Your personal Tumblr library awaits
Hacking - Blog Posts
TV Shoutout: Mr. Robot
Mr. Robot is a fresh new show, but it quickly captured our attention and we don’t want you to miss it!
What it is about: Elliot Alderson (Rami Malek) is a socially-challenged cyber-security engineer who moonlights as a hacking vigilante, and discovers a hacking group with a mysterious endgame.
Why you should watch it: Plenty of things, from big to small details, set Mr. Robot apart from other courses we usually have on TV. Firstly, it is one of very few shows on TV that accurately portrays hacking—and the life and technology around it (Sam Esmail, the creator, was a coder I believe). For the ones who care, it is a very big deal since the portrayal of technology in most TV and movies has generally been... questionable.
Secondly, Mr. Robot explores the ongoing, and very relevant, fight between 99-percenters vs 1-percenters. Which might sound too vague and nebulous for some, but Mr. Robot smartly keeps the focus small—focusing on Elliot and the people he encounters instead. To keep things short, I’d just say Elliot himself is also a very interesting character, brought to life by Rami Malek’s intense talent.
Mr. Robot is also a very beautiful show to watch with a cinematic flair, and there are little touches that makes the show feel inherently progressive. Although definitely not in any significant roles (except one, for now), an Indian man, a Chinese, a gay, and young woman with hijab had all been portrayed during the total 2 episodes that had aired. It also recognizes the presence of misogyny in the tech world, and in general Mr. Robot is a very prescient show.
And it’s a damn good thriller.
Who should watch it: The ones who enjoy psychological thriller—especially Fight Club in regards to Elliot’s psychological state and Mr. Robot’s nihilism (and fans are calling it, there might be Tyler Durden-esque twist coming!)—or just general thriller, really. The techies. The paranoids, the secret anarchists, and just general TV/movie lover.
Where you should start: It’s been only a couple of episodes, so yeah, from the start. You can jump ahead to whatever episode airing, but you’ll miss the brilliant, movie-like pilot.
Status: 2 of 10 episodes already aired, and second season has been greenlighted due to strong buzz!
Bonus: The first 4-minute clip of Mr. Robot, watch!
Looking Forward to Grace Hopper 2015
Unsure of whether to call it the Grace Hopper Conference or Celebration I’m going to postulate that it is both. Grace Hopper Celebration of Women in Computing (GHC) is a collection of conferences where computer scientists can learn about the latest technology, participate in tech workshops, network and build soft skills. The Anita Borg Institute for Women and Technology and the Association for Computing Machinery initiated GHC named after the computer scientist Grace Hopper. Hopper coined the term debugging, after picking bugs out of her computer and invented the first compiler, allowing programming languages to be more human-like.
Aspiring or seasoned computer scientist GHC sounds like the place to be, described by my peers in NCWIT (National Center for Women and Information Technology). In high school I became one of NCWIT’s MN State Affiliate Aspiration in Computing Award winners and since then have heard of networking stories, tales of learning experience and good times from GHC goers.
As a current Co-Op at NASA’s Johnson Space Center I have been sent on a mission to learn as much as I can and share with my department how these acquired skills will help them. As an NCWITer I will be able to connect with other like-minded women and attend their networking events. I have been browsing through the conference schedule and crafted a comprehensive itinerary filled with keynote presentations, professional development, and hands on tech projects.
Sessions on my itinerary I am most excited for include “Communicating for Impact and Influence”, “Design and Development Considerations in Serious Games”, “Bank of America Technical Women Luncheon”, “Speed Mentoring Breakfast with Microsoft”, and “Data Science: NASA”.
