Apple to consider discounts for people with disabilities. which has quite a number of negitive comments. I see what was tried with this post, but there are already discounts for phones through the carriers and even through Apple itself through care. I'm linking to my blog post and Applevis in this show notes so you can choose which one you want to read.

I hope you enjoy the program as much as I have putting it together, and I'll see you all on another edition of the program next time.

The Security box, podcast 14 for October 14, 2020

Thu, 15 Oct 2020 22:58:30 GMT

A day late, but its better than not posting at all. The podcast is packed, and I hope you all enjoy it! The Security Box, podcast 14 must continue with the ongoing saga of John Bernard. We've got an article on that. What do you guys think of a passwordless future? Lastpass talks about it. News, notes, comments, and more. Topics:

What do you think of John Bernard? Apparently, the suspect that has been identified as this person walked away with 30 million dollars, and it doesn't stop there. The end of the article claims from one company that they hope that he comes through with his promise. Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M is the article. Could this be the end?
Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password problem? This is only the first paragraph of this facinating article on a passwordless future which will get interesting. The article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future is going to be discussed.
What is up with privacy? Conversations that could go awry because of an innocent conversation. Listen to the segment and form your own opinion.

News Notes: I've done some reading but what about you? Submit things either by voice or text and lets discuss it. Other things: Twit had an event held on October 8, 2020. Here is a sendspace link to that download which I'll have expire in 8 weeks from today. This is the property of twit, I'm supplying it as a courtesy to you. Visit the twit network to learn more about them.

The Security Box, podcast 13: A discussion on Identity issues

Thu, 08 Oct 2020 00:33:02 GMT

The show notes are not lengthy this time, that is because we don't have a whole lot for them. Yes, news notes was covered, yet, we have some interesting discussion. Below, please find the show notes. Welcome to podcast 13 of the technology blog and podcast series known as the Security Box/. On this episode, we are going to cover NCSAM, week 1. The big thing now a days are your security and identity protection when it comes to your online safety. The first article Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis is discussed in a taped segment. Speaking of identity, Preston from Pensylvania is going to be on with an interview that I did with him talking about experience, stories, and the like. We'll also cover some news if time allows. Please make sure that you tune in to the blog web site for all of the news, as NCSAM will be busy and lots of items will be posted. You may want to decide to subscribe so you don't miss anything. Thanks for listening!

The Technology podcast, podcast 353: NCSAM and Identity, Google and More

Mon, 05 Oct 2020 18:26:06 GMT

While the podcast is an hour, I know that I want to do more with the tech podcast in all kinds of tech not just the security landscape. In this podcast, I think I have covered a bit, even talking about some stuff in a different light unlike the Security Box. Here are the show notes. Welcome to podcast 353 of the technology podcast.

NCSAM is out now, its the month of October and its definitely going to be an interesting month. Our first segment talks about the fact that identity theft may be more of a problem now more than ever. blog post
KNFB reader was intigrated in to newsline. People were griping about it on Apple Vis, and may have been in social media as well. I looked at the app one day, and I find it quite interesting but still easy to use. They griped because they had to reverify their info, otherwise known as reauthenticate. KNFB Reader lite works well, and I am glad I have choices. blog post
Michael in Tennessee taught me about Google and pairing to bluetooth devices. While I told my phone to forget the device, I had to go back in to google and get it repaired as I tried to demo how I got it to work. Be that as it may, this was kind of cool. Thanks Michael for this!
On a prior podcast, we covered SSL and what is happening with threat actors today. I intend to write a blog post with my thoughts, but the Security Box definitely covered this. Podcast 12 of the box covers this in a talk show format, but I figure it should be covered here for those who don't want the longer program. Tell me what you think.

The full program lasts an hour, so I hope you'll enjoy it. Thanks for listening! See you on another edition of the program.

The Security Box, podcast 12 for September 30, 2020

Thu, 01 Oct 2020 02:30:45 GMT

Welcome to podcast 12 of the tech podcast series known as the Security Box. Topics:

On podcast 10 of the box, we link to an article about due dilligence. It was segment 2 of that podcast. Just recently,, its time to update this, as now Krebs has an article asking the question: Who is Tech Investor John Bernard? Seems to me that this guy, whoever he is, is not a good guy, and I think I visited the page in the first story just to see what it was about. In no way was I going to utalize the services, but I was mainly curious what the main page had to say. It is funny to see that the site has a general closed message on it, and people still come forward afterword to people like Brian and tell him what has happened to them. This is quite funny, and I think I'll have this as my first topic. Did you read the article linked to in podcast 10, and if so, what did you think? What do you think now?
Apparently, another tech company is hitting the news in regards to a ransomware attack. The company in question put out the same type of info that most companies put out in regards to the breach or lack there of when it comes to personal information that may have been taken. The problem is that the investigation is still ongoing, and even though the article was updated after initial printing, we can't say who is telling the truth. Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack is the article, and I think this aught to be quite interesting. Only time will tell.
APWG is the Anti Phishing working group. This group does work to try and advise security experts and us on how to be as safe as possible. Now they're saying that SSL should not be used in determining if a website is secure. We've known through Phishlabs articles on the blog that the rate of SSL certificates by actors was on the rise, but now we shouldn't rely on it. APWG: SSL Certificates No Longer Indication of Safe Browsing comes from the Phishlabs folks, and I think its worth the read. We also put it in the news notes rundown, and I am sure it'll garner conversation.

News Notes:

News Notes has quite a few items even though I have had technical problems as of late. The weather isn't helping with health concerns as well, so it may not be large, but it is good none the less. If you're interested in the news I've gathered, head on over to this blog post and check out what might interest you. There may be some overlap, but at the same time, you might find something you want discussed that I didn't read.

Podcast segments

Michael in Tennessee is on with us for about 37 minutes talking about one particular article that caught his attention. He and I discuss this particular article, and we even bring up other odds and ends tying this up with other revelant but could be off topic stuff as well. The article we reference comes from Cyber Scoop, and its a good one. FBI hopes a more aggressive cyber strategy will disrupt foreign hackers which was posted to that site on the 21st of September. This article was written by Sean Lyngaas.

Tech podcast 352 for sep 24, 2020

Thu, 24 Sep 2020 16:41:41 GMT

Voice mail systems, are they gone? Covid-19 and the email landsscape, a webinar and IOS 14 and other OS's and whether apps are updated timely if they are broken. Enjoy this 65 minute podcast!

The Security box, podcast 11: a shortened edtion

Wed, 23 Sep 2020 21:55:05 GMT

A shortened edition of the show today, and that is OK. Several topics too. Welcome to podcast 11 of the Security Box. Topic:

Ransomware is everywhere. Last week, Michael in Tennessee sent this article during the show, and I finally got a chance to read it. This time, Newhall schools are effected, and while the advice given in the article is sound, we can officially say that nothing is predictable in this strange year. ABC7 in Los Angeles gives us: Ransomware attack shuts down remote classes in Newhall which has some good points. The article talks about what is being done which includes getting ferenzic folks in there, law enforcement, and other people who may be needed to restore data. The article didn't talk about training. Question, where is the training so people in the district know what to look for when something like this happens again? Ransomware starts with an email in most cases.
TikTok is back in the news, and this can't be good news anyhow. The article Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say is what we're going to talk about, and we'll play this CNET video: TikTok, WeChat ban explained. I didn't know WEChat was a problem, but then again, I've not used that app at all. From what I've heard, its similar to apps for communication like Whats app, and other messaging apps. To top this all off, Michael in Tennessee recently sent me an article in regards to the TikTok Sale to Oracle. The TikTok deal solves quite literally nothing is the article, and it is quite interesting. This whole story aught to get interesting now, but suffice it to say, TikTok is saved, for now.
Open forum: what do you want to talk about? This is your time to shine.

