Tag: cyber

Cloud Talk, Programming, Security, Tech

The RedClouds Are Coming!

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I TOLD YOU ALL TO READ THESE SCRIPTS AND ONW THE REDS ARE COMING! WHY DIDN’T YOU SUBSCRIBE LIKE YESTERDAY!?
Photo by Moose Photos, please support by following @pexel.com

Here we go again, with a well-known product and manufacturer comes the threat of great risk. This one is especially true if you part take in the use of Dells’ computers.

Information stealing malware isn’t anything new but with the current economy and threat actors wanting your information, the use of them has been on the rise.

We’re going to look at what kind of attack this is, who is using it, the functionality and effects upon release, and what are some ways you can at least try to keep your information safeguarded from this erection of threats.

Guys, we’re just serving up malware and trojans today. I hope you’re cool with that.
Photo by Clem Onojeghuo, please support by following @pexel.com

The Attack

The newest and hottest malware on the market looking to capture the heart of your data and forward it to the hands of someone else is called RDStealer. RDStealer does this by infecting the RDP server and watching the connections taking place.

For those unfamiliar with RDP, which is Remote Desktop Protocol, this is the network connection protocol that was offered by Microsoft, its purpose is to allow users to perform remote operations on other computers.

There has been some confusion about RDP vs VPN (Virtual Private Network) but in an effort to clear things up the difference is this, VPNs offer access to all resources on the network, these are items like file servers, printers, and company/organization websites meanwhile RDP offers only access to the resources on the given computer it’s connected to. In short, VPN access the network, and RDP access the computer.

There’s trouble on the horizon…or on the curve depending on how you view the Earth.
Photo by Pixabay, please support by following @pexel.com

Who Can It Be Now

At the moment of its “RedClouds” campaign, there is no one individual or group named for making use of RDStealer. However, while it’s campaigning its RedClouds, the malware will run a check to see if it detects a remote machine connected to a server and CDM (Client Drive Mapping). If “Enabled client drive mapping” is not enabled, then the client will deny the connection to the client’s file system. Meaning no check, no go.

RDStealer can collect keystrokes, and copy information from the clipboard data, and another dangerous thing to note is that it can target regardless of being client or server-side. When a network is infected, files in both “%WinDir%\System32%” and %PROGRAM-FILES% are filled in and could be filled with files and folders that could be excluded in a full-system scan.

This means these malicious files could hide under the radar during a scan. Afterward, there are a number of attack vectors, aside from the CDM, RDStealer can begin from web advertisements, email attachments, and social engineering methods. Moreover, like your hair, if you have any, don’t let your guard down as there will likely be more variety in the days to come. 

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Geez, I could never be a hacker. There’s so many things to choose from.
Photo by Craig Adderley, please support by following @pexel.com

The Sinking Feeling

Speaking on variety, it has been noted that threat actors use a custom version of this malware which utilizes the redirection feature which is done by watching the RDP connection and auto stealing from the local drives once a connection is made.

There are five modules that make up RDStealer which are a keylogger, persistence establisher, data theft, and exfiltration staging model, a clipboard content capturing tool, and one controlling encryption/decryption functions, logging, and file manipulation utilities.

Out of all this just know that it’s recording every move made and can possibly deny access to certain information via encryption. Once activated the malware enters an infinite loop calling the “diskMounted” function, this checks the availability of the drives on the tsclient network shares.

If the malware finds any connection, it then notifies the command-and-control (C2) server and begins pulling data from the connection with the RDP client. This is that “having a roommate who is a few months behind on rent move out and take a couple of your belongings before they go” kind of situation.

Just be aware, things may be a tad bit different the next time you turn your computer on.

If the Reds are coming, then it’s time for some Blue team action. All about the Blues baby.
Photo by Mati Mango, please support by following @pexel.com

The Prevention

It is safe to assume that if you have used a remote desktop via RDP that at some junction your system has been exposed to the RedClouds campaign.

It is hard to catch RDStealer manually, but you can better protect your system by using tighter security protocols and performing full-system scans often. While it has been noted this malware particularly goes after Dell computers given that it is coded to run in the Dell directories it is best practice to exercise caution while on the web. Using a 2MFA (Multi-factor Authentication) when abled as this will make it less appealing for threat actors because they have more to try to work around. And finally, encryption of your information is a must as this also helps ward off threats like RDStealer. Your information may be in the cloud but that doesn’t mean RedClouds should have unauthorized access to it.

