tag:blogger.com,1999:blog-36691662024-03-08T12:20:48.037-08:00NetSecNetsec, comsec, infosec and IA news, research and trendsGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comBlogger5857125tag:blogger.com,1999:blog-3669166.post-23303334785842842712023-02-13T12:42:00.000-08:002023-02-13T12:42:08.781-08:00Uhm... Yeah, sure. I believe that.<p>To whomever it was that called and claimed to be from Publishers' Clearing House, that was the most unprofessional call I've ever received, even from other scam artists. What made your call even less believable is that I've not bought a magazine from PCH in over 30 years and the UPSO stopped forwarding mail from there 3 or 4 relocations ago. This puts you in the same category as the wife of the dead Nigerian Prince who wants to give me money.
<p>The one thing that I regret: I don't have your number. If I did, I'd call you back, so that I could hang up on you again. Meh.joathttps://www.blogger.com/profile/16255365954164579406noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-8708275168260264492023-02-07T12:13:00.005-08:002023-02-07T12:46:24.927-08:00<a href="https://skymagzines.com/hackers-target-thousands-of-computers-days-after-ion-attack/" target="_blank">Hackers Target Thousands of Computers Days After Ion Attack</a> from Blaine <br><br>
<a href="https://arstechnica.com/information-technology/2023/02/hackers-are-mass-infecting-servers-worldwide-by-exploiting-a-patched-hole/" target="_blank">Hackers are mass infecting servers worldwide by exploiting a two year old patched hole in VMware's ESXi OS</a><br><br>
This had me scratching my head because normally ESXi hosts areand are kept on an isolated management network. It turns out the "abuse case" is people running unlicensed ESXi hosts (people who also happen to not know what the *&^% they are doing) and therefore not being eligible for routine updates. If you know anyone running unlicensed ESXi servers, tell them to disable SLP. GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-9557409724388222742023-01-30T06:23:00.001-08:002023-01-30T06:23:19.482-08:00<a href="https://krebsonsecurity.com/2023/01/experian-glitch-exposing-credit-files-lasted-47-days/">Experian Glitch Exposing Credit Files Lasted 47 Days</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-37865454923250499752022-09-20T12:24:00.001-07:002022-09-20T12:24:57.270-07:00<a href="https://www.wired.com/story/web-deanonymization-side-channel-attack-njit/">A New Attack Can Unmask Anonymous Users on Any Major Browser</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-48969605567278866052022-06-09T19:30:00.003-07:002022-06-13T12:04:46.189-07:00<a href="https://web3isgoinggreat.com/">Web3 is going just great! </a> GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-78636706975957165052021-10-07T03:53:00.003-07:002021-10-07T03:53:41.662-07:00<a href="https://www.cybereason.com/blog/operation-ghostshell-novel-rat-targets-global-aerospace-and-telecoms-firms">Operation Ghostshell: Novel RAT targets aerospace and telecoms firms</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-24634629680423991972021-07-05T04:54:00.003-07:002021-07-05T04:54:52.342-07:00<a href="https://www.npr.org/2021/07/03/1012849198/ransomware-cyber-attack-revil-attack-huntress-labs" target="_blank">A 'Colossal' Ransomware Attack Hits Hundreds Of U.S. Companies, A Security Firm Says</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-65000609408114731702021-04-24T10:01:00.003-07:002021-04-24T18:22:51.387-07:00Dan Kaminsky 1979-2021<p>It has come to light that on April 23, 2021, the computer security world lost a titan. Dan was an incredibly kind and honest person. It’s no understatement that he helped save the internet on at least one occasion when he discovered and covertly assisted in patching a fundamental bug in DNS.</p><p><br /></p><p>The world was lucky to have him and is a little darker without him. </p><p><br /></p><p>God speed Dan. Make some pretty pictures please. </p>Doug Arcidinohttps://www.blogger.com/profile/00921152475503605973noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-63773661955336935962020-10-18T06:12:00.005-07:002020-10-18T06:12:44.939-07:00<a href="https://www.forbes.com/sites/zakdoffman/2020/10/18/apple-iphone-12-upgrade-whatsapp-and-imessage-update-security-warning/#2fa6871046ea">Apple Users Have A Serious Problem Transferring WhatsApp To New iPhone</a> from TarikGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-86275874545675774572020-01-14T06:08:00.002-08:002020-01-14T06:08:45.313-08:00<a href="https://threatpost.com/exploit-fully-breaks-sha-1/151697/">Exploit Fully Breaks SHA-1, Lowers the Attack Bar</a> from Red. We've known about SHA-1's wobbliness for some time. Previously, researchers had reduced the attack complexity to 2^64 from what should have nominally been 2^80 operations. Under this attack scenario, it will take 2648718071565183277.290096774912 cryptographic operations as opposed to 29966824157681538847.454306951413 operations. This is roughly a 10-fold increase, which is significant, but the headline "fully breaks" is an exaggeration. Virtually all crypto is subject to both brute force and statistical attacks, it is simply a matter of work. That said, SHA-1 has largely been retired from use going forward. According to <a href="https://en.wikipedia.org/wiki/SHA-1">wikipedia</a>, all