Tag: cyber attack

Cloud Talk, Security, Tech

Paying with Options All Around

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I will not turn around until someone explains the cloud to me.
Photo by Felix Mittermeier, please support by following @pexel.com

Heading Onward

The cloud, for most people, is a mystery, for others, it’s a place for people to brag about where they house their data, and for the growing population of others, it’s a place where all the payment plans come from.

Since Cloud has stepped or more likely floated on the scene, depending on who you ask, there has been a slew of payment plans being offered that weren’t thought of before. And the people who benefit most from it aren’t big-name companies, they’re cybercriminals.

Payment plans in cloud computing are different methods that customers can pay for the services and resources they use from cloud providers.

There are different types of payment plans, such as pay-as-you-go, subscription, reserved instances, spot instances, and free tier. Each payment plan has its own advantages and disadvantages, depending on the customer’s needs and preferences.

Pay-as-you-go is the most flexible and common payment plan, where customers only pay for what they use, without any upfront or long-term commitment. A subscription is a payment plan where customers pay a fixed amount per month or year for a certain level of service or resource allocation.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

We’re cloud providers and you can pay-as-you-go, we promise.
Photo by Timur Weber, please support by following @pexel.com

Reserved instances are a payment plan where customers pay upfront for a specific number of resources for a certain period of time, usually at a discounted rate.

Spot instances are a payment plan where customers bid for unused resources at a variable price, which can be lower or higher than the regular price. The free tier is a payment plan where customers can use a limited number of resources for free, usually for a trial period or for testing purposes.

What’s that? These are all great things; they’re offering different ways for people to be able to make payments on their bills. We can you hear say, and we say to you; Remember this is the internet we’re talking about here. Nothing here stays pure.

However, with this same concept for payment options in the cloud comes similar payment options on hacking forums and other seedy places to trade data. A few of the payment plans (feel free to look them up as we’ll be sure that you’ll find them and more) are phishing-as-a-service, scam-as-service, malware-as-a-service, ransomware-as-a-service, and many more.

We’re not too sure how some of these services actually work, the idea could be similar to cloud payment plans, but the fact that they’re out there and growing in numbers seems promising for the cyber problems to come.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on various as-a-service payment plans? Script a comment below.

Security, Tech

Discover Why Crypto Could Save You Money Today

Key Takeaways

  • Cryptocurrency leverages cryptography: Secure transactions are enabled through complex mathematical algorithms that encrypt and decrypt data.
  • Blockchain technology:
    • A decentralized, immutable ledger shared across a network of computers.
    • Records transactions as “blocks” in a chronological chain.
  • Key cryptographic concepts:
    • Public-key cryptography: Utilizes public and private key pairs for secure communication.
    • Hashing: Creates unique digital fingerprints for transactions, ensuring data integrity.
  • Security Risks:
    • Cryptographic weaknesses: Exploitable vulnerabilities in the algorithms or their implementation.
    • Smart contract vulnerabilities: Bugs in self-executing contracts can be exploited.
    • Phishing and social engineering: Attacks targeting users to steal private keys.
  • Potential of Cryptocurrencies:
    • Decentralized Finance (DeFi): Disintermediating financial services.
    • Faster and cheaper transactions: Enabling efficient global transactions.
    • Increased financial inclusion: Providing access to financial services for the unbanked.
  • Challenges:
    • Volatility: Significant price fluctuations.
    • Regulation: Evolving regulatory landscape.
    • Scalability: Limitations in processing high transaction volumes.
AI-generated image. “I BOUGHT THIS COIN LIKE YOU SAID, AND NOW IT’S WORTH NOTHING! YOU SAID I WAS GOING TO MAKE MILLIONS!”

Diving Deep into Crypto: A Techie’s Perspective

Come one, come all. Welcome back, come have a seat. Or have a stand if you’re reading this in an elevator. I don’t know what my tech interest readers are doing at the time of reading this. Welcome to another exciting topic that has taken the internet and my new feed by storm.

This something that every “finance professional bro” is talking about on popular platforms like YouTube, Instagram, and TicTok. These are all popular platforms to obtain solid, insightful, life-changing information. That was sarcasm. YouTube, you might get solid information, and that’s a strong might. However, the others are pretty much taking life advice from children.

