Tag: cyber security

Cloud Talk, Programming, Security, Tech

The RedClouds Are Coming!

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I TOLD YOU ALL TO READ THESE SCRIPTS AND ONW THE REDS ARE COMING! WHY DIDN’T YOU SUBSCRIBE LIKE YESTERDAY!?
Photo by Moose Photos, please support by following @pexel.com

Here we go again, with a well-known product and manufacturer comes the threat of great risk. This one is especially true if you part take in the use of Dells’ computers.

Information stealing malware isn’t anything new but with the current economy and threat actors wanting your information, the use of them has been on the rise.

We’re going to look at what kind of attack this is, who is using it, the functionality and effects upon release, and what are some ways you can at least try to keep your information safeguarded from this erection of threats.

Guys, we’re just serving up malware and trojans today. I hope you’re cool with that.
Photo by Clem Onojeghuo, please support by following @pexel.com

The Attack

The newest and hottest malware on the market looking to capture the heart of your data and forward it to the hands of someone else is called RDStealer. RDStealer does this by infecting the RDP server and watching the connections taking place.

For those unfamiliar with RDP, which is Remote Desktop Protocol, this is the network connection protocol that was offered by Microsoft, its purpose is to allow users to perform remote operations on other computers.

There has been some confusion about RDP vs VPN (Virtual Private Network) but in an effort to clear things up the difference is this, VPNs offer access to all resources on the network, these are items like file servers, printers, and company/organization websites meanwhile RDP offers only access to the resources on the given computer it’s connected to. In short, VPN access the network, and RDP access the computer.

There’s trouble on the horizon…or on the curve depending on how you view the Earth.
Photo by Pixabay, please support by following @pexel.com

Who Can It Be Now

At the moment of its “RedClouds” campaign, there is no one individual or group named for making use of RDStealer. However, while it’s campaigning its RedClouds, the malware will run a check to see if it detects a remote machine connected to a server and CDM (Client Drive Mapping). If “Enabled client drive mapping” is not enabled, then the client will deny the connection to the client’s file system. Meaning no check, no go.

RDStealer can collect keystrokes, and copy information from the clipboard data, and another dangerous thing to note is that it can target regardless of being client or server-side. When a network is infected, files in both “%WinDir%\System32%” and %PROGRAM-FILES% are filled in and could be filled with files and folders that could be excluded in a full-system scan.

This means these malicious files could hide under the radar during a scan. Afterward, there are a number of attack vectors, aside from the CDM, RDStealer can begin from web advertisements, email attachments, and social engineering methods. Moreover, like your hair, if you have any, don’t let your guard down as there will likely be more variety in the days to come. 

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Geez, I could never be a hacker. There’s so many things to choose from.
Photo by Craig Adderley, please support by following @pexel.com

The Sinking Feeling

Speaking on variety, it has been noted that threat actors use a custom version of this malware which utilizes the redirection feature which is done by watching the RDP connection and auto stealing from the local drives once a connection is made.

There are five modules that make up RDStealer which are a keylogger, persistence establisher, data theft, and exfiltration staging model, a clipboard content capturing tool, and one controlling encryption/decryption functions, logging, and file manipulation utilities.

Out of all this just know that it’s recording every move made and can possibly deny access to certain information via encryption. Once activated the malware enters an infinite loop calling the “diskMounted” function, this checks the availability of the drives on the tsclient network shares.

If the malware finds any connection, it then notifies the command-and-control (C2) server and begins pulling data from the connection with the RDP client. This is that “having a roommate who is a few months behind on rent move out and take a couple of your belongings before they go” kind of situation.

Just be aware, things may be a tad bit different the next time you turn your computer on.

If the Reds are coming, then it’s time for some Blue team action. All about the Blues baby.
Photo by Mati Mango, please support by following @pexel.com

The Prevention

It is safe to assume that if you have used a remote desktop via RDP that at some junction your system has been exposed to the RedClouds campaign.

It is hard to catch RDStealer manually, but you can better protect your system by using tighter security protocols and performing full-system scans often. While it has been noted this malware particularly goes after Dell computers given that it is coded to run in the Dell directories it is best practice to exercise caution while on the web. Using a 2MFA (Multi-factor Authentication) when abled as this will make it less appealing for threat actors because they have more to try to work around. And finally, encryption of your information is a must as this also helps ward off threats like RDStealer. Your information may be in the cloud but that doesn’t mean RedClouds should have unauthorized access to it.