News Notes and things

The biggest topic right now is TikTok and their very interesting developing story as it continues to unfold. Besides that, we've got some recent arrest news and other items in this blog post which has been cut short because of the fact I haden't felt well. The news also covers a Chinese firm who is supposed to do antivirus work being part of apt41. This is going to be interesting.
For the first time to our knowledge, ransomware may have lead to a death for a critically ill patient. The attack was an apparent accident, as the actors gave the hospital the key after it was determined they made a mistake on their target. Hospitals have never really fixed their security problems, mainly because of the lack of funding. This could hurt them now that they know that someone died. Ransomware may have led to the death of a German hospital patientRansomware may have led to the death of a German hospital patient is the article that talks more about this very interesting story.

The Security box, podcast 10, sep 16, 2020

Wed, 16 Sep 2020 23:00:03 GMT

While we didnt have a shot at news notes, we do cover some news and other stuff too. Found something of value? Get in touch! Welcome to podcast 10 of the security box. On this edition of the program, we're going to leave room for Michael in Indiana to talk to us about phone stuff. We'll also have some other stuff as well. Topics

Phishing has all kinds of forms, and the Security Box, podcast 5 only covered a little bit. Podcast 345 of the tech podcast series also covered Phishing. Also, we've covered Phishing in articles that I've read as well. This search page from the blog will bring up everything on phishing that might be of interest to you. Recently, I've learned about tricky types of phishing using services out there that can produce documents and forms for free or low cost. Tricky Forms of Phishing | Tricky 'Forms' of Phishing is the topic on this first segment of the program today. Did you know there are 13 different sites that can produce documents and forms that could trick users in to divulging information they shouldn't? The only one out of the 13 I've used is Google documents, but I'll talk about the 13 different ones in turn. Time to learn.
Recently, I've read an article talking about doing your due diligence . Do you do yours? Looks like a scammer knows how to play it well, and the name seems to be well known. The article Due Diligence That Money Can’t Buy talkes about someone by the name of John Bernard. What a facinating story!
Michael in Tennessee came on about a ransomware attack effecting Neuhal. We'll have more next week on this.
Michael in Indiana will be on talking about phone systems, security, and what he has seen in the landscape as an administrator.

News Due to the time of the interview, news did not get aired this week. I'll keep this for a show next week, and we'll reference this next week. If you find anything from the below section you want covered, you're welcome to have your thoughts heard. Here's the news from this week we didn't cover that might be of interest to you.

News Notes September 12, 2020 is the main source for news this time.

Episode 9: the security box, typosquatting and more

Wed, 09 Sep 2020 01:44:43 GMT

Please check the tech blog for full show notes. They are longer than space permits in these notations. I hope you all enjoy the program as much as I have bringing it to you. We'll be back to Wednesday next week.

The Technology podcast, podcast 351: Telephone stuff, Jaws, and more

Sat, 05 Sep 2020 00:16:09 GMT

Welcome to podcast 351 of the podcast. Some people can't stand the changes in regards to one telephone system and what they did. Shaun Everiss and I team up and I created a page for it. Jaws had an update and I covered all but two. Here is the blog post on that as well. Finally, Typosquatting is discussed in preparation for the next Security Box. All this, and final thoughts and contact info on this edition of the podcast.

The Security box, podcast 8: lots of items today

Thu, 03 Sep 2020 17:33:57 GMT

The show notes are rather lengthy, so please check the blog for full notations. Commentary, topics, and even a segment on lots of other stuff too. Hope you all enjoy! See you on another podcast!

The Security box, episode 7

Fri, 28 Aug 2020 01:38:53 GMT

Welcome to podcast 7 of the Security Box. This week, let's peruse some topics, I'll link to some articles, and you can comment as usual. News, Notes, and much more. Thanks for listening!

Election officials have been warned about Typosquatting domains and how they can be used to bring trouble to their particular candidate. Typosquatting is a big problem, and in a future podcast, we'll look in to what this is. In an article entitled Feds warn election officials of potentially malicious ‘typosquatting’ websites you'll learn what is the danger in the election scheme of things.
I think its time to really bring out a topic. How many people heard of the dark web? 11.6 billion records have been breached and are on the dark web since 2005 according to this article by Lastpass. Is this something we should be concerned with as a whole, or do you think it isn't a big deal? This can only get worse, and the box wants to hear what you think of this. Each year, more companies are breached than ever before and it is definitely a problem I think. There is a way you can scan the dark web for any type of data like an Email address, but is this enough? Lastpass has the capability of doing this for you. The article What are dark web scans? goes in to more details on how this is done.

Looks like Experian can't keep their mouth shut. According to a Cyberscoop article, 24 million South Africans are now at risk because someone potentially opened their mouth. They said the employee was tricked in to disclosing information on a unknown number of people, but the number seems to be a whopping 24 million. No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans is the article and boy if Equifax and Experian haven't learned anything from their prior U.S. things, when will they ever learn? The U.S. stuff were hacking attempts but still ... human intervention is the weakest link in this whole ordeal.
This week in Security News from August 21st covers another article on the 24 million from South Africa and even some other stuff that might be of interest. The tech blog will also highlight things from this article that might be of interest.
Michael in Tennessee went ahead and gave me a heads up on this one. Turns out that a former CSO was charged in the Uber breach from 2016. U.S. prosecutors have charged the former Chief Security Officer at Uber with allegedly covering up a data breach at the ride-hailing company that exposed information tied to roughly 57 million people. Joe Sullivan was charged Thursday in the U.S. District Court in San Francisco with failing to disclose details of the security incident. to the proper authorities. Sullivan, who now works as the chief information security officer at Cloudflare, allegedly committed two felonies by not informing investigators about the hack while they probed the circumstances surrounding a prior data breach. This is great news, and one in which I want to cover in passing. Former Uber CSO criminally charged with covering up 2016 data breach has the full details from Cyberscoop.

The security box, episode 6: is here a mad company? Open forum to boot

Wed, 19 Aug 2020 21:44:11 GMT

Welcome to podcast 6 of the Security Box. On this show, we've got a topic, a very interesting news notes where two articles take center stage, and we'll open the lines for comments, questions, and other things. Topics:

Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren't so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store's rules. On Epic's Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let's discuss this one!

News

The news is quite interesting. This week, if Microsoft continues at its current pace, we'r going to have 1300 plus patches for Windows this year. This month, we learn that there are 120 patches, the 6th month in a row where the patches are 100 and over. This Tech post from last week in security covers this and some other stuff too.
The two articles that we talk about in the news notes is a two part article with lots of numbers and things to think about. Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World is the first and Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (part 2) is the second. The articles are also linked to the blog post for last week in security, but I am bringing them forward here because I really think people need to read them.

Open forum:

Michael in Tennessee came on to talk about his apartment complex and their lack of security with the WIFI setup. While they wanted to make it convenient, it could be a parking lot attack at the entire network.
Michael talked about updating software and how inportant it is.
Michael also talked about smart TV's as well.

tech podcast 350: covid stuff, transit app, and epic games not being happy!

Sat, 15 Aug 2020 00:13:22 GMT

Welcome to the technology blog and podcast, podcast 350.

I can't believe that we've made it to 350 episodes. In 2017, I didn't publish much because of the constant breaches, but in 2018 we've come to find out that we must continue this work. I reflect on this in the first official segment.
Several segments are videos with Covid 19 stuff as well as a short video segment from Twit dealing with Tik Tok. Nothing is set in Stone.
Katie Monroe from Transit App joined in the AAC meeting from August 13th's meeting. Lots of accessibility work was made and not just for people who are blind.
Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren't so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store's rules. On Epic's Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let's discuss this one! If not side loading, what about the terms of service aspect?

The program lasts 1 hour, 10 minutes and I hope you enjoy!

