Ramblings of an old Doc
DrJBHL's Articles
September 18, 2017 by DrJBHL
 

"A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said.Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukraini...
September 16, 2017 by DrJBHL
 

More on the saga of Equifax, or, "How not to do IT".

So, more has come out on how the debacle that is Equifax IT came about. First, what went wrong, and then the who.

The chronology can be read here. In addition to that, the basic problem is noted:

"The software problem was detected in March and a recommended software patch was released shortly afterward. Equifax said the database intrusion began in May and continued until July.

Security experts said Equifax had more than e...
September 8, 2017 by DrJBHL
 

Not good news, folks.

Equifax was breached...and potentially, the financial data of 143 million folks...

"While the massive breach that Yahoo revealed last year involved more accounts, topping 1 billion, that intrusion exposed people's phone numbers and passwords. Equifax said its breach includes “names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.” 

The company added that credit card num...
September 2, 2017 by DrJBHL
 

No, Gordon [Gekko]: Greed is not good. Google really should learn this...and be responsible as to just who and what come up as valid search results, especially when they get first place result because of advertising dollars.

"Darknetmarkets.org, for all intents and purposes, is a "real" website. Its logo looks to be made of chopped-up cocaine, and the site is filled with legitimate-seeming resources for anybody looking to buy drugs on the darknet. News articles populate its hom...
August 24, 2017 by DrJBHL
 

The first sentence in Ben Tarnoff's article pretty much says it all... "What if a cold drink cost more on a hot day?".

So, Amazon's purchase of Whole Foods has gone through. I promise you, Amazon will be a disruptor there, too. It's called "surge pricing". In other words, instant supply and demand determining pricing of what you eat and drink...even better, you have to believe them and trust they all aren't colluding. Because they're just so honest. and it'll...
August 19, 2017 by DrJBHL
 

Well, this important because there are a couple of graphics extensions and we all love graphics, right?

According to recent Proofpoint research, eight extensions for the Google Chrome web browser have been compromised by attackers, sending malicious ads to the affected users. In a report, Proofpoint explained that the authors of these extensions had their credentials stolen, allowing the attacker to take over...The attacks occurred primarily in July and August 2017, with the at...
August 13, 2017 by DrJBHL
 

Short post...nothing but good stuff! Free stuff! 

25,000 recordings digitized at present, and the library is growing. All quite legal.

Here: http://www.newsworks.org/index.php/local/arts-culture/106319-philly-company-digitizes-collection-of-25000-old-records-and-growing-free-to-download?l=df

Hope you find stuff you like, and that you enjoy this lovely Sunday.



 
August 5, 2017 by DrJBHL
 

I don't know if you've seen this, but since there are LastPass users here, thought I'd update you.

"In November, LastPass made a big change to its service, allowing users to keep track of their passwords across all their internet-enabled mobile and desktop devices, free of charge. In addition to the free tier, the cross-platform password manager - available on iOS, Android, and Windows 10 - also offered a Premium plan with additional features, priced at $12 per year...
July 23, 2017 by DrJBHL
 

When MS decided not to update W10 on computers having "Clover Trail" processors, I don't think they realized they were screwing (potentially) close to 10 million computer owners by rendering their computers insecure.

By anyone's thinking, that's a lot of angry people, especially when we're speaking of computers which are at most 4 years old...and hybrid 2 in 1 devices using the Atom chip starting roughly in 2012. These folks had W 8/8.1 and were assured continued ser...
July 15, 2017 by DrJBHL
 

An interesting concept... Microsoft is planning broadcast internet to rural areas using unused TV frequencies. 

"The system is known as white-spaces technology and uses wireless frequencies that are in the band reserved for over-the-air TV broadcasts but aren't currently being used. While Microsoft plans to use some of these frequencies, it wants the government to reserve at least three frequencies in each local area for use with the technology." infopackets after NYT

Th...
June 23, 2017 by DrJBHL
 

This post has zero to do with politics. I want none on it. While it is relevant to recent events, there's a lot more to it, namely how the Internet has to change for everyone's security (and why it probably won't).

The simple fact it that it is extremely difficult to catch cyber criminals and not much effort is made to actually do so. Why? Because it is almost impossible to accurately attribute attacks. This is because of the way the net was designed by DARPA way back wh...
May 13, 2017 by DrJBHL
 

History: "Shadow Brokers" hacked the NSA in April 2016, and leaked the American cyber weapon ETERNALBLUE for the Microsoft Windows system. WannaCry's developers used ETERNALBLUE as the basis of their ransomware (not confirmed by experts), which gains access to a Windows computer, through a Windows vulnerability which was patched by MS on 3/14/17. 

"Organizations that lacked this security patch were affected for this reason, and there is so far no ev...
May 7, 2017 by DrJBHL
 

IBM has shipped usb flash drives infected with malware code. 

The Initialization Tool on the USB flash drive with the partnumber 01AC585 that shipped with the following System models may have an infected file: 
IBM Storwize V3500 - 2071 models 02A and 10A
IBM Storwize V3700 - 2072 models 12C, 24C and 2DC
IBM Storwize V5000 - 2077 models 12C and 24C
IBM Storwize V5000 - 2078 models 12C and 24C

IBM Storwize Systems with serial numbers starting with the characters 78D2...
May 6, 2017 by DrJBHL
 

Google was the victim of a phishing hack. It was a good one, and a nice guy by the name of Zach Latta actually posted the process on his twitter account as a video: https://twitter.com/zachlatta/status/859843151757955072/photo/1 

"A click on the button loaded the Google Accounts website. Users who use multiple accounts on Google are asked to select one to grant permissions.

A click on the name of the developer, Google Docs, reveals right on that page that something is n...
April 30, 2017 by DrJBHL
 

"Both updates are listed as compatibility updates for Windows 10 Version 1703. To make this clearer: these are dynamic updates and not updates that most users will come into contact with directly. They may be added to Windows 10 ISO images or installation sources, and are also provided during installation when the operating system runs an update check." gHacks.

By the way, RedneckDude has noted that MS has requested people not to download and install the Creator's Update be...