WAYS TO GET INVOLVED
I will be live tweeting and live blogging the event
Check out this year’s sessions and think about joining in next year
Watch keynotes from past events
ᴀʙᴏᴜᴛ ᴍᴇ : ᴊᴏʜɴ ᴡɪᴄᴋ ᴇᴅɪᴛɪᴏɴ
𝕀 𝕒𝕞 𝕒𝕟 𝕚𝕟𝕕𝕚𝕧𝕚𝕕𝕦𝕒𝕝 𝕡𝕒𝕣𝕥𝕪 𝕒𝕟𝕕 𝕟𝕠𝕥 𝕒𝕤𝕤𝕠𝕔𝕚𝕒𝕥𝕖𝕕 𝕨𝕚𝕥𝕙 𝕥𝕙𝕖 ℂ𝕠𝕟𝕥𝕚𝕟𝕖𝕟𝕥𝕒𝕝. 𝕀 𝕜𝕟𝕠𝕨 𝕠𝕗 𝕚𝕥𝕤 𝕖𝕩𝕚𝕤𝕥𝕖𝕟𝕔𝕖, 𝕣𝕦𝕝𝕖𝕤, 𝕙𝕠𝕨 𝕚𝕥 𝕠𝕡𝕖𝕣𝕒𝕥𝕖𝕤, 𝕓𝕝𝕒𝕙 𝕓𝕝𝕒𝕙 𝕓𝕝𝕒𝕙. 𝕋𝕠𝕠 𝕤𝕥𝕣𝕚𝕔𝕥 𝕒𝕟𝕕 𝕔𝕚𝕧𝕚𝕝𝕚𝕤𝕖𝕕 𝕗𝕠𝕣 𝕞𝕪 𝕥𝕒𝕤𝕥𝕖, 𝕓𝕦𝕥 𝕀 𝕕𝕠 𝕤𝕟𝕖𝕒𝕜 𝕚𝕟 𝕥𝕠 𝕤𝕥𝕖𝕒𝕝 𝕕𝕣𝕚𝕟𝕜𝕤 (𝕒𝕟𝕕 𝕚𝕟𝕥𝕖𝕝) 𝕗𝕣𝕠𝕞 𝕥𝕚𝕞𝕖 𝕥𝕠 𝕥𝕚𝕞𝕖. 𝕀𝕗 𝕥𝕙𝕖𝕣𝕖’𝕤 𝕠𝕟𝕖 𝕥𝕙𝕚𝕟𝕘 𝕒𝕓𝕠𝕦𝕥 𝕥𝕙𝕖 ℕ𝕐ℂ ℂ𝕠𝕟𝕥𝕚𝕟𝕖𝕟𝕥𝕒𝕝, 𝕥𝕙𝕖𝕪 𝕜𝕟𝕠𝕨 𝕙𝕠𝕨 𝕥𝕠 𝕤𝕖𝕣𝕧𝕖 𝕒 𝕞𝕖𝕒𝕟 𝕔𝕠𝕔𝕜𝕥𝕒𝕚𝕝.
