Category: Security

AI, Cloud Talk, Programming, Security, Tech

Camps Dreams and Nothing In-between

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

soldiers standing in a row.
You better keep reading if you don’t want me to add Old Bay seasoning to this backhand.
Photo by Pixabay, please support by following @pexel.com

It’s crunch time, you’re sitting at your computer with your shoulders slumped down heavily, your face in your hands covering up your exhaustion.  You rest your head back in search of relief due to the increasing weight of your thoughts.

Thoughts flanking your left and right rapidly firing questions of how you are going to fend off bills, provide for yourself and your family (if you have one), and see yourself in a better position than you currently are.

You ask yourself; “How would I be able to get to the next level?” You have made your declaration and have made it known that you don’t want to spend your best years in school, trying to ascend your way to the top of the class because let’s be honest, going to school has never been your kind of jam.

You were more of a System of a Down kind of person in your glory days and going to school would see your dreams end in Chop Suey. Would you be interested if you found out there was another path you could take?

You just might have to strap up your bootlaces and camp it out a bit.

Grayscale of group of people seated in class
I busted a cheek and smelt it yet…the game is on.
Photo by Christina Morillo, please support by following @pexel.com

The New About Face

With not wanting to be Another Brick in the wall, what is going to see you get to the next level? Simple, you can just join the Army and become more meat for the machine instead.

No, you don’t have to join the Army, you can opt for the less painful version which is a coding boot camp. Coding boot camps are short-term intensive training programs that provide students with practical and job-ready technical skills.

Boot camps enable students to go from “drooling at the mouth I can’t read, nor can I feel my brain” to “it’s so easy a caveman can do it.” Shout out to my Geico OGs. This provides students with the confidence and knowledge needed to immediately apply their new skills to solve real-world problems, please keep in mind solving world hunger and peace will not be included.

Now, undergoing this training looks great on paper but can have a steep learning curve depending on the instructor and class structure. Like the aim of a trade school, a coding boot camp is usually built around building marketable technology skills that can be leveraged toward a lasting career…or until they decide to let you go, I’m not going to lie to you, it’s not all sunshine and rainbows kid.  

And with how well-known companies are treating longtime employees like they’re the side-chick in public and acting like they don’t know them nowadays it’s something to brace for. The world will embody you as a stray cat, floor the gas pedal, hear a thud and pretend it never saw you in the rearview mirror.

young woman seat at computer with blurred bottle on desk.
I’m going to get through this boot camp.
It might not be sober, but I’m going to make it.
Photo by RODNAE Productions, please support by following @pexel.com

Boot Perfect

So, coding boot camps, who uses them? Well, people who want to be developers obviously. This goes either way since people who are not developers and people who are can both benefit from entering a coding boot camp which either could be attempting to break into the field or simply learn another avenue of IT.

These programs often cover basic programming languages like JavaScript, SQL, and Python, along with modules on current industry software, tools, techniques, and best practices. You know, everything you would get if you enlisted minus being yelled at daily and performing repetitive self-affirmation of “There’s no place like home, there’s no place like home”.

As mentioned earlier, there’s no need for prior coding experience but at the same time having a little experience is a plus. A quick thought let’s say you were homeless and just so happen to have the funds through a Miracle on 31st Street sign yourself up for a coding boot camp, you could theoretically learn the skills needed to land yourself a job. However, these conditions are theoretical and in a perfect world, the odds may be low but they’re still there.

Coding boot camps, like many trade schools, are typically run by private, for-profit companies and is offered both in-person or online depending on the program.

man wearing brown backpack yelling.
COME YOU APES! YOU WANNA PRINT “HELLO WORLD” FOREVER!?
Photo by Pixabay, please support by following @pexel.com

Camp Field of Dreams

Coding boot camps, why are they so important? Well, there’s a massive shortage of skill, and developers are finding that trying to use those good ole job descriptions isn’t the vibe anymore.

To pair with that companies are finding themselves starting to favor the results of over-time-based experience versus simply just attending a four-year college and getting real-world experience later than sooner. This means going out and getting involved in as many hands-on projects as you can versus asking your parents for that sweet financial blood juice called a loan.

Now you may be wondering “Are coding boot camps worth anything?” The short answer is yes. I have checked around a few forums and have seen a few hiring recruiters say that this along with certificates is something they take into consideration.

I have a ton of certificates however, my email inbox is piled with rejection letters and my phone doesn’t even ring (the ringer is on, I checked). Am I saying this for you to feel bad for me? No, but you’re welcome to.

Just know, IT and a few other fields have gray areas, and this is one of them. I will say coding boot camps can work it just depends on your goals and you. That’s rich coming from me, I know but shut up, I’m being positive.

young gentleman meditating in the forest.
If I build a camp and wear a boot…they will come. Nope, never saying that again.
Photo by Maik Kleinert, please support by following @pexel.com

Wrong Boot Size

Wondering if completing a coding boot camp is something you could put on your resume? I will tell you…yes, yes you can, again I’m being positive. Not only does it show you have the needed skills and education, but it also displays that you have the dedication and work ethic to successfully complete a challenging program.

