google – Scriptingthewhy.com

AI, Cloud Talk, Programming, Security, Tech

Big-Techs Bittersweet Symphony

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

man waking up and stretching in bed — First thing in morning…I wonder what’s on Scriptingthewhy.com
Photo by Kampus Production, please support by following @pexel.com

Have you ever woken up, walked into the kitchen, put your hand into your toaster, flip it on, and while it was heating up thought to yourself,” This is a good idea, I mean my hand is starting to burn but I’m okay with this”? No, me neither but yet somehow, we complete this same action every day at work.

While “we the happy few” go to work and enjoy it there is a mass amount of people who do not but in either case, the result is the same, we take part in a cycle. Get up, get dressed, grab your bags, head to work, work your standard eighty hours, get your paycheck, pay your bills, complain throughout the process, and repeat.

We complete this cycle for various reasons but whatever those reasons may be, this cycle hides away a question from the forethought of our minds that we should be asking ourselves and searching for an answer. “What would I do if my employer had to let me go?”

In case you were wondering, the reaction to pulling your hand out from the toaster is the thought that you should be aspiring to do something more than your current position. This symbolism hits all too hard.

woman in bed holding smartphone in shock. — We know it’s your day off, but could you still come in and hand over your badge?
Photo by Andrea Piacquadio, please support by following @pexel.com

Heartbreaks and Layoffs

I don’t know how many of you reading this have ever experienced a layoff before, personally, I have not. I mean, I experienced being laid off in a relationship (it was her choice, not mine) but I could imagine the feeling of your heart dropping into your gut, and experience trembling throughout your very existence would be the result.

For those who don’t entirely have a good idea of what a layoff is; in short, the employer may come into a situation where they have to terminate your employment, the reasons can vary from trying to cut costs, lack of work, or funds because of reorganization, or even mergers and acquisitions.

Breaking this down in relationship terms, this is the classic “It’s not you, it’s me” situation. This differs from being fired because, well… being fired is something that happened on your end. So, again, in relationship terms, this is the classic “I’m breaking up with you because we’re just not meant to be” situation.

Breaking hearts aside, if you have been living under a rock, the company Google, is a subsidiary of Alphabet Inc that focuses on various business areas such as advertising, search, platform, and operating systems, and the list goes on, had to perform a massive layoff and people were informed via email, that they were being let go despite their longstanding with Google.

Again, haven’t been laid off before but I could imagine your world becoming microscopic after reading the email. This is heartbreaking because there are many people who spent their better years trying to acquire a spot in Google only to be treated like a mishandled Door Dash order and be left out curbside.

a team of people at a table going over data. — We should start making plans in case this company starts downsizing.
Door Dash here I come.
Photo by RF._.studio, please support by following @pexel.com

Letting Go by Numbers

You may be curious to know how many people and why is Google laying off. As of right now Google either has or seeking to let go of about 12,000 employees. And interns looking to land a job with Google have been put on freeze with a chance of having to pivot their plans because landing a job at Google isn’t looking promising anymore.

Google’s CEO Sundar Pichai informed employees this decision resulted from the realization of unrealized growth expectations. This translates to, if you have ever thrown a house party, I invited too many people and a good chunk of you have to go. So sorry folks but don’t forget to tip your bartender and close your tab on the way out.

This makes Google the latest tech giant to “trim the fat” after the rapid expansion during the COVID-19 pandemic had worn off. Pichai did take full responsibility for the decision however, this doesn’t soften the blow but at least he did address his muck up.

Yours truly even applied at Google and like most of the companies I’ve applied to, they scoffed at my achievements because I didn’t come from a university or have the certifications, they were screening for but after applying for their apprenticeship program and never hearing anything more about it, this all makes sense now.

young man sat worried. — I have spent years in school, I never gave much thought into pursing other skills.
Photo by cottonbro studio, please support by following @pexel.com

Being The Jack of Spades

This brings things back into perspective from the introduction I made earlier. Not the toaster part but that has a play in it too. What would you do if you had to part ways with your employer and either have a small chance of coming back or none?

After spending years on the conveyer belt traveling from school to college and from college to fall into a position in a company that you hope to carry you into your golden years, you find the world is changing and companies of yesterday have less of a care for their current longstanding and hope-filled potential employees due to having to rapidly change.

A thing about jobs is that they are meant to be a short-term service while having a career, on the other hand, is better but not the best since you must specialize in something. The problem with this is you have to be careful with whatever specialization you choose because it could either contribute to oversaturating the market or end up being such a small niche in the wrong area that people have no use for it.

