Hello everyone, welcome to the security box, podcast 180. On this podcast, Phishlabs will guide us through something I don't think we have ever seen. It talks about a service that is a web host service, but it is a completely different type of web host. They didn't classify it as bulletproof hosting, but something called phishing as a service. Two different companies are mentioned. Besides that, we've got news, notes, the landscape and your thoughts. Thanks so much for listening! <h4> Big News of the week, Lockbit </h4> The big news it seems that is coming out this week is talking about Lockbit. Looks like their infrastructure has been taken over by all kinds of law enforcement partners from all around the world. While we don't intend to give you an exhaustive list, here is some of the coverage we know about. <ul> <li> The Cyberwire Daily: February 20, 2024 will talk about this in their news notes for the episode. <a href="http://www.thecyberwire.com">Here's a link to the Cyberwire. </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/02/20/lockbit-your-time-is-up-now-its-time-to-go-find-real-work/">Lockbit, your time is up! Now its time to go find real work </a> is my blog post, leading to <a href="https://cybernews.com/news/lockbit-disrupted-operation-cronos/">LockBit cartel disrupted “at every level” – Europol </a> if you don't want to read mine. I am not offended. I do take this article apart though, so give mine a read if you wish. </li> <li> <a href="https://krebsonsecurity.com/2024/02/feds-seize-lockbit-ransomware-websites-offer-decryption-tools-troll-affiliates/">Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates </a> comes directly from Brian Krebs. At the time of Writeup, the JRN has not read this yet. </li> </ul> <hr> <h4> Our topic: Phishing as a service </h4> This week, we're going to talk about Phishing as a service. It is a new concept, and you can probably say it is similar to Ransomware as a service. This week's article is titled <a href="https://www.phishlabs.com/blog/phishing-service-profile-labhost-threat-actor-group">Phishing-as-a-Service Profile: LabHost Threat Actor Group </a> and it covers two different hosts. This, will get interesting. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box. This is program 179. This time, we'll venture off the path a bit and talk a little bit about romance scams. Instead of using the article as a guide, we'll talk about it in more general terms. Did you know that Valentines Day is one of the biggest times for this type of scam? Besides that, we'll have news, notes and the landscape as we always do. Thanks for listening and make it a great day! <hr> <h4> Our topic: romance scams </h4> With Valentines coming, romance scams are going to be on the rise. <a href="https://technology.jaredrimer.net/2024/02/07/with-valentines-day-coming-its-time-for-the-romance-scams-in-full-force/">With Valentines Day coming, its time for the romance scams in full force </a> is a blog post leading to the article we'll use for this discussion although we won't use it like we normally do. We'll use it as a starting point. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow

Hello everyone! Welcome to the security box, podcast 178. On this podcast, we're going to talk about the landscape, the news, and the crazy. We are also going to talk about the threats of Social Engineering as well. We give you the best blog posts of the week as well. We hope you enjoy the program, and make it a great day! <hr> <h4> Our topic and accompanying true story </h4> Today, Lastpass will lead the discussion with <a href="http://blog.lastpass.com/2024/01/unraveling-the-threats-of-social-engineering/">Unraveling the Threats of Social Engineering </a> which was a great find. I don't know about you guys, but we need to be on guard and ready as much as we can. We can all be phished, scammed and Cory Doctorow's article is linked to <a href="https://technology.jaredrimer.net/2024/02/05/even-the-best-can-be-scammed-check-this-article-out/">Even the Best can be Scammed, check this article out </a> which I wrote in my response to the article. So since we can all be targets, it starts with knowing what to look for by reading Lastpass's article and learning what we could do differently and learning by the other true story. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much! For full show notes including things talked about, please see the blog.

Welcome to podcast 177 of the Security Box. On this podcast, we seem to be on a password discussion, as lots of articles have come out in regards to the subject. Our topic even will include talking about passwords. We'll also have things to ponder, possibly some morons, and a great time as always! These notes are annotated for RSS. Full notes on the blog. <hr> <h4> Our moron(s) </h4> Mercedes, its your turn. Apparently, you had something open on your Github account. The thing is, you're not the first car company to have issues, although you never said that there wasn't a problem, you did fix it with Github assisting as well. <a href="https://technology.jaredrimer.net/2024/01/27/a-password-is-mistakenly-published-source-code-blueprints-and-more-once-at-risk/">A password is mistakenly published, source code, blueprints and more once at risk </a> is the blog post where you can read more about this one. Good job, guys! Microsoft, you aught to be ashamed of yourself. You decided to give a test account admin privelages, then let the account go to legacy status. Then, because its an administrative account, someone finds it and abuses your systems. Great job! Ars Technica has the complete details. <a href="https://arstechnica.com/?p=1999478">In major gaffe, hacked Microsoft test account was assigned admin privileges </a> is the article. <hr> <h4> Password reuse </h4> We haven't blogged this at the time of these notes, but this is a good topic. <a href="http://blog.lastpass.com/2024/01/the-perils-of-employee-password-reuse/">The Perils of Employee Password Reuse </a> comes to us from Lastpass and Amber Steel. Let us know what you think. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box, podcast 176. This podcast is mainly going to be an open forum, but we will have some topics coming. We might have some morons, some things to ponder, and whatever is on the minds of those that come on live. <h4> Things that might be talked about </h4> This is not meant to be exhaustive, but the following blog posts may be talked about in no particular order. Some may be talked about but not listed here, so check the blog for complete details. <ul title="things that might be talked about"> <li> <a href="https://technology.jaredrimer.net/2024/01/23/16-6-million-people-affected-no-info-on-what-was-taken/">16.6 million people affected, no info on what was taken </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/22/breach-forums-maintainer-gets-time-served-never-spent-time-in-jail-lots-of-restrictions-placed-on-him/">Breach forums maintainer gets time served, never spent time in jail, lots of restrictions placed on him </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/21/trezor-gets-owned-for-a-second-time/">Trezor gets owned for a second time </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/20/15-million-trello-users-apparently-breached/">15 million Trello users apparently breached </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/20/ta866-is-back-to-sending-out-email/">TA866 is back to sending out email </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/19/new-sets-of-data-including-have-i-been-pwned-data-out-in-the-wild/">New sets of data, including have I been pwned data out in the wild </a> (naz.api breach) </li> <li> <a href="https://technology.jaredrimer.net/2024/01/23/sans-news-bites-for-january-19-2024/">Sans news bites for January 19, 2024 </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/17/three-are-three-domains-that-i-wouldnt-buy/">Three are three domains that I wouldn’t buy </a> </li> <li> <a href="https://technology.jaredrimer.net/2024/01/24/sans-news-bites-for-january-23-2024/">Sans news bites for January 23, 2024 </a> </li> </ul> <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box, podcast 175. I've been out sick, and now we're back to bring you what we wanted to bring you this past week. We've got news, notes, the landscape, two morons, things to ponder and a topic dealing with dark web threats targeting the airline industry. Thanks so much for listening and make it a great day! <hr> <h4> Our Morons </h4> We have to start with the moron who thought it would be a good idea that a database be left wide open for people to peruse the data. This database is a Mongo DB database, its similar to SQL where data is held and can be gotten at when needed. While this is a real estate app, this was definitely not done with security in mind. <blockquote> <a href="https://technology.jaredrimer.net/2024/01/11/mongo-db-database-open-everyone-using-app-affected/">blog post </a> </blockquote> <hr> If we've not had enough with Chat GPT, this aught to stand your hair right up. This data breaches article talks about how Chat GPT was made to give out ransomware software and now 4 are arrested. This aught to get more interesting. <blockquote> <a href="https://www.databreaches.net/chatgpt-aided-ransomware-in-china-results-in-four-arrests-as-ai-raises-cybersecurity-concerns/">ChatGPT-aided ransomware in China results in four arrests as AI raises cybersecurity concerns </a> </blockquote> <hr> <h4> Things to ponder </h4> Carrying over some items that we just will run as part of this week's program, we've got some doozies. We'll blog anything we didn't yack about as I continue to recover. <ul> <li> 23 and me must be wanting to play the blame game. They claim that their incident is our fault, and they then are going to fix whatever security holes were caused by whathappened? Yes, we are at fault with reusable passwords, but you don't have two-factor on any accounts, so its a double whammy and part of it is yours. Here's <a href="https://technology.jaredrimer.net/2023/12/09/weve-got-an-update-on-23-and-me-and-its-still-not-great-over-there/">my blog post from 2023 </a> about this particular problem. I don't think its gotten any better there and they haven't really been better. </li> <li> Sans News Bites is back, and I still need to blog some others. My goal was to get two done, but I have the one from the 5th of January. As we move forward from my illness, we'll record them as we get them. Check the blog for ones not covered in audio. <a href="https://technology.jaredrimer.net/2024/01/06/sans-news-bites-for-january-5-2024/">Here's my blog post for Jan 5th </a> for those who want to find it easily. </li> <li> We're interested in audio dealing with predictions and Trend Micro has one for their predictions. This comes from their trend talks threats podcast series on their youtube channel. </li> <li> We also have top breaches that I found from Have I been Poned that I recorded before my illness took over. This list changes, and we'll bring this to you each week. </li> </ul> Find something that you want to talk about? Use a file sharing service to get us the audio and you'll be featured. <hr> <h4> Our topic </h4> Our topic this week comes to us from Phishlabs. <a href="https://www.phishlabs.com/blog/dark-web-threats-targeting-the-airline-industry/">Dark Web Threats Targeting the Airline Industry </a> is the article and we'll step through this one. Hope you'll find it of interest as everyone travels.

Welcome to podcast 174. On this podcast, we're just traversing the landscape and some of our longer posts and things that caught our attention. In most ways, this isn't complete, but just some. Terry, Nick and I take you along for the ride. Enjoy! <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to podcast 173. This is going to be the last podcast of the year as it comes to live programming. Don't worry, we'll continue to blog things of importance, and I'll look through our podcast notations for some good things and put out a final podcast of the year. Our next live program will be on January 3, 2024. On this edition of the program, we'll have our news and notes segments, the moron, two things to ponder which are extended versions and of course our topic dealing with the HHS and their fine on an agency who got breached. <h4> Our Things to Ponder </h4> We have two things to ponder segments and both are extended versions and information packed. The first one is being cross posted through this podcast and our Security Hour which may air it any time it wishes. The segment talks about 1 in 4 people falling for scams and getting in to trouble. Besides falling for scams, there is one thing most people don't do and it'll shock you. <a href="https://technology.jaredrimer.net/2023/12/07/1-in-4-fall-for-scams/">Read More on the tech blog with the blog post titled 1 in 4 fall for scams </a> to learn what is going on and what is recommended. The second talks about a very interesting email I got and how it could actually fool someone. At recording time, the domain was unreachable, although the group was given a different file which could not be resurrected for airplay here. <a href="https://technology.jaredrimer.net/2023/12/11/did-you-think-you-were-going-to-get-me-youve-got-to-try-harder/">Here is the blog post titled Did you think you were going to get me? You’ve got to try harder </a> if you wish to read it. It too, will be crossposted, but I didn't mention that here. <hr> <h4> This is a complete set of morons </h4> Our set of morons are completely interesting. They thought they'd steal a car, taking everything from one person, but yet doing something that they weren't expecting. These guys were expecting an Iphone, found an Android and handed it back. They still took the car and possibly other items. <a href="https://technology.jaredrimer.net/2023/12/08/thieves-steal-android-hand-it-back/">Read the blog post </a> with the accompanying article. You won't believe this one. Or will you? <hr> <h4> Our Topic: HHS settles with ransomware case </h4> You must be kidding me, right? Lots of breaches, ransomware cases and the like yet the HHS doesn't do much to enforce anything in my opinion. We have several articles on the HHS settling in certain cases like the Ransomware we're talking about today, or the HIPPA violations in another case, but most of the time its unchecked. This week, <a href="https://technology.jaredrimer.net/2023/11/09/hhs-announces-settlement-on-ransomware-case/">HHS announces settlement on ransomware case </a> is our article. It is a good start, but as we've said, there have been a lot more. Let us know what you think. <hr> <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to the Security Box, podcast 172. On this podcast, we've got two different morons, a look at the landscape, a few things to ponder and our topic dealing with the Q3 report on the landscape which includes QBot and other variants out there causing havoc. For things to ponder, check <a href="http://technology.jaredrimer.net">the blog. </a> <hr> <h4> Our Morons </h4> These are the morons of the podcast. <ul title="Morons"> <li> Montana, you have got to be kidding me. We talked about this in May of this year, and now, it seems you lose. Seems like your law is unconstitutional and it questions what you're trying to do. While we support you, you've really got to prove why Montana should be allowed to ban the app as just banning it doesn't fix the overall problem. As we've asked, how are you going to enforce it? <a href="https://technology.jaredrimer.net/2023/12/02/montana-loses-battle-to-block-tiktok-for-now-still-thinks-they-have-a-case/">Here is the blog post titled Montana Loses battle to block Tiktok for now … still thinks they have a case </a> which links to prior coverage and arguments. Have fun with this one. </li> <li> We have two Ukraine stories in recent posts, but one of these is our moron. <a href="https://technology.jaredrimer.net/2023/12/02/ukrainian-gets-8-years/">Ukrainian gets 8 years </a> argues that 8 years is still not enough for stealing and selling personally identifiable information on the darkweb and profiting from it. At least this suspect got caught, and we can celebrate just a little bit. The JRN did not copy his name. </li> </ul> <hr> <h4> Topic: The Q3 Payload report </h4> On this week's program, the Q3 Payload report is going to be the topic. Looks like QBot is still at the top, even though they were dismantled. This was quite interesting. There are two different Rats that are part of the problem now, and these aren't rodants. These are Trojans. In this terminology, Rat stands for Remote Access Trojan. Phishlabs has this article and its titled <a href="https://www.phishlabs.com/blog/q3-payload-report/">Q3 Payload Report </a> and you should read it in full if you wish to do so. You'll thank us later. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Welcome to the Security box, podcast 171. We hope that each and every one of you have had a happy Thanksgiving and have recharged your batteries. On this edition, we're making it official and am bringing back the things to ponder. We'll explain what we're going to do and we put it in practice last podcast. If these things to ponder have blog posts, we'll link them from right within the program's show notes so you can read what we're talking about. We'll also have news, notes, any moron of the podcast and our topic talking about URL shorteners and a recent trend with them. We hope you enjoy the show as much as we have bringing the show for you! For full notations, please see <a href="http://www.jaredtech.help">The Blog </a> as we'll link to other things we don't have room here to cover. <hr> <h4> The top level domain that harbors a malicious shortener is ... </h4> According to a recent article from Brian Krebs, the most prolific domain now that has a URL shortening service that pumps out scams, phishing and just all around bad is the TLD that belongs to the United States. Read my thoughts and find a link to the article right here. <a href="https://technology.jaredrimer.net/2023/11/04/the-top-level-domain-for-the-united-states-now-harbors-malicious-url-shortening-service/">The Top level domain for the United States now harbors malicious URL shortening service </a> is the article title, and I hope you give it a gander. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the podcast. We're talking about password managers in a big way today. Links to the major managers are given. Its not a complete list, and there may be others I'm not aware of that may be trusted or we don't know much about. We bring back things to ponder in a different way and you'll get a taste of this in this podcast. I hope you enjoy the program as much as we have bringing it together for you. Happy holidays from all of us at the JRN! <hr> <h4> Things to ponder </h4> Today, we've got two for you and they're both blog posts. <ul> <li> <a href="https://technology.jaredrimer.net/2023/11/20/how-much-does-social-media-cost-underground/">How much does social media cost underground? </a> </li> <li> <a href="https://technology.jaredrimer.net/2023/11/20/cleanup-on-isle-1-really-experian-you-still-can-sign-up-and-take-ones-account-over/">Cleanup on Isle 1! Really Experian? You still can sign up and take one’s account over? </a> </li> </ul> Want your opinion known in this segment? Send an audio file! <hr> <h4> Password managers </h4> Below, please find the list of managers we talked about. Again, this isn't a complete list. Make sure you listen to the first segment which explains why we decided to put this podcast together. <ul> <li> <a href="http://www.1password.com">1password </a> </li> <li> <a href="http://www.lastpass.com">Lastpass </a> </li> <li> <a href="https://keepass.com/">Keepass </a> </li> </ul> <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to TSB podcast 169. On this program, we're going to talk about Generation Z and an article I found that delbt with their privacy concerns. We may also have a moron, news, notes and more. <hr> <h4> Our Moron </h4> <a href="https://technology.jaredrimer.net/2023/11/12/temu-is-now-getting-sued-kim-komando-called-this-one/">Temu is now getting sued, Kim Komando called this one </a> is the blog post leading to our moron. We even have an up-to-date minute on Temu too. <hr> <h4> Our topic </h4> Our topic this week comes from the Malwarebytes blog. My blog post <a href="https://technology.jaredrimer.net/2023/11/07/what-does-generation-z-think-about-privacy/">What does Generation Z think about privacy? </a> has thoughts and leads directly to the article by David. Let's see what you think. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio affiliates airing our program </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box, podcast 168. On this program, we'll see if we've got any morons, a service that is a phishing service, news, notes and more. <hr> <h4> The "You Stupid fuck" awards of the podcast </h4> If this isn't a moron, I don't know what is. The blog post is titled <a href="https://technology.jaredrimer.net/2023/11/04/tech-ceo-sentenced-to-ip-addressing-scheme/">Tech CEO sentenced to IP addressing scheme </a> which is coming from our blog. It leads to the article we spotted talking about this guy. We may have talked about Micfo LLC before, but this is probably the end of this. Problem: the JRN thinks that 5 years isn't going to be enough and isn't a harsh sentence for the crime. Please sound off if you believe that this is the case. ----------------------------- If you are prone to email scams, you might want to pay attention to this. One of my MENVI staff was smart enough to contact me to ask if they needed to do what the action in the email indicated. The bad news is that the site truly wasn't MENVI's, it looked nasty and never redirected as I thought it might. <a href="https://technology.jaredrimer.net/2023/11/02/an-email-pretending-to-come-from-cpanel-isnt-cpanel-can-you-smell-trouble/">An email pretending to come from Cpanel, isn’t cpanel … can you smell trouble? </a> has the complete details of this one. Sound off if you've seen something similar to this and whether you fell for it or not. Its OK if you did. There should be no shame! ---------------------------------------------------------- Solar Winds is getting sued. Seems as though they were never as secure as they should have been, and the CEO among others are getting sued. We thought that something was wrong, seeing how we later found out about how that compromise was completely done. Whether they were compromised by Russia or not isn't the point of the lawsuit, says the article, but boy ... this is probably as bad as you get when it comes to a supply chain attack. Here is the <a href="https://technology.jaredrimer.net/2023/11/04/sec-sues-solar-winds-for-fraud-says-they-are-secure-and-the-charges-are-baseless/">blog post titled SEC sues Solar Winds for fraud, says they are secure and the charges are baseless </a> for your perusal. It can't get any better than this, can it? <hr> <h4> Our topic: Phishing as a service </h4> Today, we are going to have a very interesting topic that might be known later as a threat. This comes from our friends at Phishlabs. The article is titled <a href="https://www.phishlabs.com/blog/threat-actor-profile-strox-phishing-as-a-service/">Threat Actor Profile: Strox Phishing-as-a-Service </a> and it was a good one. We'll break this down, as phishing as a service now takes hold. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr>

Hello folks, welcome to another technology podcast. On this podcast, we're going to listen to a story on how someone who is blind was looking for something and how he got taken for $1,000. It isn't as simple as it could be, seeing how he used the Twitter web site and we know how that could be since Twitter, know known as X, got rid of their accessibility team. Back in August, I blogged <a href="https://technology.jaredrimer.net/2023/08/02/this-is-a-true-story-of-a-blind-man-losing-to-a-scam-this-is-a-must-read/">This is a true story of a blind man losing to a scam … this is a must read </a> which links to a Wired article. The podcast you're about to hear comes from Discarded, a proofpoint podcast. It aired in October of this yeqar and I recently listened to it. For those who are Apple, here's a link to the podcast. <a href="https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550">DISCARDED: Tales From the Threat Research TrenchesProofpoint </a> The podcast is also available through Overcast if you use that. I hope people find this story of interest, and thanks so much for listening! We'll see you next time.

This webinar in July covered email impersonation and BEC things for 2023. Hope you enjoy this webinar from Fortra.

We're wrapping up NCSAM with a bit of everything. Hope you enjoy.

Domains. They're everywhere! In podcast 376 of the tech podcast, we're going back to a webinar that talks about impersonation and look-alike domains. This still happens today, and while it is over 2 months old, it is still valuable. I hope you enjoy the program for this time, and we'll have another webinar next time talking about BEC attacks and domains and email and the like. I hope you'll enjoy. Thanks, Fortra/Phishlabs for putting this together.

Welcome to the Security box, podcast 166. On this program, news, notes, the landscape and our thoughts on updating software. Check the blog for all of the latest news we've blogged and remember to subscribe to TSB's email list to get direct articles and comment on things. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio airings </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Welcome to the security box, podcast 165. We've definitely got at least one stupid moron award, that could be taken in two different ways. Next moron, Twitter, in an interesting move on charging non-paying users for access to twitter $1 a year according to their own twitter notification I saw. The topic this week is going to be on Credit cards, debit cards, online VS offline shopping and what we can do. <hr> <h4> The Stupid Fuck awards </h4> <a href="https://technology.jaredrimer.net/2023/10/12/utah-sues-tiktok/">This blog post </a> was written after listening to a program on the Cyber Crime network. It talked about TikTok being sued by Utah because they want children on the app. But we think its more than that. Utah may also get this award as a double whammy because "this is what social media is," says TSB staff and Throwback staff. You be the judge! Next, Twitter Support says that they'll be testing a payment method for those non-verified accounts to pay $1 a year to get access to the service. I forget what country it is, but you can look it up on twitter support's account. If successful, they will bring it elsewhere, and they also could get the stupid fuck award. Good job, guys. <hr> <h4> Credit cards, debit cards and more </h4> The question is, <a href="https://technology.jaredrimer.net/2023/10/17/how-should-we-be-using-credit-cards-and-debit-cards-online-and-in-person/">How should we be using credit cards and debit cards online? </a> Let's discuss this and take it much further. Let's discuss what we can do to use this offline as well. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone. <hr> <h4> Internet Radio airings </h4> Our Internet Radio stations that carry us include <a href="http://bluestreakradio.com">Blue Streak Radio </a> and <a href="http://internationalfriendsnetwork.godaddysites.com">International Friends Radio Network. </a> The program is also carried live through <a href="http://magnatune.jaredrimer.net">the Independent Channel </a> which is part of <a href="http://www.986themix.com">98.6 the mix, KKMX, International. </a> If you want to carry us, please use <a href="http://www.jaredrimer.net">the Jared Rimer Network site </a> to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Welcome to the Security Box, podcast 164. Today, we catch up on some erata we did not get to last time in regards to passwords. We've also got the topic of domains and talk a little bit about the different type of domains and their purpose. We also talk about the guide we published on the blog which will also be linked herein. We have stupid moron awards with links to blogs and much more. This is the program that aired live on October 11, 2023. Thanks for listening! <hr> <h4> The Stupid Fuck award </h4> While not necessarily security related, we're going to give out the stupid fuck award to a guy who decides that it is OK to cause problems and who knows what with information they found. <blockquote> <a href="https://technology.jaredrimer.net/2023/10/11/guy-tells-me-about-death-finds-numbers-gets-booted-off-for-harassment-of-others-and-threatening-people/">Blog post </a> </blockquote> While we're dealing with Stupid Fucks, Air Europa, you're next as a company stupid fuck. My diatribe goes in to details, but suffice it to say, this company says that people should change their credit card info as it may have been pilfered, but says the breach is "medium sevarity." Go figure! <blockquote> <a href="https://technology.jaredrimer.net/2023/10/10/air-europa-says-they-have-a-medium-breach-tells-customers-to-cancel-cards/">blog post </a> </blockquote> <hr> <h4> Domains </h4> The topic this week is going to talk on domains. There are a lot of them, and new TLD's being thought of all the time. <a href="https://technology.jaredrimer.net/2023/10/08/ncsam-week-2-domains-what-are-they/">This blog post </a> only touches the surface, but we did talk about redirections and stories too. We talk about TLD's that have been known for spam, but of course there's a lot more. We talk about IP addresses as well and why we use domains to get around the net. While not talked about explicitly, <a href="https://technology.jaredrimer.net/2023/10/03/new-tld-zip-being-abused/">this blog post talks about .zip and .shop and their abuse </a> in case you missed it going by. <hr> <h4> Erata </h4> From last week, we talk a bit about credential stuffing and pass phraises. <hr> <h4> Guides </h4> On one of TSB's podcasts, we released a guide to help you as a disabled user who uses a screen reader determine where you're going on the net instead of pressing enter on the "Click here" links you see in spam and phishing. While the blog has a link within our pages, and its linked on EMHS, we want to highlight it again for those who need it. <a href="https://technology.jaredrimer.net/getting-link-information-via-access-technology/">Getting Link information via access technology </a> is the guide, and I want everyone to read it if they haven't read it already. Maybe you'll learn something. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

While I love webinars, we must be mindful that they aren't mind and must give presenters the opportunity to distribute them. I believe this is Phishlab's webinar, although I could be wrong. Sorry about that if I am. <hr> Welcome to podcast 375. On this podcast, we're going to give you a webinar. This webinar is dealing with Chat GPT. You'll learn the good, the bad and the ugly. It was a very interesting webinar. Per usual, we give the presenters an opportunity to get it through their network. I believe this is a Phishlabs webinar but i could be wrong. If I am, I apologize. We hope you enjoy the program as much as I did listening to it and bringing it to you now. Contact info at the beginning. Sorry for any tech issue sounding, I'm getting it rectified.

Hello folks, welcome to the Security Box, podcast 163. On this episode, we go through the news, talk about a very interesting interview and then tackle our first topic of NCSA<M whoicjh is passwords. We talk briefly about <a href="https://technology.jaredrimer.net/2023/10/01/ncsam-week-1-how-about-them-passwords/">this blog post about passwords, </a> the reason why it isn't a good idea to share passwords <blockquote> <a href="https://technology.jaredrimer.net/2023/10/02/is-it-a-good-idea-to-share-passwords-not-so-fast/">blog post </a> </blockquote> and a bit about Multi Factor authentication. <a href="https://technology.jaredrimer.net/2023/10/02/more-about-multi-factor-authentication/">This blog post </a> will talk more about multi factor authentication. You may see terms like two-step, two-factor or multi factor. All pretty much are the same thing. We hope you enjoy the program as much as we have bringing it together for you, and make it a great day! <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 162. On this edition of the podcast, we'll run through the blog and list, anything else on audience insights and more. This is week 2 of the open forum. Hope you enjoy the program!