The Security Box, podcast 5: Phishing and its different forms

Thu, 13 Aug 2020 00:33:33 GMT

Today was quite interesting. The numbers in phishing are staggering according to the APWG. Links to the main article we use and a podcast re given. There's plenty more to cover in this space. Podcast 5 covered Phishing and its various forms. The main option we used was Wikipedia, but we also link to F-secure and a podcast talking about what this is. There is one aspect we did not cover which I think we should. Our things to ponder segment was a little adult in nature but appropriate in today's environment of social media and the things that are allowed and not.

Episode 25 | The Psychology of Phishing F-Secure
025| The Psychology of Phishing f-secure sound cloud
What is the CFAA and why has it been a problem? The technology blog

The show lasts 3 hours, 32 moinutes, and I hope you enjoy! No major news notes segments.

The Security Box, podcast 4: News, notes, breaches, the CFAA, and more!

Wed, 05 Aug 2020 22:59:38 GMT

Welcome to podcast 4 of the Security Box. On this show, we've got one main topic, a very interesting talk by Shaun Everess about a big time breach which effects GPS, news, notes, and more! Our main topic: Our main topic is the Computer Fraud and Abuse act. What is it? How did it come about? Do you think its working?

What is the CFAA and why has it been a problem? The Technology blog and podcast

Shaun's topic Shaun Everess talks about some blog stuff, but he also talks about a big time GPS hack that could possibly be effecting all of us in some aspect. The topic is also being cross posted to the technology podcast as a whole, but I'm putting it here for comment by this podcast.

This blog post from the Technology blog and podcast This has to be the biggest breach to date gives my thoughts, along with Shaun's email. It also links to the story both linked in his email, and actually linked at the bottom.

Are you concerned about your news? Find something on a news site you may have heard on the tech blog or another source? https://technology.jaredrimer.net/2020/07/28/russia-targeting-corona-vaccine-were-no-closer-news-sites-are-late/ is the blog post from the tech blog, yet I read about it on one source, and found it on my news source while looking for something else.
COVID closures means more to business ID theft than you think from the blog talks about business compromises that will go beyond your technology. Lines of credit can help you get things for your business including technology things. Ever thought you'd be a problem?
Lastpass has an update in regards to their Phishing post earlier is quite interesting as we continue to talk about Phishing. This isn't going to be the only article I blog on the topic, please view the blog article section for more.

Florida Teenager arrested in massive twitter hack, two adults also charged The Technology blog and Podcast leading to three articles, two from news specific and one tech related

Tech podcast 349: Jaws, Twitter, Braille2000 and more

Tue, 04 Aug 2020 18:48:40 GMT

Welcome to the technology podcast, podcast 349. This program is almost an hour and a half, and is packed with tons of stuff. Contact information is given throughout the program, so please get in touch!

Have you ever seen notations talking about fixes for screen reader users? Firefox fixed a very nasty crash with Jaws, but besides that, other screen reader updates were made to Firefox 79 which has recently been released. You don't normally see fixes for access tech so this is quite a surprise and a welcome change. Thanks Firefox! blog post
Shaun Everess, my second admin, is along with a segment talking about one of the biggest breaches I believe we've seen. This one, deals with a well known brand most people will be familiar with. Besides that, Shaun talks about the Spam problem I've been trying to fight for years. >blog post on the breach and find updates through the blog in regards to what he did for the Spam problem.
I have a twitter update. first blog post and second blog post
B2K is finally talked about on another podcast besides this one. In a long awaited podcast, Blind Bargains Interviews Jared Rimer who talks about the program, braille transcription, and more. Segment starts 15 minutes in. blog post
I give a talk on two different articles I've recently read on Krebs on Security dealing with credit and debit card fraud and EMV payment processes. This recent blog post should've been posted after I recorded the segment, but does link to the two articles.
Michael in Indiana talks about two different items. The first, is a very interesting Comcast story which turned out great. The second, an unconfirmed report about Microsoft buying Tiktok. We talk about TikTok as South Korea was fining this Chinese App maker due to Coppa violations and big time ones too. I also have comments following a video I found through the BBC. blog post

Contact information, and information on what is going on in the security box ends the podcast. The total length of the file is 1 hour, 26 minutes. I hope the wide variety of topics is of interest to you. I'll be back with more on the tech podcast very soon. Thanks so much for listening!

The Security Box, podcast 3: COPPA and its effects

Wed, 29 Jul 2020 22:35:55 GMT

Welcome to the Security Box, podcast 3. We really only have one main topic here. We also include news, notes, and other things in passing.

Children's Online Privacy Protection Act Wikipedia
The Childrens online privacy Protection act is here, not following the law by Tik Tok The Technology blog and podcast

We'll have two segments on things to ponder where personal information is concerned, and we'll also have your comments, questions, and concerns. I hope you'll enjoy the show as much as i have putting it together! Thanks to everyone that decided to participate during the live program. Remember that if you listen through the podcast, your voice still counts, so get those emails, imessages, texts, or whats app messages to me. Contact info is given throughout the program, and thanks so much for listening!

The Security Box, podcast 2 for July 22, 2020

Thu, 23 Jul 2020 00:30:51 GMT

Welcome to the security box, podcast 2. On this podcast, Twitter takes center stage as it suffered a very interesting security problem they need to solve. People have said it was a big time breach, but as you'll soon find out, unless you read the tech blog, there is more to the breach. Yes, accounts got breached, but we know there is other info. Articles are listed here for you to review. Besides that, find out about a big time breach article which was a two year look at many different breaches within a two year period. Also, find out about a piece of malware making a huge return on how it can't! be trackable now a days and what the threat actors are up to. Depending on time, not everything may be covered. If you see the rundown and you want things covered we didn't get to, please let us know! The links to news items are in no particular order, we provide them in the order I put them in. Of course, please contact me through the contact the dj's page on the mix or through the tech blog itself. Thanks so much for listening to the program, and we'll be back with you next time!

Scammers hijack Twitter accounts of Joe Biden, Bill Gates and others to promote cryptocurrency Cyberscoop
Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store The Hacker News
Twitter Hacked in Bitcoin Scam Trend Micro
Around 130 Twitter accounts targeted in bitcoin scam hack, company says Cyberscoop
Account Takeover Attacks Cause Chaos @ Twitter Phish Labs
An update on our security incident twitter blog July 18 2020

In a future podcast, let us talk about the CFAA and whether you think its been effective. Even still, lets possibly talk about Coppa. Have any topics you want discussed security wise? Have terms you don't understand? The box wants to hear from you!

The Technology podcast, podcast 348: VAC, Mac, and chinese software

Wed, 22 Jul 2020 15:12:20 GMT

Welcome to podcast 348 of the technology blog and podcast series. I've decided to change it up a little bit with a different spin on the security aspect, as well as talking about a piece of software that I've once used before, but yet, need it again. The setup was quite easy, and I pretty much did it on my own. Then, what do you get when you have to think about the security of your software you use to do your work? What about the type of computer you use such as Windows, Mac or Lynux? Full thoughts and links to items follow.

Virtual Audio Cable is a piece of software that acts like a mixer. We've talked about it once before, and I believe we've demoed it. Its back as I talk about the Security Box and how I'm putting people on air.
What do you think about when you think of the Mac? Its not known for viruses, trojans, and worms. However, with this latest development, I begin to wonder if the Mac will start receiving more problems like Windows has for many years. In this article entitled Updates on ThiefQuest, the Quickly-Evolving macOS Malware from Trend Micro, really makes you think. Its got lots of images for those who are sighted,, so you might want to check it out as I talk about it and other operating systems in general.
Finally, what do you think about if you were told to install something that you had no idea had a back door? In this article Chinese banks require clients to use tax programs laced with backdoors, report says posted on Cyberscoop, I talk about it and how I'd handle that. I never saw the day that software would be laced with malware and a bit of social engineering would have you install it just to get your work done.

The program is 1 hour and 8 minutes long, and I hope you'll enjoy the program as much as I have putting it together for you. Thanks so much for listening!