Scriptingthewhy helps keep me in the know, that’s how I knew not to buy you online and from a reputable source.
Photo by Samson Katt, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on RDStealer? Script a comment below.

Security, Tech

Experience the James Wood method

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Someone walking on a beach
What trying to find a job that needs my skillset in 2022 looks like.
Photo by Pixabay, please show support by following @pexels.com

Let’s say you’re on a beach, you’re taking a lovely stroll by yourself, watching the sun setting on the horizon as you walk by. The birds are flying high in the air, weaving up and down, some gliding to the ground and landing ahead of you.

You enjoy the smell of fresh ocean air with every step you take. As you’re walking taking in all that’s ahead, you notice some funny activity behind you like someone is following. You say to yourself, “Nah, this is a public beach, so it could be people just walking up to the water line.”

You turn around wide-eyed to find someone has been following you and not only has that person been pursuing you, but others have been trailing you as well. You see, while you’ve been taking this lovely soul-searching, deep thought-provoking stroll, those majestic footprints you have been leaving behind have turned into what are called “breadcrumbs” for anyone to track you.

If you didn’t know, the internet has always seen you with the ability to leave your mark in the digital sand. However, a perk to real sand is water washes your record in time. With digital, not so much.

creepy guy in mask wearing black robe in the woods
Thank you for shopping at Walmart, don’t forget to fill out our survey.
Photo by Rulo Mora, please show support by following @pexels.com

Digital Horror Ahead

What is this madness that lets people track you like you’re in a horror movie? They’re called digital footprints, or digital shadows as some would call them. Digital footprints are traceable activities, actions, or pretty much anything you do on the internet.

This could range from visiting websites (any sites, not just the ones with scantily clothed individuals you’re thinking about, ya freak…again, I am judging you) sending personal or professional emails, or even searching for your favorite Christmas dinner recipe that Nana posted so many years back.

And trust me, Gen-Z is finding out all about these footprints. There are several types of digital footprint which are passive, active, personally identifiable, anonymous, user input, and sensor data. In a nutshell, they range from “oh I didn’t know I was going to be redirected” to, “hey, my phone auto-suggested something I like”.

Having access to a lot of things is great but also being followed unknowingly and it being legal kinda sucks. I mean, where is the consent…I know I glossed over the privacy policy, but it was too long, and I wanted to see what the “baddies” on Instagram were all about.

man with cold stare
Helping shoppers around every corner.
Photo by Pixabay, please show support by following @pexels.com

Every Step You Take

So…this is about to get uncomfortable. Who tracks you like the sweet slow jam from the 80s? Well, one of them is ironically named the Police and just so happens to be one group that would turn to use digital footprints.

Police or law enforcement would use footprints to track cybercriminals and possibly keep track of online behavior. Do you remember that “Here, have a seat” guy? Digital footprints aid in situations like that. Do you like cookies? You do, that’s great!

Advertisers and people seeking your business like them too, cookies are used to customize ads for targeting you. Like, in my situation, you purchase one electric bike and now all you see in the ad space of every site you go to are electric bikes. It’s very haunting.

But while there are some creepy effects, digital footprint does have its benefits, ranging from detecting and preventing fraud, making shopping a breeze because, well everything is tailored to your interests, and even just the simple act of being able to recall a previously visited site.

Despite the fact you may click “no” in your preferences or settings when visiting a site, they still track you anyway. It’s like going to a store and one of the employees on the floor ask, “Do you need help finding anything?” and you reply with a “No, thank you, just browsing.” Followed by an awkward moment of silence and a brief stare.

You turn to walk, and they start following you anyway. Like good god, I just said no, go away.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

woman with gen z cake
Fun fact: if you bring a cake to your job interview…your chances of getting the job are still the same.
Photo by Polina Tankilevitch, please show support by following @pexels.com

Safe Space Results 404

Do you recall when I mentioned that Gen-Z is finding out about the horrors of digital footprints? No, then go back up and read this like a decent human being. If yes, then here goes the “oh no” moment, potential employers incorporate this in their decision to hire you.