A solution to preparing for this situation if you are ever so unlucky to come face-to-face with it is to treat your skills like a stock portfolio and be diverse as possible. Be the Jack of All Trades and master of none because in this case, it’s better than being a master of one.

I’m sure there are a few people in Google who were able to shrug off being laid off because either they have a decent amount saved in their savings plan or they have other skills they can rely on. But for a large amount of them, this is removing the blinders and a rude awakening. If you noticed, in school you’re never taught how to adapt to change.

highway near trees under cloudy sky. — Either experience the storm of change or be the storm of change.
Photo by Lucas Martins, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Have you ever been laid off before?

Script a comment below about it.

Security, Tech

Googles Banking on More Than Apps

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Gina: Why does it seem like I never have any money?
Z-Daddy: Inflation. Politics and inflation will cause that.
Photo by Andrea Piacquadio, please support by following @pexel.com

You know, it seems like everyone wants to be like Capital One and find out what’s in your wallet, and with the recent threat on the Google Play Store, they may have found just that.

Trojans are clearly not a new problem seeing as though they’ve been around since it seemed like stuffing a wooden horse full of sweaty men ready to murder was a good idea, but as of late they have been on the rise, and this is especially when it comes to applications for Android devices. Yes, Android community, again in danger you are.

In an effort to sort this banking madness out, we’re going to look at what kind of attack this is, who used it, its functions and effects upon release, and what are some ways you can protect your bank account from decreasing due to the threat actor inflation.

You ever get that feeling like your wallet is getting fisted?
Photo by Pixabay, please support by following @pexel.com

The Attack

The Google Play Store is getting hit with banking trojans but the latest one is racking up some numbers under its belt. Banking trojans for those who may not be familiar are malware that tries to steal your credentials to gain access to your financial institution.

This one has been around since 2021 and has gone by other names such as TeaBot and Toddler but its current name is Anatsa. What makes Anatsa interesting is that it was spotted hiding among utility apps like PDF (Portable Document Format) readers and QR (Quick Response) code scanners.

The use of these allows for credentials to be siphoned from its users. Anatsa is proving to be a large threat by targeting over 400 financial institutions across the world, making it the most prolific banking malware to date.

The best never get caught, kid. Never meet your heroes.
Photo by Connor Danylenko, please support by following @pexel.com

Who Can It Be Now

As with all good threat actors who use malicious software and evade detection, no one person or group has been appointed for using the Anatsa malware.

But it has been noted that threat actors are hiding the malware among applications for people to download in hopes of collecting their information.

This was pointed out by ThreatFabric which is a firm that provides expertise and security tools to mitigate fraud to banks.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

From the sewers to the main street and now into your wallet. We’re all floating to the big time Georgie.
Photo by Wilson Vitorino, please support by following @pexel.com

The Sinking Feeling

Anatsa can perform overlay attacks—this is the act of having what looks like a legitimate window (i.e., a fake Google webpage) when really it is tricking the user to give sensitive information, stealing credentials as well as logging activities, it does this by abusing the permissions to Android’s accessibility services API (Application programming interfaces).

In the latest activity, it has seen the dropper apps (trojan apps) after being installed, perform a pull request from GitHub page that is pointing to another GitHub URL (Uniform Resource Locator) housing the malicious payload. This aims to trick the victim by posing itself as application add-ons.

This is thought to be done by using sketchy advertisements. Another thing that the droppers make use of is the restricted “REQUEST_INSTALL_PACKAGES” permission. This is commonly exploited by most rogue apps hosted on the Google Play Store.

If you find you have any of the apps listed below, then you may have been infected.

All Document Reader & Editor (com.mikjaki.documentspdfreader.xlsx.csv.ppt.docs)
All Document Reader and Viewer (com.muchlensoka.pdfcreator)
PDF Reader – Edit & View PDF (lsstudio.pdfreder.powerfultool.allinonepdf.goodpdftools)
PDF Reader & Editor (com.proderstarler.pdfsignature) / (moh.filemanagerrespdf)

These five apps have been updated since the first publication, this is most likely in a sneaky attempt to cargo the malicious functionality after passing the app review process during the first submission.

Google Play Store dropper apps have grossed over 30,000 installations to date which indicates there is an official storefront app for distribution of Anatsa. There is a list of countries that are of interest to Anatsa based on the number of financial applications that have been targeted.