The Technology podcast 347: Blue Leaks, Twitter, and Braille Transcription

Fri, 17 Jul 2020 03:37:34 GMT

Here are the show notes for this program which is podcast 347 of the main tech series. Welcome to the technology blog and podcast, this is podcast 347 of the series. On this podcast, a longer segment on the Blue Leaks issue which I take you the article. Here is the blog post that is linked in the first Security Box which was issued yesterday. Next, Twitter apparently got hacked, or did they? We've been publishing blog posts as we learn more with my thoughts, and we'll be covering this on the Security Box next week. Finally, i have a braille transcription update as I deal with assignment 19. We'll definitely have more news coming out of the twitter camp. What a mess.

The Security Box, Security podcast 1

Wed, 15 Jul 2020 21:19:15 GMT

This will be the home of the podcast of the Security Box, just security talk on the mix. Articles linked here to topics I've talked about. Welcome to the security box, podcast 1. While we're playing a wide variety of music, the music will not be part of the notations. We're only going to link to things talked about as part of the show itself. The show will be part of the Tech podcast series, but hosted through the independent channel of the suite of servers. I hope that you'll be enlightened by the discussion, and I encourage discussion. If listening through the podcast itself, contact me through my tech address used through the tech podcast. Mix listeners can contact me through the contact the DJ's page of the mix. Thanks for listening!

Dark web Wikipedia
Target’s Data Breach: The Commercialization of APT | SecurityWeek.Com. Security Week
There is doubt in evidence in a case of an alleged Linked in and dropbox hacker the Technology blog and podcast
We have an update on a prior story on a Russian Hacker who was found guilty The Technology blog and podcast
Blue Leaks, this is as bad as it gets The Technology blog and podcast
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy Krebs on Security

Tech podcast 346: Transit App, Capital One, TNO, and Everify

Thu, 09 Jul 2020 20:24:20 GMT

Welcome to the technology blog and podcast, podcast 346. Last podcast was at the end of May, and a lot has been going on around here health wise. I'm definitely feeling better, and I've got quite a bit for you.

At the end of May, beginning of June, Transit App was announced to be the Los Angeles Metro app of choice, changing the landscape of $240,000 in costs. Here is the blog post that I wrote which also links to Los Angeles Metro's blog as well. Let me know your thoughts on this one!
What does Capital One have to hide when it comes to their breach? After my health issues, I've been thinking about what to put in to the podcast, and I thought this would be good to talk about. This blog post links to an article that goes in to detail about this intriguing case. We already know Capital One was at fault, why are we continuing to hide it?
I recently penned an article asking about the state of Antivirus after someone emailed asking me to put Eset's web site in a 2017 blog post. Instead of doing that, I mention Eset and several good antivirus products in this blog post where I quote an email that Shaun Everess wrote in a forward talking about 2004's Windows 10 version. He's not wrong in his thoughts in the comments, but I still think we're at a disadvantage.
Michael in Indiana has every reason to get mad at TNO. TNO stands for Trust No One, and he had no idea an app he used was this way. I also leave my thoughts.
Finally, hot off the presses, a blog talking about another Government web site. The DHS has to be ashamed of itself! It links to an article recently penned by Brian Krebs about a web site called everify. We should be passed this ordeal when building web sites, should we not?

Do you have anything you want to comment on? Please get in touch by contacting me. The web site and blog have contact info, so please utalize it. I hope you enjoy this podcast, and I hope to get back in to podcasting more regularly.

The technology podcast, podcast 345: parcel track and cat fishing

Thu, 21 May 2020 03:30:22 GMT

Welcome to podcast 345 of the technology podcast series. This time, no covid-19 material as I have quite something different lined up for this podcast. I'm sorry its taken this long to release, I've not been feeling well, but the wait is worth it, as you'll see.

What type of app do you use to track your packages? Just before podcast 344's release, I had a hair, and decided to go searching for a replacement. Parcel Track was found and demoed. Some things including notification fixes were pushed out after the recording, the basic demo will give you an idea on what it is about and how it works. In the first segment, I talk about what I had used before, and introduced Parceltrack. The second segment was the demo itself.
Have you heard of terms such as catfishing or catphishing? Yes, thats awesome! I have but not really looked up what it meant until I found a Cyberscoop article talking about a well known figure that does cybersecurity work in the government who was impersonated. I did some looking up, and what I found was quite interesting. Both spellings of fish (phish) are used in this and it was quite facinating. Read the featured post for May 20th, Catfishing, Catphishing, what are they? for more on this, and it links to the Cyberscoop article.

Contact information is available for everyone at the end, and I hope you enjoy the program as much as I have bringing it together for you! Thanks so much for listening md feel free to reach out.

Tech podcast 344: lots of interesting stuff

Thu, 30 Apr 2020 03:10:55 GMT

Welcome to podcast 344. On this podcast, we've got quite a bit for you.

We've got news notes of varying kind.
I demo and talk about something I recently learn on the iphone thanks to Michael in Indiana.
I talk about Kreb's article about moving money and how one can get duped. Krebs on Security: When in Doubt: Hang Up, Look Up, & Call Back which is also talked about on the tech blog.
Getting forms in a different language than you speak? We got two applications at MENVI which we are now not going to process based on advise given to us.

I hope to have another podcast really soon. Thanks for listening to this one, and make it a great day

The tech podcast 343: Covid-19 with lots of twists

Fri, 10 Apr 2020 23:57:48 GMT

Welcome to podcast 343 of the technology podcast series. This podcast is covid-19 based with a webinar done by Mikko Hypponen to a conspiracy theory which we'll play the audio and comments from Michael in Tennessee. To boot, a video about 10 minutes dealing with 5G and the prospects of whether it actually gets you sick. The podcast is a little over an hour, and I hope you enjoy it! Thanks so much for listening.

Episode 342: Corona Virus lures cyber criminals

Wed, 25 Mar 2020 04:11:02 GMT

On this podcast, I've got a webinar that I would wait on, but its too important. Cyber criminals are taking advantage of this pendemic. I briefly talk about what the webinar has, then enjoy this 57 minute webinar which ends the podcast. Here's the blog post with the link to the webinar so you may get the slides if you wish. Thanks for listening!

Tech podcast 341: cheating, B2K, Corona, and mailboxes

Wed, 18 Mar 2020 01:25:27 GMT

Welcome to podcast 341. We've got a bit of stuff for you for an hour podcast.

The topic of cheating came up within the dice world community. Dice World is a game that now has chat rooms in it. I've covered this on my cast before, but someone wanted to cheat in other games, and questioned their participation in the tournaments.
I cover Braille2000 and setup as a blind person. I've got a write up on it as well. Read the write up: Getting Started with Braille2000 as a Blind Person for more.
I cover a little bit of news on the aweful change in our lives with the Corona virus, although I cover this as a tech related thing. I've got blog posts covering this, so just go peruse that.
Finally, Shaun Everess comes along and asks a question by email about letterboxes and why they've gotten smaller. Here we call them mail boxes, but it is pretty much the same.

Our contact info is at the beginning and end of the podcast, and I hope you enjoy the hour long program!

Tech podcast 340: news from NLS, apple, microsoft, phishing, scams, and ssl

Mon, 02 Mar 2020 19:56:04 GMT

Welcome to podcast 340 of the technology blog and podcast series! This is the shows notations, and there's plenty.

Braille Book Review is a magazine put out by the Library of Congress's National Library Service and there's probably info that may be of interest to some.
Michael in Tennessee and I are to talk about Apple, Microsoft, Phishing, and scams.
SSL and TLS can go hand in hand with that discussion because I had an incident with a cert expiring, and so did the domain. Bad combo!

Contact info is found on the podcast both at the beginning and end of the program, and I hope you find this podcast of value. Thanks for listening to the program, and remember to leave those thoughts! They're very valuable. See you on another edition!

