Tag: cyber

AI, Security, Tech

GoldAxe was wrong, here’s why…

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Throughout the years, keep in mind, that we didn’t start the fire.
Photo by Brett Jordan, please support by following @pexel.com

Throughout the many years of us being on this planet, this rock, this existence, or whatever you would like to call it. The complexity of life hasn’t lessened with the release of the Matrix. If you haven’t seen the movie, check it out. It’s a really good movie, it just ugh, will have you question your whole existence. Like “What even am I?” Questioning life aside, you’re probably wondering what new and exciting way technology is being exploited and the possible way your information is being collected. With the recent brainwashing rise of getting everyone comfortable with using AI (artificial intelligence), facial recognition has been employed in scams. We don’t feel the threat in the great US because, well… too much violence (guns, bad, people, worse) but in a nutshell, be glad you don’t live in Thailand. They have a whole different banking system set up over there.

AI is learning what you like, it’s always watching.
Photo by Pixabay, please support by following @pexel.com

The Attack

Facial recognition, what is it? In simple terms, the device uses the images from your face that it captures so when it comes time for a function to be completed, the device knows that it is you and will complete that function or task. In complex terms; the device captures your images with the camera with an overlay of dots which are a kind of reference point for certain sectors of your face, stores them, finds key features from your face that pair up with the stored image data, this could be anything like a mole, birthmark, or beauty mark, (not sure if women still use that term nowadays), once the process is complete and everything checks out. Congrats, you got in. You are now the one. This whole process is done in ones and zeros and is done in nano-to-milliseconds, you don’t care but it’s still nice to know. We’re all nerds here, of course. Armed with the knowledge of what biometrics or an item of what it is, here’s the attack. Threat actors can use your likeness to get into many areas of your life. Areas such as your phone, financial institution, and pretty much anywhere that requires the use of your facial recognition. Alarming, we know, however, people tend to think “They won’t get anything from me, they’re just practicing.” That’s true if you’re getting robbed at an ATM, however, getting robbed online is a whole new and hard-to-catch ball game.

We see all your secret…purchases.
Photo by Almada Studio, please support by following @pexel.com

Who Can It Be Now

So, who would do something like this we can hear you ask. Clearly, they’re a monster although they might live in a poor country, and this might be a way for them to feed their family. Ha, guilt trip engaged, just because they’re the villain in your story doesn’t mean they’re a villain in others. A group by the name GoldFactory was factored in for the use of the trojan called “GoldPickaxe”, they were spotted some time ago in Thailand and maybe Vietnam. GoldPickaxe was created with the intent to collect face profiles, identification documents, and text messages from the victim’s phone. All of this gave them access to having great names like GoldDigger, GoldDiggerPlus, and GoldKefu given to them by researchers.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I’m not into computers, but I want in on your wallet.
Photo by Basian Riccardi, please support by following @pexel.com

That Sinking Feeling

How does the GoldPickaxe work? As mentioned earlier, GoldPickaxe will infect the victim’s device and begin to collect any information pertaining to facial recognition, and this includes their ID card. Once this information is collected, the threat actor can then gain access to anything tied to the victim. This is a massive problem because, in Thailand, their banking system requires them to use facial recognition to access their accounts. So, pretty much, there’s no way around it, you have to use your face to withdraw or make a deposit.

Hackers are gonna hack.
Photo by Matthew DeVires, please support by following @pexel.com

The Prevention

You don’t want someone to use your face and make a withdrawal from your account? You may be wondering how you protect yourself from something like this happening to you. Since these play on 2MFA (2 multi-factor authentication), you would have to add another level of protection from threat actors having access to your accounts. The best way to think of this is having vault door upon vault doors to protect your valuables. A setup of this would be a password, SMS message verification, email verification, and facial recognition. It may seem like a lot of work to protect what’s important but it’s better than not having anything important to protect.