This latest campaign shows the threat landscape that banks and financial institutions face in today’s digital world is shaping to be a bit of a problem. Imagine what would happen if we switched to an all-digital currency.

Oh god, I have to edit and raffle through apps too. I HATE THE INTERNET!
Photo by energepic.com, please support by following @pexel.com

The Prevention

The interesting problem is since transactions are being made from the same device, it’s proving to be very challenging for anti-fraud systems to find. Some ways that may help in securing your information are reading comments, reviews, and fishing through past user reviews before opting to download and install.

Be mindful that when it comes to downloading from third parties who require downloading from an unknown source you are to exercise extreme caution and scan before choosing to complete the installation.

Running scans and digging through comments can be a bit of a hassle but trying to quickly recover from having people leave with everything in your wallet could be more of a hassle.

Tish: Okay, so Scriptingthewhy is somewhat informative.
Dave: It’s more than you knew yesterday, I’d say they’re pretty informative.
Photo by Edmond Dantes, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on Anatsa Trojan? Script a comment below.

Security, Tech

Dev’s Gain a Job Loss…

For many, this feeling doesn’t come from holding regular jobs.
Photo by Nina Uhlikova, please support by following @pexel.com

Love Gained, Job loss

Do you have a job that you love? A job that you can’t go one day thinking about. A job so perfect that you can’t see how you would live the rest of your life without it. If you’re like most people, then your answer is moreover going to be a deafening “no”.

Not surprisingly, most people grew up and found the old saying, “Do what you love, and you’ll never work a day in your life,” to be a load of …cow dung. At least the grass looks nice.

Given not being satisfied with your current job or not having one depending on the situation you’re in, you are more likely to have been advised to seek work from job posting boards/sites like LinkedIn, indeed, and Monster. Seeing the amount of job postings on these job sites could have you scratching your head and checking your skillset.

This isn’t bad, you are trying to find your “dream job” after all, and you may land on one to apply. However, can we tell you that not every job posting is a real one? Don’t know what we mean?

Today, we’ll look into this trend of fake jobs—a little about why this method would be used, and how you can protect yourself from falling victim.

Like what you’re reading so far? Why not consider subscribing for more?

Always take a closer look when it comes to being online.
Photo by Andrea Piacquadio, please support by following @pexel.com

So, you’re on Indeed, and you’re looking around for a job that matches your skillset. You know the skills you went to college for, spent four to eight years of your time, only to meet the request of you having five years of experience for an entry-level job.

Math isn’t mathing, yea, we know, a quick shoutout to Human Resources. They found a way to job-block. Okay, moving along, you found your dream job, you want to be a developer and there’s an opening.

Great, you apply, get a date for an online interview. The day finally comes, the interviewer asks you to install something onto your computer so the interview can take place. To your surprise, however, you just fell victim to a new campaign called “Dev Popper”.

Yes, you have been hoodwinked. Threat actors are using job postings to trick people, mainly software developers, into installing a RAT (Remote Access Trojan). A trojan on its own is bad enough, but the remote access allows the threat actor to navigate around your machine.

How is this a problem? Well, think of it this way, you opened the door of your home to a robber along with giving them the key. They can do what they want.

Sometimes we give you too much information, but that’s okay. We’re nerds, it’s what we do.
Photo by cottonbro studio, please support by following @pexel.com

A quick fun fact, while this activity is illegal, there have been some questions if the use of RATs is legal. They are to a degree depending on the purpose. If someone from the IT help desk was trying to solve a problem on your computer, they would ask you to download something to give them access, and you would watch them as they were fixing the problem.

This use case is perfectly legal, now if they were to find a folder saying, “Bank Account” and copy information from there, then that steers to being illegal because this is being done with malicious intent.

Also, another issue with RATs is, that once they’re on your machine, a backdoor can be created for the threat actor to retrieve any data they didn’t take the first go around. So, word to the wise, pay attention to your downloads and keep your backdoor closed.

So, you may be wondering, “How would I be able to tell I have a RAT?” Some tell-tales are seeing unfamiliar programs, processing running, or if you find items have been deleted without your intervention. RATs tend to be installed with other programs or “PUPs” (Possible Unwanted Programs) and can eat up your CPU usage.

Other ways to tell something that may be on your machine are; that it’s taking longer than usual for a program to run, and the obvious one; your mouse is moving without your intervention. Unless your residence is possessed, the other logical answer is that you have a ghost in your machine. That ghost is a threat actor.

Enjoyed this reading and want to read more? Why not consider liking, sharing, and subscribing?