Tech podcast 339: Phishing Insites on Social media, Tmobile and Sprint merge, and news notes

Tue, 18 Feb 2020 19:47:44 GMT

Sprint and Tmobile murge, blog updates news notes and more, and Phishing insights and social media scams from a bebinar. Contact info at the beginning and end of the program.

The Tech podcast: 338: IHS vulnerability research

Tue, 11 Feb 2020 21:09:06 GMT

Welcome to podcast 338. I catch up with you on my workings on the Braille Transcription course and the work I'm doing with it now. After that, we bring you the IHS vulnerability research webinar from December 2019. I thought I had the link to the blog post talking about this webinar, but I guess I didn't post it unfortunately. I've posted some but need to do a better job on it. If this wasn't december's, it must be November's, but be that as it may, its a great webinar. My contact information is made available at the end of the program as usual, and thanks so much for reading and participating on the blog!

The Technology blog and podcast, podcast 337

Sat, 08 Feb 2020 23:28:58 GMT

Welcome to podcast 337. While we've got some corrections by Shaun in regards to last podcast, one of the biggest topics I think you'll want to get your paws on is buildings being connected to the Internet. I'm not kidding! I've got a blog post with the article of the same name: Hackers are hijacking smart building access systems to launch DDoS attacks and this is definitely something to think about. Also on the podcast, we've got a dumb criminal award for the podcast. If you're going to commit a crime, you want to try and hide like a lot of America's Most Wanted's criminals did. Thats why they were hard to catch, and eventually, a lot of them were caught. A great story on how not! to get caught in cybercrime? is my blog post, and I link to Brian Kreb's coverage of this. Finally, although not in the exact order of the podcast, we've got my discussion of the infamous 404 page and how it helped me fix a bug on my own web site. Building a 404 page that helps fix bugs is the article title, and it was definitely something interesting. While the code I wanted displayed didn't show, the fact is, we can fix our error pages to help us fix those pesky mistakes in code. Contact information is available on the podcast, and even available on the blog. Feel free to utalize it, and we'll see you on another edition of the cast!

Tech podcast 336: lots of topics from Password Managers, reports, Braille, and more

Sat, 01 Feb 2020 20:41:15 GMT

Welcome to podcast 336 of the technology blog and podcast series. I've got quite a number of things of varying topics in today's program.

The first segment of this program covers this blog post: A very comprehensive password manager review and Lastpass gets a poor review even though it has great features, up front postings of any security issue, and no data lost to date. Why? What gives? Thanks to Consumers Advocate for bringing this to our attention by sending an article, but this is definitely sad. Most of those items I've never heard of.
The second segment covers news, notes, and items posted to the blog. The tech blog has posted more since the recording, and you may be interested in a topic that has been posted, so get in touch!
I have a Braille Transcription update on assignment 17. Assignment 17: I passed! and Assignment 17 has been submitted for grading. I'll have a full write up at some point in regards to assignment 17 through Braille Transcription as a blind person at some point.
I've talked about scammers that have contacted me to try and hook up. They never call. but yet, they want money, gift cards, and hangout connections. Scammers hitting the blind, same as my talks earlier is the blog post that talks about this in writing. Dice World wants to know about players who are engaging in this behavior, please contact them if you feel the activity you're experiencing is questionable. Thanks Dice World for listening to the community! You really do care about safety and security, great job!
A recent article sent to us by Mary, a brand new contributer I've made available to the blog. I cover some statistics on this porgram, and More than 70 cybercrime statistics – Soon to be a $6 trillion problem is the blog title and accompanying article linked within. More from this facinating report will be discussed on another podcast.
Finally, Shaun Everess is along. He sent me an email recently, and his thoughts got me thinking. I address his email on the podcast for everyone to hear what I have to say. Facinating stuff, Shaun!

Contact info is of course at the end of the program, and this program is over an hour and a half this time. I hope you enjoy the wide variety of topics on this podcast, and I'll be back on another podcast very soon! Thanks so much for listening!

technology podcast 335: Predictions, AVA, and an interesting braille display

Wed, 15 Jan 2020 03:43:36 GMT

Welcome to the Technology podcast, podcast 335. On this edition, we do talk about a few things including security, transportation, and braille, but in a different light. Translation software was talked about in the talk, but nothing too specific. Here are the topics.

On our first segment, Trend Micro's 2019 report and 2020 predictions. I talk about the numbers and what sticks out with me. Incidently, the webinar that they'll do this month is dealing with the predictions for 2020. I'll blog about that after I get a chance to read the email. If you want to read my blog post about the threat report and predictions please go to the blog post entitled: Question: Are we looking for more or less threats this year and if so what kind? from blog The Technology blog and podcast and it links to the article in question.
On the second segment, we talk about the automated voice announcement system. Every bus here is supposed to call stops and every train is to call stops too. While it is technology, and it fails, the failure is also within the drivers. It has to work both ways, and my talk which will be presented on Thursday, January 16th, at an Accessibility Awards Luncheon will talk about this. At some point, we must have drivers and passengers work together to get passengers to where they need to go safely. How is it for you in your area? How is the AVA specifically for you? Lets talk!
Finally, the canute 360 is discussed. This blog post which was posted on the 10th talks about where to go and links to Blind Bargains. I attended this forum, and what I learned was quite interesting. I didn't stay long for the questions and answers, but the presentation was quite interesting. Its supposed to be made available for listening at some point. I do want to catch this so I can take the time to listen to the rest of the questions in case there is something else I can learn.

Finally, what is coming up on future podcasts and contact information. I hope you will enjoy the program as much as I have putting it together for you. I look forward in hearing from you!

email/imessage tech at menvi.org
text/whats app 804-442-6975

If you have other social media, you can use that. The Jared Rimer Network has all contact info made available and links to social media as well. Thanks for listening!

Tech podcast 334: Yahoo! SBC Email, B2K tutorial, and the Internet gone for 24 hours discussion

Thu, 09 Jan 2020 18:30:28 GMT

Lots of things here including a discussion found on the blog in regards to a vdio out there about the Internet being gone for a day. I take that discussion and turn it in to my own. Hello everyone, welcome to podcast 334 for January 9, 2020. We've got a very interesting podcast comoing up, lets tell you whats on it.

What has been going on with SBC Yahoo! mail? Looks like they aren't communicating with their customers about potential problems. I don't think this is right, and my blog post entitled Yahoo forcing random password resets … am I the only one supporting someone having trouble? goes in to detail about this in writing.
As I tlak about what I want to do with the podcast, I give you the beginning of the Braille2000 tutorial I have created in regards to the talking edition. Go to the Braille Transcribing as a blind person web site to learn more, and download the full tutorial which is based on the documentation. We'll have more from this tutorial over time.
In commentary from last podcast, Shaun Everess talks about how there is a video out there talking about not having the Internet for a day. Instead of linking to it I take this talk a little bit further by talking about it but bringing up the loss of power to boot. What would we do if one, the other, or both occurred? Lets take this for a spin.

As always, contact information is going to be available at the end of the program, and I hope you enjoy this podcast. The podcast runs over an hour in length. Thanks for listening, and make it a great day!

Technology podcast 333: January 6, 2020

Mon, 06 Jan 2020 18:21:57 GMT

Welcome to the first podcast of 2020, podcast 333. Below, please find a list of items and links where applicable as the topics of the podcast are listed below.

Breaches galore, the epidemic of whats happened in the last decade. Are we really looking for more trouble, or will it slow down?
Freshbooks: thank you so much for giving me a great reason for talking about you today. On this podcast, I talk about how I had to reinstall the Freshbooks app, and how easy it was to reauthenticate with my account. I was afraid that I was needing to grab my 20 character password and paste in the password field. Not anymore!
Twit.tv has a new sponsor on their list that spomnsors segments on Security Now. Sadly, I can't take advantage of it at this time, but it looks like something we could've and should've had many years ago. Learn about privacy.com and see if it will meet your needs.
Michael in Indiana and I talked about software and reminisced about the old days of how downloading the wrong software wasn't fatal, but just a havoc. Today, this isn't the case. I mention Stuxnet as an example of software that was developed and it did some real world damage. Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon: by Kim Zetter is the name of the book and its author. I read this through Kindle and I may have talked about this on my podcast when I did. If this is the first actual weapon that destroyed data and things that were going on, is something else being developed we yet don't know about?

