What if we all have a hardware incontinence vulnerability?

Charlie Warzel and Sarah Jeong do a little skit on the New York Times “The Internet Security Apocalypse You Probably Missed”.  It’s a little like Daniel Gruss’s “Microarchitecutral Incontinence” about Intel chips.  This time, it’s Cisco routers.

Suddenly, a possible vulnerability that could target anyone, and that you could fix only with hardware.

  

Three or four years ago, the fear was some sort of massive shutdown by an enemy like North Korea. Now it seems enemies want our social media up so it can manipulate our weaker souls.

ThioJoe explains this as "microarchitectural data sampling" (incontinence), with examples like "Zombie Load" and "Fallout" and "Meltdown".

CPU vendors will eventually issue "bios updates" which average users won't know how to do. 

Wanna Cry ransomware could come back to older systems given new Microsoft bog

Dan Goodin has an article on Ars Technica explaining again how many Windows exploits (variations of Wanna Cry) and ransomewares, continue to exploit governments and installations that don’t have the nimbleness of individuals to go to newer releases or apply patches

 .

  

Some Windows servers are affected, which can affect hosting companies that find managing Windows application pools difficult, resulting in outages or 503 errors.

Local governments are particularly vulnerable to ransomware

Local governments seem particularly vulnerable to ransomware attacks, largely because of their bureaucracy.

Right now, Baltimore has a serious problem.  A year ago, Atlanta did.  Recently a town near Fairbanks AK was targeted.

It is much easier for individuals to defend themselves than organizations, as their backup is usually a lot simpler. Individuals can also be much more wary of phishing attempts.

  

There have been cases where payrolls could not be run, putting affected employees in the same situation as a government shutdown without pay.

Robocalls may tempt users to spend money on callbacks to international 900 numbers

Security consultants are advising consumers not to return “one ring” calls, which are likely robocalls from 900 numbers that will result in steep charges when calls are returned.

Many calls come from Mauritania, but are spoofed as to appear to come from within the US.  Most recipients are in New York State or Arizona.

Consumers might consider having their providers block international calls if  they don’t normally make them.

  

CBS News has a typical story, by Sarah Min, 

The objection to robocalls, while very prudent and understandable, undermines legitimate activity, like raising money for political causes or candidates or for charities. 

New phishing scam claims your package was not delivered by UPS

I received a fake UPS delivery message today that claims that a package sent from my UPS store location was returned because of an address mismatch.  It named a UPS store as the source.
  

The scam is based on the idea that the consumer probably doesn’t remember “their” UPSW store member.  I gave a box at the store in Ballston in Arlington VA.  It turns out that this email address corresponded to a store in Rock Hill, SC.

The most recent site I can find discussing a delivery scam is here.

But this is the first time I have heard of  fake missdelivery email.

I had opened the email but not gone to any links on the computer.  I opened the link on a phone, assuming that iPhone is not as vulnerable. The link named as ups store was actually Microsoft One Drive. It invited me to download a tracking document and download an app to view it.

  

I did show the email to the local store and asked them to show the scam to UPS corporate security.
   

I did restart the computer and run a quick scan and will run a Trend Micro full scan later this evening.

How should journalists report info gathered by hacking and sent to them?

Margaret Sullivan has a nuanced piece in the Washington Post style section Monday, “How should journalists report on data hacks?” “Journalists can’t ignore hacked data meant to disrupt elections.  But here’s what they can do.”

The article is rather non-specific, but one standard is on the relevance of the information, as about the stolen emails om 2016.

  

I always thought it was about context. Since I had a mainframe IT background, I was aware of the controversies surrounding bringing work home or using your own hardware (which comes up with home customer service agent jobs).l 

Trend Micro website safety ratings can revert back to Gray for no reason; Sitelock scans

I noticed Friday that suddenly the green check from Trend Micro on my two WP style 26 blogs (billsnewscommentary and billsmediacommentary) had gone back to gray, which Trend says means the site has not been reviewed.

But it had been.  I noticed the problem Friday morning when the site expanded in Twitter.

My HP Envy computer (Windows 10) has these notifications turned on. I haven’t done this on the ASUS.

The issue becomes more important in that some day, telecom providers might check safety ratings to even allow sites to be connected (esp, after loss of net neutrality). 

Also, on a coordinated story today on my main “BillBoushka” blog I discussed a tech company organization called GIFCT.  Browsers are likely eventually to refuse to load sites with harmful content (as they do today with “unsafe” sites having malware).

But there are no standards today as to how website safety is evaluated or how content markers would be set.

  

Sitelock’s scans give some clue as to sites can be evaluated for safety.  There are separate Malware, Smart, and Application scans.  The latter will detect problems  (like the "1=1" problem) that creep into Wordpress themes and facilities and typically can only be fixed by regular Wordpress security updates.