Welcome to the security box, podcast 161. On this podcast, we're covering a few notations of the recently released IOS 17, tons of articles from the blog, and having ourselves an open forum. We hope that you enjoy the program as much as we did putting it together for you. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to podcast 160. On this week's edition, we'll reveal the sudden absence of TSB, we'll have news and notes from around the landscape that folks may have read, and aa very interesting topic that deals with Freenom and the phishing landscape. Apparently, Facebook is in this too. Of course, we'll have any questions answered that people have too. Thanks for your support of TSB and thanks so much for listening! <h4> The Absense of TSB </h4> The sudden departure of TSB was not one the JRN was necessarily prepared for. While we have from time to time rescheduled TSB, and/or took specific holidays off like the Christmas break, Thanksgiving week, and possibly others, this was so sudden. While working on TSB's release and catching up its <a href="http://www.emailhostsecurity.com/tsb.php">EMHS page </a> we got a message on Dice World. While that wasn't out of the ordinary, as I have gotten messages on Dice World before, the source and what the message contained was one of shock and grave concern. The short version is that the JRN's MENVI helper, Janet Quam, passed away on the 30th of the month of August. While I have been told numerous things, a letter which I published on September 10th goes in to what Janet did with the network from various podcasts which don't exist anymore, to tech skills and a willingness to learn. There was no health related stuff discussed except to state that we were aware of health concerns. To read the letter, please <a href="https://technology.jaredrimer.net/2023/09/10/a-death-across-the-network-heres-a-letter/">read the blog post titled A death across the network, here’s a letter. </a> It links to a Youtube copy of the funeral. MENVI's links page also has a link to the Obituary. We thank you for your support! A song appropriate will be played at the end of the program when we play music. <hr> <h4> Meta, Freenom and phishing domains </h4> Our topic comes to us today from an article which was published to Krebs on Security on 5/31. Its titled <a href="https://krebsonsecurity.com/2023/05/phishing-domains-tanked-after-meta-sued-freenom/">Phishing Domains Tanked After Meta Sued Freenom. </a> As we've talked about on Throwback, we've now got other issues because of this suit, and other top level domains that are now taking what the free domains did. We'll make sure to bring this up. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 159. On this podcast, we're going to have a two-part article discussion dealing with fraudulent activity when it comes to retail and the dark web. This came to us via Phishlabs. Besides that, we may have some stupid fucks to talk about, the landscape as usual, and your comments and questions if any. <hr> <h4> The Stupid Fuck award </h4,> I found an article I posted to the blog on August 30th that talks about the U.K. wanting to ban IOS updates unless its approved. Like that's going to solve anything except problems for us useers who may either travel to the UK or live there. <a href="https://technology.jaredrimer.net/2023/08/30/heres-the-latest-banning-an-entire-update-at-wil/">Here's the blog post I wrote </a> that posted before the show. Good job, UK government for earning the stupid fuck award. <hr> <h4> Fraudulent Activity on the dark web with retail </h4> This is a two part article coming to us from Phishlabs. <ul> <li> <a href="https://www.phishlabs.com/blog/top-fraudulent-activity-targeting-retail-on-the-dark-web/">Top Fraudulent Activity Targeting Retail on the Dark Web </a> </li> <li> <a href="https://www.phishlabs.com/blog/top-fraudulent-activity-targeting-retail-on-the-dark-web-part-two/">Top Fraudulent Activity Targeting Retail on the Dark Web – Part Two </a> </li> </ul>

Welcome to podcast 158 of the Security Box. On today's podcast, we've got at least one moron, we've got an interesting topic that deals with Facebook getting fined, again, and of course we'll cover the landscape and what has been read and blogged as of late. <hr> <h4> The You Stupid Fuck award section </h4> <ol> <li> Who the hell is Global phishing 16 service? Well, someone or multiple someones have been picked up. <a href="https://krebsonsecurity.com/2023/08/karma-catches-up-to-global-phishing-service-16shop/">Karma Catches Up to Global Phishing Service 16Shop </a> comes to us from Krebs on Security and was quite an interesting read. According to Krebs, this outfit has been around since 2017 and really had a name for itself when it came to having people pay on time, making sure their tools were not given to anyone who did not pay and more. While the concept was novel, people got caught, so please enjoy your stupid fuck award. </li> <li> Nice to see some arrests of a couple dozen more stupid fucks in this one. <a href="https://cyberscoop.com/africa-cybercrime-operation-interpol/">Two dozen arrested, hundreds of malicious IPs taken down in African cybercrime operation </a> comes to us from Cyberscoop. While the article isn't long, we now learn there is a new threat that knows what they're doing. Better read this one! </li> </ol> <hr> <h4> Topic: The 1.3 Billion dollar fine and what it means for privacy regulation </h4> The article we're going to take from is an article we posted back in May. The title of this article is <a href="https://cyberscoop.com/eu-fine-meta-privacy-global-internet/">What the record-breaking $1.3 billion Meta fine means for the US-EU clash over spying programs </a> and it comes from Cyberscoop. I guess we'll have to see what happens with this, as I don't think we'll be done with this yet. If there are any updates, we'll be posting these updates to our list and blog where applicable. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 157. This week, we ay be talking about a very interesting topic coming out of connecticut which might or might be a moron. We'll talk about other news and notes from the landscape, and yes, today's topic is on ransomware groups and one which says you should pay the money to charity instead of the group itself. <h4> Morons of the podcast </h4> We are going to link to the stories that deal with our moron(s) of the podcast. <ul> <li> <a href="https://www.databreaches.net/10-people-including-16-year-old-youth-arrested-for-suspected-involvement-in-malware-scams/">10 people, including 16-year-old youth arrested for suspected involvement in malware scams </a> Databreaches </li> <li> <a href="https://www.databreaches.net/five-arrested-in-poland-for-running-bulletproof-hosting-service-for-cybercrime-gangs-europol/">Five arrested in Poland for running bulletproof hosting service for cybercrime gangs — Europol </a> databreaches </li> <li> <a href="https://www.databreaches.net/florida-healthy-kids-notified-by-maximus-of-moveit-breach/">Florida Healthy Kids notified by Maximus of MOVEit breach </a> databreaches </li> <li> <a href="https://krebsonsecurity.com/2023/08/diligere-equity-invest-are-new-firms-of-u-k-con-man/">Diligere, Equity-Invest Are New Firms of U.K. Con Man </a> Krebs On Security </li> </ul> Florida Healthy Kids is a very interesting story, mainly because of who they are partnering with. I guess we'll see what happens with them. <h4> Ransomware group says: Pay a Charity </h4> Today's topic comes to us from Cyberscoop way back in May. I've not seen another group do this, and I think its a one of a kind deal. I wish I were on that charity list, although I don't take crypto, but proof of donation would all that it would be. Today's article is titled <a href="https://cyberscoop.com/ransomware-charity-malaslocker/">A different kind of ransomware demand: Donate to charity to get your data back </a> which should be read just the same. If someone you know was hit by this group, did they get their files back? <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to the Security Box. This is program number 156. On this episode of the program, we're going to talk about a very interesting article that was published back in April on what we've learned about stopping Russia's hackers since the war has started. Also, this program will have news, notes, the landscape and much more. <h4> Morons of thde podcast </h4> The following two articles are related and one may have more than the other. Is possible sentencing guidelines enough that fit the crimes? <ul> <li> <a href="https://cyberscoop.com/nyc-couple-guilty-bitfinex-hack/">NYC couple pleaded guilty to money laundering in Bitfinex hack </a> Cyberscoop </a> </li> <li> <a href="https://www.databreaches.net/husband-and-wife-plead-guilty-to-money-laundering-conspiracy-involving-the-hack-and-theft-of-billions-in-cryptocurrency/">Husband and Wife Plead Guilty to Money Laundering Conspiracy Involving the Hack and Theft of Billions in Cryptocurrency </a> databreaches.net </li> </ul> <h4> Topic: What we've learned from the war on Ukraine </h4> This is an April article titled <a href="https://cyberscoop.com/russian-hackers-cyberwar-ukraine/">What we know about Russian hackers — and how to stop them — after a year of cyberwar in Ukraine </a> coming to us from Cyberscoop. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the Security box, podcast 155. On this program, we've got an update to Age Verification which we've not seen any update since. This Verge article may be something that could be of interest if it turns out to be true. We'll also talk about the news and notes from the landscape and much more. <h4> What's going on with Age Verification? </h4> We've covered age verification through the years, and <a href="https://technology.jaredrimer.net/2023/05/15/weve-got-an-update-on-age-verification/">this blog post from May 2023 </a> covers the Verge's article in which we're going to take from. <a href="https://www.theverge.com/23721306/online-age-verification-privacy-laws-child-safety">This is their article titled Online age verification is coming, and privacy is on the chopping block </a> which I link to in my post. What do you guys think?

Hello folks, welcome to program 154. On this edition of the program, come with us for some news and notes, a recollection of someone who can change after making mistakes, and a topic talking about DDoS for hire services that have been shut down within recent times which could be a good thing. <h4> A Note on a passing of a recent Security Expert </h4> Kevin Mitnick recently passed away on July 16, 2023. He did have an interesting career, a criminal in his early years to a security consultant after the fact. Brian Krebs sent the news through on Mastodon, and we <a href="https://technology.jaredrimer.net/2023/07/20/8766/">blogged about it </a> on the same day ... July 20, 2023. Below, please find the books Kevin wrote. Note that the blog post does mention these and what is available also on BARD. I attended one of his webinars that KnowBe4 put on and it was excellent! <h5> The books </h5> <img src="http://www.emailhostsecurity.com/books-clipart-sm.png" alt="picture of multiple colored books in clipart form."> <ul title="author"> <li> Kevin Mitnick, Steve Wozniak and William L. Simon </li> <ul title="books"> <li> <a href="https://www.amazon.com/Ghost-Wires-Adventures-Worlds-Wanted-ebook/dp/B0047Y0F0K/ref=sr_1_1?crid=18GSRMHKT9GEA&keywords=Ghost+in+the+wires&qid=1678812371&s=digital-text&sprefix=ghost+in+the+wires%2Cdigital-text%2C333&sr=1-1">Ghost in the Wires: My Adventures as the World's Most Wanted Hacker </a> </li> <li> <a href="https://www.amazon.com/Art-Deception-Controlling-Element-Security-ebook/dp/B006BBZHAK/ref=sr_1_1?crid=2FLJFRO6QG53&keywords=The+art+of+deception&qid=1678812655&s=digital-text&sprefix=the+art+of+deception%2Cdigital-text%2C327&sr=1-1">The Art of Deception: Controlling the Human Element of Security </a> </li> <li> <a href="https://www.amazon.com/Art-Intrusion-Exploits-Intruders-Deceivers-ebook/dp/B000S1M0DG/ref=sr_1_1?crid=25TSUEGPWT076&keywords=The+art+of+intrusion&qid=1678812922&s=digital-text&sprefix=the+art+of+intrusion%2Cdigital-text%2C349&sr=1-1">The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers 1st Edition </a> </li> </ul> <li> Kevin Mitnick and Mikko Hypponnen </li> <ul title="books"> <li> <a href="https://www.amazon.com/Art-Invisibility-Worlds-Teaches-Brother-ebook/dp/B01GZY28CW/ref=sr_1_1?crid=3UORMRA09DJCW&keywords=The+Art+of+Invisibility&qid=1678813081&s=digital-text&sprefix=the+art+of+invisibility%2Cdigital-text%2C286&sr=1-1">The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data </a> </li> </ul> </ul> <h4> DDos for hire services shut down </h4> We blogged about this on the blog, and now its time for it to be talked about. This is a Krebs on Security article titled <a href="https://krebsonsecurity.com/2023/05/feds-take-down-13-more-ddos-for-hire-services/">Feds Take Down 13 More DDoS-for-Hire Services </a> which I found was quite good. Let's see what you think and our contact info will be given throughout the program. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to the Security box. This is program 153 and on this edition of the program, we're going to talk about a potential new threat that we might need to learn about. We'll also have potential morons that has crossed our desk, news and notes from around the landscape and more. <h4> If you don't read anything else, you should read this </h4> <a href="https://technology.jaredrimer.net/2023/07/18/think-im-harping-too-much-on-checking-your-stuff-heres-why-you-really-should-this-is-a-true-story/">Think I’m harping too much on checking your stuff? Here’s why you really should … this is a true story </a> shouldbe read. It links to a file which will only be available for a limited time which has the story. This came from Cybercrime radio and thanks to DJ Terry for giving us a heads up on this one. Now people should be happy that I harp on making sure that you are as safe and secure as possible. Thank me later! <hr> <h4> A Data Leak that went absolutely correct </h4> There's a difference between a data leak and a breach. A leak may in most parts be an accident, where a breach was intentional. My blog post <a href="https://technology.jaredrimer.net/2023/07/18/data-leak-at-virus-total-was-only-a-subset-data-removed/">Data Leak at Virus Total was only a subset, data removed </a> has a link to the story. Let's just say that Google did everything as right as they could. Once notified, they removed said data an d launched an investigation on how the info got on the popular AntiVirus scanning application. You can't have it any other way. If a mistake happens, fix it as quickly as possible! <hr> <h4> Our Morons </h4> Our first moron today comes from a company called HikVision. <a href="https://technology.jaredrimer.net/2023/07/15/use-hikvision-cameras-you-might-want-to-be-made-aware-of-this/">This blog post titled: Use Hikvision cameras? You might want to be made aware of this </a> goes in to the fact that this company just doesn't understand what might be going on with their network and their devices. Having QR codes to basicly log in to the camera yields <u> very interesting results. </u> Better read the accompanying article for more. You might want to be sitting down for this one. <hr> Second: From Cyber Crime radio: Magaine: Bangladesh Data Leak Exposes 50M Citizens. This is the topic for their July 13th airing and this has to be a complete joke. We'll play this file as part of the program. <hr> <h4> Our topic </h4> <a href="https://technology.jaredrimer.net/2023/05/01/move-out-the-way-bold-spy-is-right-there-with-spy-tools-like-pegasus/">Move out the way … Bold Spy is right there with spy tools like Pegasus </a> is the tech blog where you'll find commentary and an article that talks about something called <u> Bold Spy. </u> Its got tools that others are using and possibly more. Feel the threat yet? <hr> <h4> Finally an extra </h4> Did you read <a href="https://technology.jaredrimer.net/2023/07/18/think-im-harping-too-much-on-checking-your-stuff-heres-why-you-really-should-this-is-a-true-story/">Think I’m harping too much on checking your stuff? Here’s why you really should … this is a true story </a> yet? As an extra, we play the audio podcast from <a href="http://www.cybercrime.radio">CyberCrime Radio </a> which sparked the blog post. This is of course within the last music set. Listen to the Cybercrime Radio piece, it really hit home on why this accompanying blog post was written.

On this podcast, a great video that was posted to Mastodon talking about what's coming to Android in 2023. But then I have questions dealin with the abuse of accessibility tools. Using Yellow Camera as an example, are these changes meant that people might be safer if they make a mistake? Contact info at the end. Thanks for listening!

On this edition of the program, we've got an open forum of topics. Lots of them have been covered through the years while others have been covered on the blog or TSB's email list. We hope that you enjoy the program as much as we put this together for you. See you next time!

Welcome to the security box, podcast 151. I hope that each and every one of you have had a great July 4th holiday. On today's podcast, we're going to have an updated discussion on BEC which stands for Business Email Compromise. On top of that, we'll see what else the landscape has to offer. We hope you enjoy the program and thanks for listening! <h4> Stitcher closing </h4> Stitcher is closing. If you are affected by the change, please contact me at jaredrimer at 986themix.com and let me know about it. Let me know what podcast you're coming from so I can get you a new link. They've let us know that they're shutting down as of August 29th, 2023. Thanks for your support of our podcast! <h4> Our Topic: update on BEC </h4> This time, our article comes from Phish Labs. Its a good one, and probably updates our stats on one of the businesses biggest problems, Business Email compromise. <a href="https://www.phishlabs.com/blog/what-to-know-about-business-email-compromise-bec-scams/">What to Know About Business Email Compromise (BEC) Scams </a> was written in April.

Hello folks, welcome to the Security Box, podcast 150. We're made it! On this podcast, we're going to talk about Ransomware gangs and the fact they're now using zero days. We may or may not have a moron, we'll cover the news and we'll see what else people have to say as the program progresses. <u> Some Strong Language. </u> <h4> Stitcher closing </h4> Stitcher is closing. If you are affected by the change, please contact me at jaredrimer at 986themix.com and let me know about it. Let me know what podcast you're coming from so I can get you a new link. They've let us know that they're shutting down as of August 29th, 2023. Thanks for your support of our podcast! <h4> Our topic, Ransomware gangs and zero days </h4> This week's article comes to us from Cyberscoop. Its titled <a href="https://cyberscoop.com/microsoft-zero-day-patch-tuesday-ransomware/">Ransomware gangs increasingly deploy zero-days to maximize attacks </a> and was tagged as a topic. For the 150th episode, this couldn't be more appropriate. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

We did have some participation, full notes are here. No replay on Clubhouse though, sorry about that! <hr> Welcome to the Security box, podcast 149. On this podcast, we may or may not have a moron, we'll definitely have news, notes and the landscape and a topic talking about a threat we thought was long gone. <h4> Good Job India, welcome to the moron of the podcast </h4> I stumbled across a video from a Youtube Channel which I am not familiar with. While Nick was in my JRN working room, I decided to see if there was an article about this. While the podcast gets a 9 minute video, check out this article titled <a href="https://tutanota.com/blog/posts/apps-banned-india">India first democracy to ban encrypted messaging apps on massive scale. </a> from a site called tutanota.com. They must be a news related site, name sounds familiar to me. Have fun with this one! Here's the <a href="https://www.youtube.com/watch?v=rCZDV6RIaxA">youtube video from Mental Outlaw </a> if you want to watch this instead of listening to it. <h4> Topic: Emotet is back, now a threat </h4> The article comes to us this time from Phishlabs. <a href="https://www.phishlabs.com/blog/emotet-returns-from-hiatus-trails-qbot-in-q1-volume/">Emotet Returns from Hiatus, Trails QBot in Q1 Volume </a> is the title. Are you surprised that this is the case? We know that Emotet was taken down in a crqackdown, but like most things, they come back in this industry. Feel free to view the article for complete details or download your copy of the show to hear our thoughts. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 148. On this podcast, I may have a complete moron with a company, we'll have news, notes and more. The topic deals with passwords and it isn't looking that great. <h4> Morons </h4> We stand in solidarity with you, Reddit users. Reddit is taking advantage of the situation just like Twitter did so many months before. Apparently, Reddit has decided to do the same thing. One article says they're only charging $0.24 per 1,000 calls to their API, but people indicate its much different. The cost is $12,000 per month or roughly <u> up to $20 million per year </u> according to some estimates. Here are the blog posts as of writing in regards to Reddit. <ul> <li> <a href="https://technology.jaredrimer.net/2023/06/11/accessibility-apps-will-be-free-for-api-use-on-reddit/">Accessibility apps will be free for API use on Reddit </a> </li> <li> <a href="https://technology.jaredrimer.net/2023/06/08/reddit-communities-to-go-dark-on-june-12th-setting-themselves-to-private/">Reddit communities to go dark on June 12th, setting themselves to private </a> </li> <li> <a href="https://technology.jaredrimer.net/2023/06/05/reddit-to-charge-12k-for-50k-calls-to-api/">Reddit to charge $12k for 50k calls to API? </a> </li> <li> <a href="https://technology.jaredrimer.net/2023/06/14/its-official-apollo-shutting-down/">Its Official, Apollo shutting down </a> </li> <li> <a href="https://technology.jaredrimer.net/2023/06/14/heres-an-ars-article-on-apollo/">Here’s an ars article on Apollo </a> </li> </ul> Van Nuys is not too far from where I live in a town called Woodland Hills. I go through there every time I take the bus. According to a KNX article which is very short, it says a guy from there was caught selling drugs on the dark web. <a href="https://technology.jaredrimer.net/2023/06/08/van-nuys-man-pleads-not-guilty-to-selling-drugs-online/">Here is the blog post from the tech blog titled Van Nuys man pleads Not Guilty to selling drugs online </a> which links to the KNX article. <h4> In Case you Missed it </h4> In Case you missed it, I finished <u> Tracers in the Dark. </u> It was a very interesting book, one I didn't want to put down until I did. <a href="https://technology.jaredrimer.net/2023/06/05/book-review-tracers-in-the-dark-by-andy-greenberg/">Book Review: Tracers in the dark, by Andy Greenberg </a> is the blog post and I'm not giving anything away. <h4> Our Topic: Weak Passwords </h4> Our topic comes to us from Cyberscoop. It was an interesting read. The article is title <a href="https://cyberscoop.com/google-cloud-threat-password-report/">Nation-state actors are taking advantage of weak passwords to go after cloud customers, Google says </a> and I found it interesting. This proves again that we need to make sure that our users are using strong passwords or pass phraises. Don't worry, Cyber Security Awareness Month is coming up, so TSB will be starting all over again with basic stuff when it comes to your security. I hope that every single person will enjoy today's program, and thanks so much for listening! <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 147. On this edition of the program, I believe I have a very interesting but true story that must be told with the names being changed to protect the innocent, or is it guilty? We've got a very interesting article talking about the structure of ransomware groups, and no, we're not talking about specific named groups, just something that probably wouldn't surprise someone who reads this type of news. We'll see what else the landscape has to offer with news, notes, questions and more. <h4> A true story that might include a moron? </h4> Someone recently got someone fired as part of a grudge where someone heard something they said and decided to look them up and email a copy of what they said to the employer. This is the first time we've seen this in the phone world and we hope it isn't going to happen again. Live version with names changed to protect the innocent, or are we protecting the guilty? <h4> Topic: What's going on with Ransomware groups? </h4> The following is a Trend Micro article which we found very valuable. <a href="https://www.trendmicro.com/en_us/research/23/d/unpacking-the-structure-of-modern-cybercrime-organizations--.html">Unpacking the Structure of Modern Cybercrime Organizations </a> is the title of this article and well worth the read. Question for readers and listeners to the live or podcast edition listeners, are you surprised? Let's discuss this one. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 146. On this podcast, we may have multiple morons; one is a definite, news, notes and a very interesting topic about the proxy services and what they're up to. <h4> Potential Morons </h4> <ul> <li> <a href="https://news.slashdot.org/story/23/05/24/1931213/48-states-sue-phone-company-that-allegedly-catered-to-needs-of-robocallers?utm_source=rss1.0mainlinkanon">48 States Sue Phone Company That Allegedly Catered To Needs of Robocallers </a> talks about the majority of the U.S. and how they're suing a telephone company in Arizona who seems to be catering to the robocallers by allowing customers to spoof caller ID among other things. </li> <li> <a href="https://www.hackread.com/free-vpn-service-supervpn-leaks-user-records/">Free VPN Service SuperVPN Exposes 360 Million User Records. </a> was found on Monday, the 29th. Class, what can we learn from this article? </li> </ul> <h4> Topic </h4> This time, we're going to talk about a very interesting KrebsOnSecurity article titled <a href="https://krebsonsecurity.com/2023/04/giving-a-face-to-the-malware-proxy-service-faceless/">Giving a Face to the Malware Proxy Service ‘Faceless’ </a> which was quite interesting. The first paragraph says: <blockquote> For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name. </blockquote> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

This program may contain some strong language. <hr> Welcome to the security box, podcast 145. On this podcast, we're going to talk about anothr Ransomware group that is out there that may be of value because while they may ot be targeting the states yet, they're attacking and we <u> must </u> be aware of what's happening. Besides this, we may have at least one moron, maybe more, we'll see what others have to say, we'll talk about the landscape and we'll also make sure you're informed the best we can. <h4> Topic </h4> Bablock is a very interesting piece of ransomware out there. The ransomware is based off of Lockbit, but may be different. Trend Micro will help us with this one. <a href="https://www.trendmicro.com/en_us/research/23/d/an-analysis-of-the-bablock-ransomware.html">An Analysis of the BabLock (aka Rorschach) Ransomware </a> is the article title and we hope you enjoy the program! <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 144. This show is an open forum. We had no particular topic in mind, but we talk about books, the landscape and more. The show may contain some adult themes, but it is very light at all. This may contain language or other situations. Please be aware of it. Thanks for participating and make it a great day!

Welcome to the security box, podcast 143. Today, we're going to have a very interesting discussion about the Relationship between Ransomware and Phishing. We know of at least one moron of the podcast, and there is possibly going to be one more. Of course, we'll have news, notes and any questions from the Clubhouse audience. <hr> <h4> Morons of the Podcast </h4> <h5> First Moron, a Russian on the Run </h5> There are two different articles out there about this one. One from Krebs and the other from Cyberscoop. <ul> <li> <a href="https://krebsonsecurity.com/2023/05/10m-is-yours-if-you-can-get-this-guy-to-leave-russia/">$10M Is Yours If You Can Get This Guy to Leave Russia </a> Krebs on Security </li> <li> <a href="https://cyberscoop.com/russian-charged-try2check-credit-card/">Russian national charged for role in stolen credit card verification scheme </a> Cyberscoop </li> </ul> <h5> How <u> Not! </u> to notify people of a databreach </h5> I saw a boost on Saturday about a breach with a company named Western Digital. That's nice, we have covered many breaches before. What I found was disturbing from Western Digital according to the boost. While they sent email out, the email was not accessible for those of us who use access technology; namely screen reading technology. I don't know about you, but I would expect the info not in graphical form, I would expect it in text just like you and I communicate already. <a href="https://technology.jaredrimer.net/2023/05/06/western-digital-apparently-suffer-databreach-sends-email-to-customers-in-inaccessible-way/">Here is my blog post from May 6th </a> that mentions this. As of show note creation time, we do not have any official articles from the tech press, but when we do, we'll be sure to pass it along. <u> Don't put breach notifications in picture form! It doesn't do anyone with disabilities any good. </u> <hr> <h4> Our main Topic </h4> The main topic comes from Phishlabs. The article is titled <a href="https://www.phishlabs.com/blog/what-is-the-relationship-between-ransomware-and-phishing/">What is the Relationship Between Ransomware and Phishing? </a> and was written at the end of March, 2023. This is going to get interesting. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

This show has sections of strong language, but not a lot. The disclaimer is in there just in case, but it is not much in the wake of strong language. <hr> Welcome to the Security box. This is program number 142 of the series and this time, we've got a topic which hasn't been covered before at least on our podcast. The topic covers a very interesting endeavor by the government to deal with Cybersecurity. Besides this, we'll see who gets a moron, we'll cover the landscape, and we'll see what else is of value. Hope you enjoy the program! <h4> Morons of the podcast </h4> One may not completely be a moron, but it qualifies as a group not just what the first item covers. The second, however, you'll just have to read to believe. <hr> 1. I'll put this one as a moron, but I really don't understand what seems to be going on over at schools lately. Its ok to keep information on children that have nothing to do with you giving them an education, and that information may include behavioral issues, SSN's and more. <blockquote> <a href="https://technology.jaredrimer.net/2023/04/27/this-is-beyond-repair-another-school-district-targeted-children-with-special-needs-targeted-as-well/">blog post </a> </blockquote> Brian Krebs boosted (retweeted) the following to his followers. Note that my blog post has the linked article, so I'm not going to link it within this section. It says: <blockquote> Doug Levin: NBC: Students’ psychological reports, abuse allegations leaked by ransomware hackers https://www.nbcnews.com/tech/security/students-psychological-reports-abuse-allegations-leaked-ransomware-hac-rcna79414 #edtech #databreach @brett via @kevincollier </blockquote> <hr> 2. Our second moron is more of the moron than the first, but <a href="https://technology.jaredrimer.net/2023/05/02/t-mobile-do-you-still-want-me-as-a-customer-i-dont-think-so/">here's a blog post titled T-Mobile, do you still want me as a customer? I don’t think so! </a> which has the latest on what they have been up to. It links to yet another article, talking about yet another breach. Should we be surprised in this industry? <hr> <h4> Topic: Highlights from the New U.S. Strategy </h4> This is a Krebs on Security article that we're taking from. He was tooting (tweeting) about this on Mastodon. The article is titled <a href="https://krebsonsecurity.com/2023/03/highlights-from-the-new-u-s-cybersecurity-strategy/">Highlights from the New U.S. Cybersecurity Strategy </a> and it was interesting. I wonder what will eventually happen with this? Haven't seen anything since this article was written, but maybe they're working on it and we'll see something soon. Only time will tell. <hr> <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

This is an episode that affiliates can run, and the program is under an hour. We'd like to thank the BBC for doing this research. Its definitely eye opening. The show notes, which include a link to the video on YouTube follows. <hr> Welcome to the security box, podcast 141A. On this podcast, we're going to provide you with a video. This video comes from the BBC, and it does leave some very interesting questions. Contact info is given at the end. What sparked this? This toot from Brian Krebs is what sparked this. It says: <blockquote> https://www.youtube.com/watch?v=w6JXZ3GzSCQBrianKrebs: Simona Weinglass of The Times of Israel is my new hero. Her video reporting on crypto investment scams is well worth watching. Tl;dw, it appears the biggest crypto investment scams targeting people in the UK were promoted by at least a half dozen of England's premiere football (soccer) leagues. These scammers managed to rake in at least a billion dollars, and could afford lucrative sponsorships that got their brand everywhere. As the former scammers explained, there's nothing real about the investment "earnings" shown to people who get roped into these scams: It's all just a digital mirage, and any money invested is gone. Her video series on the BBC zeroes in on who's responsible. Involves ride-alongs with German police as they worked w/ investigators in the country of Georgia to raid call centers working the phones for these fraudsters. https://www.youtube.com/watch?v=w6JXZ3GzSCQ </blockquote> If you're just here for the video, <a href="https://www.youtube.com/watch?v=w6JXZ3GzSCQ">this is the youtube link to the video </a> we give in audio. Thanks Brian for posting this! I found it very eye opening, and it even made me mad, but that's probably what we'd expect with what you'll hear. I don't blame them though, but you should hear or watch this and make up your own mind. <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the Security box, podcast 141. On this podcast, Cyberscoop is along to help us diagnose yet another ransomware group. They actually start by attacking Israeli schools, but will it stop there? Besides that, we'll have the news, notes from around the landscape, possibly some morons, and of course your thoughts. Our topic today comes from <a href="https://cyberscoop.com/new-cybercrime-group-darkbit-israel/">this Cyberscoop article titled New cybercrime group calling itself DarkBit attacks Israeli university </a> which we sent to the list in mind February. While we've not seen anything else on this, it isn't for us to keep our mind down as they could attack anything they want. We hope to see you on the show, thanks so much for listening! <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

This program may contain some infrequent occurences of strong language. <hr> Welcome to podcast 140 of the Security box. On this edition of the podcast, we've got two morons at least and a great topic that may still be relevant even though the SVB fiasco is now past us. We'll also have the landscape from people who found things of interest as well. We hope you enjoy the show! <h4> Morons of the podcast </h4> We have two morons of the podcast. <ul> <li> <a href="https://cyberscoop.com/trial-and-error-in-kuwait/">Trial and error in Kuwait </a> tells the story of a cyber security expert who almost went to jail for tweeting on something he found which is part of protecting everyone. The article itself is quite interesting, but what is more interesting is the fact that the bank didn't want this info out there to begin with. This came from Cyberscoop. </li> <li> <a href="https://www.databreaches.net/lawsuit-claims-mount-nittany-health-shared-private-patient-information-with-facebook-google/">Lawsuit Claims Mount Nittany Health Shared Private Patient Information with Facebook, Google (update1) </a> comes to us from databreaches.net. The fact that you didn't even notify customers or anyone else about the issue is just mindblowing. This definitely doesn't make any sense. </li> </ul> <h4> The FDIC and banks </h4> The FDIC did step up when it came to the SVB ordeal, but what about it and bank securituy? A watchdog says that they're not doing enough. The article <a href="https://cyberscoop.com/watchdog-warning-fdic-cybersecurity/">Watchdog warns FDIC fails to test banks’ cyberdefenses effectively </a> is one that you should read. We'll be taking this article apart as part of the discussion. Do you think they're doing enough? <h4> Supporting the podcast </h4> If you'd like to support our efforts on what this podcast is doing, you can feel free to <a href="http://www.jaredrimer.net/donations.html">donate to the network, </a> <a href="https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list </a> or sending us a note through contact information throughout the podcast. You can also find contact details on our <a href="https://technology.jaredrimer.net/contact-admins/">blog page found here. </a> Thanks so much for listening, reading and learning! We can't do this alone.