ℍ𝕒𝕔𝕜𝕚𝕟𝕘 𝕚𝕤 𝕞𝕪 𝕘𝕒𝕞𝕖, 𝕒𝕟𝕕 𝕀’𝕞 𝕒 𝕓𝕚𝕘 𝕗𝕒𝕥 𝕨𝕚𝕟𝕟𝕖𝕣. 𝕋𝕙𝕖𝕣𝕖 𝕚𝕤 𝕟𝕠𝕥𝕙𝕚𝕟𝕘 𝕀 𝕔𝕒𝕟𝕟𝕠𝕥 𝕒𝕔𝕔𝕖𝕤𝕤, 𝕒𝕟𝕪 𝕒𝕟𝕕 𝕒𝕝𝕝 𝕚𝕟𝕗𝕠𝕣𝕞𝕒𝕥𝕚𝕠𝕟 𝕔𝕒𝕟 𝕓𝕖 𝕖𝕩𝕥𝕣𝕒𝕔𝕥𝕖𝕕 𝕒𝕟𝕕 𝕖𝕩𝕡𝕠𝕤𝕖𝕕 (𝕚𝕗 𝕀 𝕗𝕖𝕖𝕝 𝕝𝕚𝕜𝕖 𝕚𝕥). 𝕀 𝕔𝕒𝕟 𝕘𝕒𝕚𝕟 𝕒𝕔𝕔𝕖𝕤𝕤 𝕥𝕠 𝕥𝕙𝕖 ℂ𝕠𝕟𝕥𝕚𝕟𝕖𝕟𝕥𝕒𝕝’𝕤 𝕕𝕒𝕥𝕒𝕓𝕒𝕤𝕖 𝕓𝕖𝕗𝕠𝕣𝕖 𝕤𝕠𝕞𝕖 𝕠𝕝𝕕 𝕗𝕒𝕣𝕥 𝕔𝕒𝕝𝕝𝕤 𝕥𝕠 𝕞𝕒𝕜𝕖 𝕒 “𝕕𝕚𝕟𝕟𝕖𝕣 𝕣𝕖𝕤𝕖𝕣𝕧𝕒𝕥𝕚𝕠𝕟”. 𝔸𝕟𝕕 𝕓𝕪 𝕕𝕖𝕤𝕚𝕘𝕟, 𝕞𝕪 𝕝𝕠𝕔𝕒𝕥𝕚𝕠𝕟 𝕨𝕚𝕝𝕝 𝕟𝕖𝕧𝕖𝕣 𝕓𝕖 𝕔𝕠𝕞𝕡𝕣𝕠𝕞𝕚𝕤𝕖𝕕. 𝔸𝕟𝕪𝕠𝕟𝕖 𝕥𝕙𝕒𝕥 𝕒𝕥𝕥𝕖𝕞𝕡𝕥𝕤 𝕥𝕠 𝕘𝕖𝕥 𝕔𝕝𝕠𝕤𝕖 𝕨𝕠𝕟’𝕥 𝕖𝕧𝕖𝕟 𝕜𝕟𝕠𝕨 𝕨𝕙𝕒𝕥 𝕙𝕚𝕥 𝕥𝕙𝕖𝕞.
𝕆𝕣𝕚𝕘𝕚𝕟 𝕠𝕗 𝕞𝕪 𝕡𝕠𝕨𝕖𝕣𝕤 𝕒𝕣𝕖 𝕦𝕟𝕜𝕟𝕠𝕨𝕟, 𝕓𝕦𝕥 𝕀 𝕢𝕦𝕚𝕔𝕜𝕝𝕪 𝕒𝕕𝕒𝕡𝕥 𝕥𝕠 𝕥𝕙𝕖𝕞 𝕠𝕟𝕔𝕖 𝕥𝕙𝕖𝕪 𝕨𝕖𝕣𝕖 𝕣𝕖𝕧𝕖𝕒𝕝𝕖𝕕 𝕥𝕠 𝕞𝕖. 𝕀 𝕒𝕞 𝕒𝕓𝕝𝕖 𝕥𝕠 𝕥𝕖𝕝𝕖𝕡𝕠𝕣𝕥, 𝕥𝕦𝕣𝕟 𝕞𝕪𝕤𝕖𝕝𝕗/𝕖𝕧𝕖𝕣𝕪𝕥𝕙𝕚𝕟𝕘 𝕀 𝕥𝕠𝕦𝕔𝕙 𝕚𝕟𝕧𝕚𝕤𝕚𝕓𝕝𝕖 (𝕥𝕙𝕚𝕤 𝕚𝕟𝕔𝕝𝕦𝕕𝕖𝕤 𝕡𝕖𝕠𝕡𝕝𝕖), 𝕞𝕠𝕧𝕖 𝕠𝕓𝕛𝕖𝕔𝕥𝕤 𝕨𝕚𝕥𝕙 𝕞𝕚𝕟𝕕/𝕙𝕒𝕟𝕕𝕤, 𝕞𝕒𝕟𝕚𝕡𝕦𝕝𝕒𝕥𝕖 