If you have gold, we’ll be coming for you. That’s GoldFactory’s stand.
Photo by Dakota Edwards, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on GoldPickaxe? Script a comment below.

Tech

I regret change, here’s why…

Daily writing prompt
Describe a risk you took that you do not regret.
View all responses
If I think hard enough, all of the problems go away.
Photo by Brett Sayles, please support by following @pexel.com

College or Cake

A risk that I took, and I don’t regret, that’s a good question or topic. A risk that I took was walking an old lady across the street. I know it may sound silly, but you never know if one is going to pop you with their umbrella or not. That was a joke. The risk I took was to get into computers or as many would call it “Information Technology” and learn all I possibly could. 

I’ve always played video games, found myself in a computer class in school, and things ramped up when The Matrix came out. It seems like the 90’s was the era of people becoming hackers. And before you ask, no I’m not going to find some way to deposit an obscene amount of money into your bank account. That’s how you get caught.

Like what you’re reading so far, consider leaving a like, and subscribing for more content.

I don’t know why you still have the controller, we all know mom loves me more.
Photo by Jessica Lewis, please support by following @pexel.com

So, with what I mentioned earlier, you would’ve thought I went to a top college, collected good grades, and graduated with top honors. Nope, that didn’t happen. I did try college, and that was attributed to how I was raised. You go to school, get good grades (I didn’t do that, I was terrible at math and English), and before you graduate you find a college or a job. Yeah, I tried college, didn’t know what I wanted to do for a career, found a job, and dropped out.

I worked a warehouse job until I discovered I was sleeping on my untapped potential. Annoying me to find out what it was, I found myself wandering around until people began to advise me in the direction of something with computers. Again, I did have a huge interest in computers, I just didn’t think I could make a career out of it since I played video games most often and didn’t know how to make money off that. Shout out to YouTube for not being around when I wanted to make money with video games.

This isn’t me, but I did want to take the time out to give everyone a quick thanks for giving this a view.
Photo by Anna Shvets, please support by following @pexel.com

Why I don’t regret it is it’s made me superior to my peers. They all bow to my greatness! No, that was a bad joke. The subjects I have learned up to this point have led me to change my way of thinking. I went from a panic mindset of “What if I lose my job, how am I going to make ends meet” to a more relaxed “You have a particular set of skills”.

I started with learning to program, moved to security, then cloud computing, and over to machine learning, and I have still more to learn. This is exciting because technology is changing every day so there’s something new to learn. Learning is something that most people overlook, not only does it make your brain grow, pause.

If you want to find out about AI taking your job in the future, then come check this post at the bottom.

AI in the Job Market and You
Cloud Talk, Programming, Security, Tech

Breaching the Great Lakes

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I don’t know what this website is but they’re talking about something on data. Did we have a issue with data?
Photo by RDNE Stock project, please support by following @pexel.com

We as humans, take many things for granted. Family, friends, pets, and quite often, our personal information. We often share our personal data to make purchases or access services, and we expect it will be protected and used responsibly. But how often is this true?

Many organizations sometimes fail to safeguard or even bravely misuse our information for their own purposes. Then go on record saying that it’s a “you problem” and not a “them problem”, which is kinda correct because you didn’t bother to read the twenty-two-page privacy agreement policy.

Word to the wise, start reading those policies. You’ll start to see how jacked-up companies really are. But outside of the evil corporate overlords being okay with you skimming over the fine print, there is a bigger threat to your information, and it happens more than you would think.

Don’t worry, we have you covered on this one. We’re going to be going over what kind of attack this is, who uses it, the functionality and effects upon release, and what are some of the ways you can keep your information safeguarded better than most companies you’ve done business with.

Yea, I’m about to read another one. Forget work, they’re keep me in the know on threat actors.
Photo by Andrea Piacquadio, please support by following @pexel.com

The Attack

So, what is this attack that most companies just can’t seem to stop? Well, let’s get you acquainted with what’s called a data breach. For those who might not know, a data breach is a serious incident that can compromise the security and privacy of individuals or organizations.