This podcast may not mean much for some, but to others, it might. This app is still much in development and is called Metro Micro. Los Angeles Metro is also getting a copy of the cast for their review. Here are the full show notes. Hello folks, welcome to the technology podcast. On this podcast, you'll learn about an app called Metro Micro. It is a new project by Los Angeles Micro which they're trying out. You'll have to search for Metro Micro in your respective app store if you want to take a look. You may also go to the Metro Micro page on metro.net to learn more. While most people may not need this, I figured some might, and we reach a wide variety of people so I'm going to put it out there.

Hello folks, welcome to program 139 of the security box. On this episode, let us talk about email for a bit. Yes, the thing you use to receive announcements about this podcast, maybe other programs you are interested across the network and other places and a way for businesses to communicate with you. According to an article, this method is still the best way to get ransomware and other things on your device. Why is that? We're going to have news and notes as well, maybe we'll find out as we post things between now and show time if there are morons, and we'll also see what the landscape brings. Topic: Email as a vector Today, let's talk about email. Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method comes from Phishlabs. We'll step through this article and see what people think. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Find news through the blog. Welcome to program 137 of the Security box. We've got a very interesting musings piece which we've blogged as well as another threat we need to talk about. Musing I've started yet another musings post, and this one came from Mastodon. I am not going to put the older posts in this category but will put new ones in this category. A very interesting musing thought piece is the article. The boost is quoted with the links linked as numbers for you. Maybe a Moron or just a news item? No April fools joke, man arrested for making swatting calls, faces 10 felony counts was the only post posted on April 1st. This was no April fools joke. The gentleman in question used Discord to post and share these videos and luckily nobody got hurt. You'll want to check out this article to determine what you think, and we'll determine where it goes and do it appropriately. Mimic ransomware New Mimic Ransomware Abuses Everything APIs for its Encryption Process comes from Trend Micro. This may be just as bad as Sandworm, if not worse. We'll discuss this Trend Micro article. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

I know I tried to get more podcasts out and this time I've got one. We'll see how things go, and thanks for listening! Welcome to the technology blog and podcast. On this edition of the podcast, we have got two different items. Roger Grimes has written a bunch of books, and he's also taught for as long as I have if not longer. He has a webinar on Cyber Security, and yes, we could play it on TSB but TSB is more for you to communicate with us on what you have questions on and what things we see. Take a listen to this and see what might be of value to you. Los Angeles Metro and Transit App are ending their partnership. Is this a great move? I don't honestly know. Metro did have a pretty bad app which I hated to use. The data was the samem, but I really like Transit App's interface. Los Angeles Metro will be discontinuing partnership of Transit App as their official app is my blog post after reading the source's post on this. Contact info is given at the beginning and end, feel free to utalize any or all of it. Enjoy!

Welcome to the Security box. This is podcast 137 of the program and we're not slowing down. At least, not yet. On this edition of the program, we've got at least one moron of the podcast, we've got a very interesting update on Sandworm and of course we're going to have some great news items as well as anything else from the audience. Morons of the podcast This blog post titled Kroger has serious breach, affects 82,000 people of postal prescription issues should be spotted. While Kroger is well-known for their super market chains, they apparently have a pharmacy department and that is what we're talking about here. They have the capability of sending prescriptions through the mail, and 82,000 people were recently notified. This is going to get very interesting. Two U.S. Men Charged in 2022 Hacking of DEA Portal was sent to TSB. Hacking in to a DEA portal that many agencies use must be put in as the moron of the podcast for sure. Nick messaged while show notes were still being put together and this was mentioned via voice. Great one, guys! Some news items Some of the news items may include but not limited to: Opinion piece: article talks about how TikTok didn’t make a case for itself Move out of the way, 55 vulnerabilities tracked in 2022 and these are zero-days Another hacking forum shut down … this is the breach forums 306,000 plus out of 476,000 plus domains reported as phishing Some we may have talked about, but these may be some that people could be braught up. Feel free to check out the accompanying articles and let us know what interests you! I happened to pop on Facebook for my once in a while look. Someone I follow happened to like Q-Link Wireless. OK, that's cool, but we need to remind people that Q-Link may be good for free cell phone service, but what about your privacy and safety? TSB will not tell you what you should use, just putting news out there about the things we read. Why is there “no password required” when accessing accounts? What not to do when setting up accounts for services podcast 39's blog post NVDA is now released for 2023.1. This blog post talks about what's up with it with a link to the release. Topic: Sandworm Did you read Sandworm? This is the blog post about the book titled: Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers and here is the book review titled: Book review: Sandworm. We found a very interesting article which we may have blogged. The blog post is titled Russia’s Sandworm hackers blamed in fresh Ukraine malware attack from Cyberscoop's site. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Hello everyone, welcome to podcast 136 of the security box. On this edition of the program, we're going to talk about a group that has quite a bit up its sleve. We also have a bunch of news from around the landscape, a familiar foe that could in theory get the moron of the podcast yet again and much more. We hope that you enjoy the program and thanks for listening! Possible moron I wrote a thought article on my blog with no accompanying article. Here is that blog post titled TikTok says: “We’re embedded” in to the operating system. I am not sure if this will be it, and if someone puts something else in, we'll add it to this list. We could in theory add this blog post about Bite Dance Surveiling journalists to this too. Topic: Vice Society This blog post titled Vice Society Ransomware Group Targets Manufacturing Companies is probably the beginning. This seems to be a new group and it seems pretty dangerous. While it hasn't targetted the United States yet, we know that anything is possible in this crazy world. Supporting our podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to podcast 135 of the security box. On this podcast, we're going to talk about the court system allowing the lawsuit to continue against one of the most proliferated companies who continue to claim they don't do anything wrong and their software that is used by law enforcement to solve crimes. Who is that group? The NSO group out of Israel. We'll also have news, notes, at least one moron of the podcast, but rumor has it that we have a few, and much more. Morons of the podcast George Santos has some revelations that has come out and an investigation has since been started. The blog post in question is right here, and is titled George Santos masterminded 2017 fraud case. It leads to a lengthy read about what the investigations entale although we don't know what will eventually happen. If you really want to talk about Morons, the FBI admitted to buying data which really should not be a surprise. We could possibly add Elon Musk apologizing for firing a disabled worker of twitter as well. This blog post about twitter news covers the fact that the root certificate has now expired and Elon Musk has since fired everyone of alue including the one who has delbt with the Root CA which was internal to the company, so now ... they're screwed. Don't forget the Freenom ordeal too. This blog post leads to Krebs on Security talking about this. I also put in some discussion about this too. Have any other possible morons? Do you disagree on some of these not being complete morons? I completely understand, but we do have at least two of them listed and others may just be complete stories within themselves. Musing I found this quite interesting in regards to Mastodon VS the rest of the Social Media universe such as Facebook, Twitter, Instagram and Tiktok. It says: Earle Zwicker: Boosting Ethan Schoonover (ethanschoonover): Stop thinking of Twitter, TikTok, IG, (et al) as social media sites. They are **Content Refineries.** Like processed food manufacturers they take user content & extract the most addicting/engaging content. Brains eat it up but in an unhealthy “devour the whole bag of chips” way. They make hyper-processed social media junk food. Mastodon is more like a potluck. We're all bringing dishes. It's a mess. Kids are running all over. But we are, at least, real people sharing real things. Our topic, the NSO group Supreme Court clears way for WhatsApp case against NSO Group, opening spyware firm to more lawsuits is the article that comes to us from Cyberscoop. Its going to be a very interesting discussion. We'll just have to see how it goes. Support our podcast. Let us know what you think or suggest topics. Thanks!

Hello folks, welcome to the Security box, podcast 134. This podcast is going to talk about PBKDF2, an encryption algorithm that is used in certain situations. We'll also have a moron of the week, maybe two, maybe more! We'll also dip our toes in the landscape and see what is on other folks minds. Morons of the podcast This first one is quite dumb. In fact, when I saw the boost which saw it, I had to title this the way I did. You Stupid F**k … its not going to look good for you now when you get picked up is my blog post on an article coming from a site called news24.com. Not only is this guy found guilty, you're going to read that he just chose not to even show up! How dumb can you be? This second one comes from this blog post about TikTok's newest challenge. There is some strong language with this post, and from at least two people, it is well warranted. I try not to use strong language in my posts, but this one is definitely beyond repair. The short of this, for those who may be offended by strong language, is that scammers will stop at nothing to either get their wares out or to cause as much harm as possible. In this latest twist, we have someone going aroudn claiming they can turn loved one's ashes to a sculpture or even a painting. They claim its free ... but it isn't. The article leads to this Kim Komando article talking about the TikTok Scam. If it isn't mentioned as part of this segment, which it just may, please feel free to weigh in on this one. Our topic, PBKDF2 PBKdf2 is one of many encryption types for passwords and the like. Here's the Wikipedia article on it as we take from the first two sections for now. There are replacements for it and its covered within this article, but we'll let you look this up later. Book Selection: Tracers in the dark I chose my next book. Tracers in the Dark by Andy Greenberg. During the podcast, we'll check in with folks to see where they are in this ... or other books that are on our list. This is my blog post talking about Tracers in the dark if you need it. I finally got my book review up for If it's smart, its vulnerable by Mikko Hypponnen. Here's that blog post if you're interested to see what I have to say about it. Supporting our podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

We have a round table today on the security box. Domains, schemes, scams, tiktok, the landscape and much much more on this open forum of the program. Hope you all enjoy the program!

Welcome to the security box, podcast 132. On this edition of the program, we're going to talk about a newcomer I think, one that might be and up and comer. We have a rumor that we might have at least one moron, but who knows how many. We'll have news, notes and other commentary as well. Rumor has it, we've got a surprise while making a phone call before last Saturday's security hour that someone who I thought wouldn't read books is reading the same book several of us are reading. Find out as you listen to the podcast edition of the program. Moron of the podcast Nick, our normal staple now a day, mentioned this story in passing. Turns out that do have a moron as you'll see in the accompanying blog post. As it turns out, other articles about this 90 million dollar takeover can be found, but my blog post This was mentioned as our possible moron of the podcast … a suspect found guilty but attorney will appeal has the details and some very interesting questions I think we need to talk about as this gentleman, Vladislav Klyushin, is our moron of the podcast. You should've stayed with cybersecurity and you would have been OK. Enjoy your award, the hammer is down on you this time. Dark Pink This week, we learn about a new group out there called Dark Pink. Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations is the article and it comes from Cyberscoop. Come with us as we take this malware apart and talk about what its up to. It comes from a group as you've probably read if you found the article through our list or even blog. This is going to get very interesting. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

One sware word within the first hour and 15 minutes. A note has been placed in the audio for folks who need to be aware of it. Full notes below. Hello everyone. Welcome to program 131 of the Security box. I hope you'll enjoy what we have to offer you today. On this podcast, we have a rumor that indicates that we'll definitely have at least one moron of the podcast, maybe more. We'll also have the topic of the Q4 threat trends Report from Phishlabs as well as questions, comments and more. We hope you'll enjoy the program and thanks for listening! Here's a moron set for you There were two articles in which broke this, and it definitely fits our Moron of the podcast. This blog post from February 10th has links to each of the articles and initial thoughts. Also, I'm not too sure about this one, but we could probly fit this IRS update from February 10th as well as this blog post talking about an article by Andy Greenberg and a guy who thinks that he won't be caught as he apparently got a mixer going on and he's supposedly taken the right precautions. If you have anything in this category, feel free to mention it by sending us an email, an imessage, find me on Mastodon and even text or whats app me. Our topic Seems like QBot is back in the news as the top threat in this last quarters report from Phishlabs and Fortra. The article is titled QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4 is the article we'll be taking from. It was posted to TSB's list last December, and of course, I do try and cover it. The threat may still be there, and with all of what we'll be talking about here, all of these threats have not gone away. Supporting our podcast and work If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Hello everyone. Welcome to podcast 130A. We're going to rebroadcast a podcast from Cyber Crime Magazine about the book Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency which is also linked on our resources page. I found the program of interest, and this could in theory be my next book. I hope that everyone enjoys this interview about the book!

Welcome to the security box, podcast 130. On this show, we're going to talk about a very interesting article that covers the fact that Coppa is out of date and congress hasn't done anything about it. We'll have news, notes, commentary and more. Who knows, will we have a bonehead award of the podcast? We'll have to see. Topic: Coppa and Congress I blogged this one, and on this podcast, we're going to discuss State legislators aren't waiting for Congress to regulate children's online privacy. It was quite interesting to see that Coppa is needing to be changed yet companies aren't really following it like they should. Adult disclaimer This program may contain some strong language. Parental desgression is advised. This means its an infrequent occurrence, but there.

There is one spot where some strong language is used within the following podcast. We want people to be aware of that. Its only one word, but due to rules and regs, we must bring this up to the listener. Hello folks, welcome to the security box podcast 129. Last week, we talked about the government, but there's more to the story in which people may not be aware of. Apparently, there has been a watch dog group out there taking reports on what the government has or has not done. The article is titled Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations and was covered by Cyberscoop. This is a very interesting article which we'll be stepping through. Besides that, my hunch may indicate that we'll have a moron of the podcast, people may have questions, and we'll see what the show has in store.

Welcome to the Security box, podcast 128. On this podcast, we probably have two morons of the podcast, one of which should've gotten it before we came up with the idea. We also ask the question, What's going on over at CISA? This acronuym stands for Cybersecurity and Infrastructure Security Agency. Seems as though they don't know what's going on, or at least might be confused. Moron of the podcast We have listed both morons of the podcast by listing the basics of the story and links to the stories themselves. 1. It seems as though T-Mobile has had yet another breach with at least another estimated 37 million consumers, whether prepaid or postpaid. New T-Mobile Breach Affects 37 Million Accounts Krebs on Security T-Mobile investigates yet another data breach, this one affecting 37 million accounts Cyberscoop 2. The second moron goes to a guy in Russia that thought it would be fun to launder crypto currency. Not only was he funneling Crypto, but he was the founder of a crypto currency exchange. Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested comes to us from Cyberscoop and hasn't been blogged as of yet, but will be. Topic: What's going on at CISA? CISA has been known to send notifications via an email list that people can subscribe to. How I got on it, I don't remember, but it has since changed the way things are sent. Regardless, the article Insiders worry CISA is too distracted from critical cyber mission is our article that will help us with our discussion. It also comes from Cyberscoop. Other stuff I know that Nick missed last week's program so we'll give him an opportunity to get on the program and talk about anything from last week. We'll go through news, notes and other things too. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

On this podcast, a video voice mail update and why didn't Lastpass let us know what's really going on with their breach? here is the blog post that I wrote with the accompanying article that I talked about during the second segment. Contact info is at the beginning and end of the program.

Welcome to the security box, podcast 127. This time, we're going to talk about something I don't think any podcast has ever covered. What that might be? That would be Bullet Proof Hosting. What is it? Why is it such a problem? How can you stay away from companies that allow such a thing? We'll take from Wikipedia's write up on Bullet proof hosting but we aren't taking the entire thing. This term (written as bulletproof hosting) will be also included in this week's EMHS updates. The podcast will also have any news and notes, updates on the particulars of screen readers and what they have to help us deal with the ongoing threats for looking at links, and much more. If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

We like innovation.  Philmore Productions has now released Video Voicemail to the public.  He first showed it at CES, the Consumer Electronics Show.  Feel free to check it out, look it up and see if it is something you want to use.  Commentary on what a caller experienced is given and thoughts on this as well.

This program does not contain any strong language or adult content. Hello folks, welcome to the security box. On this edition of the program, we're going to talk about your security posture. We've got two bonehead of the day awards and plenty of discussion both in news and our main topic! Stay tuned for our next podcast, we'll be here again soon!

On this podcast, learn about the domain registry, a company who basicly lied to me and told me something I couldn't even do to begin with. Turns out this company is a liar, possibly a scammer and no, they won't be linked as their web site is not all that accessible as I asked.

Welcome to podcast 125 of the Security Box series. On this edition, let's talk about a new book we found during the break, one in which might be of interest since we're going to talk about security posture later. The book is titled The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime by Renee Dudley and Daniel Golden. While it doesn't cover your posture per say, it does cover a team who is behind you in the fight and understands the struggles. You see, its not all your fault, we understand that. You could even do everything right, including having the right training. Next, we're going to cover two articles that cover the year end review and what is coming up in predictions for 2023. Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3 Phishlabs Financials and Card Data Top Q3 Targets on the Dark Web Phishlabs We may have blogged these, but if we haven't, they'll be blogged as part of the podcast show notes which these are. Besides that, we'll have plenty of things in news if we can remember it all, and of course, we'll have lots of discussion on things that might not be in the roundup. We hope you enjoy this edtion of the podcast, and thanks for listening!

Hello everyone. Welcome to podcast 368 of the technology podcast series. On this podcast, we're going to put out the file that talks abot Tiktok being used for financial advice. TikTok is at it again, now we have fintok was blogged on December 30, 2022 with an article talking about this by our digital goddess Kim Komando. While Social Media is not knew, TikTok has been treading on thin waters. You can search Tiktok for all of the news coverage we have on our blog. We've decided to put out this and other things for discussion and to keep this podcast going. I hope that this will be of interest, and we'll see how it goes. Contact information is available on the blog and within the podcast itself. Thanks for listening, and make it a great day!

On this edition, we talk about utech's update to version 2. We also have thoughts on how we might be able to keep this podcast going. This is the last podcast of the year from the network. Enjoy!

Welcome to the Security box, podcast 124. On this podcast, we've got news coming out of Security Now about another root Certificate company that is no more. We've got news and notes from around the landscape, and Ransomware payments have hit at least a billion dollars. All this, including questions, comments and other miscellanious activity on today's show. Trust Core Security Now podcast 900 is full of questions. One of which for this podcast talks about another trust certificate authority that isn't. The apparent company is called Trust Core. This reminds me of the Hong Kong post office and why they were a trusted certificate authority. We've never covered certificate authorities and maybe we need to. Let's just say that they intercepted traffic and installed malware. EUFY not telling the truth I don't have any articles, but SN 900 covered this and I saw a notice from Malware Bytes. They say that footage from their cameras are not send to the cloud, but an Ars Technica article mentioned by Stieve indicates otherwise. The company Anker (not to be confused with Anchor) says this is not the case. Ransomware costing a billion dollars Ransomware costs top $1 billion as White House inks new threat-sharing initiative is a Cyberscoop article and our main topic. If we can share intelligence, maybe we can better defend against these problems and maybe Ransomware can be slowed down. We'll see how it goes.

I'd personally like to thank Herbie Allen for his time running the stream during our internet outage today. Thanks friend! Below, please find the show notes for today's program. I hope to see you all next week! Welcome to the security box, podcast 123. Today, we're going to cover the psychology of passwords 2022 report. We'll also have the news from around the landscape, maybe an asshole award of the podcast if one is warranted and much more. I hope you enjoy the program as much as I enjoy bringing it to you. The Psychology of Passwords report The article we're going to take from this time is New Report: 2022 Psychology of Passwords from Lastpass. Wile most people receiving some cyber security training during the pandemic probably learn a few things, 62 percent still reuse passwords. The article links to the full report but we'll only talk about what is in the article itself. Maybe we can apply it to this community and give our thoughts on how this community should shift its thinking.

Hello everyone, welcome to the Security Box. We did get a callin that we didn't know wanted to call in to let us know some things, but we got it all working out. This may affect may different people and we hope that this is a learning experience for you. Please stay safe. Welcome to the Security Box, podcast 122. On this podcast, we will be covering some news that came out of Freshbooks on Wednesday, November 23, 2022. We'll also be covering Card Skimming and how it disproportionately is a disadvantage to people who use EBT cards. We'll also have plenty of news and notes from around the landscape and we'll also see what else people want to talk about as we return from our Thanksgiving break. Freshbooks As we blogged on November 23, 2022, Freshbooks became victim to Phishing. The company itself did not get phished, but people who are customers and non-customers were hitting Freshbooks's Twitter asking if emails were real or not. Freshbooks reports that these emails are fake, and said that emails come from freshbooks.com or any of its properties and not from anywhere else. The technology blog and podcast's coverage of this event On November 29, 2022, they indicated to the JRN that while there was no incident, the phishing uses other domains that is outside of Freshbooks itself. They linked to an FAQ titled What Emails Are Sent Out of My Account? Please read this FAQ if you're a freshbooks customer or get email from them as a customer of someone who pays to send invoices. EBT cards are now a target In our main topic, we're going to talk about EBT cards and what is happening with them. We also learn that there's a lawsuit to get states to actually do something if something goes wrong. You'll understand why as the discussion is done. Here are the articles: How Card Skimming Disproportionally Affects Those Most In Need Krebs on Security Lawsuit Seeks Food Benefits Stolen By Skimmers Krebs on Security We thank each and every one of you for listening, participating and most of all, reading the blog. Without your participation and listenership, this program wouldn't be what I'm trying to make it. Remember to check out email host security which is a site that'll help you navigate the Phishing landscape. This site is sponsored by the Jared Rimer Network and I hope people will learn what it is about, check out the companies and resources and of course the terms. Starting with this podcast, the podcast is commercial free thanks to a donor through the JRN. If you'd like to donate, go over to our donations page where there is a Paypal button and links available to use to donate one time. If you want to make a monthly donation using a credit card, let me know and we can make that work. We thank you!

On TSB 121, we're going to talk about whether it is a good idea to be using various services like 4sqare, facebook and other check in services to check in to places and post to social media. This started after someone complained on Facebook about how the auto checkin broke, and how they wanted to have it work so their friends on the other side of the world can be confident he made it OK. We'll also have news, notes and conversation about other things that people want to talk about as well. Thanks so much for listening! Asshole of the podcast We haven't blogged about this yet, but the article is titled LockBit ransomware suspect arrested in Canada, faces charges in US which comes from Cyberscoop. We'll be sure to blog this one. Other things I went through the blog and we discussed some of the things that have been posted. Make sure you check out the blog for other stuff including this linked article and feel free to comment.

The Security box, podcast 120 has plenty in this program which is over 3 hours in length. We have at least one asshole of the podcast, possibly two, you judge. This podcast talks about the landscape and your money, talking about tools and techniques that you might be able to use to make sure you're as safe as possible. We talk about the podcast scheduling, what's coming up, and the scheduled breaks. Asshole award of the podcast and related content This blog post I title Hacker charged, hacked psychotherapy center, demanded ransome and went after patients to pay leads to an article with a very interesting story. This guy has been charged with ransoming and later bankruptring a psychotherapy center. Apparently, the suspect named has been convicted with over 50k of various cybercrimes since the age of 17. There's more, read the linked blog post and article for complete details. Also in a related asshole of the podcast this blog post tilted We’ve got an update on the raccoon developer talks about an article where the developer of the latest piece of malware got in trouble because his girlfriend decided to post their whereabouts on the all too famous "Instagram." Shoudlv'e thought about this possibly? There are other news things we cover, so visit the blog for complete details.

On this podcast, we cover the launch of my newest project, then get in to social media and the intricacies of it. Hope you enjoy the show! I enjoyed doing this show, and this is one of those that may go over like this one did. Its not common, but it does happen. This is program 119 of this series. Thanks again for listening!

On this podcast, Armando from the Mix and I talk about technology and independence. In no way are we saying to be independent on everything, but research and contacting support when you need it is key. Enjoy the show!

Welcome to podcast 118 of the Security Box. On this show, we're going to talk about books. Not all books may be covered due to time constraints, but we'll list all of the ones here. Question is, what kind of books? These books are dealing with security in one way or another. The list may contain multiple books, and are split up in to authors. We'll have this in a multi-list format where the main list is in author, and sublist will have the books. Books may be available via other sources that the blind and disabled can access including Bookshare, the NLS, and apple books. The NLS Bard page can only be accessed by eligible patrons and will not be linked here. All linked books come from Amazon or its affiliates, but you can search the book titles separately to find the price that fits your budget unless bard has it already. From this list, we do know that BARD only has one book, but that could change. Check Bard often, you never know what will be posted there. Besides that, we'll have news, notes and more. Now, here are the books and thanks for listening! Mark Russinovich Zero Day: A Jeff Aiken Novel (Jeff Aiken Series Book 1) Trojan Horse: A Jeff Aiken Novel (Jeff Aiken Series Book 2) Rogue Code: A Jeff Aiken Novel Scott Schober Hacked Again Cybersecurity Is Everybody's Business: Solve the Security Puzzle for Your Small Business and Home Senior Cyber: Best Security Practices for Your Golden Years Kim Zetter Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon Mikko Hyponnen <a href="https://www.amazon.com/If-Its-Smart-Vulnerable-ebook/dp/B0B544M8N4/ref=sr_1_1?crid=3R0A5K9O4M6HL&keyword

Hello folks, welcome to the Security Box. On today's program, besides talking about the beta of EMHS which is still in development, we finally touch on something I tried to cover in earlier podcasts. What is that, you say? That's DomainKeys Identified Mail otherwise known as DKIM. We've been needing to cover this for quite awhile, but I'm not familiar if whether we did, and while other topics we've covered on NCSAM this year we've covered in the past, this one I don't think we did. We also cover the news from the blog and other things on participents minds. I hope that you enjoy the program as much as I have bringing it together for you, and thanks so much for listening! We can't do the show without you.

On this program, I'm alone today talking about SMS and its very interesting issues. I'm not saying its a bad thing, but there are things about it that can be of interest. The linked article may need work, but can be used to gain knowledge. Knowledge is power, and we don't cover it word for word. I hope you all enjoy the program as much as I have bringing it to you, and we'll be back next week. The podcast today is sponsored comercial free by The Jared Rimer Network. Visit me on the web to learn more about me and maybe you'll find something of interest.

Welcome to program 115 of the Security box. Today, we talk about domains and SSL and plenty of news stuff too. The first hour and a half of the over 3 hour program is news related, check the blog for complete details on things or subscribe to the TSB list itself. Some of the stuff we talk about is already on the blog, others are not, but plan to be. As far as domains go, when we talked about Phishing we mentioned the fact that I published several resources on checking whether a domain exists and when it was registered and possibly by who. This was in reference to an article talking about Ian Phishing scams that might be out there now. Please be safe! Here are two resources: ICANN Lookup Who Is Lookup from Network Solutions There are other tools to look up domains, and we can't forget about the ICANN web site and their work to keep domains at least here in the states in good working order. Another thing we talked about but not in great detail is Transport Layer Security which SSL is now known as. We're providing the Wikipedia page as a reference since I didn't go in to a lot of detail on it. If people want me to, I can do that. If we've forgotten something that we should mention as part of this discussion, please send a note and let me know about it. There is always something to talk about in this space, and I can't think of everything, or think it may be too technical. You can always contact me through my web site and I thank each and every one of you for participating this week. See you next week!

Welcome everyone to the Security box, podcast number 114 on the technology podcast series. On this podcast, we cover some of the news from around the landscape, and then we start NCSAM. What is NCSAM you ask? It stands for National Cyber Security Awareness month, and various countries call it something different, and may cover different things. On week 1, which officially starts on October 1, we talk about passwords. Besides learning about 10 passwords that you should probably not use, the artivle we take from takes this in to aidifferent demention, covering different categories like food and drink, curse words, sports and more. The article is titled Most common passwords: latest 2022 statistics and it comes from Cybernews. Looks like they did a great job with it! We hope you enjoy the program, and thanks so much for listening!

Hello folks, welcome to the security box. &nbsp;We had 10 people in our room today, and we hope you enjoy the program. &nbsp;Here are the show notes of today's program, and we'll see you next week! Welcome to the Security box, podcast 113. &nbsp;On this episode of the program, the biggest topic is "Violence as a service" as it is being talked about on multiple podcasts. Have you read the article by Brian Krebs titled &lt;a href="https://krebsonsecurity.com/2022/09/violence-as-a-service-brickings-firebombings-shootings-for-hire/"&gt;Violence-as-a-Service: Brickings, Firebombings &amp; Shootings for Hire &lt;/a&gt; and if you did, what did you think about it? Seems as though this is going to get very interesting as actors as they're known in the industry will be changing their tactics to something like this. Besides this, I hope that you'll come join us and comment as we'll have some news from around the landscape, thoughts on other things of interest and of course questions and comments from the audience. &nbsp; Thanks for listening and participating and we'll see you on another edition of the program!

