Tag: cyber

Security, Tech

Being on the grid made easy.

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Hmmp, funny thought.
Photo by Pixabay, please support by following @pexel.com

You know, there is always something you could learn on the internet. If you’re interested in getting better at math, you can learn how to do equations better, if you’re interested in learning another language, you can find courses online (or people in real life) and learn. And if you’re interested in finding out if your supervisor has an O.F. page so you can later use it for blackmail, there’s sure a place for that as well.

Well, not so much the last point since all you would have to do is a quick search– however, we’re not here to tell you how to ruin others, you’re an adult (we hope), so do your research. To the point, there has been a term making its rounds in the cybersecurity realm which at first glance may seem like a good idea but upon closer examination, it may have you saying “Oh, dear”.

Wait, I can get better at math?
Photo by Andrea Piacquadio, please support by following @pexel.com

The Attack

So, what is this term that was been square dancing all over the internet and two-stepping into the organization’s heart of fear? Look no further than LOTL. At first glance, you wouldn’t be wrong for thinking it breaks down to Lot Lizard, however, you’re wrong. And if you don’t know what they are, again, you’re an adult (we hope), do your research. If you don’t feel like doing your research, we’ll give you a hint. They have been known to be a fun bunch and have nothing to do with lizards. Unless you’re talking about the lizard part of the brain, then they may have found a cleverly way to incorporate fun time with science. Meh, who knows?

Humans have lizard parts in their brains? Who knew?
Photo by Robert Nagy, please support by following @pexel.com

Who Can It Be Now

LOTL is “Living off the land”, this is a form of cyber-attack where the threat actor carries out malicious activities using legitimate IT admin tools. This goes along with using RAT (Remote Access Tools), the end goal is to get into the system or network and escalate their user privileges. Why would someone want to increase their user privileges, we can hear you ask. Well, the answer is simple, anything you can do, they can do as well, if not, better.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Yes, your browser history is most interesting.
Photo by Mikhail Nilov, please support by following @pexel.com

That Sinking Feeling

You might be wondering, how is something like this done. There are many ways this is executed but for the most part, it comes from an insider threat. Insider threat actors have knowledge about the organization they work for and already are trusted members, with these two factors make them the prime candidates for wreaking havoc.

Blamed for something I didn’t do. I can’t possibly see why I would be disgruntled.
Photo by Yan Krukau, please support by following @pexel.com

The Prevention

So, you’re a big company and you’re looking to protect yourself from insider threats. How can you protect yourself? The answer is simple, pay the people who work for you well, and you won’t have any problems. Obviously, we can hear you chuckling under your breath, yes, we know that’s not going to happen. Jokes aside, you can’t protect yourself 100% since you’re always going to have something that someone else or an organization wants. These threat actors could be hired by your competitors to sabotage or steal valuables from you. The best thing to do is to have training for employees in common cybersecurity issues and how to handle them and be vigilant when in the presence of odd behavior from others. This includes finding out that Bob from accounting has been living in the storage closet for about three weeks now, it’s understandable his wife kicked him out and he has nowhere to go, but this does classify as suspicious insider threat behavior and needs to be reported.

Yeah, I came up with these numbers while in the storage closet. I do my best work there.
Photo by Kampus Production, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on LOTL? Script a comment below.

Programming, Security, Tech

Modding Minecraft & You

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Mining myself a whole new world.
Photo by Alexander Kovalev, please support by following @pexel.com

Just when you thought your children were building a harmless digital landscape for themselves comes an upload of new problems. Hackers have been changing the attack vector landscape for themselves which could have your bank account seeing a lot of red.

It has been well known by now, even if you have been living underneath a 1970 Volvo station wagon, that the game “Minecraft” has been the focus for hackers over the past couple of years. The last major event was Log4j, a vulnerability exploit that set the internet ablaze for a few weeks.

A thing we would like to see is how much of a problem this will be and whether it will continue in the foreseeable future. Like normal, we’ll be looking at what the attack is, who used or created it, its functions and effects upon its release, and some ways you could keep safe.

Hebert, there’s a new script and you might want to read this one because we need to talk about Kevin.
Photo by Yan Krukau, please support by following @pexel.com

The Attack

This is no secret by now that hackers have been using Minecraft as a place to commit their nefarious deeds. The latest of their information-stealing malware/spyware is being called “Fractureiser”.

If you’re unfamiliar with mods and modding we’ll quickly explain, there are some cases where a game is good, but it could be better, this is where independent developers or bored developers put together some code and add it to sections of the game. Like in Skyrim, there was a mod to have Tony Starks Iron Man armor.