Scriptingthewhy helps keep me in the know, that’s how I knew not to buy you online and from a reputable source.
Photo by Samson Katt, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on RDStealer? Script a comment below.

AI, Cloud Talk, Programming, Security, Tech

Cracking Isn’t What You Think It Is

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

teenagers seated viewing their cellphones
Eric: Z-Daddy put up another script.
Sean: I know, I’m reading it… and stop calling him that. That’s weird bro.
Photo by Pixabay, please support by following @pexel.com

Here’s a question for you. Can you recall what you were doing back in your younger days? Like around the age of 15 or maybe even younger, 12. I would assume that for most people, you were either being grounded by your parents (or parent, I understand for some people a single-parent ran household may have been a reality) for something stupid you did or not being grounded and running around outside with your friends.

The point was, you were too busy either with your parents or with your friends to even have the thought of being seated in front of a computer. And in some cases, this shows signs that you grew up with a healthy childhood. But on the other hand, if you were, or tend to be anti-social, then forming together all the hallmark traits of becoming a hacker could have been something on the menu for you. You don’t know what a hacker is? Let me script it for you.

young man pulling up hoodie
It’s hacking time.
Photo by Mati Mango, please support by following @pexel.com

Hacking Many Hats

Before we start this, I want to be clear, hackers do not sit in front of a computer in the dark typing really fast with a hoodie on trying to crack code…the brightness from the screen tends to hurt our eyes after a while. There are a lot of meanings for the term “hacker”, but the actual definition doesn’t match the sexiness of Hollywood’s definition.

A hacker is someone who uses their skills to gain access to systems and networks without authorization. And before you ask, no, there isn’t an age limit to becoming a hacker. Hackers often fall into one or two of the three categories, you have “Black Hat” – the cybercriminal who is looking to illegally access a system with malicious intent, “White Hat” – the “good guy” who identifies weaknesses in an architecture of an organization which they then inform and advise, and last is “Gray Hat” – which is the combination of both white hat and black hat. Needlessly to say, they operate to what suits their best interest at the given time.

There are other types of a hacker, “Green Hat” – newborn hackers, “Blue Hat” – are white hats who are employed to improve security systems and conduct pen-testing, and the last is “Red Hat” – which are vigilante hackers, these are the individuals that hack in the name of justice.

old man holding up a fan of cash
Businessman…the old school hackers before the internet.
Photo by Andrea Piacquadio, please support by following @pexel.com

Big Wins with You Losses

Hackers tend to go after big-name financial institutions because of the chance to win big and get a nice payday. However, the risk of doing so results in possibly being caught, fined, and put in prison. So what is a better alternative to avoid that? That’s right, you guessed it, they target the little guy, putting your sweet cornhole on the menu.

While your money may be the most important thing to you, your information like social security, address, and entire name, pretty much everything that says who you are online and in life is way more valuable to a hacker.

The collecting of your personal information is called “information aggregation” and once complete or they feel enough is acquired could result in you getting charged for things you didn’t sign up for, like a loan, a timeshare, or getting a speeding ticket in the mail for a car you don’t own. Basically, your data goes up for sale on the dark web to the highest bidder. And here you were thinking no one had an interest in you, well not you per se since it’s the data they want but still don’t discredit yourself. You go you.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

teen looking up at the sky.
The sky is the limit on how many accounts I can hack.
Photo by Myicahel Tamburini, please support by following @pexel.com

Hacking When We were Young

Remember when I mentioned that anyone could be a hacker? I was kidding but then again, I wasn’t. You see hackers can come in many shapes, sizes, and flavors. Flavors are the level of skills that they possess to get the job done. Most hackers are often referred to as “Script Kiddies” (No, there’s no relation to them and this site, you’re safe), they’re low-level and mainly purchase malicious code also known as scripts to use to perform malicious attacks.

But then you have your hackers who really know what they’re doing. Such as the likes of Kevin Mitnick- the world’s most famous computer hacker. He hacked into North American Defense Command, Digital Equipment Corporation’s network system. He was arrested and later upon release, decided to hack Pacific Bell’s voicemail system as a flex to show that he could.

Albert Gonzalez started around the age of 12 and was later arrested for debit card fraud in relation to stealing card information. He stole more than 180 million payment card accounts across different companies. And Jonathan James or maybe formally known by his fictitious name “C0mrade”, was deemed one of the best hackers in history.