Social soap-box aside, moving right along. Today’s topic is Cryptocurrency. What is it? It’s a buzzword that’s been dominating headlines for years, but what exactly is it, and how does it work from a technical standpoint?

At its core, cryptocurrency is a form of digital currency that leverages cryptography – the art of secure communication – to enable secure transactions. Cryptography uses complex mathematical algorithms to encrypt and decrypt data, meaning only authorized parties can access and utilize it. This is crucial for crypto, as it ensures:

  • Security: Your funds are protected from unauthorized access.
  • Transparency: Every transaction is recorded on a public, immutable ledger called a blockchain.
AI-generated image. “I’m just checking for missing parts. There’s no way I’m going use this as a bot to inflate prices.”

How does it work under the hood?

Imagine a digital ledger – a giant spreadsheet – shared across a vast network of computers. This is the blockchain. Each transaction is recorded as a “block” on this ledger, creating a chronological chain of events. In layman terms; it’s a giant notebook that everyone can see and write in. Whenever buying or selling something, it’s documented in the notebook. Each new note is a new page to the notebook.

  • Cryptography plays a starring role:
  • Public-key cryptography: Each user has a unique pair of keys: a public key (shared with others) and a private key (kept secret).
  • Hashing: Transactions are hashed, creating unique digital fingerprints that are difficult to alter.

This system ensures:

  • Decentralization: No single entity controls the network.
  • Immutability: Once a transaction is recorded, it cannot be altered.

The Techie’s Take on Security Risks

While cryptography is the backbone of crypto’s security, it’s not without its vulnerabilities:

  • Cryptographic weaknesses: Flaws in the algorithms or their implementation can be exploited by hackers.
  • Smart contract vulnerabilities: These self-executing contracts, while powerful, can contain bugs that can be exploited to drain funds.
  • Phishing and social engineering: Hackers often target users with phishing emails or scams to trick them into revealing their private keys.

The Future of Finance: A Crypto-Powered Vision

The future of finance with crypto is brimming with potential…that is until the government gets involved but until we have:

  • Decentralized Finance (DeFi): Imagine a world where financial services like lending and borrowing operate without intermediaries. DeFi platforms leverage blockchain technology to enable this.
  • Faster and cheaper transactions: Crypto offers the potential for near-instantaneous and low-cost transactions across borders.
  • Increased financial inclusion: Crypto can provide access to financial services for the unbanked and underbanked populations globally.

However, challenges remain:

  • Volatility: The price of cryptocurrencies can fluctuate wildly.
  • Regulation: The regulatory landscape for crypto is still evolving.
  • Scalability: Many blockchain networks face limitations in processing a high volume of transactions.
AI-generated image. “Not all crypto is made equal, the same goes for the risk.”

In Conclusion

Cryptocurrency is a rapidly evolving technology with the potential to revolutionize the financial landscape. While challenges and risks exist, the underlying technology of cryptography and blockchain holds immense promise for the future. And with all of that being said, crypto can be a hit or miss. Some people get into crypto and win big but that margin is a small few. All in all, do your own research and be careful with your money, and who you follow for crypto advice. The pursuit of money blinds reality, and that’s dangerous.

Disclaimer: This script is for informational purposes only and does not constitute financial, investment, or legal advice.

Disclaimer: Cryptocurrencies are highly volatile investments and may result in significant losses.

Disclaimer: The use of cryptography in cryptocurrencies does not guarantee absolute security.

Disclaimer: It is crucial to conduct thorough research and due diligence before investing in any cryptocurrency.

Love learning tech? Join our community of passionate minds! Share your knowledge, ask questions, and grow together. Like, comment, and subscribe to fuel the movement!

Don’t forget to share.

Every Second Counts. Help our website grow and reach more people in need. Donate today to make a difference!

One-Time
Monthly
Yearly

Make a one-time donation

Make a monthly donation

Make a yearly donation

Choose an amount

$5.00
$15.00
$100.00
$5.00
$15.00
$100.00
$5.00
$15.00
$100.00

Or enter a custom amount

$

Your contribution is appreciated.

Your contribution is appreciated.

Your contribution is appreciated.

DonateDonate monthlyDonate yearly
Cloud Talk, Programming, Security, Tech

The RedClouds Are Coming!

