Even a novice can research a target using publicly-available information. This is also called passive footprinting and there are numerous tools and commands to find this information: Continue reading “Using Publicly-available Information To Learn More About A Target (Passive Footprinting)”
Category: Uncategorized
Innovation
While SM cannot be the purveyor of truth, the current model is broken (Zuckerberg). Experts determine governance, politics, civic architecture, histories, and science. They have their laurels.
But the pace of change is a bounding lion. Technology may be the easy part; the governance is not. Government can remove barriers to change; it created these booms after all. Innovation is just waiting at the door.
Changing things for the sake of fundamental change, the next wave has not been about who changes. But, these things were decided by experts who are malevolent and belong to darkness. They appear as doves.
We’re here. What should we value? Change has economic and IRL results.
Dear Patience
I was reminded of Siouxie Sioux’s Dear Prudence. But I redirect to patience.
Have patience with vile thought, envy, greed, arrogance–all those negative things afflict us. We cannot help ourselves. We are prisoners of this body, wretches? In all fairness, have patience with us.
The rainwater pours down. Drip by drip, it started. Now a torrent. Have patience. Ourselves to friends to family to our small group to our nation to our world. Send us flowers and rivers. Surrounding and refreshing.
Feast and famine
While we abstaining here on Earth, others encounter famine. Feasting is off our books.
We are created, we fall, we abstain–when will we rise?
Lazarus is alive
Christ cried at the tomb, yet he knew Laz had died. This shows:
1. Compassion
2. Prophecy
Coding Camp – 48-50
Ventured into Mongo Atlas for last day of NoSQL.
Webpack Tuesday and tonight. Now this is cool. Webpack lets you use web technologies instead of Obj-C (Swift) or Java for apps. Progressive Web Apps are downloadable from a website (save to home screen). Exciting! This is the cutting edge of dev.
Coding Camp – Day 45
Today I was on the ball. At least I knew what was going on! Just a bit about recursion and then we did a mock interview session with classmates. Tried to act as interviewers to the other classmates. Eleanor is a smart cookie. She has some interviewing skills and it came through.
That’s where I am. Trying to learn how to respond in coding interviews. These kinds of questions about sorting algorithms are common.
Coding Camp – Days 43 – 44
The second project is behind us and we’re on to computer science for javascript. It reminds me of the CS50 class I took at Harvard online. We heard briefly about sorting algorithms last night and tonight we learn a bit about functional programming. This camp is giving us a great span of computer science and coding knowledge that we can build on later throughout life. It’s a neverending process this learning in our field.
P.S. Have to learn functional programming better as React is based on it.
Coding Camp – Day 3
Just getting bearings with gitlab. I’ve had my own github for a bit now, but finally using it. Lot of people of different backgrounds in class. There are no dumb questions! 8^)
New URL
Moved site to jcberry.io
Whew!
Bermuda Citizen Number One
Larger than life.
At the Royal Bermuda Yacht club, Charles lifted his whisky again and let loose some blue language. Then with that twinkle in his eye flirted with my mother. He had just returned from the Arctic sailing trip with Warren “War Baby” Brown and was once again the center of attention in Hamilton.
Continue reading “Bermuda Citizen Number One”
Raking it in
I’ve noticed that Trump supporters are paying to see speakers like Tucker Carlson and Charlie Kirk to the tune of $20 to $5000(!) I remember my relative saying “there’s no way [Trump] lost.” So 40-odd law suits later, they still think that. There is something akin to delusions of grandeur here–but with crowd size supposedly indicating where the nation is.
Cyber war through Anonymous
Just learning more about what Anonymous is doing. Can we cheer for them? MSNBC updated us on the events about attacks on Russian targets, but made note that this could lead to cyberwar. The NYT had the other side: there are attacks by Russian operators on Ukrainian targets. Opinion | I’ve Dealt With Foreign Cyberattacks. America Isn’t Ready for What’s Coming. – The New York Times (nytimes.com)
Ukraine is fighting back with a volunteer cyber army. What will you do when the water and power are out? There is no central agency in the U.S. Frightening.
Anonymous makes themselves useful
Can I say good job?
NotPetya2 – Cont.