As usual, our contact information is at the end of the program, and I hope you enjoy this first podcast. I'll be back on another edition very soon. Thanks so much for listening to this 71 minute program!

Tech podcast 332: Iphone 11, awards, and braille transcription

Wed, 25 Dec 2019 18:30:18 GMT

Merry Christmas, this is the last episode of 2019. Welcome to the final edition of the technology blog and podcast series for 2019. Trust me, we've got a lot more coming, but this is the final podcast of 2019.

My initial thoughts on my brand new, Iphone 11.
Brian Krebs gets an award. Several other members of the security field was also mentioned as needing the award more than Brian, but CISO MAG Honors KrebsOnSecurity is the article Penned by Krebs.
I have a segment on Braille transcribing as a whole in particular to Braille2000 and not specific to the assignment as a whole. I found this quite interesting, even while I did the talk.

In the first podcast of 2020, I'm going to talk about a company I feel we should've had around about 10 years ago if not sooner than now. Its an advertiser of TWIT, and boy, if it doesn't fit my needs, I feel it may meet others. We're going to start with that, and even more as we continue the transcription course, my Iphone 11, and who knows what else we'll cover by this podcast as next year gets started and beyond. Until next year, thanks so much for listening to this podcast, and I'll be seeing you very soon!

Tech podcast 331: Dec 15, 2019

Mon, 16 Dec 2019 02:06:54 GMT

On this podcast, NVDA gets updated and its a breeze! Assignments 17-19 are talked about and I want your thoughts. A webinar that caught my attention, and web design and why links are all over the home page.

Tech podcast 330

Thu, 28 Nov 2019 18:34:55 GMT

On this podcast, B2k news, domain buying, and news on hospital mortality rates when ransomware and other attacks happen.Hospital breaches leading to more heart attacks? You bet! from blog The Technology blog and podcast Thats the name of the article and its linked from me. Very facinating read.

Tech podcast 329: November 5, 2019

Wed, 06 Nov 2019 04:08:18 GMT

Welcome to podcast 329.

How can we keep ourselves as safe as possible when databases that companies hold them online? I completeluy understand the aspect of why they need to do so. It isn't possible for them to store it like I do, and its just becoming a problem. A telecom company breached, mongo DB to blame is the blog post referencing this segment.
National Cyber Security month is now complete. Why? In this ever changing landscape where everything is online must we have only one month to teach how to be as secure as possible? Please check out my blog post penning this topic: NCSAM is over, shall we stop teaching for my written thoughts on this important topic. Its something we should be discussing, and we should be discussing it all the time.
I found an article through dark reading, and instead of covering that, I think we should try to discuss it in a different light whereby we ask how consumers can be safe in this time of major security problems. It isn't just the entity that we shop at that should be the main problem, it is in both things. Merchants need to fix their security, but shoppers need to be careful and some tips are discussed on what we can all good.
Dice world has some interesting updates and I tie that in to other games and the accessibility landscape. There is always something to learn and I'm happy to see what happens as we continue to grow.
Michelle Dyer was a dear friend of mine. I let the domain go because I was under the assumption that the domain was not needed. Family contacted her closest friend, contacted me, and I've relaunched the domain on October 31st. Due to some other technical issues I could not fix, the domain is now relaunched and I only made some changes to clean some outdated info. Please click on this link to go to the Michelle Dyer Memorial page where you'll find tech podcasts to download that she was a part of. We thank each and everyone for your continued support of my work.

The track I selected for this podcast comes from the artist Ehren Starks from the depths of a Year. Contact information is also available at the end of the program. Thanks so much for listening!

Tech podcast 328: wrapping up NCSAM and other stuff too

Sat, 02 Nov 2019 01:42:32 GMT

Hi folks, welcome to podcast 328.

Transportation: can we use something like Navi Lens in conjunction with apps like transit app, Go Metro, or other apps to get us around by bus or train?
Making The Smart Bet On Cybersecurity
Whats going on with web threats? The October webinar by Trend Micro
Protecting Our Children Online
Contact info

I hope you enjoy the program.

Technology podcast 327 for October 27, 2019

Sun, 27 Oct 2019 21:31:03 GMT

Welcome to podcast 327 for October 27, 2019.

What do you think about giving out or phone numbers? I'm not talking about business, I'm talking about phone numbers for personal use. I heard this on a telephone line on a bulletin board, and got to thinking.
VPN services is the next topic. I'm looking at express vpn as they were talked about on a prior post on the blog through tech warm. My thoughts are on this one.
I'm putting a feeler out there. On this third segment, I'm curious on your thoughts on the braille transcription course as a whole. I know I have had some struggles, but i'm curious on other people who have taken the course or are still taking it with me. Contact me by email for a phone call, as I'd like to discuss it with you.
Cachet Financial Reeling from MyPayrollHR Fraud is the next segment and the article is linked here. What an interesting story here.
Best Practices for Defanging Social Media Phishing Attacks is the final segment and lots of terms given here and info. This could be put under the NCSAM category as the cyber security awareness month is coming to an end.

Please feel free to contact me on the podcast contact info given, and I look forward in hearing from you!

The Technology podcast 326: Dice World, NCSAM, braille transcription and more

Fri, 18 Oct 2019 02:00:51 GMT

On this podcast, Jaws and firefox's latest version. NCSAM should be all the time, yes or no? We've got a braille transcription update, and Dice World has a new layout.

Technology podcast 325: Door Dash, NCSAM, Scott's new book, and more

Sun, 06 Oct 2019 23:37:10 GMT

Welcome to the technology blog and podcast.

Doordash is the latest major breach, lots of coverage on it. It happened between the release of 324 and now. Is this the beginning of the end? Here is the blog post on it.
There is some commentary left by Joseph. We'd love to hear more on what you have to say, so please leave thoughts on segments.
Password managers and phone calls is the third segment as we start NCSAM. Here is the blog post on phone numbers which should be really discussed. JHere is the blog post on password managers as well.
Scott Schober wrote a new book. Here is the blog post on this book. I talk about chapter 3 specifically, and my thoughts on it, as it did hit home for me.
Finally, I've got a braille transcription update as I continue to struggle with assignment 15. I think I'm almost there! Thoughts?

My contact information is available at the end of the program, and thanks for listening.

tech podcast 324: Scott Schober's new book, one I finished, and two interesting articles

Sun, 29 Sep 2019 22:27:15 GMT

Welcome to podcast 324 of the technology blog and podcast. On this podcast, we've got two different books that are talked about. The first is one that I've already read, the second is one that I'm going to read and preordered through Amazon. Finally, I've got two articles that I talk about. One is in regards to a school system teaching the parents of their students the dos and don'ts of social media. Finally, an article which wasn't tech related, but yet it was bullying. What would have happened if this turned to online bullying and the same type of injury took place because of some cyberbully(s) who wanted to cause him harm? The only issue is that this child was 8 years of age. All of this, on this edition of the tech podcast.

The book Scam Me If You Can the Tech blog and podcast September 22, 2019
Scott Schober writes new book, will be out October 1 The Tech blog and podcast September 22, 2019
Are your kids being safe on social media? A school district is teaching the dos and don’ts of social media The Tech blog and podcast September 22, 2019
8-year-old Texas boy suffers brain injury after attack by bullies Fox29 news (no date given)

One thing I should mention is that Scott's book is available on Amazon as a non-kindle purchase, Kindle will be released October 1. He offered to send me a released copy, but since I can't read print, I'll wait for the digital version. Thanks Scott for offering to send it, it was appreciated. Thanks for reading the notes, and feel free to leave those comments! Contact information is available at the end of each and every podcast.