𝕖𝕝𝕖𝕔𝕥𝕣𝕚𝕔𝕚𝕥𝕪 𝕒𝕟𝕕 𝕖𝕣𝕒𝕤𝕖 𝕞𝕖𝕞𝕠𝕣𝕚𝕖𝕤 (𝕥𝕙𝕚𝕤 𝕒𝕓𝕚𝕝𝕚𝕥𝕪 𝕚𝕤 𝕦𝕥𝕚𝕝𝕚𝕤𝕖𝕕 𝕥𝕠 𝕣𝕖𝕞𝕠𝕧𝕖 𝕒𝕟𝕪 𝕕𝕖𝕥𝕒𝕚𝕝𝕤 𝕠𝕗 𝕞𝕪 𝕖𝕩𝕚𝕤𝕥𝕖𝕟𝕔𝕖 𝕥𝕠 𝕒𝕤𝕤𝕦𝕣𝕖 𝕒𝕟𝕠𝕟𝕪𝕞𝕚𝕥𝕪) ((𝕡𝕝𝕦𝕤 𝕚𝕥’𝕤 𝕖𝕩𝕥𝕣𝕖𝕞𝕖𝕝𝕪 𝕖𝕟𝕥𝕖𝕣𝕥𝕒𝕚𝕟𝕚𝕟𝕘 𝕥𝕠 𝕤𝕖𝕖 𝕘𝕣𝕠𝕨𝕟 𝕞𝕖𝕟’𝕤 𝕡𝕤𝕪𝕔𝕙𝕖 𝕤𝕙𝕒𝕥𝕥𝕖𝕣 𝕓𝕖𝕗𝕠𝕣𝕖 𝕞𝕪 𝕖𝕪𝕖𝕤, 𝕘𝕒𝕤𝕝𝕚𝕘𝕙𝕥/𝕘𝕒𝕥𝕖𝕜𝕖𝕖𝕡/𝕘𝕚𝕣𝕝𝕓𝕠𝕤𝕤 𝕠𝕣 𝕨𝕙𝕒𝕥𝕖𝕧𝕖𝕣)).
𝕌𝕟𝕣𝕖𝕝𝕒𝕥𝕖𝕕 𝕥𝕠 𝕞𝕪 𝕡𝕠𝕨𝕖𝕣𝕤, 𝕓𝕦𝕥 𝕀 𝕔𝕒𝕟 𝕞𝕚𝕞𝕚𝕔 𝕒𝕟𝕪 𝕧𝕠𝕚𝕔𝕖 𝕀 𝕨𝕒𝕟𝕥, 𝕒𝕝𝕝 𝕚𝕥 𝕥𝕒𝕜𝕖𝕤 𝕚𝕤 𝕠𝕟𝕖 𝕝𝕚𝕤𝕥𝕖𝕟 𝕒𝕟𝕕 𝕀’𝕞 𝕒𝕓𝕝𝕖 𝕥𝕠 𝕤𝕠𝕦𝕟𝕕 𝕖𝕩𝕒𝕔𝕥𝕝𝕪 𝕝𝕚𝕜𝕖.. 𝕨𝕖𝕝𝕝 𝕒𝕟𝕪𝕠𝕟𝕖. 𝕋𝕙𝕚𝕤 𝕚𝕤 𝕓𝕖𝕟𝕖𝕗𝕚𝕔𝕚𝕒𝕝 𝕚𝕗 𝕀 𝕟𝕖𝕖𝕕 𝕥𝕠 𝕤𝕟𝕖𝕒𝕜 𝕚𝕟𝕥𝕠 𝕝𝕠𝕔𝕒𝕥𝕚𝕠𝕟𝕤 𝕥𝕙𝕒𝕥 𝕡𝕠𝕤𝕤𝕖𝕤𝕤 𝕧𝕠𝕚𝕔𝕖 𝕣𝕖𝕔𝕠𝕘𝕟𝕚𝕥𝕚𝕠𝕟 𝕥𝕖𝕔𝕙… 𝕠𝕣 𝕥𝕠 𝕥𝕙𝕣𝕠𝕨 𝕖𝕟𝕖𝕞𝕚𝕖𝕤 𝕠𝕗𝕗 𝕠𝕧𝕖𝕣 𝕥𝕙𝕖 𝕡𝕙𝕠𝕟𝕖 (𝕞𝕪 𝕗𝕒𝕧𝕠𝕦𝕣𝕚𝕥𝕖) 𝕄𝕒𝕜𝕖𝕤 𝕒 𝕘𝕠𝕠𝕕 𝕡𝕒𝕣𝕥𝕪 𝕥𝕣𝕚𝕔𝕜 𝕚𝕗 𝕪𝕠𝕦 𝕒𝕤𝕜 𝕞𝕖.