Who Knew! Podcast 112 is going to talk about one time passcodes being a corporate liability to business, as actors or cybercriminals can take advantage of the common user to give up these codes so they can log in and take control of one account. How 1-Time Passcodes Became a Corporate Liability is the article we'll be referencing, and there is no wrong answer when giving your opinion on this one. This article comes from Brian Krebs, shortly after the fiasco that we didn't talk about last podcast which the article that finally got published covered, his blundering mistake which wasn't IMHO. With that said, we'll have news from around the landscape and we'll see what others within the club have to say about this or anything else on their mind.

110 is what it is going to be if not hotter this week, so podcast 110 is hot! Hello folks, welcome to the security box, podcast 110. On this edition of the podcast, we're going to cover news, notes and other things around the landscape. Besides that, it seems like Paypal may be in some big time scam problems as their invoicing system is being abused. Learn about it as we talk about the article PayPal Phishing Scam Uses Invoices Sent Via PayPal which was written by Brian Krebs. Besides all that, the news as mentioned above, and this topic, we'll see what other topics might come up as the show progresses. I hope you enjoy the program as much as I am bringing it to you! Thanks for listening!

Welcome to podcast 365 of the technology blog and podcast series. On podcast 365, we talk about U-Tech and the recent new lock I got. Its probably not the best demo I did, and there are some accessibility issues and crashes but I thought I'd put it out anyway. I hope that you will enjoy the program as much as I am putting it together, and make it a great day!

On this podcast, learn about what threats we face as part of the q2 report from Phishlabs. Go over to the blog for complete details in articles and ways to download the report. Enjoy!

Welcome to the Security Box, podcast 109. On this podcast, besides doing a recap of the news because of our tech problems, we're going to cover some court news that probably doesn't surprise some of us. The article is titled Federal courts left Americans' data exposed, senator tells Supreme Court chief justice and it comes from Cyberscoop. We'll also see who may be in clubhouse, brings up any questions to ask, and we'll see what else the program has to offer. Find something you'd like to have us talk about? Why not subscribe to our discussion list through the mix, or find a link on the blogroll for the security box email list. We would love to have you. Feel free to say hey!

The show got off to a rocky start, but what show doesn't have tech problems? We cover the news, and we cover two topics and we're comercial free. On podcast 103 of the Security box, we talked about some proxy services that could have been deemed bad proxies. Now, in another two-part section, we learn that all of these proxies are now down. What happened to these proxies? 911 Proxy Service Implodes After Disclosing Breach No SOCKS, No Shoes, No Malware Proxy Services! Both of these articles are by Krebs on Security and both were very interesting to read. Besides this, we're going to cover the news, we'll see what people have decided to bring up, and we'll see what else we can find for this program. Hope you will enjoy the show, and thanks for listening!

Welcome to program 107 of the Security box series. On this edtion, we're going to talk about something not too many people know about. Its called Gootkit Loader’s and they can be very dangerous. These can contain something called fileless malware which makes detecting them harder. Trend Micro has talked about fileless malware before, and you can put in fileless malware plus adding trend micro to find postings covering this topic. The article we're going to cover on podcast 107 is titled Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike and it does come from Trend Micro. I hope that you enjoy this discussion, because it can affect you if you don't know the signs of what to look for as it can come in many forms including email. Besides this, we'll see what people in clubhouse or the list want to talk about, and we'll go through news and other things posted as well. Thanks for listening and make it a great day!

Welcome to podcast 106 of the Security Box. No, we're not covering animals, but there is a new term called Pig Butchering that is now out there. According to the article, it seems to be covering a lot of varying scams which may include Crypto, romance, and investment just to name a few. Don't let me tell you about it in the show notes, the article is titled Massive Losses Define Epidemic of ‘Pig Butchering’ and it comes from our buddy Brian Krebs. Besides that, we'll go through the blog, we'll see what other things participents want covered, and maybe we'll answer any questions that might come across. Thanks so much for listening and make it a great day!

Welcome to the Security box, podcast 105. On this program, we're going to talk about GPS systems and something that may affect everyone who drives and uses a certain product. This is a Cyberscoop article titled Attackers can surveil, disrupt vehicles outfitted with popular GPS tracker, CISA warns which was quite interesting. I also spotted this being covered by Kim Komando and her staff. I blogged about it in this blog post for those who want to link to it. We also will have news from around the landscape and whatever else people want to cover that they have read. Hope you enjoy the show!

Hello flks, I am going to say that this is the first podcast we've done in about 2 months or so, maybe more. I'm happy to finally have something to present today, and this is going to get rather interesting for a 104 minute podcast. Here are the notes! On this episode, >Scalars Publishing has an educational book for learning UEB. They have other books as well, but we talk about the educational book today. How did I find out? Through a student who has asked for some help. Perky Duck from Duxbury Systems is discussed and demoed, and we also have some IOS news for those who don't know. This news is in regards to voices that some may know of, but some may not as we have sighted listeners that may not know. I hope to have another podcast soon! Thanks so much for listening, and I'll be back real soon!

Welcome to podcast 104 of the Security Box program. I hope that each and every one of you enjoyed our look back at the two year anniversary and what might have interested people during the past year. As I prepare for podcast 104, if you, the listener, want to contribute thoughts on what interested you from the past year or even since the show's inception, please contact me through the contact the DJ's page on 986themix.com or listen to the program for full contact details. On this edition of the program, we're going to talk about an older article titled DEA Investigating Breach of Law Enforcement Data Portal. Its a Krebs on Security article which was sent to the Security Box list in the month of May. The sad thing is, we've not heard anything since, and that may not necessarily be a good thing. Besides that, we'll check with listeners who have decided to join us on Clubhouse and other participants to see what has caught their attention through the landscape. If there are questions by people who are new to the program who have basic questions, we always allow those, so please submit them to us or participate live. I don't claim to know everything, and even the best don't, but with all of us working together, we can learn and give some advice to try that might help. I look forward in continuing this program, and I hope that people will at least check it out to see if they find it of value. I thank those people in the industry that post articles that we can ponder, discuss and possibly question. Thanks for listening and make it a great day!

Hello everyone, welcome to the Security bbox, podcast 103. With only one week missed due to commitments, we've reached the two year anniversary of this program on the mix. I hope that we can continue to provide plenty of material as this community still needs to learn what is out there to protect themselves. Nobody is perfect, even yours truly has made mistakes. The question is, do you learn from yours? As we reflect, podcast 52 which was on July 14th of last year, delbt with the water hacks which could have done some serious damage. While we overcame that and learned from that, we've got a bigger issue and that has been the war that Russia has been involved with as Ukraine was its first target and now they're going ahead and targeting other nations. We talked about this war and its potential impacts on this very program and other rooms on Clubhouse. Now, some of what you might see and discussed on this and other circles will be coming true as predicted. No expert said when it would happen and if, but it seems that it is. With that said, today's main topic is going to cover two articles and one man. The first article is titled Meet the Administrators of the RSOCKS Proxy Botnet which was quite a read if I should say so myself. The second one even gets more interesting. Its titled The Link Between AWM Proxy & the Glupteba Botnet and maybe you'll have comments on this. Besides that, we'll have other topics that may not be listed here in our notes, like for example, things that caught people's eye from our list and or blog. Want to subscribe to our list? The Security Box list can be found by clicking on the link and going to its page through our partner, The Mix. I hope that you enjoy the program as much as the JRN and its participants enjoy bringing it to you. Remember, we can learn together. Thanks so much for listening, reading, and participating! Keep learning!

Hello everyone! Welcome to podcast 102 of the podcast. On this edition of the podcast, we'll step through one of the best emails I've ever seen. I saw this at the end of June, and it woke me right up. It is the best email that would prompt an issue that may not be the case, if you actually stop, look and do your due dilligance. blog post As our topic, we're going to talk about the Cyberscoop article Lawmakers want to restrict user data sales to nations like China, Russia which was read. The article will end up getting blogged, so check the blog for thoughts on this one. We'll also see what else comes up in the landscape that people want to talk about as well. Hope you enjoy the program!

Welcome to podcast 101 of the Security Box Podcast series. On this podcast, we did find another "Asshole of the podcast" award. We also are going to talk about Google finding something very interesting in their research department. Asshole of the Week This time, our Asshole comes from an article by Brian Krebs of Krebs on Security titled “Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison which was quite interesting. Wondering why only two years when DDOS is quite significant and can cause a lot of headaches among what's going on and how to fix it? Google This time, Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan comes from Cyberscoop. Found this article quite interesting, and I bet you do too. Besides that, we'll see what the people on the Clubhouse have to say as well as possibly other things that might not be blogged or sent to the list. Thanks for listening to the show, and we'll see you on another edition!

Welcome to podcast 100 of the Security Box. I can't believe this series is already at 100, and its been growing strong with lots of discussion, and of course comments on things that people have found of interest. I hope that the show can continue to grow, and with partners in the industry, we will continue to bring you things that might not be covered elsewhere in much detail if any. Today, we're going to bring the bonehead award, with an article we'll summarize in a segment called interestingly, the "asshole award of the podcast." For this podcast, the article U.S. marshal used controversial cell phone location service to illegally access data, DOJ says from Cyberscoop. The Marshall definitely needs this award, and you never know who will be next. Don't abuse the privelage of the access you're granted to do your job or you'll possibly get caught. On this episode as well, we'll cover two different topics. The first, Privacy legislation might provide a powerful guard against online identity fraud might have some teeth if everyone is on board. I definitely think that this should be covered because we talk about the fact that companies have our data with no recourse if something goes wrong.. Maybe that'll change? In a related note, we've been getting calls from various folks about vehicle warranties, other notices from companies that don't identify themselves and the like. In an article titled INTERPOL raids hundreds of scammy call centers in sweep it talks about how many different people have been picked up due to the number one thing that gets people, social engineering. If you've not read this article, you should. It might be a start to something that hopefully should go down at some point. Of course, we'll have comments from others who participate in the taping and live broadcast on Wednesdays, and possibly other topics not listed here too. Thanks for reading, participating, and listening! I greatly appreciate your support.

Welcome to the security box, podcast 99. We're excited to bring you another great show. First, in our chat section, we're going to talk about KrebsOnSecurity in New Netflix Series on Cybercrime which I've already bookmarked as I signed up for Netflicks. I also watched another movie titled Cyber Hell. (subscription required) Movies and documentaries like these are great to get out in the community, and the Cyber Hell movie I heard of somewhere, probably on clubhouse. There's more including one I talked about some time back, but this will get us started. If people have things they want us to talk about during other news, we can definitely talk about it. In our main segment, we're going to talk about Shields Up. No, not GRC's program, no not a submarine shield, but our shield. 'Shields Up': the new normal in cyberspace is our Cyberscoop article. All this, your thoughts, comments and other things on this week's edition of The Security box. Enjoy!

Welcome to the Security box, podcast 98. This is a bit of a technical difficulty show, starting with Clubhouse having some sort of trouble, and then the software too. Despite these, the show went on. We had a chat session that talked about social media and Paypal, see the blog for Paypal. The main topic is Chinese state media propaganda found in 88% of Google, Bing news searches which we step through. If you have any questions or comments, please reach out. Thanks so much for having an interest in our show, and we'll be back next week!

Hello everyone. Breach Fatigue is probably on everyone's minds, and I think its time that we talk about it. Luckily, there's an article titled Combatting Breach Fatigue comes from Lastpass and I thought it should be talked about. Even though last week's podcast had some good content and could in some minds be non-security related, between all of that stuff and this, who could blame me for last week? Besides all of that, we will see what people have for what they want to talk about in the news notes section. All of this and other thoughts will be part of the program. Enjoy what we have for you and I hope no tyraid today. Thanks for listening!

Welcome to podcast 96 of the security box podcast series. We're going to bring back news notes for this program, and we've picked out some good stuff. Some may be on this blog, other may not be on this blog. Our main topic is going to talk about the Health Care Industry and whether it is as secure as possible. The reason why we're going to talk about it is plain and simple, there have apparently been two more attacks on the health care industry, yet, one of them is a non-profit. The article is titled Ransomware group strikes second U.S. health care system in the last two months. I bet that there will be a lot of talk on this one, even as we read the notes on this. I've got plenty more things lined up for the podcast, so please feel free to stay tuned and learn with us. Some may be a bit older, but yet worth talking about. Remember to subscribe to The Security Box list as we post items and you're welcome to discuss them on list. We thank you for listening to the program and we'll see you on another edition of the program next time!

Hello everyone, welcome to the security box, podcast 95. On this program, we're going to talk about one vulnerability that affects big internet appliances at a CVSS score of 9.8. We'll see what else comes up including some Crypto news and things posted to our list and what type of order it'll all be in. The main article we'll be covering is titled Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating which comes from Ars Technica.. Ars is probably not going to be the only one covering this, there will be others out there too. The JRN hopes you enjoy the program, and thanks for listening!

Welcome to podcast 94 of the security box. On this edition of the program, we're going to talk about emergency direct requests (EDR's) as there are now actors out there that will use Fake EDR's for getting what they want. There are two articles, both which I read. Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline Cyberscoop Fighting Fake EDRs With ‘Credit Ratings’ for Police Krebs on Security I read the Krebs article first, and some time later, I found the Cyberscoop article which was quite interesting. Besides that, we'll be seeing what others have read, although I've been working and not blogging much between podcasts. I hope that you enjoy the program as much as we are putting it together, and thanks for listening!

Welcome to the security box, podcast 93. We do cover some very interesting topics today including the recent news about our Amazon devices. blog post Besides our amazon devices, we're going to talk as well about an Antivirus program with interesting accessibility isues but also coming with a VPN that can monitor what you're doing. Maybe a problem much? Our final topic is a big huge problem which we need to be aware of. The article is titled New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware which is quite interesting and really worth the read. While it is only targeting gambling sites for now, this thing is packed full of problems and problems which can really cause you not to have a computer if you still have one. Have comments for the show? Contact details are in the program, and I hope you enjoy! This program was aired on the Independent channel on May 4, 2020 and was rebroadcasted on May 6, 2020 through Blue Streak Radio. It airs through their network on Fridays from 8 am CT until its conclusion. I hope that each and every one of you enjoy the program as much as I am bringing it to you, and next week, we've got a great topic dealing with emergency data requests. You don't want to miss it! See you all then!

Hello everyone! Welcome to the security box, and this is program 92. On this program, we're going to talk about Conti, again. The article is titled: Conti’s Ransomware Toll on the Healthcare Industry which was quite interesting when I read it. Besides that, we'll see what others found of interest through the landscape and I'll talk about some stuff as well including the Who's Who directory and updates on it. I hope that you enjoy the program as much as I have bringing it to you, and welcome Blue Streak Radio to the program. They'll air this program on Friday morning Central time. Thanks so much for having an interest on the program.

Hello folks, we're releasing two podcasts on the same day on two different set of subjects. This one, the security box. I hope you all enjoy the program, and below, please find the show notes! Hello everyone, welcome to podcast 91. We're dealing with the teenage hacker in two different articles. As I've determined, there is only one article on the advanced persistent teenager which can also be labeled APT. The first article we're covering is: A Closer Look at the LAPSUS$ Data Extortion Group which was read all the way back near the end of March. This will then lead us in to our other article The Original APT: Advanced Persistent Teenagers which was also good and in depth. I got confused by headings, but this article is only one article part long. We'll also be taking any comments and questions from the audience on Clubhouse and we'll see what else we have to offer. Make sure you check the blog for continuing article writing, we continue to post stuff although there was a lapse of posting lately, but it hasn't been that long. Thanks so much for listening and enjoy the program!

I'm looking to bring back the tech podcast after some time. On this podcast, we've got Michael in Tennessee. Here areh the notes from this program. Hello folks, welcome to the tech podcast. Its been quite awhile since we've done a tech podcast, but its appropriate seeing how the Security Box ran almost 3 and a half hours. Today on the first tech podcast since 2021, we're going to have Michael in Tennessee talking about some of the security landscape and what he's read of late. Lots to talk about and maybe there might be some solutions that people can think about here too. The program is over 1 and a half hours and I'm glad I did it this way. I'll be looking at releasing some more stuff soon! Thanks for reading, listening and finding what we have to say of value.

I thought the podcast was uploaded here, but I uploaded it to my other feed. Sorry about that folks! Here are the show notes. Hello everyone, welcome to podcast 90. On this edition of the podcast, we're going to have our main topic on Millions of Android users should delete these 11 apps after Google kicked them out of the Play Store which is an article talking about 11 different applications that we need to be aware of that may have been causing harm. I'd say that IOS users like myself should be aware of these in case these apps make it to the app store and we get messages from places to download them as well. Besides that, we'll have anything that comes from the community on things they want to talk about and I even think I can do my intros a little bit differently. I hope that you all enjoy the program and thanks for listening! If you go to the blog and you don't see it in RSS, please contact me so I can fix it quicker. Thanks.

Hello folks, I thought I uploaded the show from Thursday, sorry about that. Notes are below. Hello folks, on today's podcast, we're going to cover Explaining Spring4Shell: The Internet security disaster that wasn’t as our main topic. We will cover some of the other landscape as well as any other topics the public has to offer. Note that today's program was done on Thursday to account for an event I attended the day before. We should be able to return to a Wednesday schedule next week. Enjoy the program and thanks so much for listening!

Happy Thursday! The podcast file was created yesterday, but we're relasing now. I hope you enjoy the program and thanks for listening! The Internet is a complex thing. There are different types of internet connections, some are most common than others, but all are important. In a recent article I spotted, the connection known as Sattelite Internet was targeted apparently by Russia, but that is not confirmed. The article is titled A mysterious satellite hack has victims far beyond Ukraine. We'll also have other topics that might be of interest and we'll see what others have to say as well. Thanks so much for listening and enjoying the program!

Hello folks, welcome to podcast 87 of the security box. On this podcast, we talk about a wide range of topics, but we also talk about a three part article set dealing with SMS services that can be used to sign you, the consumer up for services that you may not even know about or even want. While the applications discussed here are potentially Android based, we need everyone to know what is out there in case something is developed for IOS or any other system you may use. Below, please find the links to the articles we are going to be taking from as part of this discussion. SMS PVA Part 1: Underground Service for Cybercriminals SMS PVA Part 2: Underground Service for Cybercriminals SMS PVA Part 3: Countries Most Impacted by Service What caught me on wanting to talk about this is the fact that the United States is affected by this, although we don't know by how much. Understand that I think everyone should be aware of what is out there, and hopefully the articles and information can give you a sense on how you can stay as safe as possible. Thanks for listening, reading and participating in this important topic.

Welcome to podcast 86. On this podcast, we'll cover Windows Update. I only have one article now instead of the two, so we'll have to see how I can get the other back. Besides that, we'll have comments from the Clubhouse room and other topics they may want to bring up. Microsoft Patch Tuesday, March 2022 Edition Krebs On Security I hope you'll enjoy the program as much as I am bringing it to you.

Today, the Security box takes a break from day to day activity although we've covered some scam type activities and even went through how I got started in this industry and how I think information can be given out successfully. We also have some tracks that play as well. The program lasts almost 3 and a half hours, and I hope you enjoy it. I even talk about why we've temporarily retired the normal theme we use for the program. Check the blog for complete details on things that may have been mentioned.

Russia is the hot topic right now, and with good reason. On this podcast, we'll talk a little bit about what we've learned, talk about the scams, recommend books and more. Here are the complete show notes for this week's podcast. Welcome to podcast 84 of the security box. This time, let's discuss Russia's involvement in pure problems. Now, they have decided to go to war, and its against Ukraine. They've been known to do DDOS attacks, ransomware attacks, spreading information that is not true or partially true or even completely false, denying many different things through the years ike the 2016 and 2020 presidential campaigns, and even more may be in the pipeline. Below, please find links to some of the recent blog posts that I've done since the war started. In no way am I linking to everything, but you need to understand what's going on so you can make the most informed decision on your needs based on what is actually happening. McDonalds apparently hacked? Russia has started going after U.S. businesses Conti supports Russia, threatens retaliation Ukrainian officials warn of new phishing attacks Russia VS Ukraine, could it affect us? Info from Kim Komando’s Weekend Newsletters The war starts with DDOS attacks against Ukraine, this is the beginning of things Russia and Ukraine, the battle has begun Cyber Security Experts weigh in on the war on Ukraine I put the link to the video last, because while informative, we know that things are changing rapidly. I put McDonalds first because it was the last we posted and most viewed on linkedin. It got a retweet in France according to a comment. What should you read? There are several books you can definitely read. Zero Day: A Novel Rogue Code: A Novel Trojan Horse: A Novel All of these books are written by Mark Russinovich , someone who works at Microsoft. To learn more about Mark, the various books he's written including those I've linked in these notes, please visit zero day the book which is his web site. All books linked from his site I've read, zero day may be more of what we're dealing with possibly right now. Some books may be available through NLS's bard and Amazon as well as Apple Books.

Hello folks, This is Jared here, and its time for another Security Box. In this almost three hour program, we cover the olden days of Spam and what someone was seeing during our live program. Besides that, we've got Trick Bot and Sim Swapping as our two main topics. Here are the show notes with links, and we'll be back on another show! Hello folks, welcome to podcast 83. Let's start with something that came to my attention on Monday. Let's recap a little bit about Sim Swapping. This actually came up on Monday when someone who comes to assist me was saying to me that someone they knew had their phone cloned. They told me that T-Mobile, the company they were with, told them the phone was cloned. As we know, T-Mobile was breached, and I don't know about you, but I definitely don't trust them. Remember the following? Are you a T-Mobile customer? Better pay attention to this Are you a T-mobile customer? Better read this one Another t-mobile breach, the 4th in several years Remember too, that Podcast 47 covered this in news notes and comments came in too. So there is plenty I covered. Please also read SIM swap scam from Wikipedia. As our main topic, I want to catch people up on what is going on with Trick Bot. The article TrickBot developers continue to refine the malware's sneakiness and power from Cyberscoop will be used in this discussion. The public on Clubhouse got in to a Spam discussion with one talking about the spam messages they were getting. While educational, we did some good laughs in this program and we thank everyone for participating on clubhouse's platform. Tunes were also played during the program. We thank you so much for listening and make it a great day!

I ended up falling sick, sorry for the delayed release of Wednesdays program. I'll be fine and have already started the process of getting medicated. This past Wednesday, we had several people on Clubhouse and we talked about Windows Update and a bunch of other stuff too. Here are the show notes. Hello everyone! Welcome to podcast 82 of the Security Box. This week, we'll catch up on Windows Update, and we will also cover a lot of other stuff from the blog as well. We'll also see what else the listenership and participents in Clubhouse want to talk about. What happened in Windows Update? Our good buddy Brian Krebs from Krebs on Security has the full details. Microsoft Patch Tuesday, February 2022 Edition is the article. Lots of linked material that we links to some CVE numbers if you're interested.

Title: Fake Investor does not go away, Fake investor is back and still the same Hello folks, welcome to podcast 81 of the Security Box! It seems like its time for an update on a very interesting character isn't it? Its time for another update on the fake investor we've covered since podcast 10. I know that I've linked somewhere on the blog all of the podcasts we've covered John Bernard, and this is going to be one of those podcasts. What has he done lately? This article titled Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams from Krebs on Security has the entire details on what he has been up to now and a reminder of his past. Besides all of this, we'll step through the news that has been posted to the TSB list as well as on our blog. We also had a new person come in and aask some stuff they've heard and we debunk the myths and facts of everything. Want to subscribe to the Security Box discussion list? We'll post stuff we're reading, you can discuss it with us, and even post your own stuff too. Here is a link to the Security Box discussion list hosted through 986themix. Just put your email address and name if you wish, and hit that subscribe button. Follow any email instructions you get. Just subscribing will not get you on by default. Confirmations last about 3 days. I hope you enjoy the program as much as I am bringing it to you! Its going to be a great show.

Welcome to podcast 80 of the Security box. On this edition, let's talk about Wordpress. While it is a good platform for people to use for web sites and even blogging as I do, it can come with risks we need to be aware of. Part of those risks include keeping it up to date and of course the plug ins you install. A lot of plugins can be found through the install section of your plug ins management facility, but you can also install plugins manually. The article we're going to cover today comes to us from Ars Technica and was sent by our godd friend, Michael. Supply chain attack used legitimate WordPress add-ons to backdoor sites is the article. I hope that you find the discussion of interest, and if you saw the write up, you found it of value. We'll also touch on other things blogged as well as ask any audience members what they learned and/or read during our discussion today. Remember, you can always contact me through the tech blog or even through the show's contact info as well. Thanks so much for listening, and make it a great day!

Welcome to the security box, podcast 79. I probably am not surprised really about what we're going to talk about, and it was talked about on Throwback Saturday Night's security segment. Now, we're going to take our time on it, because I feel we need to. What are we talking about you might ask? Toronto lab finds security vulnerabilities, censorship framework in Olympic app is an article talking about the olympics and a new app the IOC basically says is completely safe to use. Researchers are saying differently, and one major problem that two of us see brings this to full circle. I'd like to thank DJ Terry of The Mix for calling and asking about this after he heard very little on his news channel. With the games so close away now, this is the perfect time for someone to take advantage and do something they think is a good idea to do in their mind. Thanks for listening whether live or through the podcast or replay, and we'll catch up with you very soon!

The Security box, podcast 78: Windows Update includes a Wormable Flaw Welcome to podcast 78 of the Security Box. As we do typically on the podcast, we spend some time catching people up on what has been going on in Redmond, Washington with Windows Update. We've only got one article, however, News of the week for January 14th has the other article. ‘Wormable’ Flaw Leads January 2022 Patch Tuesday comes to us from Krebs on Security, and it covers this huge problem and others across Redmond and others too. Please feel free to send your messages, topics and the like for consideration. Thanks for listening!

I realized I said podcast 75 at some point in my audio, this is podcast 77. Too late for me to change it however. Below is the notations which include a link to today's program. We return to a Wednesday schedule next week. Hello folks, welcome to the security box, podcast 77. Google fixes nightmare Android bug that stopped user from calling 911 is our main topic of today's program, but I also cover other tech and other odds and ends too. We did have one guest available to chat with us, and we thank them for coming. We hope you enjoy the program and the few tracks at the end, and thanks so much for listening!

Welcome to the Security box, podcast 76. On this podcast, we're going to talk about advertisers who are sucking up student data, even though legal action was taken. We'll also have comments and news items from the public if any, maybe some other topics if it turns in to one, and we'll see what else comes up. Topic Advertisers are sucking up student data, even after legal action, researchers say Cyberscoop

Besides the hour plus discussion we had, we've got music too for the holiday. Hope you have a happy holiday season. No TSB next week unless something breaks, see you in 2022! Welcome to the Security Box, podcast 75. On this edition of the podcast, come with me as we do a little predicting for 2022 with a Trend Micro article titled Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022. We'll also have thoughts on recent news read, and its been decided that the full news notes segment will be no more in favor of topics that need discussion. This doesn't mean that we won't cover news, but we'll cover it a little differently. Topic Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022 Trend Micro

Hello folks, This is still developing and there are more articles than listed here. We'll provide the show notes as is, and check the blog and future podcasts for more. Thanks so much for listening! Welcome to the Security Box, podcast 74. On this podcast, something breaking this week called Log4j. We'll break down three different articles that talk about this. Instead of me doing news notes, we'll ask listeners if they have any thoughts on what they have read. There may be questions, comments and other topics not mentioned here for you to enjoy too. Topic Log4J CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices Cyberscoop CISA to brief critical infrastructure companies about urgent new Log4j vulnerability Cyberscoop Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited Trend Micro

Hello folks, welcome to the security box, podcast 73. On this podcast, plenty of news notes and a very interesting topic dealing with AT&T and appliances that are made to bridge the gap between the ISP and the managing of phone calls, conference video systems and similar real-time applications. We hope that you'll enjoy the program and thanks for listening! Topic Business customers need to be aware if they use AT&T products of potential malware. Thousands of AT&T customers in the US infected by new data-stealing malware Ars Technica News Notes Here are the links to News Notes. Some may be blogged already through the blog, so see if there is something that interests you. There are two articles here talking about the same thing. This is a very interesting story about a guy that worked for Ubiquiti until he was recently arrested. Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” from Krebs on Security and Former Ubiquiti employee charged with stealing data, extorting employer from Cyberscoop are the two articles. They both are similar, but both worth the read. US hacker jailed for role in multimillion-dollar SIM swapping campaign Tech Crunch Is the UK government’s new IoT cybersecurity bill fit for purpose? Tech Crunch Ransomware attack on Planned Parenthood steals data of 400,000 patients Ars Technica Emails show what happened before Missouri gov. falsely called journalist a “hacker” Ars Technica Please enjoy the program and thanks so much for listening.

Welcome to the security box, podcast 72. On this program, we're going to play with Linux a little bit as we discuss a vulnerability in the way it works as it can cause DNS cache poisoning. We'll also have news, notes, commentary and more if people have things they want to share. Our Linux Vulnerability Linux has a serious security problem that once again enables DNS cache poisoning Ars Technica News Notes The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back Krebs On Security Tech CEO Pleads to Wire Fraud in IP Address Scheme Krebs On Security SMS About Bank Fraud as a Pretext for Voice Phishing Krebs On Security Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny Cyberscoop Apple sues NSO Group, spyware vendor known for helping governments hack critics Cyberscoop More may be on the blog, thanks so much for listening and participating!

