When we moved here in the 70s, there was still farmland, according to my mom. Check this out. –>
Author: J.C. Cross
macOS zero day on watering hole
Another macOS zero-day giving root access, Google warns hackers used macOS zero-day flaw, could capture keystrokes, screengrabs | ZDNet also on iPhones. A watering hole attack relies on profiles of a website’s typical visitors to create the attack. For companies, note the websites of your industry’s conferences, standards bodies, and vendors.
Pretty sophisticated code I guess because analysts were looking at the quality as being like that of dev team: “…[u]sual-suspect traits of malware built for spying on a target, including device fingerprint, screen captures, the ability to upload and download files, as well as execute terminal commands…also record audio and log keystrokes.”
Just be wary where you are following the same sites as co-workers. Beware email lures. Get secure email and malware solutions for your business.
Cyber mercenaries advertising
Since 2015, Void Balaur has been targeting around a dozen high-profile professionals a day: human rights activists, journalists, politicians, telecommunications engineers and medical doctors. They’ve also been advertising on Russian-language sites. This is not only in DARKReading, but also The Hacker News , Trend Micro, and ZDNet.
ZDNet covered a piece of malware they’ve dropped in some sites some time ago: https://www.zdnet.com/article/trojan-malware-the-hidden-cyber-threat-to-your-pc/
Use multi-factor authentication to protect your email and social media accounts. Physical keys instead of SMS passcodes. Use reputable email. Webmail is best. I use Gmail, which has superior spam filters.
The West’s self-hatred must end before it is destroyed
Tens of thousands of would-be immigrants are massing at the southern border. They’re coming for the good of the West (but are unlikely to appear before a judge as they have been told to). We know why they are coming: technology, commerce, opportunity—and liberty that only democratic capitalism has been successful enough to create. Why is this so hard to admit? Continue reading “The West’s self-hatred must end before it is destroyed”
Gadgets 11/04/2021: Walmart, Dell, Amazon early Black Friday; USED Shopping; xTool M1 Laser & Blade; Robot arm
My new tech days are comprised of today’s deals and then upcoming tech that I think kewl.
I have some general suggestions today.
Walmart Black Friday
https://www.walmart.com/shop/deals/electronics
Dell Black Friday
https://www.zdnet.com/article/dell-unveils-its-black-friday-2021-deals
Amazon Black Friday
https://www.amazon.com/events/earlyblackfriday
How to SHOP USED–Forget the supply chain!
https://www.zdnet.com/article/supply-chain-delays-where-to-buy-used-laptops-and-other-tech-gear
NEATO UPCOMING TECH
Cutting and engraving xTool M1 – Mini but Powerful Hybrid Laser & Blade Cutter
https://www.kickstarter.com/projects/makeblock/xtool-m1-superb-hybrid-laser-and-blade-cutter-and-engraver
UFACTORY Lite 6 – Most Affordable Collaborative Robot Arm
https://www.kickstarter.com/projects/ufactory/ufactory-lite-6-most-affordable-collaborative-robot-arm
Biden hits this one
I commend Biden on continuing Trump’s concern over the danger of China’s telecom (government) footprint. It’s one of those things that Trump was right about. A country that monitors, tortures and oppresses its people, that shuts down democracy, and imprisons and brainwashes people because of their religion should not be allowed in the community of benevolent nations. Benevolent. I still think that we need to reconsider what we consider a superpower. China under the CCP should not be.
https://www.securityweek.com/us-bans-china-telecom-over-national-security-concerns
Socialism, Communism, meh
I am always hearing this ranting about the dangers of Democratic Socialism by those on the right, how it’s just Communism. I’m not convinced. I think that those who want it, no matter that i think it’s not an entirely workable system, want the kind of Socialism that is in Sweden or Denmark–not Communism. The results of Communism is rather obvious, but let’s not conflate the two.
Another Real Estate Scam
A happy ending by a smart person
Hacked! How finding my dream home almost led me to a financial nightmare
This Spyware Makes Everyone Vulnerable
This article speaks how vulnerable we are to determined actors. Some things can just not be defended against. But we can still learn good practices to mitigate many of these attacks.
-
Text messages and email do remain the vulnerabilities on phones/tablets.
-
WhatsApp asked this reporter to a protest
-
I also keep my personal data off my phone
-
But photos and contacts and texts are still on it
-
Zero click is scary. You don’t have to even click for this kind of infection, so there’s not much defense if you’re on someone’s list. Nearly impossible to definitively identify the bad guys.
Gadgets 10/25/2021: Z Flip, Samsung Buds Pro, Jabra headphones, Storytelling Clock, Pocket Cameraman, Cipher game, other deals pre-Black Friday
My new tech days are comprised of today’s deals and then upcoming tech that I think kewl.
As I said previously, try shopping early this holiday season. There is a shortage in a number of industries/supply chains. Amazon, Home Depot, Walmart and other big retailers will probably get their own planes to make up for the cargo ship problem. Continue reading “Gadgets 10/25/2021: Z Flip, Samsung Buds Pro, Jabra headphones, Storytelling Clock, Pocket Cameraman, Cipher game, other deals pre-Black Friday”
Vulnerable IoT Devices! (Using Publicly-available Information To Learn More About A Target pt. 2)
Three very cool search engines. Use them 1-2-3 bang all together.