major browsers stopped accepting SHA-1 signed certificates in 2017. GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-4054003565488438902019-11-15T06:18:00.002-08:002019-11-15T06:18:12.185-08:00<a href="https://www.eff.org/press/releases/federal-court-rules-suspicionless-searches-travelers-phones-and-laptops">Federal Court Rules Suspicionless Searches of Travelers’ Phones and Laptops Unconstitutional</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-66407264038574305892019-11-15T06:17:00.001-08:002019-11-15T06:17:25.962-08:00<a href="https://www.bbc.com/news/technology-49565587">Hong Kong protesters using Bluetooth Bridgefy app</a> - Wireless mesh networking is the future. GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-44334014053001836032019-11-04T04:03:00.001-08:002019-11-04T04:03:15.563-08:00<a href="https://radiocrafts.com/cloud-vs-fog-vs-mist-computing-which-one-should-you-use/">Fog, Edge, Mist computing complement the cloud. </a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-29907140574083561802019-10-08T14:25:00.002-07:002019-10-08T14:25:50.762-07:00<a href="https://www.fastcompany.com/90413945/theres-a-scary-new-reason-not-to-borrow-a-strangers-iphone-cable?utm_campaign=eem524%3A524%3As00%3A20191008_fc&utm_medium=Compass&utm_source=newsletter">There’s a scary new reason not to borrow a stranger’s iPhone cable</a> from KeithGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-78959198591763365202019-09-25T05:12:00.003-07:002019-09-25T05:12:52.909-07:00<a href="https://www.wired.com/story/googles-quantum-supremacy-isnt-end-encryption/">Google’s ‘Quantum Supremacy’ Isn’t the End of Encryption</a> from ChristopherGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-23959027497446234282019-07-31T05:10:00.000-07:002019-07-31T05:10:07.029-07:00<a href="https://www.rtl-sdr.com/running-a-tesla-model-3-on-autopilot-off-the-road-with-gps-spoofing/">RUNNING A TESLA MODEL 3 ON AUTOPILOT OFF THE ROAD WITH GPS SPOOFING</a> from KyleGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-86104655435754836842019-07-16T03:48:00.003-07:002019-07-16T03:48:58.866-07:00<a href="https://papers.mathyvanhoef.com/dragonblood.pdf">Dragonblood: A Security Analysis of WPA3’s SAE Handshake</a> from KyleGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-15507813833841678072019-07-03T06:07:00.002-07:002019-07-03T06:09:46.496-07:00US Cyber Command issues alert about hackers exploiting Outlook vulnerability<br />
<a href="https://www.zdnet.com/article/us-cyber-command-issues-alert-about-hackers-exploiting-outlook-vulnerability/">https://www.zdnet.com/article/us-cyber-command-issues-alert-about-hackers-exploiting-outlook-vulnerability/</a>Randallhttps://www.blogger.com/profile/14100960708426164866noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-39261772938070204342019-06-13T20:54:00.003-07:002019-06-13T20:54:14.769-07:00<br /><a href="https://arstechnica.com/information-technology/2019/06/if-you-havent-patched-vim-or-neovim-text-editors-you-really-really-should/">https://arstechnica.com/information-technology/2019/06/if-you-havent-patched-vim-or-neovim-text-editors-you-really-really-should/</a>Randallhttps://www.blogger.com/profile/14100960708426164866noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-75202723444751397182019-06-01T15:24:00.002-07:002019-06-01T15:24:53.505-07:00<a href="https://www.hackread.com/hackers-steal-source-code-of-top-anti-virus-firms/">https://www.hackread.com/hackers-steal-source-code-of-top-anti-virus-firms/</a><br />Randallhttps://www.blogger.com/profile/14100960708426164866noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-79378302527582775702019-06-01T15:21:00.001-07:002019-06-01T15:22:44.376-07:00<a href="https://www.zdnet.com/google-amp/article/new-hiddenwasp-malware-found-targeting-linux-systems/">https://www.zdnet.com/google-amp/article/new-hiddenwasp-malware-found-targeting-linux-systems/</a>Randallhttps://www.blogger.com/profile/14100960708426164866noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-66341045158570114602019-05-29T05:34:00.005-07:002019-05-29T05:34:57.462-07:00<a href="https://boingboing.net/2019/05/24/koenig-canute.html">Germany demands an end to working cryptography</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-74399459245727410572019-05-29T05:34:00.002-07:002019-05-29T05:34:14.059-07:00<a href="https://krebsonsecurity.com/2019/05/microsoft-patches-wormable-flaw-in-windows-xp-7-and-windows-2003/">Microsoft Patches ‘Wormable’ RDP Flaw in Windows XP, 7 and Windows 2003</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-23984591316920072272019-05-11T05:22:00.003-07:002019-05-11T05:22:38.616-07:00<a href="https://www.forbes.com/sites/thomasbrewster/2019/05/10/the-us-government-cant-force-you-to-unlock-your-phone-with-your-fingerprint-another-judge-rules/#38d75d264445">The U.S. Government Can’t Force You To Unlock Your Phone With Your Fingerprint, Another Judge Rules</a> from RedGeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.comtag:blogger.com,1999:blog-3669166.post-79656554113876844132019-04-10T16:24:00.000-07:002019-04-10T16:24:07.855-07:00<a href="https://threatpost.com/triton-ics-malware-second-victim/143658/">SAS 2019: Triton ICS Malware Hits A Second Victim</a>GeeWhizhttps://www.blogger.com/profile/13666784817936049115noreply@blogger.com