Welcome to the Security box, podcast 71. On this podcast, we're going to cover things we did not cover last podcast including windows update and a very interesting report dealing with the threat trends for November 2021. We'll have news notes and plenty of it too. Hope you enjoy the show! Patch Tuesday Microsoft Patch Tuesday, November 2021 Edition Krebs On Security November Continues Streak of Quiet Patch Tuesdays Trend Micro Threat trends and intelligence report new-quarterly-threat-trends-intelligence-report-available Phishlabs News Notes Below, please find the links for the news items that are going to be talked about for this week. We may have blog posts on some of these, so make sure you check out the blog for complete details on things and maybe you'll find something you want to comment on. The US closes Huawei loophole, will no longer grant exceptions for ISPs Ars Technica More than 1,000 Android phones found infected by creepy new spyware Ars Technica Malware downloaded from PyPI 41,000 times was surprisingly stealthy Ars Technica US charges Ukrainian and Russian nationals over ransomware attacks Ars Technica US says Iran-backed hackers are now targeting organizations with ransomware Tech Crunch Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating Ars Technica I hope you enjoy the program, we'll have more news notes and another great program next time. Thanks for listening!

Hello folks, better late than never. We have a full open forum show for TSB for this week. While only two of us in the room, we cover quite a bit of various things. See you next week!

Welcome to the security box, podcast 69. On this edition of the podcast, we turn our attention to another story, bullying over the telephone lines. We have some news, notes and commentary as well, but the bulk of this program is to think about what might go on these lines whether it is one you are on now, or one you've been on. Thanks for listening!

Welcome to the Security Box, podcast 68. On this edition of the program, let's talk about social media and phone line issues as it relates to cyberbullying and other related topics. We'll also have news, notes and more. Social Media discussion In a very interesting turn of events, I wasn't necessarily going to put anything in to this section because I was going to do a full vocal discussion. But when I saw my own digest on my blog, I saw a very interesting post dealing with Social Media and other things related that I'll link here. I'll still do vocal talk with no notations, but this post is worth bringing up. , Don’t miss what’s happening People on Twitter are not the first to know. The Technology blog and Podcast's Shaun Everiss News Notes Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018 Krebs On Security 'Cyber event' knocks dairy giant Schreiber Foods offline amid industry ransomware outbreak Cyberscoop A Russian-speaking ransomware gang says it hacked the National Rifle Association Cyberscoop We hope you enjoy the program, and thanks for listening!

Welcome to Week 4 of NCSAM. This week, we're going to cover protecting your children online. Notations are taken from a presentation I heard about the topic, and I've summarized it to tell possibly some stories that may be similar to something you've heard or seen. We'll also have news, notes and other comments as the program gets started. Protecting Our Children online Protecting your kids online. Including topics like grooming, cyberbullying and more. News Notes The following are some of the items that have been read within the past week. Feel free to read the ones that are of interest to you. FBI, others crush REvil using ransomware gang’s favorite tactic against it Ars Technica PurpleFox Adds New Backdoor That Uses WebSockets Trend Micro Sinclair Broadcast Group suffers ransomware attack, the latest affecting media Cyberscoop Candy corn producer says ransomware incident 'not likely' to sour Halloween supplies Cyberscoop Conti Ransom Gang Starts Selling Access to Victims Krebs On Security I'll try and blog some of this older news we've got, so stay tuned. Hope you enjoy the show!

Welcome to the Security Box, podcast 66. Is 66 a lucky number? T-Mobile and Verizon are in the news with Spam messages, AT&T is in the mix as well in passing, Google is getting in the mix with two-factor authentication on more accounts, as well as news, notes and more. Topics Verizon subscribers are the target of a phishing expedition; do not respond to this text message Phone Arena T-Mobile customers are receiving spam texts possibly related to August's data breach Phone Arena NCSAM Google will enable two-step verification by default on 150 million accounts before year's end Phone Arena News Notes read from around the landscape The following are links to stories that have been read from across the landscape. In October, we do news notes live so that you, the listener, can get a benefit of this being a discussion. If you like the way this is being done, please let us know and I may do it full time. How Coinbase Phishers Steal One-Time Passwords Krebs On Security Some versions of Android share users' personal data with no chance to opt-out Phone Arena US gov’t will slap contractors with civil lawsuits for hiding breaches Ars Technica Millionaire Twitch streamers react to their leaked earnings Ars Technica Hope you all enjoy the program, and thanks for listening!

A few technical issues, but what is a show without those? In this 3 hour episode, we've got quite a lot for you, so sit back and check out the links to the following items for your perusal. Welcome to the Security Box, podcast 65. On this podcast, let's discuss an article we read after the release of last week's program in regards to Twitch and their recent breach we were alerted to during the live taping of the program. After that, we're going to cover more NCSAM and even have some news notes. We'll do news notes the same as we did last week, as it turned in to a lively discussion. I hope you'll enjoy the program, and thanks so much for listening! Breach topics Stolen Twitch source code, creator payment data revealed in apparent data leak Cyberscoop Trolls defaced Twitch's website with pictures of Jeff Bezos, the latest security concern Cyberscoop NCSAM: Scam apps Hundreds of scam apps hit over 10 million Android devices Ars Technica News Notes read from around the landscape Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin Ars Technica Company that routes SMS for all major US carriers was hacked for five years Ars Technica Former TD Bank, Bank of America employee allegedly helped email scammers launder money Cyberscoop Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails Cyberscoop

NCSAM is now in full swing, this week, Are You Cyber Smart? A Checklist from Lastpass will be what you need to look at with 5 great tips and things that might be of interest to you. In my writeup of this, I talked about the Neiman Marcus breach and how people should be aware of it even if they aren't affected. We'll have news, notes and more. Hope you'll enjoy the show! News Notes Police raid in Ukraine results in arrests of 2 alleged ransomware hackers Cyberscoop The Rise of One-Time Password Interception Bots Krebs On Security Thanks so much for reading and participating in the show!

Welcome to podcast number 63 of the Security Box series. On this podcast, come and learn about the password trends of 2021, thanks to lastpass's article. Next, a 5.9 million dollar ransomware paid by a farming co-op and a very interesting discussion I heard recently about this. We'll definitely have some news and notes from around the landscape, and even some commentary from any guests that participated through Clubhouse on the live program as well as anyone else through email, imessage and other contact points. Topics New Report: 2021 Psychology of Passwords Lastpass $5.9 million ransomware attack on farming co-op may cause food shortage Ars Technica ">Phone scammers use COVID-19 vaccine appointments to try tricking victims into downloading malware Cyberscoop Nation-state espionage group breaches Alaska Department of Health Ars Technica Hackers are using CAPTCHA techniques to scam email users Cyberscoop Apple users warned: Clicking this attachment will take over your macOS Ars Technica Thanks so much for listening to today's program, and we'll be back for a month of NCSAM. Enjoy!

Welcome to the Security box, program number 62. &nbsp;On this program, we're going to cover Windows Update as well as a very interesting article from Krebs about a new botnet that seems to have done quite a bit of damage. &nbsp;It is an IOT botnet called Meris. &nbsp;We'll also have news, notes and lots more. &lt;h3&gt; Windows Update &lt;/h3&gt; There are the usual two articles on Windows Update. &nbsp;This time, Krebs has quite a bit on these updates while Trend Micro covers the highlights but also gives some info of value too. &nbsp;They're both good for their reasons, so read them both. &lt;ul title="windows update"&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/microsoft-patch-tuesday-september-2021-edition/"&gt;Microsoft Patch Tuesday, September 2021 Edition &lt;/a&gt; Krebs on Security &lt;/li&gt; &lt;li&gt; &lt;a href="https://www.trendmicro.com/en_us/research/21/i/september-patch-tuesday--66-bulletins--only-3-critical.html"&gt;September Patch Tuesday: 66 Bulletins, Only 3 Critical &lt;/a&gt; Trend Micro &lt;/li&gt; &lt;/ul&gt; &lt;h3&gt; Meris &lt;/h3&gt; There is one article which we're taking from for this one, but did you listen to podcast 836? &lt;ul title="Meris Botnet"&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/"&gt;KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” &lt;/a&gt; Krebs On Security &lt;/li&gt; &lt;/ul&gt; &lt;h3&gt; News Notes &lt;/h3&gt; &lt;ul title="news notes"&gt; &lt;li&gt; &lt;a href="https://arstechnica.com/?p=1794117"&gt;Security researchers at Wiz discover another major Azure vulnerability &lt;/a&gt; Ars Technica &lt;/li&gt; &lt;li&gt; &lt;a href="https://arstechnica.com/?p=1794411"&gt;Apple patches “FORCEDENTRY” zero-day exploited by Pegasus spyware &lt;/a&gt; &nbsp;Ars Technica &lt;/li&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/trial-ends-in-guilty-verdict-for-ddos-for-hire-boss/"&gt;Trial Ends in Guilty Verdict for DDoS-for-Hire Boss &lt;/a&gt; Krebs On Security &lt;/li&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/"&gt;Customer Care Giant TTEC Hit By Ransomware &lt;/a&gt; Krebs On Security &lt;/li&gt; &lt;/ul&gt; I hope you enjoy the program and thanks so much for listening!

Scott Schober is on Clubhouse, and he invited me over to his club which talks about cyber security topics. Here is a link to his Cyber Security club where members can join the conversation. The discussion started with whether we've gotten the vaccine or not, whether restaurants and other places are collecting that data let alone securely, and more. I decided to join the stage and while I applauded the conversation about covid-19 vaccines, what aout other problems we're still dealing with lik the open databases problem? Take a listen to this, and let's discuss whether I'm right, or whether we need to be concerned about this. I'll have more talks soon. Scott Schober's web site

Welcome to the Security Box, podcast 61. &nbsp;On this podcast, let's discuss the updates on CSAM as it pertains to Apple. &nbsp;We'll have news, notes and more. &nbsp; &lt;h3&gt; Topics &lt;/h3&gt; &lt;ul title="topics"&gt; &lt;li&gt; &lt;a href="https://www.cyberscoop.com/apple-child-sex-abuse-imagery-delay-privacy/"&gt;Under fire from privacy advocates, Apple delays controversial photo scanning plan &lt;/a&gt; Cyberscoop &lt;/li&gt; &lt;/ul&gt; &lt;h3&gt; News Notes &lt;/h3&gt; &lt;ul title="News Notes"&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/fudco-spam-empire-tied-to-pakistani-software-firm/"&gt;“FudCo” Spam Empire Tied to Pakistani Software Firm &lt;/a&gt; Krebs On Security &lt;/li&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/15-year-old-malware-proxy-network-vip72-goes-dark/"&gt;15-Year-Old Malware Proxy Network VIP72 Goes Dark &lt;/a&gt; Krebs on Security &lt;/li&gt; &lt;li&gt; &lt;a href="https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/"&gt;Microsoft: Attackers Exploiting Windows Zero-Day Flaw &lt;/a&gt; Krebs on Security &lt;/li&gt; &lt;li&gt; &lt;a href="https://www.cyberscoop.com/irs-ukraine-scammer-vape-store-receipts/"&gt;IRS used vape store receipts to gather evidence against alleged Ukrainian scammer &lt;/a&gt; Cyberscoop &lt;/li&gt; &lt;/ul&gt;

The Security box, podcast 60: The Security Landscape as a whole from broadcasting software and web site services to T-Mobile's Fiasco What has changed on the security landscape? We learn about T-Mobile's recent failure, and even web sites are braught up as well as broadcasting software among other things. This turned out to be a very interesting show. What do you think has changed? What have we done wrong? What do you think it'll take to fix it if it can be fixed at all? No news notes this week, but they'll be back next week.

Hello folks, welcome to the Security box, podcast 59. On this edition of the program we have two different prerecorded segments for you. First, we interview Scott Schober of Berkeley Varitronics Systems, Inc. He's written various books which we talk about, as well as some of what is going on in the security landscape. Next, we have a talk that was done by Phishlabs, who did the Quarter 2 Phishing Trends report. To top it all off, we'll have news and notes from around the landscape as well as questions and comments after each segment if any. > BV Systems Scott's Web Site new-quarterly-threat-trends-intelligence-report-now-available Phishlabs News Notes from around the web FBI warns that Hive ransomware hackers are calling victims by phone Cyberscoop What the Norton-Avast Merger Means for Cybersecurity Trend Micro FCC proposes record $5 million robocall fine for voter suppression scam Cyberscoop Poly Network fully recovers assets stolen in unusual $600M cryptocurrency hack Cyberscoop Microsoft Azure vulnerability exposed thousands of cloud databases Cyberscoop Scammers impersonate Europol chief in an effort to defraud Belgians Cyberscoop Thanks for listening!

The Security Box, podcast 58: What's the matter with T-mobile? Why are system failures on the rise? News Notes and More Hello Everyone, welcome to the Security Box, podcast 58. Question: what the hell is going on with T-Mobile and their inconsistancies of containing breaches and lying about what they were going to do when they were granted the murger with Sprint? Who is ENISA and why are they saying that system failures are on the rise? Finally, what is the Chaos Ransomware and why could it have impacts beyond a proof of concept? We explore all of these topics, as well as news and notes from around the landscape on this edition of the podcast. Fasten your seatbelts! T-Mobile Here are the articles read that deal with T-Mobile to date. We're still learning more and nothing is very clear yet. The investigation continues. T-Mobile apparently lied to government to get Sprint merger approval, ruling says Ars Technica Hackers who breached T-Mobile stole personal data for ~49 million accounts Ars Technica T-Mobile investigates potentially massive breach of consumer data Cyberscoop T-Mobile Investigating Claims of Massive Data Breach Krebs On Security T-Mobile: Breach Exposed SSN/DOB of 40M+ People Krebs On Security T-Mobile confirms breach of more than 8 million customers' data Cyberscoop Other Topics Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications Trend Micro ENISA says System Failure is on the Rise Trend Micro News Notes from around the landscape New York man sentenced to 3 years for stealing students' nude photos after hacking their accounts Cyberscoop Researchers nab wannabe ransomware scammer trying to convince victims to help hack their employer Cyberscoop Ohio man pleads guilty to role in $300-million cryptocurrency laundering service Cyberscoop Japan's Tokio Marine is the latest insurer to be victimized by ransomware Cyberscoop Mandiant, CISA urge ThroughTrek customers to fix software bug in millions of baby monitors, cameras Cyberscoop End of notes

Originally released on August 11th, we found out that I put it up in download form but not RSS. Sorry about that! Welcome to the security box, podcast 56. Two comments will start us off as someone commented on the replay of our show from last week. Both are good comments worth bringing up. Next, we've got a topic that might be of interest talking about the lifecycle of a breached database. Next, let's find out how the government is doing with their Cyber Security. What did the senate report find? Find out in our second topic. We'll have news notes and commentary as well. Topics The Life Cycle of a Breached Database Krebs on Security Federal agencies are failing to protect sensitive data, Senate report finds from Cyberscoop and The State Department and 3 other US agencies earn a D for cybersecurity from Ars Technica go hand in hand. Both articles are good, but ars has a very interesting table and other stuff too. News Notes read from around the landscape Google Play Protect fails Android security tests once more Bleeping Computer A US official explains why the White House decided not to ban ransomware payments Cyberscoop Cyberattack knocks Italian vaccine registration portal offline Cyberscoop Facebook stops NYU researchers from examining misinformation, is criticized for 'silencing' transparency efforts Cyberscoop Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records Cyberscoop Criminals are using call centers to spread ransomware in a crafty scheme Cyberscoop There is more news, but this is some of what we've read throughout the past week. I'll be blogging some more news, and of course, the list will have plenty more. End of program

Welcome to the security box, podcast 57. We have three topics for you today, and I hope that you will enjoy them. The first topic for this podcast will be talking about the name game of the ransomware gangs we have out there. The second topic which was totally forgotten is of course Windows Update and what is happening with that operating system. Finally, probably the most contravercial topic we have to date, Apple and how they're handling the images that people may have that are backed up in to icloud that deal with children and the potential of abusive images of a sexual nature. We will also have news notes and commentary as well, buckle up as you don't know what'll happen with these topics! The program may contain adult content, and listener disgression is advised. Topics Ransomware Gangs and the Name Game Distraction Krebs On Security Windows Update August Patch Tuesday: A Quiet Month for Microsoft Trend Micro Microsoft Patch Tuesday, August 2021 Edition Krebs On Security Apple says it will refuse gov’t demands to expand photo-scanning beyond CSAM Ars Technica News and Notes from around the landscape The following are items that will be linked here and discussed in news notes for this week. There may be items that are not article related that may not be shown here in the notes. Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants Cyberscoop Phishing Sites Targeting Scammers and Thieves Krebs On Security Four years after FBI shut it down, AlphaBay dark web marketplace claims it's back in business Cyberscoop European police round up 23 suspected scammers accused of $1.2 million fraud Cyberscoop Two members of QQAAZZ, which laundered funds from cybercrime, plead guilty Cyberscoop Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Trend Micro Hospitals hamstrung by ransomware are turning away patients Ars Technica There may be more, please check out our blog and email list for more. Thanks for reading and listening to our show!

Welcome to the security box, podcast 55. On this edition of the podcast we've got two Sans News Bites headlines, topics including a very interesting story on someone named "PlugwalkJoe" I.E. Joseph O'Connor, a topic on a new ransomware gang called Black Matter, and we've also got several news items including one that isn't an article but intrigued me when listening to the TWIT network. All of this plus anyone who had questions, comments or took part in the discussion, as podcast 55 gets started. Topics Here are the topics for today. PlugwalkJoe Does the Perp Walk Krebs on Security Threat intel firms suggest ransomware gang 'BlackMatter' has ties to DarkSide, REvil hackers Cyberscoop Sans News Bites These are the Sans Newsletters that have been read. Links to them are also on the blog. Sans News Bites July 27, 2021              Vol. 23, Num. 058 Sans Institute Sans News bites for July 30, 2021 Sans Institute News Notes read from the web Software downloaded 30,000 times from PyPI ransacked developers’ machines Ars Technica Feds list the top 30 most exploited vulnerabilities. Many are years old Ars Technica New bank-fraud malware called Vultur infects thousands of devices Ars Technica FTC's right-to-repair ruling is a small step for security researchers, giant leap for DIY hackers Cyberscoop End of program

Hello Everyone! Welcome to podcast 54 of the Security Box. On this edition of the program, learn about Windows 11, the latest Microsoft operating system and what scammers are doing to monitize even while this version is still in beta. Next, come with us and learn about the latest in the average ransomware payments as it looks like they are declining, for now. We'll have news, notes, hopefully calls with questions or discussion throughout. If you want to leave feedback and you're listening through the podcast, call 602-887-5198 or email, imessage, whats app, or text your thoughts. The lines of communication are given throughout and I welcome what you have to say. Topics Here are the topics for today's program. Scammers are using fake Microsoft 11 installers to spread malware Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says Cyberscoop Sans News Bites Here are links to Sans News Bites, a newsletter by Sans Institute. While we may cover some of the items in these newsletters, you should read these to determine if something affects you. Sans News Bites for June 20, 2021 Sans News Bites Sans News bites for July 23, 2021 Sans Institute News that have been read from around the web The following is news that have been read from arount the web. Some may be blogged, some may not have been blogged. Serial Swatter Who Caused Death Gets Five Years in Prison Krebs on Security Spam Kingpin Peter Levashov Gets Time Served Krebs On Security Dutch police bust alleged 'Fraud Family' phishing service members Cyberscoop Kaseya obtains decryption key for victims of massive ransomware attack Cyberscoop An explosive spyware report shows limits of iOS, Android security Ars Technica We hope you enjoy the program as much as we have bringing it together for you!

Hello everyone, welcome to the security box, podcast 53. On this edition, we'll be talking about some of the things that articles talk about in regards to Windows Update that came out the week of July 16, 2021. Seems like we had good success with last week where we opened the phone lines for others to participate in an open forum, so we'll do that again and see what happens and if people participate or not. You can always comment after the fact by calling our voice mail line at 602-887-5198 and letting me know you want your comments aired. We'll also have some news notes and maybe a discussion on those as well. Windows Update Here are the articles that deal with Windows Update. One is by Trend Micro and one is done by Brian Krebs from Krebs on Security. July Patch Tuesday: DNS Server, Exchange Server Vulnerabilities Cause Problems Trend Micro Microsoft Patch Tuesday, July 2021 Edition Krebs on Security Sans News bites Sans News bites for July 15, 2021 Sans Institute News Notes from around the web > REvil ransomware gang sites go dark, for reasons that remain unclear Cyberscoop Senate confirms former White House, NSA official Jen Easterly as CISA director after delay Cyberscoop Facebook catches Iranian spies catfishing US military targets Ars Technica Morgan Stanley discloses data breach that resulted from Accellion FTA hacks Ars Technica day gave Chinese hackers privileged access to customer servers Hackers IDed Ars Technica

Welcome to the security box, podcast 52. On this podcast, let's talk about the water supply hacks and the growing threat of them through the help of an interesting article by Last Pass. After that, we'll see if people partook in an open forum of topics they want to talk about and of course news, notes and highlights from the landscape that have been read. Topic: The Water Supply and the landscape The Growing Threat of Water Supply Hacks Trend Micro News Notes Below, find links to items that are of interest we've read from around the landscape. Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax Krebs on Security 25 bogus Google Play store apps promised to mine cryptocurrency for a fee, scamming wannabe investors Cyberscoop Malware spammers aim to leverage Kaseya ransomware drama in email campaign Cyberscoop Report: iCloud+ Private Relay could spell the end of iOS ad fingerprinting But it isn't perfect imore.com

Hello folks, welcome to the security box, podcast 51. On this edition of the program, we continue with Phishlabs and their q1 Phishing and intellegence report talking about Top Level Domains and certificate abuse. Next, Michael in Tennessee sent me an article talking about one email which exposed hundreds of email addresses. We'll also have news and notes, people can call and comment as usual, and we'll see where the show takes us. Topics Breaking Down Phishing Site TLDs and Certificate Abuse in Q1 Phishlabs An email sent by One Medical exposed hundreds of customers’ email addresses Tech Crunch News Notes International cops seize DoubleVPN, a service allegedly meant to shield ransomware attacks from investigators Cyberscoop Another 0-Day Looms for Many Western Digital Users Krebs on Security DOJ files 7 new charges against alleged Capital One hacker Tech Crunch US hits anti-robocall milestone but annoying calls won’t stop any time soon Ars Technica Kaseya hit with suspected cyberattack, raising fears of major supply chain incident Cyberscoop Chinese hackers suspected of using Dropbox to snoop on Afghan officials Cyberscoop We Infiltrated a Counterfeit Check Ring! Now What? Krebs On Security We hope you enjoy the program!

Welcome to the security box, podcast 50. On the big 50th episode, we've got quite a bit of news notes to cover this week. Besides that, we're continuing with Phishlabs and their ongoing rundown of the Q1 Intelligence Report, this time, talking about free tools and their abuse. We hope that users find this of interest like I did. Of course, the lines of communication are always open whether on the show or podcast. Topic: 62% of Phishing Sites Abuse Free Tools or Services Phishlabs Sans News Bites Sans News Bites for June 25th, 2021 covers tons of stuff including Del, Vmware and more News Notes MyBook Users Urged to Unplug Devices from Internet Krebs on Security “I’m totally screwed.” WD My Book Live users wake up to find their data deleted Ars Technica Hackers are using bootleg copies of 'Grand Theft Auto V' game to mine Monero Cyberscoop Tulsa police say 18,000 files are leaked after Conti ransomware hack Cyberscoop NFC flaws let researchers hack an ATM by waving a phone Ars Technica via Wired John McAfee found dead after Spanish court approved extradition to US Cyberscoop Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison Cyberscoop Ukrainian Police Nab Six Tied to CLOP Ransomware Krebs On Security First American Financial Pays Farcical $500K Fine Krebs on Security Russian hackers breached Microsoft customer support to try phishing targets in 36 countries Cyberscoop

Thank you Michael in Tennessee for being our guest throughout the program! We really appreciate it. Welcome to the Security Box, podcast 48. On this edition of the podcast, we've got two topics for you. The first is probably one you can file in the "I can't believe I read this crap" department, while the second deals with Windows Update and what we had to look forward to there. We've got news notes with quite a number of very interesting items, as well as taking your calls, voice messages and stories to boot. Topics Adventures in Contacting the Russian FSB Krebs on Security June Patch Tuesday: Internet Explorer Finally Laid to Rest from Trend Micro and Microsoft Patches Six Zero-Day Security Holes from Krebs should be read for Patch Tuesday. Worth the read as usual. News and notes from around the landscape We may have a lot of the things listed here in articles and commentary on the blog. Feel free to check out the articles and have your voice heard. This is not a drill: VMware vuln with 9.8 severity rating is under attack Ars Technica Trickbot indictment demonstrates how one hacking tool built on older malware Cyberscoop Ransomware hits iConstituent, a service lawmakers use to communicate with voters Cyberscoop Biden revokes TikTok ban, issues new guidance for evaluating foreign apps Cyberscoop 47% Phishing Increase in Q1 Phishlabs blog Unpatched vulnerability in Samsung phones could let hackers read your messages Phone Arena MoviePass settles with the FTC over exposing private information, misleading consumers Cyberscoop RockYou2021 Breach: How to Keep Your Data Secure Now Lastpass For full show notes including articles we didn't cover but read, check the blog.

Welcome to the security box, podcast 47. On this podcast, we're going to talk about Security. A video which I found on Ted Talk's youtube channel will lead this discussion. We're also going to talk about an article from Lastpass talking about protecting your business from data breach trends. It talks about something we've talked about, supply chain attacks. Speaking of supply chain attacks, Jennifer talks about our top story from our show notes, and we'll address any concerns from that as well. We'll have news, notes, questions, comments and more. Want to leave a message by phone? Call 602-887-5198 to do so. Thanks so much for listening! Topics What do you think when you have Cybersecurity issues that keep croping up? Do you talk about your experience? Better cybersecurity starts with honesty and accountability is a Ted Talk done by Nadya Bartol which I think we need to talk about. Let's do so! Protect Your Business From These Dangerous Data Breach Trends  is a Lastpass article which I think we need to talk about as well. Commentary from our top story from the News Notes program from last week News Notes FBI blames REvil gang for JBS ransomware hack as global meat supplier gets back to work Cyberscoop Fujifilm shuts down computer systems following apparent ransomware intrusion Cyberscoop Vulnerability in VMware product has severity rating of 9.8 out of 10 Ars Technica Q1 2021 Threat Trends & Intelligence Report Phishlabs Q1 2021 Threat Trends & Intelligence Report Phishlabs Latvian national charged with writing notorious Trickbot malware Tokyo Olympics organizers' data swept up in Fujitsu hack: report Cyberscoop SIM swapping victim alleges T-Mobile failed to stop $20,000 cryptocurrency scam Cyberscoop

The Anatomy of an attack has been around for quite awhile. I think its within the last couple of years, and I think it is quite important now more than ever. I talk about what has happened with our staple of the box, and how it was an inbound call that started it, but thats not traditionally the case. Listen to this hour long webinar and let's talk.

Welcome to podcast 46 of the Security Box. On this podcast, Michael in Indiana is along with an update about a company we talked about in News Notes on podcast 39. We've got a topic dealing with a company that has been able to take advantage of the dark marketplace as they dominated this space very quietly since 2018. We've got a topic also on Ransomware forcing a major speaker manufacturer you all may be aware of, Bose. We'll have news, notes, questions, comments and more. During the program, it was announced that we would be switching telephone companies. Our new number is 602-887-5198. 623-263-8934 will give you this new number, probably for several days, but no more than that. Topics How Hydra, a Russian dark net market, made more than $1 billion in 2020 Cyberscoop Ransomware forced Bose systems offline, exposed personal data of 6 former employees Cyberscoop News Notes Shortages loom as ransomware hamstrings the world’s biggest meat producer Ars Technica Have I been Pwned goes open source, gets FBI data feed 9to5mac.com Fighting, screaming as alleged ATM scammer known as ‘The Shark’ is arrested in Mexico from Cyberscoop and Boss of ATM Skimming Syndicate Arrested in Mexico from Krebs on Security are covering the same thing in slightly different contexts. This is big news! Biden signs executive order to strengthen US cybersecurity from Ars Technica and Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber from Cyberscoop are related as Joe Biden seaks money to try and combat the horrific attacks of the past year. Actively exploited macOS 0-day let hackers take screenshots of infected Macs Ars Technica No, it doesn’t just crash Safari. Apple has yet to fix exploitable flaw Ars Technica IN Ars Technica Have something to say? Let's talk! Get in touch. 602-887-5198 or email/imessage/text. The choice is yours.

Topics: 4 vulnerabilities under attack give hackers full control of Android devices Ars Technica Conti ransomware gang victimized US health care, first-responder networks, FBI says Cyber Scoop Irish officials analyze decryption tool as long recovery process from ransomware continues Cyber Scoop News and notes from around the landscape How to Tell a Job Offer from an ID Theft Trap Krebs On Security Recycle Your Phone, Sure, But Maybe Not Your Number Krebs On Security Live Wire is looking at changing telephone companies once again. This is more to benefit callers on the system. If we change companies, the telephone number I've been giving will change. I will announce more if we are changing.