It’s a grey area when it comes to knowing if modding is legal in the gaming industry because there are some games that can get banned from servers but to keep things simple, remember not to mod games where you must play with a community.

Tim: They mentioned my Iron Man mod.
Sarah: Shut up Tim, that means they’re on to us.
Photo by Tima Miroshnichenko, please support by following @pexel.com

Who Can It Be Now

At the moment no one has been named, neither group or individual responsible for the creation or use of the malware but threat actors have been using platforms like CurseForge and Bukkit as attack vectors for the malware.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

You see that line of code right there. I didn’t write that.
Photo by Christina Morillo, please support by following @pexel.com

Sinking Feeling

Fractureiser’s functionality has been reported by Bleeping Computer, breaking it down into four stages of the attack. In the beginning, stage, when a mod is uploaded, it’s hijacked and injected with malicious code into the main class of the given project.

This attack is taking place in the Java programming language, just know Java is popular and used everywhere. The main class is a section of the code that holds what the program is going to execute. The program is overwritten and connected to a URL (Uniform Resource Locator) that downloads a file unique to the operating system (OS).

Afterward, another connection is made where the malware captures the user’s IP address and reports it back to the command and control (C2C) server. The malware then connects the same IP address to port 8083 for it to download another file and save it to the machine’s OS. The possible effects of having your information collected could be endless as it could be used by the threat actor to purchase loans and other things in your name or can be sold to other interested parties.

This all takes place while you are building your world in Minecraft. Just when you thought you were being the crafty one.

Modding is at your own risk.
Photo by Nadin Sh, please support by following @pexel.com

The Prevention

Outside of you crafting your way to new beginnings, it seems like this will continue to be a problem in the future because hackers are coming up with new ways to onboard malware to your machine.

An inconvenience for having this on your machine is the reinstallation of the OS which could wipe out everything if not frequently saved via an external drive. The best way to keep your machine and your wallet safe is to keep from adding modifications to the game since there could be malicious files or code injected into the uploaded package.  

Well played Scriptingthewhy…we’ll meet again.
Photo by Tima Miroshnichenko, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on Fractureiser? Script a comment below.

Security, Tech

Bank Draining Done with Love

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Sneaking into your computer to see what’s up.
Photo by Moiske2l Officiel, please support by following @pexel.com

Advanced Persistent Threat

You were to print “Hello World”

You know, there’s no better feeling in the world than having someone take money from your bank account. This was said by no one ever. As the world turns, we face more and more threats online. At this point, we just have to admit that hackers, scammers, threat actors, or whatever your company wants to call them, they’re getting better at their job.

To add insult to injury, when they improve, it leads to them getting better pay. When you improve at your job, you may get a new title and make about the same pay with more responsibilities. Are we saying for you to be rich? Maybe. Are we saying for you to get paid what you’re worth? Definitely. Pushing making light of corporate logic aside, an issue has surfaced online that has a few people concerned about the safety of their computers and finances.

What is this issue? Glad you asked, look no further than “GooseEgg”. You don’t know what that is? Don’t worry, we have you covered on that. We’re going to look at what GooseEgg is, a few things you may need to know, and if this is something that you should power off your computer for. Spoiler, for the most part, you should be safe.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Sitting on a park bench or laying down for a picnic, we know you have food. We’re coming.
Photo by Pixabay, please support by following @pexel.com

GooseEgg, is kind of a weird name for something on the internet but hey, the internet is a weird place and it’s only getting weirder. GooseEgg, also known as PrintNightmare, is a tool that can prompt other programs with elevated privileges.

Once a threat actor has this at their disposal, they’re in. How is this a problem? Simple, if someone has the same level of privilege as you, that means they can do anything you do and maybe… better. How does this appeal to you? You have money, we’re telling you how to keep your money safe or at least try to.

Banks will still let someone take money from your account. Think it’s covered in the insurance so, they’ll let the person take your money and refund you somewhere 90+ days later. That’s all right, it’s not like you needed the money right away for anything.

WHAT DO YOU MEAN IT’S GOING TO TAKE ABOUT 90 DAYS!?
Photo by Andrea Piacquadio, please support by following @pexel.com

So, you may be wondering the same way as Al Pacino did in Scarface. “WHO PUT THIS THING TOGETHER!?” Researchers have pointed in the direction of a Russia-linked cyberespionage group APT28. Whether they have been using it or not isn’t the point. We’re sure this can be found on the dark web, that’s where all the “fun items” are sold.

You won’t have to do anything outside of your normal for protection. Having an update-to-system, anti-virus software, and applications will keep you safeguarded. Security may not be 100%, but following best practices can see you being able to pay your rent on time.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on GooseEgge/PrintNightmare? Script a comment below.