This means every time you upload or like a twerk video, try to viral a cringe TikTok, post about how great America is compared to other countries on Facebook, or even tell your previous employer to go screw themselves on LinkedIn (sidenote; never air out your previous employer on social media), all of this runs the risk of you not landing that sought after position or promotion you’re seeking to claim.

However, there are ways to keep your footprint as small as possible, most of which are going to require you to do some work and by some, meaning a lot. This pretty much parallels fixing your credit score, your options are contacting data collectors, and telling them to forget your information (some of which may not play ball). Make your social media private.

If you wanted to take an easier route, you can sign up for third-party services that will handle things for you (keep in mind this is not a one-time buy, so as long as you’re on the internet and care about the effect of your online interactions, you’ll have to pay).

You can hide your browsing habits by using a good virtual private network or VPN, but like I always tell people, “Using a VPN is the same as using a condom, you can still get pregnant.”

You should panic a little bit if you worry about trying to land that dream job.
Photo by artawkrn, please show support by following @pexels.com

Digital History Unclear

Now you’re probably paranoid about your browser history and everything you’ve ever said on the internet. Should you be though? This is the year 2022 and we are in the age of “acceptance” and “fairness”.

Honestly, what you said years back when you were young should not come back to haunt you. Social media should be a place where you can connect with like-minded people and share ideas.

However, it seems like the internet is the best place for someone to pick up dirt and fling it at you. The internet has always been the wild wild west but for employers to add a digital footprint to your background check is madness because one or a few posts don’t display the whole picture.

Just hope one day people learn how to differentiate the before and after when making a judgment call. 

Me chances of getting a job is ruined, me should’ve stay off the hub blood. I’m ruined.
Photo by Tope A. Asokere, please show support by following @pexels.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Think someone has been watching your online habits?

Script a comment about how safe you think your digital footprint are.

Cloud Talk, Tech

Clouds In the Head

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

A new post from Scriptingthewhy? They don’t normally post on the weekends. Guess I’ll read just a little bit.
Photo by MART PRODUCTION, please support by following @pexel.com

Heading Onward

Cloud computing is a term that you hear a lot from youngsters these days, but does anyone really know what it means? And is it something that you should consider as a career path? That’s a good question, we don’t know. That’s something for you to decide.

The cloud is essentially a collection of servers that provide and process data over the internet, rather than on your own device or machine. The cloud has many advantages, such as flexibility, reliability, security, and cost-effectiveness. To work with the cloud, you will need to acquire some skills, such as coding, networking, database administration, and cloud computing platforms.

Just a thing to note, you do not have to gain these skills all at once. Trying to do so will overwhelm you and drive you to the brink of insanity and no one, including your family, wants that. Keep hope alive and just know you will gain the skills needed over the course of time.

The cloud is a rapidly evolving and exciting field that offers many possibilities for learning and development. If you are inquisitive and enthusiastic about technology, the cloud might be a perfect match for you.

So, what is cloud computing really? That’s an excellent question and we’re glad that you stopped to ponder that. Look at you being a deep thinker, go you. Cloud computing is the practice of using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.

This has many advantages, such as scalability, reliability, and security. However, it also has some drawbacks, such as the cost of renting the servers and the dependency on the internet connection. You should be aware of these trade-offs before you decide to use cloud computing for your needs as working in the cloud can get insanely expensive if you’re not paying attention.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Grandpa: See my boy, I can work the cloud.
Grandson: Grandpa, you just turned the computer on, that’s not cloud computing.
Photo by Kampus Production, please support by following @pexel.com

Cloud computing is a rapidly evolving field that requires a diverse set of skills and knowledge. One of the most essential aspects of cloud computing is understanding the various services that are available and how they can be used individually or in combination to achieve different goals.

For example, some services provide storage, computation, networking, security, analytics, or machine learning capabilities. Knowing how to select, configure, and integrate these services is crucial for building scalable and reliable cloud applications.

Another important aspect of cloud computing is security. Cloud security involves protecting the data, applications, and infrastructure from unauthorized access, malicious attacks, or accidental damage.

Cloud security requires following best practices such as encrypting data, implementing authentication and authorization mechanisms, monitoring and auditing activities, and applying patches and updates. Having a solid grasp of cloud security principles and techniques can enhance your resume and demonstrate your competence and professionalism in the cloud domain.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like cloud computing is something you want to take your hand to? Script a comment below.