Tech podcast 323: Ecuador gets owned, Philmore, and Braille

Sat, 21 Sep 2019 00:21:07 GMT

Welcome to podcast 323 of the technology blog and podcast series. On this podcast, we've got several segments for you.

What do you see when you hear or see the words "heat stroke?" It isn't anything to do with the sun, and this I saw while working on the prior podcast. blog post
Three items in one, dealing with the company Philmore Productions. Have they learned anything? Two messages and an accompanying blog post on the subject indicate probably not. I'll be caucious and indicate that things better change, or it will more than likely be the end. We'll have to see. Please read the blog post, as well as listen to two messages in his own words. Let me know what you think of this one.
In two segments, I cover the transcription course as well as talking about braille in general in regards to paper braille VS display braille.

I hope you enjoy the program as much as I have, and thanks for listening!

Tech podcast 322: Philmore and tech gone wrong, braille transcription, and more

Mon, 16 Sep 2019 16:45:51 GMT

https://en.wikipedia.org/wiki/PhishingWelcome back to the technology blog and podcast, this is podcast 322 of the continuing series covering everything tech including assistive tech, self driving cars, the security landscape and more. This podcast is packed and even three articles that are on one topic, Phishing. Lets take this opportunity and give you the breakdown of today's program, and I hope you'll consider contacting me with your thoughts and comments on these topics.

Philmore Productions has had it bad with the technology as of late. I put a senario in place as a thought piece. Let me know what you think.
An unofficial report on assignment 15 was released, where I knew I had to fix some things, and yet I have read everything. Its going to get interesting once I'm ready, and I've sent my official assignment. Still pushing through.
A self driving car has had it bad. This isn't the first for this make and model, and I have a hunch that this can be fixed. The strech of highway, according to the article I read, is to blame, where something wasn't fixed, and the car got in to an accident. Multiple cars got in to an accident at the same spot. California highway barrier not repaired before fatal Tesla crash from blog The Technology blog and podcast is the article, and it links to the article of the same name where you can read more.
In our Phishing segment, three articles come together with some alarming statistics. Its not going away any time soon. The first article which caps off this segment is entitled Why Social Media is Increasingly Abused for Phishing Attacks. Just take a look at this stat: "In 2018 we found that the abuse of social media increased by near 200%" and if thats not enough, Phishlabs expects this to increase. I am not surprised, and this article is linked to other material. In another article Cybersecurity: 99% of email attacks rely on victims clicking links which means we need to continue to teach. Its OK to be curious, but yet, you should know the signs and we need to make sure we slow down and look at what we're clicking on. Finally, to cap this off, Techwarm, a contributer to the blog, posted What is Phishing: Learn How to Protect Your Company which also links to some things and a great article to boot. All of these articles are put together in a nice package and tied up with a bow.

I hope you enjoy this 73 minute podcast. I'd also like to thank Amadeus, maintainer of Live Wire for putting this podcast as a podcast on Live Wire. Besides my show at 2276, people who read the RSS can now subscribe to a board to get the podcast if they wish. That board number is 974, so enjoy your options! Thanks so much for participating, and we'll see you next time!

technology podcast 321

Sat, 07 Sep 2019 22:05:04 GMT

In the better late than never department, I put podcast 321 together on the 2nd. Welcome to podcast 321 of the technology blog and podcast. In no way am I complaining at all, but I really think that braille transcription software, no matter what you use, should be a tool. When I started lesson 15, discussed in full in the first segment, I found that I seemed very confused. Its not graded yet, and I'm sure I have a few things to correct before my first submission, but I'm confident I'll understand it. This article entitled Transcription software can’t do it all: Even Braille 2000 doesn’t have every possibility is a written aspect, but the first 30 minute segment goes in to an audio detail of the lesson and my confusions. Next, a very interesting ted talk dealing with storing data and DNA. I mention telephone systems including Live Wire, MyTelespace, and Philmore Productions Voice mail as examples of systems that could utalize this if it were to ever happen and how Philmore Productions could do things better and how Live Wire hasn't lost any data because of a different backup routine. No trashing is going on here, but the talk and the recent Philmore Productions news about their data made me think about this a little more. Next, Armando is along with a very interesting talk about the Iphone and how we can utalize it without a home button. I relate an experience with a supervisor of a company when I showed him how Voice Over worked, and he didn't have a home button. Contact info on both sides of the program is given. Thanks for listening!

Tech podcast 320: what tech do I have?

Sun, 25 Aug 2019 18:58:13 GMT

On this podcast, Sonos, google home, the front door lock, and even a braille transcription update as well. Also, Aira and their announcement of a free 5 minute service which I've utalized and its very efficient.

Technology podcast 319: its been awhile, and we're packed

Sun, 18 Aug 2019 23:31:52 GMT

We're packed on this episode, but yet I've made sure we've got a wide variety of stuff. Tech podcast 319 has Philmore, is it getting worse? The Capitalone Breach since we've been gone, Braille Transcription, and more. Enjoy!

Tech podcast 318 for July 2, 2019

Fri, 05 Jul 2019 03:15:44 GMT

Welcome to the tech podcast, this is show 318. I'll be in the process of reloacting, so this may be the last podcast until the relocation is complete. I'm hopeful that the relocating process will go well, and I'll be available through contact methods mentioned throughout the program should you have questions and concerns.

We talk about URL shorteners. Cutt.us and similar services can be a target of spam. This service, along with a couple of others, allow the visitor to report suspicious links. These services allow the shortening of long URL links to shorten one for sharing. Reporting suspicious URL's may be a start, but I'm going to try and get recaptcha on one of my biggest sites to see if it can curve this problem.
In segment 2, we finish the talking of shorteners by talking briefly about another service similar to the one I link above, and then we demonstrate braille 2000's grade relaxer. This particular part of the application was already working, but some accessibility fixes were made, and with the beta, I present to you how the relaxer can be used in a classroom setting.
We take a song break. In the last segment, we had relaxed Gokul Salvadi to demo how this is done. I thought the music would be perfect to play one track, and you can leave your thoughts.
Finally, Equifax and Myspace are back in the news. When Myspace Was King, Employees Abused a Tool Called ‘Overlord’ to Spy on Users from blog The Technology blog and podcast | Former Equifax exec sentenced to 4 months in prison for insider trading related to data breach

Our contact information is at the end of the program. I'm hoping that the relocating process goes well for me, and if something big comes out, I'll do my best to get it out quickly. If not, then I'll be back once I'm settled in. Thanks for listening, and thanks for your continued support.

Technology podcast 317: the security landscape, Braille 2000, and more

Sun, 23 Jun 2019 16:14:54 GMT

Welcome to tech podcast 317.

How is our security as of late? Is the landscape good or bad? What are your thoughts on it?
Braille 200 has a very interesting update. Braille 2000 has interesting childrens program, made accessible is the article, and I talk about my work with this area of Braille 2000. Here is the Braille 2000 category that you can link to on the blog. It is the entire history of what I've been up too with Bob. We may have talked about this, but there are other odds and ends we tlak about if this was not talked about in this segment. If not, and you want me to cover it in detail, I can do that. The segment is Braille 2000 where we are at this point.
Jaws gets an update that fixes a major bug in Adobe. It also fixes other odds and ends as well, not just that. blog post for those who need it.
Mirai and Trickbot are back in the news. Blog post on the topic.
I saw an article on email and 5 signs on what to do if its hacked. Blog post.
Phishing sites and their trends. What do you think will happen? Phish Labs blog post has all the juicy details.
Michael in Indiana has a Philmore update. A month or so ago, Philmore Productions voice mail went down due to weather related activity. Its been a month or there abouts, and its still mostly down. The good news, Philmore did use an array, so the data isn't lost, but the web site remains down. Listen to all the details.