So significant ransomware attacks on Ukraine right now. Dark Reading notes that 77% of organizations have poor segmentation, 70% have exposed Industrial Control System connections and 44% shared credentials:
https://www.darkreading.com/attacks-breaches/ransomware-trained-on-manufacturing-firms-led-cyberattacks-in-industrial-sector
Most of last year also saw scans of TCP Port 502, which is used by a protocol called Modbus, the transportation systems of Ukraine. (That is SCADA devices as well.)
Significant was the use of a new data wiper called “HermeticWiper” (aka KillDisk.NCV) with evolving attacks over the past two months. Over 121 unsuccessful cyber attacks took place last month, one which was called “WhisperGate.”
The prep for the main event was overwhelming distributed denial-of-service (DDoS) attacks on Ukrainian government offices and banks. The Russian Main Intelligence Directorate (GRU) was fingered by U.S. and U.K. officials, with subsequent denial of course by the Kremlin.
The propaganda war is trying to sow panic and spread miss information.
“President Joe Biden said last month the US could respond with cyberoperations of its own if Russia conducts additional cyberattacks in Ukraine.”
This is not about websites. This is about basic economic processes and transportation. ICS and SCADA systems are being compromised.
The attacks began Feb12. The second version of NotPetya? I have a feeling that we will know the damages more than anything ever before. Alarming is the data wiping that happened before the kinetic events.
Key Ukrainian government websites hit by series of cyberattacks – CNN
Will Someone Please Stop the Oversaturated Vendor Problem in Balboa Park?
UPDATE: Well, according to sources at the Balboa Park visitor’s center, someone put in a new rule that vendors there have to be 100 feet apart. Doesn’t mean a lot imho; street vendors have been a problem for business owners throughout the city, who have some of the same products, just without the overhead. But now the city council said they will vote on March 1 to rule on placing restrictions on vendors and prohibit them in certain parks, beaches, and places like Old Town: “The ordinance requires vendors to obtain a business license and vendor permit. It would define specific distance parameters around statues, art displays and other vendors.”
Though the park website says “The City of San Diego must issue a permit for any commercial filming for exterior areas in Balboa Park,” vendors, with hygiene requirements, don’t need a permit? I don’t see why this took so long to address.
—-
Ah, to get back to normal life. At Balboa Park, the museums are starting to open, the Spanish Village artists are back at work, and the rose garden is in full bloom.
But now someone needs to do something about the high number of what appears to be unapproved vendors who are in Balboa Park. They seem to have little food safety and basic hygiene, and poor trash management. The U-T interviewed Alexis Villanueva, senior program manager of economic development with City Heights CDC, who maintains that “micro-enterprise” vendors contribute to the economy. Yes, but they can also contribute other, unwanted things. There has to be a balance here between rules, regulations and freedoms.
Continue reading “Will Someone Please Stop the Oversaturated Vendor Problem in Balboa Park?”
Do you have a dark web presence?
Heard this radio interview yesterday with BorderLAN. Among the notes:
1. Don’t be lazy in getting your cyber. Don’t say “we’re just a small company and hackers are not after us.”
2. In order to get cyber insurance, you are first going to have to:
A. Perform on/offsite backups
B. Get effective anti-malware
C. Have you even blocked certain IPs, like from North Korea?
“Do what you do as a small business and leave us to do our job, what we do to protect you,” said the company rep.
The dark web is filled with data. There are supercomputers out there doing continual scans for vulns. We can search for your data out there. It’s like Amazon/auction for hackers. Free hacking tools for script kiddies (no experience needed).
The government just spent $2-3 trillion but $5-6 trillion is already out there on the dark web (ransomware and other data hostage, things like free videos of porn, human trafficking, software serial numbers, free stuff!)
Cyber Threat Actions NCSC UK
“When organisations might face a greater threat and the steps to take to improve security.”
Actions to take when the cyber threat is heightened – NCSC.GOV.UK
Not tested before?
This wasn’t figured out earlier?
The 5G-airlines crisis was mostly averted. Here’s what happened – and what we still don’t know – CNN
Covid trouble
Got Covid, time slipping by! Anyway, just some idle time while hibernating.