Now, while all of this sounds great, one thing to keep aware of is coding boot camps have some shortcomings such as limited personal instruction, which is depending how big the group you’re a part of, the instructor may not be able to provide enough feedback regarding your query on a project.

This is one of those, sitting with your hand raised high, the teacher selects you, and hears your question but never answers because someone in the class is having an outburst. They don’t mean to ignore you, but thanks to your classmates, it happens.

The other issue to be aware of is the “one size fits all”. Coding boot camps sometimes will have you learn something either you already know, or they think you should, but your skill level isn’t there and this ends up hurting more than helping.

This sucks but being selective with what camps you opt into by using reviews and checking the curriculum could save you from being fitted wrong.  

Drill Instructor: I SAID, “SUBCRIBE TO SCRIPTINGTHEWHY”!
Private: I DID SIR!
Drill Instructor: THEN WHY AREN’T YOU READING MORE SCRIPTS!?
Photo by Pixabay, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Thinking about enlisting into a coding boot camp?

Script a comment below about one you’re interested in.

AI, Programming, Security, Tech

Wanted: A Real Boy!

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

When are these guys coming? A new script just dropped and they’re missing it.
Photo by Louis Gys, please support by following @pexel.com

Have no fear, the bots are here and this time they weren’t sent from the future. It has been a well-known fact by now in every industry that we have advanced technology to the point where any task if not all the tasks we deem to be boring and must be done many times over gets put onto our hardware brain companions.

If you don’t have time or feel like trying to figure out which email is spam, a spam filter is created. If you don’t feel like searching through hundreds of documents to find a particular one, a finder was created.

And if you want to repeatedly send emails to a random list of people, you can use a bot for that and other malicious intent as well.

We’re going to be filtering out what kind of attack this is, who is using it, what are the effects upon release, and what are some ways you can protect yourself from being on the spamming list.

Set it and forget it? Real cooks do no such thing.
Photo by cottonbro studio, please support by following @pexel.com

The Attack

So, what kind of service would you make use of spam to hundreds of people while you have it on “Set it and forget it” mode? Look no further than TrueBot. Don’t let the name fool you, there’s nothing true about this bot.

Truebot is a botnet being used to send out hundreds upon hundreds of emails in hopes of tricking victims into interacting with malicious links. You don’t know what a botnet is? Don’t worry, we have you covered on that.

A botnet is a network of slave computers infected with malware operating under the control of the threat actor or actors. A good way to picture this is to imagine a dog walker walking with a group of well-trained dogs, since the walker has control of the dogs when the walker finds a target, they can then choose to release the hounds.

You have one more time to silence me human, that finger will go bye.
Photo by Anna Shvets, please support by following @pexel.com

Who Can It Be Now

You may be wondering which group of people is releasing the hounds and if this is the first time. The only group that has been ID for using such a tactic is the group called Silence also known as Whisper Spider.

Silence has been operating since mid-2016 and has spread its activities over 25 countries worldwide and has had confirmed damage raking up to, if not more than 800,000 USD. They are thought to be Russian based on clues such as words typed on an English keyboard layout for issuing commands and using Russian-language web hosting services.

Silence has been responsible for targeting Russian banks and other financial institutions which leads to the thought that they may not have a code of ethics. If you’re willing to attack your home turf, then that means no one is off the menu… these guys may not be Russian after all.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Man: I think we can get in through the back door!
Woman: I FORGOT TO TURN OFF THE STOVE!!
Photo by Meruyert Gonuliu, please support by following @pexel.com

The Sinking Feeling

Aside from rushing through the backdoor, how do these guys get in is what you may be asking. Silence and other threat actors gain a foothold by exploiting a vulnerability, where in which the installation of TrueBot begins.

After breaching the network another installation takes place which installs the FlawedGrace RAT (Remote Access Trojan), this dirty RAT stores encrypted payloads within the registry.

The FlawedGrace RAT establishes a connection with the Command and Control (C2) server as well as load dynamic link libraries (DLL) to escalate privileges for further malicious intent.

Just understand that once the backdoor is opened, it leaves it wedged and poses no threat while all the information is being collected for the threat actor.

I’m your well configured firewall…what’s up.
Photo by Ron Lach, please support by following @pexel.com

The Prevention

At this junction, it’s clear that you’re interested in keeping your back door closed and having it stay closed. A few ways you could do this is by making sure you stir clear of clicking on links from questionable contacts.

If it’s someone you may know who sent you the link, cross-check with them on other media to verify. Keeping your system, anti-virus, and yourself up to date will help greatly in catching any funny business being had.

Keeping yourself up to date is most important since humans are the most hackable. We’ve been around for years and still fall for the same old tricks.  

I think I’ll read a few more scripts. They help put my mind at ease.
Photo by Rachel Claire, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on TrueBot? Script a comment below.

Security, Tech

Credit Resulting in Crisis

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

How am I supposed to read the latest script out here?
Photo by Spencer Davis, please support by following @pexel.com

Throughout the history of technology, as technology evolves with every iteration so do we…well, at least we try to. From shaping wheels out of stone to aid in our transporting heavy items, creating boats to sail across seas, and creating the internet to provide the world with endless reels of cat videos.