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I TOLD YOU ALL TO READ THESE SCRIPTS AND ONW THE REDS ARE COMING! WHY DIDN’T YOU SUBSCRIBE LIKE YESTERDAY!?
Photo by Moose Photos, please support by following @pexel.com

Here we go again, with a well-known product and manufacturer comes the threat of great risk. This one is especially true if you part take in the use of Dells’ computers.

Information stealing malware isn’t anything new but with the current economy and threat actors wanting your information, the use of them has been on the rise.

We’re going to look at what kind of attack this is, who is using it, the functionality and effects upon release, and what are some ways you can at least try to keep your information safeguarded from this erection of threats.

Guys, we’re just serving up malware and trojans today. I hope you’re cool with that.
Photo by Clem Onojeghuo, please support by following @pexel.com

The Attack

The newest and hottest malware on the market looking to capture the heart of your data and forward it to the hands of someone else is called RDStealer. RDStealer does this by infecting the RDP server and watching the connections taking place.

For those unfamiliar with RDP, which is Remote Desktop Protocol, this is the network connection protocol that was offered by Microsoft, its purpose is to allow users to perform remote operations on other computers.

There has been some confusion about RDP vs VPN (Virtual Private Network) but in an effort to clear things up the difference is this, VPNs offer access to all resources on the network, these are items like file servers, printers, and company/organization websites meanwhile RDP offers only access to the resources on the given computer it’s connected to. In short, VPN access the network, and RDP access the computer.

There’s trouble on the horizon…or on the curve depending on how you view the Earth.
Photo by Pixabay, please support by following @pexel.com

Who Can It Be Now

At the moment of its “RedClouds” campaign, there is no one individual or group named for making use of RDStealer. However, while it’s campaigning its RedClouds, the malware will run a check to see if it detects a remote machine connected to a server and CDM (Client Drive Mapping). If “Enabled client drive mapping” is not enabled, then the client will deny the connection to the client’s file system. Meaning no check, no go.

RDStealer can collect keystrokes, and copy information from the clipboard data, and another dangerous thing to note is that it can target regardless of being client or server-side. When a network is infected, files in both “%WinDir%\System32%” and %PROGRAM-FILES% are filled in and could be filled with files and folders that could be excluded in a full-system scan.

This means these malicious files could hide under the radar during a scan. Afterward, there are a number of attack vectors, aside from the CDM, RDStealer can begin from web advertisements, email attachments, and social engineering methods. Moreover, like your hair, if you have any, don’t let your guard down as there will likely be more variety in the days to come. 

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Geez, I could never be a hacker. There’s so many things to choose from.
Photo by Craig Adderley, please support by following @pexel.com

The Sinking Feeling

Speaking on variety, it has been noted that threat actors use a custom version of this malware which utilizes the redirection feature which is done by watching the RDP connection and auto stealing from the local drives once a connection is made.

There are five modules that make up RDStealer which are a keylogger, persistence establisher, data theft, and exfiltration staging model, a clipboard content capturing tool, and one controlling encryption/decryption functions, logging, and file manipulation utilities.

Out of all this just know that it’s recording every move made and can possibly deny access to certain information via encryption. Once activated the malware enters an infinite loop calling the “diskMounted” function, this checks the availability of the drives on the tsclient network shares.

If the malware finds any connection, it then notifies the command-and-control (C2) server and begins pulling data from the connection with the RDP client. This is that “having a roommate who is a few months behind on rent move out and take a couple of your belongings before they go” kind of situation.

Just be aware, things may be a tad bit different the next time you turn your computer on.

If the Reds are coming, then it’s time for some Blue team action. All about the Blues baby.
Photo by Mati Mango, please support by following @pexel.com

The Prevention

It is safe to assume that if you have used a remote desktop via RDP that at some junction your system has been exposed to the RedClouds campaign.

It is hard to catch RDStealer manually, but you can better protect your system by using tighter security protocols and performing full-system scans often. While it has been noted this malware particularly goes after Dell computers given that it is coded to run in the Dell directories it is best practice to exercise caution while on the web. Using a 2MFA (Multi-factor Authentication) when abled as this will make it less appealing for threat actors because they have more to try to work around. And finally, encryption of your information is a must as this also helps ward off threats like RDStealer. Your information may be in the cloud but that doesn’t mean RedClouds should have unauthorized access to it.

Scriptingthewhy helps keep me in the know, that’s how I knew not to buy you online and from a reputable source.
Photo by Samson Katt, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on RDStealer? Script a comment below.