This was attributed to him gaining access to private network systems with the flex being “this was done just for the fun of it”. Again, recall what you were doing back when you were 15, at the age of 15, he hacked into NASA (National Aeronautics and Space Administration), the Department of Defense (DoD), and South Bell to steal software.

This is insane because his hacking into NASA led to them being shut down for 21 days and cost about $41,000. Getting things fixed was cheaper back in the day, am I right?

young man with a look of worry
I just had to click on a file saying, “Baddies: one-click nude-pic”.
Photo by Mati Mango, please support by following @pexel.com

So, you’re probably worried about trying to protect yourself from getting hacked and having all your juicy information all over the internet. Well, I have good news, it’s too late. Well, not entirely, maintaining best practice use of devices and being mindful of your interactions on the internet could save you a lot of financial pain in the long run.

Never leave your device alone in an area whether you trust your surroundings or not, practice using complex passwords – involving letters, numbers, and characters, which makes it harder and takes more time to crack. Do not use any part of your name or the name of anyone you may know for Bluetooth and or Wi-Fi devices as this could give hackers possible information to utilize and further their pursuit.

Always use multi-factor (MFA) or two-factor authentication (2FA) when dealing with online accounts and any other login site as this helps with ensuring that it is you accessing them. Always make use of anti-virus/anti-malware as this will hinder hackers’ attempts to install unwanted programs/files onto your machine. And always make sure your operating system, the OS, is up to date.

Most of how to protect yourself is using common sense, like you wouldn’t just leave your front door unlocked while you’re away on vacation or just have some random person walk in your house to Netflix and chill, don’t leave your device unattended, and don’t let people you don’t know on your device or network. I mean I know hackers can get clever and lucky but most of the time it’s made easy for them.   

gentleman in suit face palming his head.
I have a degree in computer science but what I really needed was common sense.
Photo by Andrea Piacquadio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you have a feeling that may have missed something about hackers? Script a comment below.

Cloud Talk, Tech

Clouds In the Head

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

A new post from Scriptingthewhy? They don’t normally post on the weekends. Guess I’ll read just a little bit.
Photo by MART PRODUCTION, please support by following @pexel.com

Heading Onward

Cloud computing is a term that you hear a lot from youngsters these days, but does anyone really know what it means? And is it something that you should consider as a career path? That’s a good question, we don’t know. That’s something for you to decide.

The cloud is essentially a collection of servers that provide and process data over the internet, rather than on your own device or machine. The cloud has many advantages, such as flexibility, reliability, security, and cost-effectiveness. To work with the cloud, you will need to acquire some skills, such as coding, networking, database administration, and cloud computing platforms.

Just a thing to note, you do not have to gain these skills all at once. Trying to do so will overwhelm you and drive you to the brink of insanity and no one, including your family, wants that. Keep hope alive and just know you will gain the skills needed over the course of time.

The cloud is a rapidly evolving and exciting field that offers many possibilities for learning and development. If you are inquisitive and enthusiastic about technology, the cloud might be a perfect match for you.

So, what is cloud computing really? That’s an excellent question and we’re glad that you stopped to ponder that. Look at you being a deep thinker, go you. Cloud computing is the practice of using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.

This has many advantages, such as scalability, reliability, and security. However, it also has some drawbacks, such as the cost of renting the servers and the dependency on the internet connection. You should be aware of these trade-offs before you decide to use cloud computing for your needs as working in the cloud can get insanely expensive if you’re not paying attention.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Grandpa: See my boy, I can work the cloud.
Grandson: Grandpa, you just turned the computer on, that’s not cloud computing.
Photo by Kampus Production, please support by following @pexel.com

Cloud computing is a rapidly evolving field that requires a diverse set of skills and knowledge. One of the most essential aspects of cloud computing is understanding the various services that are available and how they can be used individually or in combination to achieve different goals.

For example, some services provide storage, computation, networking, security, analytics, or machine learning capabilities. Knowing how to select, configure, and integrate these services is crucial for building scalable and reliable cloud applications.

Another important aspect of cloud computing is security. Cloud security involves protecting the data, applications, and infrastructure from unauthorized access, malicious attacks, or accidental damage.

Cloud security requires following best practices such as encrypting data, implementing authentication and authorization mechanisms, monitoring and auditing activities, and applying patches and updates. Having a solid grasp of cloud security principles and techniques can enhance your resume and demonstrate your competence and professionalism in the cloud domain.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like cloud computing is something you want to take your hand to? Script a comment below.