It occurs when sensitive, protected, or confidential data is accessed, copied, transmitted, viewed, stolen, altered, or used by someone unauthorized. Data breaches can have various causes, such as hacking, phishing, malware, insider threats, human errors, or physical theft.

What’s that? They just take your information, that’s not a big deal we can hear you say. While true however stay tuned because data breaches can result in, but are not limited to, financial losses, reputational damage, legal consequences, or identity theft for the affected parties.

Dude 1: Bro, catfishing chicks isn’t illegal.
Dude 2: It’s not but phishing is. You might want to change your username, that’s all I’m saying.
Dude 1: Nah, you worry too much. It’ll be fine.
Photo by Wendy Wei, please support by following @pexel.com

Who Can It Be Now

In this crazy world, who would use such a dirty tactic to harm people? The real answer is it could be anyone. There are times when individuals or groups are named but for the most part, a data breach could be on anyone’s part.

One possible suspect, which is a popular case and highly likely in this day and age, is an unhappy employee who may be in the running to leave the company. They might have access to sensitive data and could leak it to competitors or seek to harm the organization.

A few things that could lead up to this would be but are not limited to; sharing passwords with others, the downloading of unauthorized software or applications on company device systems, and networks that can be compromised by negligence, ignorance, or malicious intent. In simpler terms, business owners, if you want to keep your business healthy, try keeping your workers happy.

Always follow the notion that it’s cheaper to keep them. Ah, that good old married life.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I was reading a few scripts on Scriptingthewhy and I think it’s about time we came up with a better place to house the voters’ information.
Photo by Mikhail Nilov, please support by following @pexel.com

That Sinking Feeling

Sometimes, these breaches involve voter information, such as names, addresses, party affiliations, or voting histories. This can pose a serious threat to the privacy and security of voters, as well as the integrity of the electoral process. How does this happen you may wonder.

As mentioned before, data breaches can occur due to various reasons, such as hacking, phishing, insider threats, human error, or natural disasters. Pretty much anything that may be considered critical information that is not authorized access to the individual is a data breach.

So, what could be done with this information? Well, a number of things, none of them good. Your information could be sold, or collected, threat actors could pose as you to others you know in order to trick them into giving sensitive information about you or themselves. The mess of a data breach is limitless, and one should act quickly when compromised.

That’s right voter, if germs can’t have your vote than neither should criminals.
Photo by Edmond Dantes, please support by following @pexel.com

The Prevention

Not sure if your information was a part of a data breach? Well, we’re here to tell you more than likely it was. As mentioned, all companies are susceptible to their data being leaked.

To prevent or mitigate data breaches, organizations that handle voter information should adopt best practices for data protection because if threat actors have your voter information, then they have your vote. Best practices such as encryption, authentication, backup, and monitoring help to ensure you have a secure connection. you may not always notice the signs of a cyberattack, especially if it targets your social media habits.

For example, you may see a change in the content you view online, such as going from cute animals to political messages. This could be a way of manipulating your opinions or influencing your decisions.

To prevent this, you should regularly check your accounts and settings, and be aware of what you share online. You can also use a website like “HaveIBeenPwned.com” to see if your email or password has been compromised in a data breach.

You can reduce the subconscious effects of these hidden influence strategies by educating yourself. You can watch documentaries like “The Big Hack”, read about how Russia used social media to interfere in Ukraine, the Brexit scandal, and the recent US elections, and learn how social media and voter data are used to manipulate elections.

One way to resist social influence is to be aware of its presence. When you see different people and posts on your Facebook timeline during an election period, don’t assume they are genuine. They might be bots trying to sway your opinion with customized information based on your profile.

So wait, you’re saying that my information was leaked and since it was my voter information, the “threat actors” were able to sway me via social media and advertisement to vote for someone who I didn’t even like in the first place?
Photo by Edmond Dantes, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on data breaches? Script a comment below.