Contact information is available at the end of the program. Enjoy!

Tech podcast 316: wetransfer, braille 2000, and IP addresses and scammers

Thu, 30 May 2019 19:02:55 GMT

Hello folks, welcome to the tech podcast, podcast 316. On this podcast, we cover We Transfer. This is a service that was used to deliver files to me, and I actually like its interface. If it is right, I could see myself paying for it, but right now, I don't need to do that. I talk about this service and what it has to offer. Next Braille 2000 V2.274 take 2: we’re getting better is the accompanying article and I talk about a new menu that will appear once the talking edition becomes available to the general public hopefully very soon. The beta can now be recommended, and you should contact Bob to get your copy. Finally, Krebs on Security is here with an article A Tough Week for IP Address Scammers is discussed. I hope you enjoy the program as much as I have, and thanks so much for listening to the program! The opinions expressed are those of the show notes, and may not necessarily represent the companies in which they represent. See you next time!

Technology podcast 315 fr May 23, 2019

Sun, 26 May 2019 17:27:00 GMT

Sorry for the delay in publishing, we've ran in to a technical issue, which I've found a work around. On this podcast, lessons 13-15 are talked about of the braille transcription course. Next, IOS 12.3. It does fix one of the bugs I've had. Next, one ring scams, and how it relates to a book I read in 2018 called Hacked Again. Contact info at the end of the program. Enjoy!

Tech podcast 314: new and old tech, braille transcription, and more

Wed, 15 May 2019 01:00:00 GMT

On this podcast, tech moving too fast: do you think it is? Next, a braille transcription fail, big time. Gaelynn Lea, an artist on CD Baby, is disabled and yet involved in touring and more. I pick a track from this artist and we feature it. Finally, a tech talk dealing with a wristwatch to aid the blind and others in navigation. Search the tedtalk out on Youtube or Ted's website. CD Baby page for Gaelynn Lea so you can read more about her.

Tech podcast 313: Wipro, Braille 2000, and more

Tue, 30 Apr 2019 01:00:00 GMT

Welcome to the technology blog and podcast, podcast 313. We've got a lot for you in a wide variety of news, notes, Braille 2000 stuff, and more.

Wipro (pronounced We Pro) is in the news big time. There are three articles which are talked about in the first segment.
The 2019 Phishing Trends and Intellegence Report is out. Some very interesting stats within this article that I discuss.
Julian Assange was recently picked up for violating the CFAA according to a report. I thought I saw multiple articles, but one article was retrieved. I talk about this development.
Braille 2000 is getting ready to release their next version. In a segment, I talk about the Braille 2000 percent codes in general, highlighting the entire list that I have, skipping some which aren't available yet. They're talked about in passing, but no code is discussed in full. The web site has removed Version 1 of the software, and version 2 that has been ran is now on the home page.
Two ted talks about seizures and heart attacks are talked about and the full talks are played in full. You can search the talks separately through YouTube on the ted talks channel.

The articles dealing with Wipro are hard to swallow. Clearly, nobody knows what is happening, but hopefully they've found the issue and corrected it. Being an IT company, you need to understand these things and do proper PR. The PR here was not good, and I'm sure they'll feel the reprocussions for awhile. A list of articles that accompany the podcast follows:

2019 Phishing Trends & Intelligence Report: The Growing Social Engineering Threat Phishlabs blog April 16, 2019
Anonymous offshoots rush to avenge Assange arrest with cyberattacks Cyberscoop April 19, 2019
Experts: Breach at IT Outsourcing Giant Wipro Krebs On Security April 15, 2019
How Not to Acknowledge a Data Breach Krebs On Security April 17, 2019
Wipro Intruders Targeted Other Major IT Firms Krebs On Security April 18, 2019

Enjoy the podcast, it lasts 72 minutes long. Thanks for listening and make it a great day!

Tech podcast 312: braille transcription software, laced malware, and email signature discussion

Thu, 18 Apr 2019 02:12:03 GMT

On this podcast, braille transcription software updates using percent codes. A woman got caught with malware on USB drives when going to a place claiming they were there for an event. Finally, we talk about signatures in general, and my thoughts on whether they should have specifics on what device the mail was sent from. Contact info is at the end.

Tech podcast 311: articles for discussion, transit app, and braille transcription

Sun, 07 Apr 2019 01:33:28 GMT

Welcome to the technology podcast, podcast 311. We've got a very interesting braille transcription update which makes me very excited to push forward in this course. Besides that, a transit update, and we start with several articles in discussion. The articles will be linked, and the podcast runs 82 minutes. I hope you enjoy the program!

Alleged Child Porn Lord Faces US Extradition Krebs on Security March 22, 2019
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years Krebs on Security March 21, 2019
Man Behind Fatal ‘Swatting’ Gets 20 Years March 29, 2019

Thanks so much for listening! That completes the article listings and do feel free to read them if the discussion interests you. See you next podcast!

Technology podcast 310: Cyberbullying, phones, privitization of messages, and more

Tue, 26 Mar 2019 21:08:57 GMT

Hello everyone, welcome to podcast 310. On this podcast, we've got a very diverse podcast for you.

Privitizing messages in voice mail, is it a big deal? Live wire made an announcement and change in regards to marking messages private which was received well. In today's day in age, it is easy to take any private message and make a copy of it if you know how. Good idea? Bad idea?
Why Phone Numbers Stink As Identity Proof is talked about next. This article was written by Krebs on Security on the 17th of March. It argues in part that giving out our mobile telephone numbers may be more of a problem, and we should use services including but not limited to Google and disposable numbers from Services like Text Now. There are several people I know that have used, or are using the service in different ways. I'm sure there are other services that can be used too.
51 Critical Cyber Bullying Statistics in 2019 is linked from the blog to an article sent by Someone named Caroline Black. She linked in an email to a post of mine from last year where bullying and cyberbullying was talked about. This article has some very chilling stats, and its talking to others and bringing awareness to the problem that will solve it. I talk about some of the statistics within this article and have invited Caroline to the podcast to discuss this.
IOS and Mac have updates is a short segment. In this segment, the fact that IOS and Mac have updates is mentioned with info on how to find the posting where you can learn more.
Finally, Text Reminders is talked about. There is no demo, but a description of the service, the fact it isn't free, and the basics about it. I worked with the company behind this to make the site accessible. The service works, and I find it valuable.

As in all podcasts, contact information including Email, Imessage, and Text Messaging options is given at the end. If you're listening by phone, leave public feedback, and if you want, have it aired on an upcoming podcast by letting me know. The podcast lasts over an hour in length. Thanks so much for listening, and make it a great day!

The technology podcast 309: equifax, goldwave, and more

Sun, 24 Mar 2019 04:08:21 GMT

On this podcast, Equifax is back in the news, and its not so great. Next, Live wire has shows, and we talk about it. Goldwave is talked about with something new I discovered that it can do. You may notice a change in the program. Sports and technology, what are they using? I know of some of it, but yet I may not be correct. Finally, my confussion on assignment 12, and some of my confusion explained. Thanks for your continued support in this podcast.

Technology podcast 308: Satelites, Ground Zero closing, and more

Tue, 12 Mar 2019 21:15:18 GMT

On this podcast, Ground Zero is closing. Why? Hear why in a segment. Satelites, can they be hacked? An article is very interesting, yet its not common. Michael in Indiana has an update on Vorail. Equifax is back in the news, and its not good. Finally, the 2018 trends from Trend Micro and their findings, something caught my attention about them. I hope you enjoy the program.

Technology podcast 307 for March 7, 2019

Thu, 07 Mar 2019 18:16:59 GMT

Hello folks, we've got braille transcription for assignment 10, Philmore productions in the news again, and some news notes. Hope you enjoy the program.