Our progress has been quite amazing, another thing that is quite amazing is how quickly we look to not only exploit the vulnerabilities in our creations but in each other through nefarious means.

When a good invention involves a secure transaction between a business owner and the customer, the risk of a man in the middle, a bad actor, or a member of the “Wet Bandits” is sure to frequently come into play. Let me script to you what I mean.

Thank you for choosing this fuel pump. Pick a card, any card.
Photo by Miggy Rivera, please support by following @pexel.com

Fueling Your Identity Crisis

So, what is this nefarious act? Brace yourself, you’re going to be amazed at how clever this name is. The act is called “credit card skimming”.

Credit card skimming or what is often referred to as “card skimming or skimming”, is the act of illegally using a device mounted onto a point-of-sale (POS) to capture a victim’s credit card information for identity theft.

This form of cyberattack isn’t anything new and has been in the news many times before but as prices for simply living have gone up and the pay for the common man and common woman has either gone down or remained the same, incidents have gone on the rise.

This is one of two variations, the other is e-commerce skimming or also known as digital skimming which is the act of intercepting credit card information from the form field of a website. And before you fix to say anything, yes, I know. While you are reading this, there is a lot of skimming going on.   

What the!? First rent, now gas is going up. And no one is subscribing to my OnlyFans!
Photo by Lucho Castro Barrantes, please support by following @pexel.com

Over-priced Fueling

You might have the thought, “this only happens at certain places, I should be good where I’m at.” Well, I have some not so good news for you. This form of cyberattack can happen anywhere that requires you to swipe your card. For example, if you were to make the unfortunate mistake of today called “needing gas”.

Let’s say you pull up to a fuel pump, swipe your card in the faintly loose card reader and receive your “This gasoline makes your car ride on water, that’s why you’re paying this god-awful inconsistent price” and drive off into the sunset with depressing thoughts of you working into your golden years and beyond.

You may have failed to pay attention to the small detail in which the card reader was a little loose. This in turn led to your information being collected from the magnetic strip of your credit card for later use at the thief’s discretion.

But this doesn’t only happen at fuel stations, the art of getting skimmed can happen in restaurants, ATMs, retail stores, and pretty much anywhere that has a point-of-sale service or terminal.

In a nutshell, if you have to swipe card double check your account to ensure everything is right. Just when you thought you were getting screwed over enough when getting gas.  

Small Detour:

A guy discovered a card skimmer in an ATM during his interaction, click here to check it out.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Ok, this is my last cart from Amazon…although I did see else that I want and he does still have five dollars to his name.
Photo by Mikhail Nilov, please support by following @pexel.com

More than Your Bank Account

So you might be asking yourself, why would someone want to pretend to be me? You might also have the train of thought if they steal my information, they’re just practicing because I don’t have anything for them to steal.

Well, I can tell you why someone would want to be you because you’re special and you’re a somebody. Yup, that’s right. You’re a somebody with a pulse, a car, and a credit card. Which means you have the means to get a lot of nice things, things you didn’t even know you wanted until they show up on your credit card statement.

This act is committed with the intent of creating fake cards in your name to either purchase desired items that could range from gift cards, cars, multiple loans, or simply some play time at Top Golf.

Aside from taking money right out of your account and mucking up your finances, another and more terrifying purpose of collecting your information is to sell it on the dark web.

Whatever the use case may be, your information is a currency far better than money. And you thought they were just practicing because you’re living from paycheck to paycheck. Silly you, you are the paycheck.

I saw something on sale and I just had to buy it in your name. You’re cool with that right?
Photo by Max Fischer, please support by following @pexel.com

Facing the Zeros

You may be wondering what are some of the ways you can protect yourself from having your information copied and pasted into oblivion. Since most of these attacks happen at fuel pumps, making use of the pump nearest facing the store clerk could provide some security because it is less likely they were tampered with.

If you don’t have access to the pump nearest the clerk, check the card reader for any slack as it may offer some sign of being compromised, and try to cover up the keypad as much as possible when entering your PIN (Personal Identification Number) this will prevent and micro-camera from knowing what you entered. Another and if all else fails in providing comfortability, going in and completing your transaction with the store clerk could be advised as this is a face-to-face interaction.

Other places might not be so obvious since technology is advancing but by being vigilant and tracking your spending, you can catch any alarming activity. Double checking with people like a spouse who may have access to your accounts to confirm if they were the ones to make purchases.

Making use of email alerts from your financial institution and multi-factor authentication (MFA) or two-multi-factor authentication (2FA) combined with any biometric verification could help bolster the security of your account. Sometimes what seems alarming could very well be a false-positive…which in this case could be a very good thing.

Tina: Z-Daddy said we should double check our account to make sure everything is safe. Shaw…who is Katrina and why the payment label “desert storm”?
Shaw: that was for plumbing, she was a plumber.
Photo by Kindel Media, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there’s something I may have missed about stolen identity? Script a comment below.