IoT devices are horribly insecure nowadays. You can search for information in your passive footprinting. Stuff like webcams by manufacturer or version. Continue reading “Vulnerable IoT Devices! (Using Publicly-available Information To Learn More About A Target pt. 2)”
Day at theZoo
No that is not a typo. The original theZoo is a github repo with commodity malware samples. Everyone has access to malware that is off-the-shelf and it’s the most common type. No Advanced Persistent Threats here. But your anti-malware software will probably flag you.
It’s neat because you can use it to study this code. Alternatively, you could do some things that are not recommended. You could create a phishing email that could be sent to a million users, not targeting anyone in particular like the APTs do. The APTs and other lone hackers or groups create more sophisticated malware. Instead, these users–sometimes called script kiddies–can download say WannaCry ransomware and send it out through your phishing email (or through a “stager” email malware that will load other modules). No reconnaissance needed here.
Think about it, if only one percent of a million users open the email, you end up with 10,000 compromises. Not a bad pay day.
Touchstone WP!
My latest white paper, for my uncle’s energy brokerage. If you have any comments on this, I would love to hear it!
New Stamp Collection!
Found my grandmother’s stamp collection. I actually sold the one she gave to me back in Jr High at the height of the speculation market, but now am starting over. So far, I know mostly about U.S. stamps, but there’s a big collection especially of British and Brasilian. My uncle Geoff collects as well!
All hail, the Recovering Provocateur!
My day starts with my family member playing and reading all the Trump-related memes.
“Don’t you know what’s going on?”
“No, what?”
“They found massive fraud in the elections in Arizona and they’re going to find it in the other states…”
“O.K. let me know when that happens.”
I need proof, I say—a lot. When it comes to QAnon you must.
“It’s not QAnon,” she says.
“Maybe not in name. It’s just Qanon-lite.” Continue reading “All hail, the Recovering Provocateur!”
Dictionary.com Changes and Early Covid-era Mental Health Suggestions
ATTENTION: The discussion below includes talk of suicidal ideation. If you or someone you know is having any suicidal ideation, please contact the National Suicide Prevention Lifeline at 800-273-TALK (8255). People care about you.
Dictionary.com has removed the word “commit” in various references to suicide.
https://www.dictionary.com/e/mental-health-language/
And has the following recommendations for being aware of and helping those struggling with suicidal ideation:
- Adopt a nonjudgmental and open-minded attitude
- Show you care by listening actively, without interrupting or giving advice unless prompted
- Ask open-ended questions instead of “yes”-or-“no” questions to keep the conversation going
- Validate the feelings of the other person; it’s OK to not be OK, and sometimes just holding space for another to express themselves can be deeply comforting
Because I am so high functioning, it took me a long time to acknowledge having a mental illness. Talk it out. Below are some early Covid-era mental health suggestions (by early I mean under more stringent sheltering conditions), from Mental Health During Coronavirus (seizetheawkward.org):
- Engage in live streams – from your favorite yoga studio to your favorite artists
- Schedule virtual dinners or dance parties with friends
- Start a virtual book club
- Participate in online game nights
- Plan to watch television shows or movies at the same time and video chat to share reactions
- Enroll in remote learning classes or look up tutorials online
- Go on virtual museum tours together
- Share your favorite recipes or host a virtual cooking competition
- Try a home workout together
“Whatever Gets You Talking” | Seize the Awkward | Ad Council – YouTube
China Way Ahead of U.S. in Cyber
While I previously said that China is not currently at U.S. military strength (yet), nor economically (yet), this is disconcerting.
Gadgets 10/12/2021: Holiday shopping; lower storage prices; M1 price returns; mixed reality headset; FHD projector
My new tech days are comprised of today’s deals and then upcoming tech that I think kewl.
Try shopping early this holiday season. As you may know, there is a shortage in a number of industries/supply chains. In fact, Amazon, Home Depot, Walmart and other big retailers will probably get their own planes to make up for the cargo ship problem.
This could be great. I just question the decision to not have the peripheral vision immersed.
https://www.kickstarter.com/projects/stanlarroque/lynx?ref=discovery&term=mixed%20reality%20headset
M1 Macbook at $850
https://www.amazon.com/Apple-MacBook-13-inch-256GB-Storage/dp/B08N5LNQCX/ref=sr_1_4?dchild=1&keywords=m1+macbook&qid=1634058025&sr=8-4
This is not completely clear to me, but is it a rear projector?
Splay- Expandable Display & Ultra-Short-Throw Pico Projector by Arovia — Kickstarter
Gas Generators: what next?
So Newsom and co are putting forward this.
California could ban gas-powered generators and mowers by 2024 | Engadget
My question is, what next? My sis bought a propane one, and that’s not a problem right now, but the effect on gardeners could be costly on leaf blowers and also on pressure washers.
China’s Aggression and U.S. Debt
The incursions on Taiwanese airspace seems to have picked up. I don’t know how this will work out if there is conflict with the U.S. Will the debt we owe China be called in if there is a conflict? We know that it would have a horrible effect, but China would suffer as well. This piece I wrote a little while back talks about the debt and Chinese aggression before these events.