Welcome to the Security box, podcast 44. On this episode of the program, its time to make sure we're all caught up on Windows Update and what may be important to you. Next, we'll talk about a task force that hopes to disrupt ransomware payments. We're not done with Experian yet, and we'll have a things to ponder on this particular article I read about their API which is apparently disabled for at least one vendor. We'll also have news, notes, commentary and questions from listeners if any, and yes, even podcast listeners can join the fun. Podcast listeners can dial 623-263-8934 to leave a voice message, just follow the prompts. Email, Imessage, text and whatsapp are all given throughout the show. Windows Update Windows Update is back, and Microsoft has given us only 54 different patches, but a lot of them are critical. 13 of them were from the ZDI program from Trend Micro. May Patch Tuesday Offers Relative Respite Trend Micro Microsoft Patch Tuesday, May 2021 Edition Things to ponder Looks like Experian is still being talked about. In this Things to Ponder, Experian API Exposed Credit Scores of Most Americans is the article which we'll be picking apart as your things to ponder. A true story of a telephone number not to call and why Jennifer is now along with a very interesting story, with a very interesting twist and yes, it is a true story. A task force that is out there to disrupt ransomware I'm happy to read articles like this one, and I want to talk about it as part of the program. Its not too old, but its something of value to all of us. KrebsOnSecurity has the details. Task Force Seeks to Disrupt Ransomware Payments is the article to read. News Notes Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals Cyberscoop Fintech Startup Offers $500 for Payroll Passwords Krebs on Security A Closer Look at the DarkSide Ransomware Gang Krebs on Security Ransomware Playbook: Defense in Depth Strategies to Minimize Impact Phishlabs DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized Krebs on Security Stop Ransomware Groups Who Weaponize Legitimate Tools Trend Micro Worried About Ransomware? Turn on MFA Last pass

Welcome to the Security box, podcast 43. On this edition of the podcast, we've got two topics. The first talks about a fake vaccine web site that is now shut down, thanks to the US Government. The second topic talks about the Exim 21 bug that recently hit headlines. We'll have news, notes, your questions comments and any catch up from any older podcasts. Topics Feds Shut Down Fake COVID-19 Vaccine Phishing Website Qualys researchers uncover 21 bugs in Exim mail servers > Sans News Bites Sans News Bites for May 7, 2021 'Jugular' of the U.S. fuel pipeline system shuts down after cyberattack Investment Scammer John Davies Reinvents Himself? See podcasts 10, 12 and 14 for other coverage in different aspects whether news notes or full discussions. Florida homecoming queen faces up to 16 years after alleged scheme to hack high school contest Malicious Office 365 Apps Are the Ultimate Insiders We hope you enjoy the program as much as we have bringing it together for you. See you next week!

Welcome to the security box, podcast 42. I think I've got two very interesting topics. One of these topics is the ongoing saga over at Experian. We know they had a big time breach, but do we really know what else is going on at the company? Brian has the entire details. Finally in the topic department, we know Ransomware has taken a big toll during the pandemic and there is no slowing down in that department. According to Cyberscoop, demands are higher by 43 percent so far in 2021. We'll talk about it. I'll also give you some news and notes, although it may be dated. Your questions and comments are always welcome, so please get in touch! I hope you enjoy the program as much as I have putting it together! Topics We used to put all of the notations within the file, but I've decided against that unless people want me to do that. I've heard nothing, so I'm reverting back to linking to the articles, and letting people decide on what interests them. Experian’s Credit Freeze Security is Still a Joke Ransomware demands up by 43% so far in 2021, Coveware says News Notes Sans News bites May 3, 2021 Lots of interesting things including IOS 14.5.1 on the heals of 14.5 fixing a zero day. A Clubhouse bug let people lurk in rooms invisibly

Welcome to the Security Box, podcast 41. On this edition of the podcast, we're going to talk about Ubiquiti and their big time breach, as well as something I recently read from Park Mobile and their potential breach. We'll have news, notes and more. Topics: Whistleblower: Ubiquiti Breach “Catastrophic” Ubiquiti All But Confirms Breach Response Iniquity Both of these articles are from Krebs on Security and while they're a bit old, you can't deny that it is worth talking about. Company aught to be ashamed of themselves. ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users A bit of sad news: :-( Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years. Security Now! researchers know of Dan's discovery of a critical weakness in the DNS servers at the time. He will be missed. News Notes The latest malware hiding in video game cheat codes DeepDotWeb boss pleads guilty to laundering millions Trend Micro + ROS-I: Building a more secure future

Welcome to podcast 40 of the Security Box. On this podcast, we're going to have our main topic that deals with the Windows Updates which you may have been prompted to install. Instead of news notes, I'll pick a few of the articles and we'll see what you think about them as I'll give my thoughts. No full news notes this week, but plenty of content to boot. We hope you enjoy the program, and thanks for listening! April Patch Tuesday Sets Record High for 2021 Microsoft Patch Tuesday, April 2021 Edition As ransomware stalks the manufacturing sector, victims are still keeping quiet For full notations, check the blog. Enjoy!

Welcome to podcast 39 of the Security Box. Looks like we've got commentary from the replay of broadcast 38's airing. We'll answer any questions from those comments if any, as well as talk about yet another story I read afterword in regards to Facebook and why it might be a good idea to remove your telephone number or use something like Google or Text Now as your number instead of your primary one. We'll have news, notes, commentary and more. We hope you enjoy the program as much as I have bringing it to you. Thanks for listening! Topic: More on Facebook, why Brian Krebs deleted his Facebook account In an article that I read on April 7th, Brian goes in to detail on why he eventually deleted his Facebook account sometime in 2020. According to the article, a paragraph says: The phone number associated with my late Facebook account (which I deleted in Jan. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 billion active monthly users. We know that Facebook has never been trustworthy after any type of incident, and I honestly don't believe that Mr. Krebs couldn't be part of the 533 million people affected by the breach. Checking with the site, yours truly isn't effected either, but I honestly wouldn't believe it now-a-day especially since news of this is two years old. The supposed database has been kicking around the Internet Cybercrime community since Last Summer, according to the article. I've never seen any of these databases, and with the massive amounts of databases out there and what they contain, who could confirm every piece of data in it? I like what Have I been Poned and what it is trying to offer, so don't get me wrong when it says that I'm not in there when I put my mobile number in the site to check. We now learn that the database was put up since June 2020 and include names, mobile number, gender, occupation, city, country and marital status. It includes data for 100 different countries and there is a link to a January 2021 twitter post within the article. KrebsOnSecurity goes on to talk about what might happen if someone with malicious intent gets ahold of your mobile number. One of the things that could happen is your phone number changing hands, otherwise known as a Sim-swapping attack. This happens because an employee at the store you got service is tricked in to changing the information to the attacker and you don't find out until you use your phone. Brian talks about how it is probably time to remove your number from services like Facebook once verification of the account is complete. I'm almost tempted on doing this myself. There is a very interesting paragraph in which I got interested in. It says: Why did KrebsOnSecurity delete its Facebook account early last year? Sure, it might have had something to do with the incessant stream of breaches, leaks and privacy betrayals by Facebook over the years. But what really bothered me were the number of people who felt comfortable sharing extraordinarily sensitive information with me on things like Facebook Messenger, all the while expecting that I can vouch for the privacy and security of that message just by virtue of my presence on the platform. We can't vouch for a presence of a sensitive message just because we're on the platform. I've never used Facebook or its messenger client for anything secure anyway, but that paragraph is very important. Are You One of the 533M People Who Got Facebooked? is the question and article title we're talking about in this segment, do read the article. News notes on the blog. Enjoy!

Welcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren't going to do that. Why? It looks like news has gotten about Facebooks's 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We'll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program! Topic: Has Facebook done it again? Michael in Tennessee sent me an article from Phone Scoop, as well as me seeing the article we'll be taking from, which came from Cyberscoop. It looks like Facebook is really paying for a 2019 breach in which 500 plus million people's information including phone number were exposed somehow and later patched by Facebook. The data, which comes from people from over 100 countries, includes users’ phone numbers, email addresses, full names, birthdates and location, among other identifiers, according to Insider, which first "reported the news." The leak, was first reported by Motherboard, according to the article. The only thing that I'm unclear on is the section that talks about the fact that the leak was reported by Motherboard in January. The information was made available by paying a Telegram bot a couple of bucks for the details according to the article. According to the article, Facebook removed the ability of searching people by telephone number after the breach. Facebook will be probed by Ireland, and its unclear if the Unnited States will follow suit by the FTC. The article goes on on what the actors may do with the information now that the information has been made available for free. The website "have I been poned" has been updated by Mr. Troy Hunt with the information that was made available by the breach. For more information and to read the full article, 533 million Facebook users’ personal data leaked online is the article and do read this. News Notes for podcast 38 Office 365 is no stranger to attack. A Phishlabs article talks about the latest threat. This time, actors can mimic websites by using Google's API through Google Ads that allow redirects to whatever they want. The issue with this one is that once you log in, they capture your credentials as well as sending you to your account. For complete information, Breaking Down the Latest O365 Phishing Techniques is the article, which will talk about this entire process. Ubiquiti is back in the news. A post by Krebs on Security talks about the latest drama at the company who now has come out saying that there was a problem. After making a change that forced people to log in to their network, they were later told to reset their passwords because of a "third-party cloud provider" may have been breached. There's more including the very interesting fact that this company should have invalidated all credentials. Ubiquiti All But Confirms Breach Response Iniquity is the article. This is going to get very interesting now. Finally, due to time constraints, I've got some good news I want to pass along. Another web boss now has been pleaded and this guy pleaded guilty. This boss was behind selling heroin, firearms and hacking tools. He pleaded guilty on charges of money laundering. Tal Prihar was captured by French authorities. Read Cyberscoop's article DeepDotWeb boss pleads guilty to laundering millions for more. Thanks so much for listening!

Welcome to the Security Box, podcast 37. On this episode of the program, we're going to talk about something I don't think people know much about dealing with email, verification of domains in the process, the standards of what it is and how it came to be. We will also cover a very interesting webinar that I listened to by Trend Micro that delbt with the security predictions for 2021. We'll also have news, notes, questions, comments and more as the show progresses and the listeners choice on whether they have something to contribute. I hope you enjoy the show as much as I have bringing it together for you, and thanks so much for listening! For full details including links, check out the the blog and thanks for listening!

Welcome to podcast 36 of the security box. &nbsp;On this edition of the program, we'll be talking about password managers. &nbsp;Herbie Allen is along with a Things to Ponder section talking about Scams, one in particular dealing with Amazon. &nbsp;We also have a webinar that will be of interest from F-secure. We'll have news, notes and more. Hope you'll enjoy the program! Full notations willbe provided on the &lt;a href="http://technology.jaredrimer.net"&gt;blog &lt;/a&gt; so check back often for those. Enjoy!

On this edition of the podcast, audio-centric applications like clubhouse. News, notes and more. Read the blog for full notations.

Welcome to podcast 34 of the Security Box. On this edition, we'll pick up where we left off on the Key Logging aspect of our discussion and we'll have news, notes, commentary and more. We also have something from Michael in Tennessee who sent us a video of 12 Android apps you must get rid of. Some of these, are quite interesting. Hope you enjoy the program as much as I am bringing it together for you. News Notes will be on the blog and I did enjoy the program. Hope you do too. See you next week!

On this podcast, we continue where we left off with our Key Logging topic, and we'll also have news, notes, questions, comments and concerns. Hope you'll enjoy the program as much as we have putting it together for you. Topic: Continuing Key Stroke Logging This may take several programs, but we must cover keystroke logging. We take from the Wikipedia page on keystroke logging so you can follow along. Different heading include, but not limited to: application, software based keyloggers, keystroke logging and writing processes, related features, hardware based keyloggers and history. There are 4 different headings for this article and a lot to read. I figured it would be a good discussion to have since it has come up in discussions of other things. I hope you enjoy the discussion as much as I am bringing it to you. There's more, news notes will be posted on the blog for everyone to see what links and items we have. Enjoy the show!

These are the show notes. For full news notes, please check the blog. Welcome to the security box, podcast 32. On this edition of the program, we're going to taolk about keystroke loggers. I found a Wikipedia article which is detailed and there could be a possibility that this goes in to multiple weeks. We'll also have news, notes, questions, comments and even a "things to ponder" segment to boot. Topic, Keystroke logging: This may take several programs, but we must cover keystroke logging. We take from the Wikipedia page on keystroke logging so you can follow along. Different heading include, but not limited to: application, software based keyloggers, keystroke logging and writing processes, related features, hardware based keyloggers and history. There are 4 different headings for this article and a lot to read. I figured it would be a good discussion to have since it has come up in discussions of other things. I hope you enjoy the discussion as much as I am bringing it to you. Things to Ponder During last week's program, we were still learning about the possible issue in a small town in Florida that could've had some serious problems with its water supply if it weren't for a worker noticing something as simple as a mouse moving. In this things to ponder segment, I talk about what we've learned to date, and its quite interesting. To date, I have two sources you can read more, one an article by our good companion Brian Krebs, the other from CISA. You should read them both, and of course listen to what my thoughts are and participate. What’s most interesting about the Florida water system hack? That we heard about it at all. Krebs on Security Alert (AA21-042A) Compromise of U.S. Water Treatment Facility CISA I hope you'll participate in this interesting story.

The show notes are full of links, and those will be posted to the blog as soon as we can. The program only has two tracks at the end, and I'm happy with how it turned out I think. While there were no calls, I know this show will have a lot of info, and the podcast notes will explain things by linking to various things. Welcome to the security box, podcast 31. On this podcast, we're going to continue the discussion of domains with several different things that we couldn't get to from last week. Also, we'll have news, notes, questions, comments and more. I hope you enjoy the program as much as we have putting it together for you. I hope you all enjoy the program, and see you for keyloggers next week.

Welcome to podcast 30 of the Security Box. On this security box podcast, the goal is to talk about domains. We'll talk about what a domain is, how they work, a little bit about the IP system, and some recent news in regards to domains, registration companies, look-alike domains and more. We'll have news, notes, questions, comments and Michael in Tenessee with a segment to boot. For full show notes, check the tech blog. Some tech issues occurred, but the show must go on. Enjoy!

Welcome to podcast 359 of the technology podcast. I'm Jared, and its time to bring you another podcast. Today, we've got something I think you'll be interested in as I talk about something that has been around awhile that seems to be finally dismantled, at least for now. What might that be? Its called Trick Bot. I heard a podcast about it and how it has pretty much fell, but yet, its still around according to an article I'll be talking about and reading later. Next, I talk about Weather Gods. Its one of many different apps on the app store. I posted on the tech blog and on Applevis in regards to this topic, and I chose this app because of my needs, and something I feel isn't fair called double extortion. There is a paid app, and then they want us to pay for a subscription for what I can get for either beta testing, or paying for the subscription. Thoughts are welcome. Finally, could Net Neutrality be coming back? According to a podcast, it might be, and I talk about it here instead of the security box. Contact info is at the end of the program as usual. What to read or listen to: Trickbot may be down, but can we count it out? The Cyber Wire Daily Thanks for listening!

Welcome to the security box, podcast 29. On this episode of the podcast, what seems to be the problem with messaging applications such as Whatsapp, Signal and others when it comes to their security? What do you think of for cloud security for 2021 as the pandemic continues? We'll have news, notes, questions, comments and more including bits from Sans News bites, Trend Micro and more. Topics Security Now episode 802 was released and broadcasted the week of January 19, 2020. On this podcast, are we really concerned about what application we choose to use to message? Steve says that it doesn't honestly matter, as metadata isn't all that big of a deal. Who really cares if phone numbers, time of messages, and even how long audio messages may be? There are apps discussed for more private communication, but metadata doesn't cover the content of the message itself. From Steve's introduction taken from his security now page he writes in part: Then we wrap up by looking at various aspects of the frenzy caused by WhatsApp's quite predictable move to incorporate its users' conversation metadata into Facebook's monetization ecosystem. This segment lasts roughly 20 minutes as I play the segment for all to hear. What do you think about this? What about cloud security for 2021? The Top Worry In Cloud Security for 2021 is the Trend Micro article, and I found a video on their youtube page that seems to voice the article. We'll play this video and we'll discuss. Cloud Dynamics: Top Cloud Security Challenges for 2021 is the video. Your thoughts are welcome. For complete news notes, please see the tech blog for details. Thanks so much for listening!

Welcome to the program. Full news notes will be on the blog, but here are the topics and what is talked about before news notes. Hope you enjoy! Welcome to podcast 28 of the Security Box. On this podcast, a couple of year in review items, news, notes, something called teledildonics or "The Male Chasity Cage" from a recent Security Now podcast, news, notes, questions, comments and more. Topics: Year In Review: Ransomware The Year In Review: How COVID-19 Has Changed Cyber Security Security Now has a segment on something that I really don't understand, but yet, caught my attention. I believe the term used by Steve was Teledildonics. Something we should be concerned about? The Internet of Dongs Covid-19 scam alert on vaccines

Hello folks, welcome to the security box, podcast 27. Trend Micro has a report they do each year talking about the trends of the next year and its worth talking about. Did you know about any of the breaches of the past year? We'll go through that thanks to Solutions Review, as well. We'll have news, notes, commentary and more and even a guest to boot if everything goes well. Thanks so much for listening, and make it a great day! Topics: The Security Predictions from Trend Micro is always something fun to read. We'll talk about some highlights that might be of interest, and of course, we'll take questions and comments in regards to this. You can read the article entitled: Takeaways from Trend Micro's 2021Predictions to learn more. I also posted a blog post with my thoughts on this one, and its available for everyone to read. Are you aware of the biggest breaches of the year? There is a post with videos and text, and we'll talk about this. Ben Canner, a follower of mine on twitter, tweeted out Solutions Review Presents: The Top Data Breaches of 2020 and boy, is it something that I think we should cover. Cyber Wire Daily has what they call Research Saturday. This is a link to January 9th's episode on Emotet and I will be summarizing this as part of this week's program. There is a link to read show notes, and thanks to Overcast for providing a link to the episode, I think its worth sharing. News Notes: I think we're going back to the original format that we started with, its much easier to maintain it that way. If you liked the other format, please let me know. According to Cyberwire Daily, a podcast, President Trump was removed from Twitter for several days, as well as removed from Facebook until he leaves office. The Washinton Post may have an article on this, as they site the post as being where the reports of him being kicked off. The January 7th program talked about the fact President Trump urged people to show their displeasure, although a tweet said to do it peacefully. It made no difference, as people demonstrated and caused problems on January 6th and caused the recount to be delayed. It was resumed later in the evening, and president elect Joe Biden was confirmed. Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says and Facebook, Twitter act on Trump's false messaging after violence at Capitol should be read in regards to the latest on this ordeal. These two articles were read after listening to the podcast. This Week in Security News - Jan 8, 2021 has quite a lot of articles, some of which I had meant to cover but haden't had an opportunity to blog about. Russian man sentenced to 12 years in prison for massive JPMorgan data heist is a bit of good news after a long bout of wondering if we are going to get some good news. While I published some good news recently, 2021 has gotten off to a great start with this one. This J.P. Morgan breach at the time was the biggest to date for that time, but Solar Winds today tops that. This was well orchestrated, and you should read this. There's more, check the blog for complete notes. Enjoy!

The show notes are short for this episode, but the program is not short. I hope you enjoy the program as much as I have. On this edition of the technology podcast, a stripe demo for you on their app. Also, people getting away with blatently violating terms of service. Finally, Dark Net Diaries had an episode on the darknet and someone who got caught in the crosshairs of the law because they baught and sold drugs on the underground. I hope you all enjoy the program. This program lasts 84 minutes. Enjoy!

Welcome to the Security Box for this week. We continue with the breach that is, by catching up with some commentary from Security Now from two episodes. We also have a "things to ponder section" and some News and notes to boot. For full show notes, please go on over to the blog as there may be links to things that might be of interest to you. I hope that you enjoy the program as much as I have putting it together, and I'll see hyou next week! The topic of Shaken and Stir will get its wrapup from podcasts 21 and 23. Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition STIR/SHAKEN Wikipedia This should be the last of this as we don't have far to go with it. There's more, so remember to check the blog!

Welcome to podcast 25 of the security box. This podcast was compiled on Christmas day, but was released on the 30th of December. On it, we go through podcasts 341-357 of tech, playing a few segments which were also covered on this podcast like catphishing, some of the security items throughout the year from the blog, and even other highlights. Highlights the security box and some of what we covered in podcasts including two interviews. This podcast is 167 minutes and is the last of the two podcasts before we resume the first week in January. Hope everyone enjoys the lookback, and thanks for listening!

Welcome to podcast 24 of the security box. This is a full podcast, as we're on a two week break. Here is what we have for the podcast. The biggest item that we have in the podcast is the biggest breach in the Solar Winds feasco. We're still learning, check the blog for more. Here is a blog post to get you started with the whole fiasco, but there is definitely more. Podcasts 333-340 is covered in different segments throughout the year in regards to what has happened throughout the year. We'll continue it next podcast. The podcast is a little over 2 hours including our final track. Thanks so much for listening!

On this edition of the podcast, the final podcast of 2020, we'll demo Weather Underground. I wanted to do two demos, but I think one is enough. I hope you'll enjoy it.Apple Vis has a post in their directory of apps about Weather Underground - Forecast which was written up. While I do like the app, I believe the person writing this has the same points I do. I do find it accurate, but there are definitely some accessibility issues which you'll hear about in the demo.The Security Box will have other podcasted content, so the feed will still be going strong in 2020. On podcast 358, I hope to have another demo of something i learned about, an app that'll assist me with billing credit cards. See you all then!

Welcome to podcast 23 of the security box. Picking up where we leave off, we continue with Shaken/Stir and its discussion from podcast 21. Besides that, we'll go ahead and talk about a company which doesn't really care about the security of its customers. The name has been mentioned in passing, but now its time to talk about some very serious stuff on a podcast. We'll have news, notes, and more. Topic: Shaken/Stir was discussed on podcast 21 of the podcast, and podcast 23 will finish it off. Here are the links, taken from podcast 21's notations. Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition STIR/SHAKEN Wikipedia News Notes and more will be on the blog version of the show notes. This address is given throughout the program. News notes was live. Enjoy today's program!

Welcome to the security box, podcast 22 picking up the podcast with business email compromise. Business Email Compromise (BEC) definition Billion-Dollar Scams: The Numbers Behind Business Email Compromise Besides that, we talk about a couple of people who have been a problem in the phone world, tie it in to phone security, and find out if these guys would be capable of using such tech. Comments also came in about scams when looking for a place to live, and of course some tunes come along with it. Enjoy! Delving into the World of Business Email Compromise (BEC) Business email compromise

The beginning of Shaken and Stir, lots of news items and more. For full show notes, go over to the blog to do some reading of anything that interests you. Welcome to podcast 21 of the security box. This week, I thought it would be interesting to take you through the Shaken and Stir protocol. This protocol is supposed to go through and make sure we get adequate caller ID. Below, please find resources that we found on the Internet for the Shaken and Stir protocol, and I'll be working on braille material so that I have something in writing. We hope that you enjoy the program today. Topic: Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition STIR/SHAKEN Wikipedia For full news notes, go to the blog and we'll continue shaken and stir in two weeks. Enjoy!

Hello Folks, welcome to episode 20 of the technology podcast series known as the Security Box. A few tech issues but we press on. Please check The Blog for complete notations as we have segmented everything. Both Michaels are on with segments, I continue where we left off last week, and we even talk about an email I posted as part of protecting our security even though it is a little unrelated from the main topic. News, notes, and more. I hope you enjoy the program even though there was a few glitches, I still enjoyed the program. See you all next time!

Welcome to the tech podcast. Assignment 19 was a complete fail, and I know that I had a lot of failure but not all was my fault. You can search out this write up on the blog, but I talk about it here. Next, a company may be getting themselves in some trouble Forget going to a hotel … especially since records go back to 2013 … were you effected is the blog post I wrote, are you effected? Next, JFW 2021 and MAC version 11 are out and I taklk about both. Finally, I found some good news in the security field and I even have one more. Finally, a laugh and contact info at the end. Hope that you enjoy the program and I'll see you all later!

We're going to continue the credit card talk next week, but this should get you started. Welcome to podcast 19 of the security box. This week, let's talk about credit cards, PCIDSS, and more. PCI DSS Compliance Guide: UK Costs & Checklist PCI DSS requirements for building and maintaining a secure network and systems The PCI SECURITY web site Payment Card Industry Data Security Standard We're putting the Wikipedia link in for reference. Please do not rely on it alone, as the page talks about a lot of unsourced material. We also posted two of those sources as I liked them, and we'll use one of them to talk about what PCIDSS is, and what is required. News Notes Thinking about getting an Android phone? Think that its security is better than IOS and what it may have to offer? Thats your choice, and we're not going to change your mind. According to an article from the Register, maybe you should think about this again. According to the article, Google is being sued because it is taking a couple hundred MB from you on your cellular data even if the phone is sitting there quietly not being touched. Why? Because Google is preparing potential ads that might be of interest to you after it collects data in the background. The article goes on to say that Google people agree to multiple terms of service, none of which talks about the passive collection of data that has nothing to do with your use. New lawsuit: Why do Android phones mysteriously exchange 260MB a month with Google via cellular data when they're not even in use? is the article, think about this when you decide which operating system you want. This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs has a bunch of items in it, and we'll let you decide what you want to talk about. Other news Looks like we've finally gotten something that might work. After some time, I am now back on MyTelespace, where they have a call in number for callers who do not have the other technology to use. That number is 720-787-1080 and my box number is 8347 over there. Just another option for people to use. Thanks so much for listening, and make it a great day.

The show notes are quite lengthy, so not everything is going to be listed here, but please check the blog under podcasts for the complete notes. Things to ponder Disclaimer: The following are going to be things to ponder. Some things could be posted as a blog post, others are just thoughts based on one topic or another and may not be linked to anything. The opinions expressed are those of the presenter, and may not necessarily be those of the JRN, its staff, providers of software and services, or the like. I got the best email ever. What was so interesting about it was the domain. Normally, I don't comment on Spam, but Just saw the best email ever … in my inbox … domain is relatively new is the blog post. You'll see the domain, as well as my thoughts. I talk about this one. Amazon put a little bit of a scare in me by sending me an OTP when I did not even request one. I did some quick investigating and found I was not compromised, but turn on two factor (2sv) on Saturday, the 7th. I checked my transactions, card history, and other log in activity and didn't find anything suspicious. On podcast 6 of the Security Box, it was discussed that Michael in Tennessee had a security concern about his apartment WIFI setup. He isn't wrong, as on September 7th, he called in to Twit' The Tech Guy and asked Leo. On this podcast, we'll play said segment and play Michael's things to ponder segment as we give an update on the worst security ever. If you want to listen to podcast 6 from August 19, 2020 here's the link to use (162162.33mb) for your enjoyment. Also read the text from tech guy labs, the tech guy: episode 1743. That is only some of what is up, the blog will have more.

Welcome to podcast 17 of the technology series known as the security box. Catch up Michael in Tennessee makes an appearance as he was not able to make it last week. We talk about encryption, the lack there of from the government, and companies in general in the security landscape.We are not pointing our fingers at any one company, but mainly an open discussion. Topics: A subset of apps were targeted in an article that indicates that 76 percent of them have at least one vulnerability or bug. The goal is not to write perfect software, but software that can be fixed within a reasonable time frame. Different types of terms are used within this article, none of which I'm too familiar with, but the article I found quite interesting. It came from the folks at help net security. 76% of applications have at least one security flaw is the article, let us discuss. Trend Micro has a program for free called House Call which is accessible. This was actually talked about this past Thursday with Andy and Josh. In the article Trend Micro HouseCall for Home Networks Trend Micro talks about what they've done with the program and how it can benefit you. URL tracking systems like add words and add cents by Google can be abused just like the URL shorteners before it. How URL Tracking Systems are Abused for Phishing comes from Phishlabs, and its well worth the read. This should probably be talked about, because sites use these services including blindness related sites. Do you think it is time to move away from the services in the name of security? News Notes and more In some good news, we've definitely got some. Two Charged in SIM Swapping, Vishing Scams is the article penned by Mr. Krebs. Maybe this is a start to something, only time will tell what happens. There may be more news that I didn't cover here or on the podcast of the box, let me know what you want covered. Books Due to space limitations, the books section of the show notes can't be reproduced here. The Tech blog will have the entire notations including the books for you to peruse. Thanks so much for listening and contributing!

We've got shorten short notes although detailed. Here goes. Welcome to broadcast 16 of the Security Box. Time to catch up: Jennifer, the staple it seems to this program, comes in with 8 different commentary pieces we'll step through in regards to last week's significant program on privacy, personal information online and the like. We'll see how this segment goes when it comes to whether there needs to be anything else said, or whether it'll speak for itself. Topics: What do you think when it comes to your web host and what they offer? Some web hosts are Windows based, some are linux based, some may have both, and some ... well ... may just not care what they host no matter what the platform. In an article entitled Planetary Reef: Cybercriminal Hosting and Phishing-as-a-Service Threat Actor which comes from Phish Labs, we'll talk about a company that seems to be under multiple names, yet surves up all kinds of things that most web hosts would not tolerate. The group behind Planetary Reef leases IP space from a large reseller. I'm considered a reseller, selling space given to me, but a large reseller may be under a company that they buy their space from each month and they sell it to others. Let's talk about this as there is a history behind the web space market throughout the years. In a related topic I covered and didn't originally cover under the rundown, we talk about this Krebs on Security article QAnon/8Chan Sites Briefly Knocked Offline and tie this and the first article together. Has the Department of Justice not learned anything about why we need security today? I guess they really haven't because a Cyberscoop article entitled DOJ efforts to weaken encryption place national security at risk, congressman says was written by Shannon Vavra and it is quite well written. Rep. Ro Khanna has one message for politicians who continue to suggest technology companies should give law enforcement agencies access to encrypted data: This is a power grab. The U.S. Department of Justice has long called for technology firms to create software that would allow law enforcement agencies to investigate suspects who use encryption to hide illegal behavior. For Khanna, a California Democrat, the tradeoff is too dangerous Most in government do not understand this, and its time that someone really hit the hammer home with this nonsense and lets put it to bed once and for all. News, notes, and more For a complete news notes overview, watch this space on the blog. I may have posted more than what is covered here, and what I do cover is only a few items from the subset of things I thought would be of interest. We're not going to link to everything, but maybe something else caught your attention that I did not cover. Let us see what you think of the news covered in the program, and of course, the comment boards await you. Things to ponder I honestly didn't see this coming. Now, … for a random breach … a psychotherapy center is something I bring up in news notes, but yet it is a serious thing. In things to ponder, I'll give my thoughts on this one. Its beyond repair.

As you listen to this podcast, what came true and didn't to date in regards to the 2020 report on what might happen in the security landscape? MyTelespace is currently down, blog posts are on the blog about it, and of course contact info as well. Enjoy!

This is episode 15, the show notes follow. Welcome to the Security box, podcast 15. It was mainly an open forum of privacy talk today. Armando, a broadcaster here on the mix, was on talking about his experience with Covid and other privacy concerns he had in regards to that. We also got in to a twitter discussion with names we've seen. No mention of exact names are mentioned here but we do talk about this. The Melting Pot, October 9, 2020 and Armando's Testimony can be listened to. These files will eventually expire, so get them while you can. Within the Internet Radio program, go in 86 minutes to hear the discussion. In hour 2, I start and it continues in to hours 3-4 where we talk about privacy, the Internet, finding information, and other aspects of the discussion as Michael in Tennessee and Indiana both join me for hours 3-4 as part of this discussion. This week's show lasts about 4 hours, and I hope you enjoy!

Welcome to podcast 354 of the technology podcast series. The segments on this podcast are mid-length, but quite interesting I think for a change in pace for this particular podcast. Let's tell you what we're going to cover. Time to get your M-braille On is the blog post for written communication, but why gripe when this happens to many pieces of software besides M-Braille? It got fixed, and it now works again. All operating systems has its fallbacks when upgrading, and I talk about this. Shaun Everiss and I talk about Yahoo. Shaun sent me an email which prompted me to create this blog post and segment 2 is all his. Segment 4 is mine. Its always nice to have a discount, but why do we, the disabled, need a discount? Yes I get it, our software is quite expensive, especially if you use Jaws or the discontinued Window-Eyes. Other pieces of software which include Duxbury and even Braille2000 are expensive. There are discounts for specific cases, but why phones? This blog post: A petition on lowering the cost of an iphone for the disabled? Let’s discuss talks about This Apple Vis forum post: A petition asking Apple to consider discounts for people with disabilities. which has quite a number of negitive comments. I see what was tried with this post, but there are already discounts for phones through the carriers and even through Apple itself through care. I'm linking to my blog post and Applevis in this show notes so you can choose which one you want to read. I hope you enjoy the program as much as I have putting it together, and I'll see you all on another edition of the program next time.

A day late, but its better than not posting at all. The podcast is packed, and I hope you all enjoy it! The Security Box, podcast 14 must continue with the ongoing saga of John Bernard. We've got an article on that. What do you guys think of a passwordless future? Lastpass talks about it. News, notes, comments, and more. Topics: What do you think of John Bernard? Apparently, the suspect that has been identified as this person walked away with 30 million dollars, and it doesn't stop there. The end of the article claims from one company that they hope that he comes through with his promise. Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M is the article. Could this be the end? Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password problem?  This is only the first paragraph of this facinating article on a passwordless future which will get interesting. The article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future is going to be discussed. What is up with privacy? Conversations that could go awry because of an innocent conversation. Listen to the segment and form your own opinion. News Notes: I've done some reading but what about you? Submit things either by voice or text and lets discuss it. Other things: Twit had an event held on October 8, 2020. Here is a sendspace link to that download which I'll have expire in 8 weeks from today. This is the property of twit, I'm supplying it as a courtesy to you. Visit the twit network to learn more about them.

The show notes are not lengthy this time, that is because we don't have a whole lot for them. Yes, news notes was covered, yet, we have some interesting discussion. Below, please find the show notes. Welcome to podcast 13 of the technology blog and podcast series known as the Security Box/. On this episode, we are going to cover NCSAM, week 1. The big thing now a days are your security and identity protection when it comes to your online safety. The first article Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis is discussed in a taped segment. Speaking of identity, Preston from Pensylvania is going to be on with an interview that I did with him talking about experience, stories, and the like. We'll also cover some news if time allows. Please make sure that you tune in to the blog web site for all of the news, as NCSAM will be busy and lots of items will be posted. You may want to decide to subscribe so you don't miss anything. Thanks for listening!

While the podcast is an hour, I know that I want to do more with the tech podcast in all kinds of tech not just the security landscape. In this podcast, I think I have covered a bit, even talking about some stuff in a different light unlike the Security Box. Here are the show notes. Welcome to podcast 353 of the technology podcast. NCSAM is out now, its the month of October and its definitely going to be an interesting month. Our first segment talks about the fact that identity theft may be more of a problem now more than ever. blog post KNFB reader was intigrated in to newsline. People were griping about it on Apple Vis, and may have been in social media as well. I looked at the app one day, and I find it quite interesting but still easy to use. They griped because they had to reverify their info, otherwise known as reauthenticate. KNFB Reader lite works well, and I am glad I have choices. blog post Michael in Tennessee taught me about Google and pairing to bluetooth devices. While I told my phone to forget the device, I had to go back in to google and get it repaired as I tried to demo how I got it to work. Be that as it may, this was kind of cool. Thanks Michael for this! On a prior podcast, we covered SSL and what is happening with threat actors today. I intend to write a blog post with my thoughts, but the Security Box definitely covered this. Podcast 12 of the box covers this in a talk show format, but I figure it should be covered here for those who don't want the longer program. Tell me what you think. The full program lasts an hour, so I hope you'll enjoy it. Thanks for listening! See you on another edition of the program.

Welcome to podcast 12 of the tech podcast series known as the Security Box. Topics: On podcast 10 of the box, we link to an article about due dilligence. It was segment 2 of that podcast. Just recently,, its time to update this, as now Krebs has an article asking the question: Who is Tech Investor John Bernard? Seems to me that this guy, whoever he is, is not a good guy, and I think I visited the page in the first story just to see what it was about. In no way was I going to utalize the services, but I was mainly curious what the main page had to say. It is funny to see that the site has a general closed message on it, and people still come forward afterword to people like Brian and tell him what has happened to them. This is quite funny, and I think I'll have this as my first topic. Did you read the article linked to in podcast 10, and if so, what did you think? What do you think now? Apparently, another tech company is hitting the news in regards to a ransomware attack. The company in question put out the same type of info that most companies put out in regards to the breach or lack there of when it comes to personal information that may have been taken. The problem is that the investigation is still ongoing, and even though the article was updated after initial printing, we can't say who is telling the truth. Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack is the article, and I think this aught to be quite interesting. Only time will tell. APWG is the Anti Phishing working group. This group does work to try and advise security experts and us on how to be as safe as possible. Now they're saying that SSL should not be used in determining if a website is secure. We've known through Phishlabs articles on the blog that the rate of SSL certificates by actors was on the rise, but now we shouldn't rely on it. APWG: SSL Certificates No Longer Indication of Safe Browsing comes from the Phishlabs folks, and I think its worth the read. We also put it in the news notes rundown, and I am sure it'll garner conversation. News Notes: News Notes has quite a few items even though I have had technical problems as of late. The weather isn't helping with health concerns as well, so it may not be large, but it is good none the less. If you're interested in the news I've gathered, head on over to this blog post and check out what might interest you. There may be some overlap, but at the same time, you might find something you want discussed that I didn't read. Podcast segments Michael in Tennessee is on with us for about 37 minutes talking about one particular article that caught his attention. He and I discuss this particular article, and we even bring up other odds and ends tying this up with other revelant but could be off topic stuff as well. The article we reference comes from Cyber Scoop, and its a good one. FBI hopes a more aggressive cyber strategy will disrupt foreign hackers which was posted to that site on the 21st of September. This article was written by Sean Lyngaas.

Voice mail systems, are they gone? Covid-19 and the email landsscape, a webinar and IOS 14 and other OS's and whether apps are updated timely if they are broken. Enjoy this 65 minute podcast!

A shortened edition of the show today, and that is OK. Several topics too. Welcome to podcast 11 of the Security Box. Topic: Ransomware is everywhere. Last week, Michael in Tennessee sent this article during the show, and I finally got a chance to read it. This time, Newhall schools are effected, and while the advice given in the article is sound, we can officially say that nothing is predictable in this strange year. ABC7 in Los Angeles gives us: Ransomware attack shuts down remote classes in Newhall which has some good points. The article talks about what is being done which includes getting ferenzic folks in there, law enforcement, and other people who may be needed to restore data. The article didn't talk about training. Question, where is the training so people in the district know what to look for when something like this happens again? Ransomware starts with an email in most cases. TikTok is back in the news, and this can't be good news anyhow. The article Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say is what we're going to talk about, and we'll play this CNET video: TikTok, WeChat ban explained. I didn't know WEChat was a problem, but then again, I've not used that app at all. From what I've heard, its similar to apps for communication like Whats app, and other messaging apps. To top this all off, Michael in Tennessee recently sent me an article in regards to the TikTok Sale to Oracle. The TikTok deal solves quite literally nothing is the article, and it is quite interesting. This whole story aught to get interesting now, but suffice it to say, TikTok is saved, for now. Open forum: what do you want to talk about? This is your time to shine. News Notes and things The biggest topic right now is TikTok and their very interesting developing story as it continues to unfold. Besides that, we've got some recent arrest news and other items in this blog post which has been cut short because of the fact I haden't felt well. The news also covers a Chinese firm who is supposed to do antivirus work being part of apt41. This is going to be interesting. For the first time to our knowledge, ransomware may have lead to a death for a critically ill patient. The attack was an apparent accident, as the actors gave the hospital the key after it was determined they made a mistake on their target. Hospitals have never really fixed their security problems, mainly because of the lack of funding. This could hurt them now that they know that someone died. Ransomware may have led to the death of a German hospital patientRansomware may have led to the death of a German hospital patient is the article that talks more about this very interesting story.

While we didnt have a shot at news notes, we do cover some news and other stuff too. Found something of value? Get in touch! Welcome to podcast 10 of the security box. On this edition of the program, we're going to leave room for Michael in Indiana to talk to us about phone stuff. We'll also have some other stuff as well. Topics Phishing has all kinds of forms, and the Security Box, podcast 5 only covered a little bit. Podcast 345 of the tech podcast series also covered Phishing. Also, we've covered Phishing in articles that I've read as well. This search page from the blog will bring up everything on phishing that might be of interest to you. Recently, I've learned about tricky types of phishing using services out there that can produce documents and forms for free or low cost. Tricky Forms of Phishing | Tricky 'Forms' of Phishing is the topic on this first segment of the program today. Did you know there are 13 different sites that can produce documents and forms that could trick users in to divulging information they shouldn't? The only one out of the 13 I've used is Google documents, but I'll talk about the 13 different ones in turn. Time to learn. Recently, I've read an article talking about doing your due diligence . Do you do yours? Looks like a scammer knows how to play it well, and the name seems to be well known. The article Due Diligence That Money Can’t Buy talkes about someone by the name of John Bernard. What a facinating story! Michael in Tennessee came on about a ransomware attack effecting Neuhal. We'll have more next week on this. Michael in Indiana will be on talking about phone systems, security, and what he has seen in the landscape as an administrator. News Due to the time of the interview, news did not get aired this week. I'll keep this for a show next week, and we'll reference this next week. If you find anything from the below section you want covered, you're welcome to have your thoughts heard. Here's the news from this week we didn't cover that might be of interest to you. News Notes September 12, 2020 is the main source for news this time.

Please check the tech blog for full show notes. They are longer than space permits in these notations. I hope you all enjoy the program as much as I have bringing it to you. We'll be back to Wednesday next week.

Welcome to podcast 351 of the podcast. Some people can't stand the changes in regards to one telephone system and what they did. Shaun Everiss and I team up and I created a page for it. Jaws had an update and I covered all but two. Here is the blog post on that as well. Finally, Typosquatting is discussed in preparation for the next Security Box. All this, and final thoughts and contact info on this edition of the podcast.

The show notes are rather lengthy, so please check the blog for full notations. Commentary, topics, and even a segment on lots of other stuff too. Hope you all enjoy! See you on another podcast!

Welcome to podcast 7 of the Security Box. This week, let's peruse some topics, I'll link to some articles, and you can comment as usual. News, Notes, and much more. Thanks for listening! Election officials have been warned about Typosquatting domains and how they can be used to bring trouble to their particular candidate. Typosquatting is a big problem, and in a future podcast, we'll look in to what this is. In an article entitled Feds warn election officials of potentially malicious ‘typosquatting’ websites you'll learn what is the danger in the election scheme of things. I think its time to really bring out a topic. How many people heard of the dark web? 11.6 billion records have been breached and are on the dark web since 2005 according to this article by Lastpass. Is this something we should be concerned with as a whole, or do you think it isn't a big deal? This can only get worse, and the box wants to hear what you think of this. Each year, more companies are breached than ever before and it is definitely a problem I think. There is a way you can scan the dark web for any type of data like an Email address, but is this enough? Lastpass has the capability of doing this for you. The article What are dark web scans? goes in to more details on how this is done. News: Looks like Experian can't keep their mouth shut. According to a Cyberscoop article, 24 million South Africans are now at risk because someone potentially opened their mouth. They said the employee was tricked in to disclosing information on a unknown number of people, but the number seems to be a whopping 24 million. No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans is the article and boy if Equifax and Experian haven't learned anything from their prior U.S. things, when will they ever learn? The U.S. stuff were hacking attempts but still ... human intervention is the weakest link in this whole ordeal. This week in Security News from August 21st covers another article on the 24 million from South Africa and even some other stuff that might be of interest. The tech blog will also highlight things from this article that might be of interest. Michael in Tennessee went ahead and gave me a heads up on this one. Turns out that a former CSO was charged in the Uber breach from 2016. U.S. prosecutors have charged the former Chief Security Officer at Uber with allegedly covering up a data breach at the ride-hailing company that exposed information tied to roughly 57 million people. Joe Sullivan was charged Thursday in the U.S. District Court in San Francisco with failing to disclose details of the security incident. to the proper authorities. Sullivan, who now works as the chief information security officer at Cloudflare, allegedly committed two felonies by not informing investigators about the hack while they probed the circumstances surrounding a prior data breach. This is great news, and one in which I want to cover in passing. Former Uber CSO criminally charged with covering up 2016 data breach has the full details from Cyberscoop.

Welcome to podcast 6 of the Security Box. On this show, we've got a topic, a very interesting news notes where two articles take center stage, and we'll open the lines for comments, questions, and other things. Topics: Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren't so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store's rules. On Epic's Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let's discuss this one! News The news is quite interesting. This week, if Microsoft continues at its current pace, we'r going to have 1300 plus patches for Windows this year. This month, we learn that there are 120 patches, the 6th month in a row where the patches are 100 and over. This Tech post from last week in security covers this and some other stuff too. The two articles that we talk about in the news notes is a two part article with lots of numbers and things to think about. Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World is the first and Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (part 2) is the second. The articles are also linked to the blog post for last week in security, but I am bringing them forward here because I really think people need to read them. Open forum: Michael in Tennessee came on to talk about his apartment complex and their lack of security with the WIFI setup. While they wanted to make it convenient, it could be a parking lot attack at the entire network. Michael talked about updating software and how inportant it is. Michael also talked about smart TV's as well.

Welcome to the technology blog and podcast, podcast 350. I can't believe that we've made it to 350 episodes. In 2017, I didn't publish much because of the constant breaches, but in 2018 we've come to find out that we must continue this work. I reflect on this in the first official segment. Several segments are videos with Covid 19 stuff as well as a short video segment from Twit dealing with Tik Tok. Nothing is set in Stone. Katie Monroe from Transit App joined in the AAC meeting from August 13th's meeting. Lots of accessibility work was made and not just for people who are blind. Herbie sent me a direct message on twitter in regards to Epic games. Seems as though these guys aren't so happy in regards to the decision made about the percentage of money each company whether Apple or Google take, so they want to side load their apps on to your device. According to the article, this is in violation of each app store's rules. On Epic's Fortnite Gambit is the article and it comes from the Apple Mill. The article talks about sideloading apps. Thoughts? Let's discuss this one! If not side loading, what about the terms of service aspect? The program lasts 1 hour, 10 minutes and I hope you enjoy!

Today was quite interesting. The numbers in phishing are staggering according to the APWG. Links to the main article we use and a podcast re given. There's plenty more to cover in this space. Podcast 5 covered Phishing and its various forms. The main option we used was Wikipedia, but we also link to F-secure and a podcast talking about what this is. There is one aspect we did not cover which I think we should. Our things to ponder segment was a little adult in nature but appropriate in today's environment of social media and the things that are allowed and not. Episode 25 | The Psychology of Phishing F-Secure 025| The Psychology of Phishing f-secure sound cloud What is the CFAA and why has it been a problem? The technology blog The show lasts 3 hours, 32 moinutes, and I hope you enjoy! No major news notes segments.

Welcome to podcast 4 of the Security Box. On this show, we've got one main topic, a very interesting talk by Shaun Everess about a big time breach which effects GPS, news, notes, and more! Our main topic: Our main topic is the Computer Fraud and Abuse act. What is it? How did it come about? Do you think its working? What is the CFAA and why has it been a problem? The Technology blog and podcast Shaun's topic Shaun Everess talks about some blog stuff, but he also talks about a big time GPS hack that could possibly be effecting all of us in some aspect. The topic is also being cross posted to the technology podcast as a whole, but I'm putting it here for comment by this podcast. This blog post from the Technology blog and podcast This has to be the biggest breach to date gives my thoughts, along with Shaun's email. It also links to the story both linked in his email, and actually linked at the bottom. Other newsy things Are you concerned about your news? Find something on a news site you may have heard on the tech blog or another source? https://technology.jaredrimer.net/2020/07/28/russia-targeting-corona-vaccine-were-no-closer-news-sites-are-late/ is the blog post from the tech blog, yet I read about it on one source, and found it on my news source while looking for something else. COVID closures means more to business ID theft than you think from the blog talks about business compromises that will go beyond your technology. Lines of credit can help you get things for your business including technology things. Ever thought you'd be a problem? Lastpass has an update in regards to their Phishing post earlier is quite interesting as we continue to talk about Phishing. This isn't going to be the only article I blog on the topic, please view the blog article section for more. Twitter News Florida Teenager arrested in massive twitter hack, two adults also charged The Technology blog and Podcast leading to three articles, two from news specific and one tech related This isn't possibly the entire news, but some items that may be of interest. Please check the blog for more, contact me to tell me what you want discussed, and thanks for listening!

Welcome to the technology podcast, podcast 349. This program is almost an hour and a half, and is packed with tons of stuff. Contact information is given throughout the program, so please get in touch! Have you ever seen notations talking about fixes for screen reader users? Firefox fixed a very nasty crash with Jaws, but besides that, other screen reader updates were made to Firefox 79 which has recently been released. You don't normally see fixes for access tech so this is quite a surprise and a welcome change. Thanks Firefox! blog post Shaun Everess, my second admin, is along with a segment talking about one of the biggest breaches I believe we've seen. This one, deals with a well known brand most people will be familiar with. Besides that, Shaun talks about the Spam problem I've been trying to fight for years. >blog post on the breach and find updates through the blog in regards to what he did for the Spam problem. I have a twitter update. first blog post and second blog post B2K is finally talked about on another podcast besides this one. In a long awaited podcast, Blind Bargains Interviews Jared Rimer who talks about the program, braille transcription, and more. Segment starts 15 minutes in. blog post I give a talk on two different articles I've recently read on Krebs on Security dealing with credit and debit card fraud and EMV payment processes. This recent blog post should've been posted after I recorded the segment, but does link to the two articles. Michael in Indiana talks about two different items. The first, is a very interesting Comcast story which turned out great. The second, an unconfirmed report about Microsoft buying Tiktok. We talk about TikTok as South Korea was fining this Chinese App maker due to Coppa violations and big time ones too. I also have comments following a video I found through the BBC. blog post Contact information, and information on what is going on in the security box ends the podcast. The total length of the file is 1 hour, 26 minutes. I hope the wide variety of topics is of interest to you. I'll be back with more on the tech podcast very soon. Thanks so much for listening!

Welcome to the Security Box, podcast 3. We really only have one main topic here. We also include news, notes, and other things in passing. Children's Online Privacy Protection Act Wikipedia The Childrens online privacy Protection act is here, not following the law by Tik Tok The Technology blog and podcast We'll have two segments on things to ponder where personal information is concerned, and we'll also have your comments, questions, and concerns. I hope you'll enjoy the show as much as i have putting it together! Thanks to everyone that decided to participate during the live program. Remember that if you listen through the podcast, your voice still counts, so get those emails, imessages, texts, or whats app messages to me. Contact info is given throughout the program, and thanks so much for listening!

Welcome to the security box, podcast 2. On this podcast, Twitter takes center stage as it suffered a very interesting security problem they need to solve. People have said it was a big time breach, but as you'll soon find out, unless you read the tech blog, there is more to the breach. Yes, accounts got breached, but we know there is other info. Articles are listed here for you to review. Besides that, find out about a big time breach article which was a two year look at many different breaches within a two year period. Also, find out about a piece of malware making a huge return on how it can't! be trackable now a days and what the threat actors are up to. Depending on time, not everything may be covered. If you see the rundown and you want things covered we didn't get to, please let us know! The links to news items are in no particular order, we provide them in the order I put them in. Of course, please contact me through the contact the dj's page on the mix or through the tech blog itself. Thanks so much for listening to the program, and we'll be back with you next time! Scammers hijack Twitter accounts of Joe Biden, Bill Gates and others to promote cryptocurrency Cyberscoop Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store The Hacker News Twitter Hacked in Bitcoin Scam Trend Micro Around 130 Twitter accounts targeted in bitcoin scam hack, company says Cyberscoop Account Takeover Attacks Cause Chaos @ Twitter Phish Labs An update on our security incident twitter blog July 18 2020 In a future podcast, let us talk about the CFAA and whether you think its been effective. Even still, lets possibly talk about Coppa. Have any topics you want discussed security wise? Have terms you don't understand? The box wants to hear from you!

Welcome to podcast 348 of the technology blog and podcast series. I've decided to change it up a little bit with a different spin on the security aspect, as well as talking about a piece of software that I've once used before, but yet, need it again. The setup was quite easy, and I pretty much did it on my own. Then, what do you get when you have to think about the security of your software you use to do your work? What about the type of computer you use such as Windows, Mac or Lynux? Full thoughts and links to items follow. Virtual Audio Cable is a piece of software that acts like a mixer. We've talked about it once before, and I believe we've demoed it. Its back as I talk about the Security Box and how I'm putting people on air. What do you think about when you think of the Mac? Its not known for viruses, trojans, and worms. However, with this latest development, I begin to wonder if the Mac will start receiving more problems like Windows has for many years. In this article entitled Updates on ThiefQuest, the Quickly-Evolving macOS Malware from Trend Micro, really makes you think. Its got lots of images for those who are sighted,, so you might want to check it out as I talk about it and other operating systems in general. Finally, what do you think about if you were told to install something that you had no idea had a back door? In this article Chinese banks require clients to use tax programs laced with backdoors, report says posted on Cyberscoop, I talk about it and how I'd handle that. I never saw the day that software would be laced with malware and a bit of social engineering would have you install it just to get your work done. The program is 1 hour and 8 minutes long, and I hope you'll enjoy the program as much as I have putting it together for you. Thanks so much for listening!

Here are the show notes for this program which is podcast 347 of the main tech series. Welcome to the technology blog and podcast, this is podcast 347 of the series. On this podcast, a longer segment on the Blue Leaks issue which I take you the article. Here is the blog post that is linked in the first Security Box which was issued yesterday. Next, Twitter apparently got hacked, or did they? We've been publishing blog posts as we learn more with my thoughts, and we'll be covering this on the Security Box next week. Finally, i have a braille transcription update as I deal with assignment 19. We'll definitely have more news coming out of the twitter camp. What a mess.

This will be the home of the podcast of the Security Box, just security talk on the mix. Articles linked here to topics I've talked about. Welcome to the security box, podcast 1. While we're playing a wide variety of music, the music will not be part of the notations. We're only going to link to things talked about as part of the show itself. The show will be part of the Tech podcast series, but hosted through the independent channel of the suite of servers. I hope that you'll be enlightened by the discussion, and I encourage discussion. If listening through the podcast itself, contact me through my tech address used through the tech podcast. Mix listeners can contact me through the contact the DJ's page of the mix. Thanks for listening! Dark web Wikipedia Target’s Data Breach: The Commercialization of APT | SecurityWeek.Com. Security Week There is doubt in evidence in a case of an alleged Linked in and dropbox hacker the Technology blog and podcast We have an update on a prior story on a Russian Hacker who was found guilty The Technology blog and podcast Blue Leaks, this is as bad as it gets The Technology blog and podcast FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy Krebs on Security /ul> There may be other things I reference that is not going to be specifically linked here. You can visit the tech blog to read anything of interest, as well as searching out stories for future inclusion. There are sources that I don't have because of the amount I already have to read. As the podcast grows, we may not have so many items, but we'll see over time. I hope you've enjoyed the program listening live, or the podcast if you listen that way. See you next time!

Welcome to the technology blog and podcast, podcast 346. Last podcast was at the end of May, and a lot has been going on around here health wise. I'm definitely feeling better, and I've got quite a bit for you. At the end of May, beginning of June, Transit App was announced to be the Los Angeles Metro app of choice, changing the landscape of $240,000 in costs. Here is the blog post that I wrote which also links to Los Angeles Metro's blog as well. Let me know your thoughts on this one! What does Capital One have to hide when it comes to their breach? After my health issues, I've been thinking about what to put in to the podcast, and I thought this would be good to talk about. This blog post links to an article that goes in to detail about this intriguing case. We already know Capital One was at fault, why are we continuing to hide it? I recently penned an article asking about the state of Antivirus after someone emailed asking me to put Eset's web site in a 2017 blog post. Instead of doing that, I mention Eset and several good antivirus products in this blog post where I quote an email that Shaun Everess wrote in a forward talking about 2004's Windows 10 version. He's not wrong in his thoughts in the comments, but I still think we're at a disadvantage. Michael in Indiana has every reason to get mad at TNO. TNO stands for Trust No One, and he had no idea an app he used was this way. I also leave my thoughts. Finally, hot off the presses, a blog talking about another Government web site. The DHS has to be ashamed of itself! It links to an article recently penned by Brian Krebs about a web site called everify. We should be passed this ordeal when building web sites, should we not? Do you have anything you want to comment on? Please get in touch by contacting me. The web site and blog have contact info, so please utalize it. I hope you enjoy this podcast, and I hope to get back in to podcasting more regularly.

Welcome to podcast 345 of the technology podcast series. This time, no covid-19 material as I have quite something different lined up for this podcast. I'm sorry its taken this long to release, I've not been feeling well, but the wait is worth it, as you'll see. What type of app do you use to track your packages? Just before podcast 344's release, I had a hair, and decided to go searching for a replacement. Parcel Track was found and demoed. Some things including notification fixes were pushed out after the recording, the basic demo will give you an idea on what it is about and how it works. In the first segment, I talk about what I had used before, and introduced Parceltrack. The second segment was the demo itself. Have you heard of terms such as catfishing or catphishing? Yes, thats awesome! I have but not really looked up what it meant until I found a Cyberscoop article talking about a well known figure that does cybersecurity work in the government who was impersonated. I did some looking up, and what I found was quite interesting. Both spellings of fish (phish) are used in this and it was quite facinating. Read the featured post for May 20th, Catfishing, Catphishing, what are they? for more on this, and it links to the Cyberscoop article. Contact information is available for everyone at the end, and I hope you enjoy the program as much as I have bringing it together for you! Thanks so much for listening md feel free to reach out.

Welcome to podcast 344. On this podcast, we've got quite a bit for you. We've got news notes of varying kind. I demo and talk about something I recently learn on the iphone thanks to Michael in Indiana. I talk about Kreb's article about moving money and how one can get duped. Krebs on Security: When in Doubt: Hang Up, Look Up, & Call Back which is also talked about on the tech blog. Getting forms in a different language than you speak? We got two applications at MENVI which we are now not going to process based on advise given to us. I hope to have another podcast really soon. Thanks for listening to this one, and make it a great day

Welcome to podcast 343 of the technology podcast series. This podcast is covid-19 based with a webinar done by Mikko Hypponen to a conspiracy theory which we'll play the audio and comments from Michael in Tennessee. To boot, a video about 10 minutes dealing with 5G and the prospects of whether it actually gets you sick. The podcast is a little over an hour, and I hope you enjoy it! Thanks so much for listening.

On this podcast, I've got a webinar that I would wait on, but its too important. Cyber criminals are taking advantage of this pendemic. I briefly talk about what the webinar has, then enjoy this 57 minute webinar which ends the podcast. Here's the blog post with the link to the webinar so you may get the slides if you wish. Thanks for listening!

Welcome to podcast 341. We've got a bit of stuff for you for an hour podcast. The topic of cheating came up within the dice world community. Dice World is a game that now has chat rooms in it. I've covered this on my cast before, but someone wanted to cheat in other games, and questioned their participation in the tournaments. I cover Braille2000 and setup as a blind person. I've got a write up on it as well. Read the write up: Getting Started with Braille2000 as a Blind Person for more. I cover a little bit of news on the aweful change in our lives with the Corona virus, although I cover this as a tech related thing. I've got blog posts covering this, so just go peruse that. Finally, Shaun Everess comes along and asks a question by email about letterboxes and why they've gotten smaller. Here we call them mail boxes, but it is pretty much the same. Our contact info is at the beginning and end of the podcast, and I hope you enjoy the hour long program!

Welcome to podcast 340 of the technology blog and podcast series! This is the shows notations, and there's plenty. Braille Book Review is a magazine put out by the Library of Congress's National Library Service and there's probably info that may be of interest to some. Michael in Tennessee and I are to talk about Apple, Microsoft, Phishing, and scams. SSL and TLS can go hand in hand with that discussion because I had an incident with a cert expiring, and so did the domain. Bad combo! Contact info is found on the podcast both at the beginning and end of the program, and I hope you find this podcast of value. Thanks for listening to the program, and remember to leave those thoughts! They're very valuable. See you on another edition!

Sprint and Tmobile murge, blog updates news notes and more, and Phishing insights and social media scams from a bebinar. Contact info at the beginning and end of the program.

Welcome to podcast 338. I catch up with you on my workings on the Braille Transcription course and the work I'm doing with it now. After that, we bring you the IHS vulnerability research webinar from December 2019. I thought I had the link to the blog post talking about this webinar, but I guess I didn't post it unfortunately. I've posted some but need to do a better job on it. If this wasn't december's, it must be November's, but be that as it may, its a great webinar. My contact information is made available at the end of the program as usual, and thanks so much for reading and participating on the blog!

Welcome to podcast 337. While we've got some corrections by Shaun in regards to last podcast, one of the biggest topics I think you'll want to get your paws on is buildings being connected to the Internet. I'm not kidding! I've got a blog post with the article of the same name: Hackers are hijacking smart building access systems to launch DDoS attacks and this is definitely something to think about. Also on the podcast, we've got a dumb criminal award for the podcast. If you're going to commit a crime, you want to try and hide like a lot of America's Most Wanted's criminals did. Thats why they were hard to catch, and eventually, a lot of them were caught. A great story on how not! to get caught in cybercrime? is my blog post, and I link to Brian Kreb's coverage of this. Finally, although not in the exact order of the podcast, we've got my discussion of the infamous 404 page and how it helped me fix a bug on my own web site. Building a 404 page that helps fix bugs is the article title, and it was definitely something interesting. While the code I wanted displayed didn't show, the fact is, we can fix our error pages to help us fix those pesky mistakes in code. Contact information is available on the podcast, and even available on the blog. Feel free to utalize it, and we'll see you on another edition of the cast!

Welcome to podcast 336 of the technology blog and podcast series. I've got quite a number of things of varying topics in today's program. The first segment of this program covers this blog post: A very comprehensive password manager review and Lastpass gets a poor review even though it has great features, up front postings of any security issue, and no data lost to date. Why? What gives? Thanks to Consumers Advocate for bringing this to our attention by sending an article, but this is definitely sad. Most of those items I've never heard of. The second segment covers news, notes, and items posted to the blog. The tech blog has posted more since the recording, and you may be interested in a topic that has been posted, so get in touch! I have a Braille Transcription update on assignment 17. Assignment 17: I passed! and Assignment 17 has been submitted for grading. I'll have a full write up at some point in regards to assignment 17 through Braille Transcription as a blind person at some point. I've talked about scammers that have contacted me to try and hook up. They never call. but yet, they want money, gift cards, and hangout connections. Scammers hitting the blind, same as my talks earlier is the blog post that talks about this in writing. Dice World wants to know about players who are engaging in this behavior, please contact them if you feel the activity you're experiencing is questionable. Thanks Dice World for listening to the community! You really do care about safety and security, great job! A recent article sent to us by Mary, a brand new contributer I've made available to the blog. I cover some statistics on this porgram, and More than 70 cybercrime statistics – Soon to be a $6 trillion problem is the blog title and accompanying article linked within. More from this facinating report will be discussed on another podcast. Finally, Shaun Everess is along. He sent me an email recently, and his thoughts got me thinking. I address his email on the podcast for everyone to hear what I have to say. Facinating stuff, Shaun! Contact info is of course at the end of the program, and this program is over an hour and a half this time. I hope you enjoy the wide variety of topics on this podcast, and I'll be back on another podcast very soon! Thanks so much for listening!

Welcome to the Technology podcast, podcast 335. On this edition, we do talk about a few things including security, transportation, and braille, but in a different light. Translation software was talked about in the talk, but nothing too specific. Here are the topics. On our first segment, Trend Micro's 2019 report and 2020 predictions. I talk about the numbers and what sticks out with me. Incidently, the webinar that they'll do this month is dealing with the predictions for 2020. I'll blog about that after I get a chance to read the email. If you want to read my blog post about the threat report and predictions please go to the blog post entitled: Question: Are we looking for more or less threats this year and if so what kind? from blog The Technology blog and podcast and it links to the article in question. On the second segment, we talk about the automated voice announcement system. Every bus here is supposed to call stops and every train is to call stops too. While it is technology, and it fails, the failure is also within the drivers. It has to work both ways, and my talk which will be presented on Thursday, January 16th, at an Accessibility Awards Luncheon will talk about this. At some point, we must have drivers and passengers work together to get passengers to where they need to go safely. How is it for you in your area? How is the AVA specifically for you? Lets talk! Finally, the canute 360 is discussed. This blog post which was posted on the 10th talks about where to go and links to Blind Bargains. I attended this forum, and what I learned was quite interesting. I didn't stay long for the questions and answers, but the presentation was quite interesting. Its supposed to be made available for listening at some point. I do want to catch this so I can take the time to listen to the rest of the questions in case there is something else I can learn. Finally, what is coming up on future podcasts and contact information. I hope you will enjoy the program as much as I have putting it together for you. I look forward in hearing from you! email/imessage tech at menvi.org text/whats app 804-442-6975 If you have other social media, you can use that. The Jared Rimer Network has all contact info made available and links to social media as well. Thanks for listening!

Lots of things here including a discussion found on the blog in regards to a vdio out there about the Internet being gone for a day. I take that discussion and turn it in to my own. Hello everyone, welcome to podcast 334 for January 9, 2020. We've got a very interesting podcast comoing up, lets tell you whats on it. What has been going on with SBC Yahoo! mail? Looks like they aren't communicating with their customers about potential problems. I don't think this is right, and my blog post entitled Yahoo forcing random password resets … am I the only one supporting someone having trouble? goes in to detail about this in writing. As I tlak about what I want to do with the podcast, I give you the beginning of the Braille2000 tutorial I have created in regards to the talking edition. Go to the Braille Transcribing as a blind person web site to learn more, and download the full tutorial which is based on the documentation. We'll have more from this tutorial over time. In commentary from last podcast, Shaun Everess talks about how there is a video out there talking about not having the Internet for a day. Instead of linking to it I take this talk a little bit further by talking about it but bringing up the loss of power to boot. What would we do if one, the other, or both occurred? Lets take this for a spin. As always, contact information is going to be available at the end of the program, and I hope you enjoy this podcast. The podcast runs over an hour in length. Thanks for listening, and make it a great day!

Welcome to the first podcast of 2020, podcast 333. Below, please find a list of items and links where applicable as the topics of the podcast are listed below. Breaches galore, the epidemic of whats happened in the last decade. Are we really looking for more trouble, or will it slow down? Freshbooks: thank you so much for giving me a great reason for talking about you today. On this podcast, I talk about how I had to reinstall the Freshbooks app, and how easy it was to reauthenticate with my account. I was afraid that I was needing to grab my 20 character password and paste in the password field. Not anymore! Twit.tv has a new sponsor on their list that spomnsors segments on Security Now. Sadly, I can't take advantage of it at this time, but it looks like something we could've and should've had many years ago. Learn about privacy.com and see if it will meet your needs. Michael in Indiana and I talked about software and reminisced about the old days of how downloading the wrong software wasn't fatal, but just a havoc. Today, this isn't the case. I mention Stuxnet as an example of software that was developed and it did some real world damage. Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon: by Kim Zetter is the name of the book and its author. I read this through Kindle and I may have talked about this on my podcast when I did. If this is the first actual weapon that destroyed data and things that were going on, is something else being developed we yet don't know about? As usual, our contact information is at the end of the program, and I hope you enjoy this first podcast. I'll be back on another edition very soon. Thanks so much for listening to this 71 minute program!

Merry Christmas, this is the last episode of 2019. Welcome to the final edition of the technology blog and podcast series for 2019. Trust me, we've got a lot more coming, but this is the final podcast of 2019. My initial thoughts on my brand new, Iphone 11. Brian Krebs gets an award. Several other members of the security field was also mentioned as needing the award more than Brian, but CISO MAG Honors KrebsOnSecurity is the article Penned by Krebs. I have a segment on Braille transcribing as a whole in particular to Braille2000 and not specific to the assignment as a whole. I found this quite interesting, even while I did the talk. In the first podcast of 2020, I'm going to talk about a company I feel we should've had around about 10 years ago if not sooner than now. Its an advertiser of TWIT, and boy, if it doesn't fit my needs, I feel it may meet others. We're going to start with that, and even more as we continue the transcription course, my Iphone 11, and who knows what else we'll cover by this podcast as next year gets started and beyond. Until next year, thanks so much for listening to this podcast, and I'll be seeing you very soon!

On this podcast, NVDA gets updated and its a breeze! Assignments 17-19 are talked about and I want your thoughts. A webinar that caught my attention, and web design and why links are all over the home page.

On this podcast, B2k news, domain buying, and news on hospital mortality rates when ransomware and other attacks happen.Hospital breaches leading to more heart attacks? You bet! from blog The Technology blog and podcast Thats the name of the article and its linked from me. Very facinating read.

Welcome to podcast 329. How can we keep ourselves as safe as possible when databases that companies hold them online? I completeluy understand the aspect of why they need to do so. It isn't possible for them to store it like I do, and its just becoming a problem. A telecom company breached, mongo DB to blame is the blog post referencing this segment. National Cyber Security month is now complete. Why? In this ever changing landscape where everything is online must we have only one month to teach how to be as secure as possible? Please check out my blog post penning this topic: NCSAM is over, shall we stop teaching for my written thoughts on this important topic. Its something we should be discussing, and we should be discussing it all the time. I found an article through dark reading, and instead of covering that, I think we should try to discuss it in a different light whereby we ask how consumers can be safe in this time of major security problems. It isn't just the entity that we shop at that should be the main problem, it is in both things. Merchants need to fix their security, but shoppers need to be careful and some tips are discussed on what we can all good. Dice world has some interesting updates and I tie that in to other games and the accessibility landscape. There is always something to learn and I'm happy to see what happens as we continue to grow. Michelle Dyer was a dear friend of mine. I let the domain go because I was under the assumption that the domain was not needed. Family contacted her closest friend, contacted me, and I've relaunched the domain on October 31st. Due to some other technical issues I could not fix, the domain is now relaunched and I only made some changes to clean some outdated info. Please click on this link to go to the Michelle Dyer Memorial page where you'll find tech podcasts to download that she was a part of. We thank each and everyone for your continued support of my work. The track I selected for this podcast comes from the artist Ehren Starks from the depths of a Year. Contact information is also available at the end of the program. Thanks so much for listening!

Hi folks, welcome to podcast 328. Transportation: can we use something like Navi Lens in conjunction with apps like transit app, Go Metro, or other apps to get us around by bus or train? Making The Smart Bet On Cybersecurity Whats going on with web threats? The October webinar by Trend Micro Protecting Our Children Online Contact info I hope you enjoy the program.

Welcome to podcast 327 for October 27, 2019. What do you think about giving out or phone numbers? I'm not talking about business, I'm talking about phone numbers for personal use. I heard this on a telephone line on a bulletin board, and got to thinking. VPN services is the next topic. I'm looking at express vpn as they were talked about on a prior post on the blog through tech warm. My thoughts are on this one. I'm putting a feeler out there. On this third segment, I'm curious on your thoughts on the braille transcription course as a whole. I know I have had some struggles, but i'm curious on other people who have taken the course or are still taking it with me. Contact me by email for a phone call, as I'd like to discuss it with you. Cachet Financial Reeling from MyPayrollHR Fraud is the next segment and the article is linked here. What an interesting story here. Best Practices for Defanging Social Media Phishing Attacks is the final segment and lots of terms given here and info. This could be put under the NCSAM category as the cyber security awareness month is coming to an end. Please feel free to contact me on the podcast contact info given, and I look forward in hearing from you!

On this podcast, Jaws and firefox's latest version. NCSAM should be all the time, yes or no? &nbsp;We've got a braille transcription update, and Dice World has a new layout.

Welcome to the technology blog and podcast. Doordash is the latest major breach, lots of coverage on it. It happened between the release of 324 and now. Is this the beginning of the end? Here is the blog post on it. There is some commentary left by Joseph. We'd love to hear more on what you have to say, so please leave thoughts on segments. Password managers and phone calls is the third segment as we start NCSAM. Here is the blog post on phone numbers which should be really discussed. JHere is the blog post on password managers as well. Scott Schober wrote a new book. Here is the blog post on this book. I talk about chapter 3 specifically, and my thoughts on it, as it did hit home for me. Finally, I've got a braille transcription update as I continue to struggle with assignment 15. I think I'm almost there! Thoughts? My contact information is available at the end of the program, and thanks for listening.

Welcome to podcast 324 of the technology blog and podcast. On this podcast, we've got two different books that are talked about. The first is one that I've already read, the second is one that I'm going to read and preordered through Amazon. Finally, I've got two articles that I talk about. One is in regards to a school system teaching the parents of their students the dos and don'ts of social media. Finally, an article which wasn't tech related, but yet it was bullying. What would have happened if this turned to online bullying and the same type of injury took place because of some cyberbully(s) who wanted to cause him harm? The only issue is that this child was 8 years of age. All of this, on this edition of the tech podcast. The book Scam Me If You Can the Tech blog and podcast September 22, 2019 Scott Schober writes new book, will be out October 1 The Tech blog and podcast September 22, 2019 Are your kids being safe on social media? A school district is teaching the dos and don’ts of social media The Tech blog and podcast September 22, 2019 8-year-old Texas boy suffers brain injury after attack by bullies Fox29 news (no date given) One thing I should mention is that Scott's book is available on Amazon as a non-kindle purchase, Kindle will be released October 1. He offered to send me a released copy, but since I can't read print, I'll wait for the digital version. Thanks Scott for offering to send it, it was appreciated. Thanks for reading the notes, and feel free to leave those comments! Contact information is available at the end of each and every podcast.

Welcome to podcast 323 of the technology blog and podcast series. On this podcast, we've got several segments for you. What happens when you have a population of approximately 17 million, a company in Miami, and a potential breach? Ecuador had that happen to them, and there are no rules to keep people safe from cyber attacks or breaches. Blog Post What do you see when you hear or see the words "heat stroke?" It isn't anything to do with the sun, and this I saw while working on the prior podcast. blog post Three items in one, dealing with the company Philmore Productions. Have they learned anything? Two messages and an accompanying blog post on the subject indicate probably not. I'll be caucious and indicate that things better change, or it will more than likely be the end. We'll have to see. Please read the blog post, as well as listen to two messages in his own words. Let me know what you think of this one. In two segments, I cover the transcription course as well as talking about braille in general in regards to paper braille VS display braille. I hope you enjoy the program as much as I have, and thanks for listening!

https://en.wikipedia.org/wiki/PhishingWelcome back to the technology blog and podcast, this is podcast 322 of the continuing series covering everything tech including assistive tech, self driving cars, the security landscape and more. This podcast is packed and even three articles that are on one topic, Phishing. Lets take this opportunity and give you the breakdown of today's program, and I hope you'll consider contacting me with your thoughts and comments on these topics. Philmore Productions has had it bad with the technology as of late. I put a senario in place as a thought piece. Let me know what you think. An unofficial report on assignment 15 was released, where I knew I had to fix some things, and yet I have read everything. Its going to get interesting once I'm ready, and I've sent my official assignment. Still pushing through. A self driving car has had it bad. This isn't the first for this make and model, and I have a hunch that this can be fixed. The strech of highway, according to the article I read, is to blame, where something wasn't fixed, and the car got in to an accident. Multiple cars got in to an accident at the same spot. California highway barrier not repaired before fatal Tesla crash from blog The Technology blog and podcast is the article, and it links to the article of the same name where you can read more. In our Phishing segment, three articles come together with some alarming statistics. Its not going away any time soon. The first article which caps off this segment is entitled Why Social Media is Increasingly Abused for Phishing Attacks. Just take a look at this stat: "In 2018 we found that the abuse of social media increased by near 200%" and if thats not enough, Phishlabs expects this to increase. I am not surprised, and this article is linked to other material. In another article Cybersecurity: 99% of email attacks rely on victims clicking links which means we need to continue to teach. Its OK to be curious, but yet, you should know the signs and we need to make sure we slow down and look at what we're clicking on. Finally, to cap this off, Techwarm, a contributer to the blog, posted What is Phishing: Learn How to Protect Your Company which also links to some things and a great article to boot. All of these articles are put together in a nice package and tied up with a bow. I hope you enjoy this 73 minute podcast. I'd also like to thank Amadeus, maintainer of Live Wire for putting this podcast as a podcast on Live Wire. Besides my show at 2276, people who read the RSS can now subscribe to a board to get the podcast if they wish. That board number is 974, so enjoy your options! Thanks so much for participating, and we'll see you next time!

In the better late than never department, I put podcast 321 together on the 2nd. Welcome to podcast 321 of the technology blog and podcast. In no way am I complaining at all, but I really think that braille transcription software, no matter what you use, should be a tool. When I started lesson 15, discussed in full in the first segment, I found that I seemed very confused. Its not graded yet, and I'm sure I have a few things to correct before my first submission, but I'm confident I'll understand it. This article entitled Transcription software can’t do it all: Even Braille 2000 doesn’t have every possibility is a written aspect, but the first 30 minute segment goes in to an audio detail of the lesson and my confusions. Next, a very interesting ted talk dealing with storing data and DNA. I mention telephone systems including Live Wire, MyTelespace, and Philmore Productions Voice mail as examples of systems that could utalize this if it were to ever happen and how Philmore Productions could do things better and how Live Wire hasn't lost any data because of a different backup routine. No trashing is going on here, but the talk and the recent Philmore Productions news about their data made me think about this a little more. Next, Armando is along with a very interesting talk about the Iphone and how we can utalize it without a home button. I relate an experience with a supervisor of a company when I showed him how Voice Over worked, and he didn't have a home button. Contact info on both sides of the program is given. Thanks for listening!

On this podcast, Sonos, google home, the front door lock, and even a braille transcription update as well. Also, Aira and their announcement of a free 5 minute service which I've utalized and its very efficient.

We're packed on this episode, but yet I've made sure we've got a wide variety of stuff. Tech podcast 319 has Philmore, is it getting worse? The Capitalone Breach since we've been gone, Braille Transcription, and more. Enjoy!

Welcome to the tech podcast, this is show 318. I'll be in the process of reloacting, so this may be the last podcast until the relocation is complete. I'm hopeful that the relocating process will go well, and I'll be available through contact methods mentioned throughout the program should you have questions and concerns. We talk about URL shorteners. Cutt.us and similar services can be a target of spam. This service, along with a couple of others, allow the visitor to report suspicious links. These services allow the shortening of long URL links to shorten one for sharing. Reporting suspicious URL's may be a start, but I'm going to try and get recaptcha on one of my biggest sites to see if it can curve this problem. In segment 2, we finish the talking of shorteners by talking briefly about another service similar to the one I link above, and then we demonstrate braille 2000's grade relaxer. This particular part of the application was already working, but some accessibility fixes were made, and with the beta, I present to you how the relaxer can be used in a classroom setting. We take a song break. In the last segment, we had relaxed Gokul Salvadi to demo how this is done. I thought the music would be perfect to play one track, and you can leave your thoughts. Finally, Equifax and Myspace are back in the news. When Myspace Was King, Employees Abused a Tool Called ‘Overlord’ to Spy on Users from blog The Technology blog and podcast | Former Equifax exec sentenced to 4 months in prison for insider trading related to data breach Our contact information is at the end of the program. I'm hoping that the relocating process goes well for me, and if something big comes out, I'll do my best to get it out quickly. If not, then I'll be back once I'm settled in. Thanks for listening, and thanks for your continued support.

Welcome to tech podcast 317. How is our security as of late? Is the landscape good or bad? What are your thoughts on it? Braille 200 has a very interesting update. Braille 2000 has interesting childrens program, made accessible is the article, and I talk about my work with this area of Braille 2000. Here is the Braille 2000 category that you can link to on the blog. It is the entire history of what I've been up too with Bob. We may have talked about this, but there are other odds and ends we tlak about if this was not talked about in this segment. If not, and you want me to cover it in detail, I can do that. The segment is Braille 2000 where we are at this point. Jaws gets an update that fixes a major bug in Adobe. It also fixes other odds and ends as well, not just that. blog post for those who need it. Mirai and Trickbot are back in the news. Blog post on the topic. I saw an article on email and 5 signs on what to do if its hacked. Blog post. Phishing sites and their trends. What do you think will happen? Phish Labs blog post has all the juicy details. Michael in Indiana has a Philmore update. A month or so ago, Philmore Productions voice mail went down due to weather related activity. Its been a month or there abouts, and its still mostly down. The good news, Philmore did use an array, so the data isn't lost, but the web site remains down. Listen to all the details. Contact information is available at the end of the program. Enjoy!

Hello folks, welcome to the tech podcast, podcast 316. On this podcast, we cover We Transfer. This is a service that was used to deliver files to me, and I actually like its interface. If it is right, I could see myself paying for it, but right now, I don't need to do that. I talk about this service and what it has to offer. Next Braille 2000 V2.274 take 2: we’re getting better is the accompanying article and I talk about a new menu that will appear once the talking edition becomes available to the general public hopefully very soon. The beta can now be recommended, and you should contact Bob to get your copy. Finally, Krebs on Security is here with an article A Tough Week for IP Address Scammers is discussed. I hope you enjoy the program as much as I have, and thanks so much for listening to the program! The opinions expressed are those of the show notes, and may not necessarily represent the companies in which they represent. See you next time!

Sorry for the delay in publishing, we've ran in to a technical issue, which I've found a work around. On this podcast, lessons 13-15 are talked about of the braille transcription course. Next, IOS 12.3. It does fix one of the bugs I've had. Next, one ring scams, and how it relates to a book I read in 2018 called Hacked Again. Contact info at the end of the program. Enjoy!

On this podcast, tech moving too fast: do you think it is? Next, a braille transcription fail, big time. Gaelynn Lea, an artist on CD Baby, is disabled and yet involved in touring and more. I pick a track from this artist and we feature it. Finally, a tech talk dealing with a wristwatch to aid the blind and others in navigation. Search the tedtalk out on Youtube or Ted's website. CD Baby page for Gaelynn Lea so you can read more about her.

Welcome to the technology blog and podcast, podcast 313. We've got a lot for you in a wide variety of news, notes, Braille 2000 stuff, and more. Wipro (pronounced We Pro) is in the news big time. There are three articles which are talked about in the first segment. The 2019 Phishing Trends and Intellegence Report is out. Some very interesting stats within this article that I discuss. Julian Assange was recently picked up for violating the CFAA according to a report. I thought I saw multiple articles, but one article was retrieved. I talk about this development. Braille 2000 is getting ready to release their next version. In a segment, I talk about the Braille 2000 percent codes in general, highlighting the entire list that I have, skipping some which aren't available yet. They're talked about in passing, but no code is discussed in full. The web site has removed Version 1 of the software, and version 2 that has been ran is now on the home page. Two ted talks about seizures and heart attacks are talked about and the full talks are played in full. You can search the talks separately through YouTube on the ted talks channel. The articles dealing with Wipro are hard to swallow. Clearly, nobody knows what is happening, but hopefully they've found the issue and corrected it. Being an IT company, you need to understand these things and do proper PR. The PR here was not good, and I'm sure they'll feel the reprocussions for awhile. A list of articles that accompany the podcast follows: 2019 Phishing Trends & Intelligence Report: The Growing Social Engineering Threat Phishlabs blog April 16, 2019 Anonymous offshoots rush to avenge Assange arrest with cyberattacks Cyberscoop April 19, 2019 Experts: Breach at IT Outsourcing Giant Wipro Krebs On Security April 15, 2019 How Not to Acknowledge a Data Breach Krebs On Security April 17, 2019 Wipro Intruders Targeted Other Major IT Firms Krebs On Security April 18, 2019 Enjoy the podcast, it lasts 72 minutes long. Thanks for listening and make it a great day!

On this podcast, braille transcription software updates using percent codes. A woman got caught with malware on USB drives when going to a place claiming they were there for an event. Finally, we talk about signatures in general, and my thoughts on whether they should have specifics on what device the mail was sent from. Contact info is at the end.

Welcome to the technology podcast, podcast 311. We've got a very interesting braille transcription update which makes me very excited to push forward in this course. Besides that, a transit update, and we start with several articles in discussion. The articles will be linked, and the podcast runs 82 minutes. I hope you enjoy the program! Alleged Child Porn Lord Faces US Extradition Krebs on Security March 22, 2019 Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years Krebs on Security March 21, 2019 Man Behind Fatal ‘Swatting’ Gets 20 Years March 29, 2019 Thanks so much for listening! That completes the article listings and do feel free to read them if the discussion interests you. See you next podcast!

Hello everyone, welcome to podcast 310. On this podcast, we've got a very diverse podcast for you. Bullying, is it a disability problem? I talk about this again in a different way. I talk about this in a way where one might be deleted for no reason, including but not limited to false information, information that may be old, and other aspects of the article. Bullying, Is This Just a Disability Problem? longevity.media May 2, 2017 Privitizing messages in voice mail, is it a big deal? Live wire made an announcement and change in regards to marking messages private which was received well. In today's day in age, it is easy to take any private message and make a copy of it if you know how. Good idea? Bad idea? Why Phone Numbers Stink As Identity Proof is talked about next. This article was written by Krebs on Security on the 17th of March. It argues in part that giving out our mobile telephone numbers may be more of a problem, and we should use services including but not limited to Google and disposable numbers from Services like Text Now. There are several people I know that have used, or are using the service in different ways. I'm sure there are other services that can be used too. 51 Critical Cyber Bullying Statistics in 2019 is linked from the blog to an article sent by Someone named Caroline Black. She linked in an email to a post of mine from last year where bullying and cyberbullying was talked about. This article has some very chilling stats, and its talking to others and bringing awareness to the problem that will solve it. I talk about some of the statistics within this article and have invited Caroline to the podcast to discuss this. IOS and Mac have updates is a short segment. In this segment, the fact that IOS and Mac have updates is mentioned with info on how to find the posting where you can learn more. Finally, Text Reminders is talked about. There is no demo, but a description of the service, the fact it isn't free, and the basics about it. I worked with the company behind this to make the site accessible. The service works, and I find it valuable. As in all podcasts, contact information including Email, Imessage, and Text Messaging options is given at the end. If you're listening by phone, leave public feedback, and if you want, have it aired on an upcoming podcast by letting me know. The podcast lasts over an hour in length. Thanks so much for listening, and make it a great day!

On this podcast, Equifax is back in the news, and its not so great. Next, Live wire has shows, and we talk about it. Goldwave is talked about with something new I discovered that it can do. You may notice a change in the program. Sports and technology, what are they using? I know of some of it, but yet I may not be correct. Finally, my confussion on assignment 12, and some of my confusion explained. Thanks for your continued support in this podcast.

On this podcast, Ground Zero is closing. Why? Hear why in a segment. Satelites, can they be hacked? An article is very interesting, yet its not common. Michael in Indiana has an update on Vorail. Equifax is back in the news, and its not good. Finally, the 2018 trends from Trend Micro and their findings, something caught my attention about them. I hope you enjoy the program.

Hello folks, we've got braille transcription for assignment 10, Philmore productions in the news again, and some news notes. Hope you enjoy the program.