𝕎𝕖𝕝𝕝.. 𝕀 𝕥𝕙𝕚𝕟𝕜 𝕥𝕙𝕒𝕥 𝕒𝕓𝕠𝕦𝕥 𝕕𝕠𝕖𝕤 𝕚𝕥. ℂ𝕚𝕒𝕠
𝔐𝔵. 𝔅.
Hackers...
Hi, been a hot minute, but
its more of an instagram fiasco, however it wouldn’t hurt to post it here too.
All of this, for bitcoin and money. Greed is truly a horrid thing. Below are screenshots of this guys cashapp and the fake post he made on my friends account. I may be too hopeful, but I’m hoping they get caught and are also charged with identity theft. Pretending to be my friend to hack others he knows and those who follow him… I’m heated.
Be safe, guys.
Another thing, please just block the account if you have an instagram. My bud is in the process of getting it back, but all we can do to stop this guy in their tracks is block the account anywhere it goes.
How to fully solve what happened to Malaysian Flight m370, what to do, how to put it together & why it works, together with if the US military ever shot it down & or it was some s*ici*e situation
so for Flight m370, I would like to comb through all given underwater sonar, ocean floor sound wave measuring devices, I would need any willing civilian, commercial, & military data for satellite, on ground weather, weather satellite, other planes wifi, radar, etc, boats radar, wifi, etc data, together with sound wave propagation data for a flying plane that size as it creates its given pressure wave (which those can be much much more numerous as they track volcanos & other such things for even smaller asteroid/meteorites that explode in our upper atmosphere, together with particles hitting our upper atmosphere creating specific soundwave styles) same for any given light sensor/detectors for satellites & on the ground based sensors & detectors, same for ocean/sea buoys that do the same thing.
The flight happens to create specific waves that, with the given weather mapping data, can only have attenuated out in a highly understood & able to be fully calculated manner, from here that gives us the schlieren imaging we need for higher altitude & reflective light interference models needed from radar satellite mapping of all waves that gain higher fidelity through ocean buoys, sonar, & soundwave mapping. From here, we gain movement data, that we filter from position to position, working forwards to backwards, us gain a position in front of the plane to the position where is was for a change of given total pressure differences specifically so that way the higher fidelity wave mapping gets used for reflective, defractive, & refractive filtering for interference frequencies for closer to the air plane capture of different air pressure mapping, that lines up with soundwave captures from further away that now line up with the planes most probable positioning.
From this positioning we gain light reflection & absorption of the plane, radar/wifi wise changes the reflection but also how much, as it moves through the air & its given shape, absorbs different wifi & so on signals. Think doppler shifts for wifi that now get reflected because its moving as fast as it is. This means it interferes with the given wifi signal heading towards it to shift signal db mapping. That mapping gives you specific location triangulation, which matches the probable plane positioning. This positioning then gains greater probability. This probability then gains exacting attenuation of heat & air movement soundwave mapping with light wave alterations (interferences, heat, densities, & electrostatic electromagnetic effects) that give you exacting color likeliness as well, from satellites & simple boat/other airplane data, to even the buoys together with how light & sound mapping for particle collisions in our upper atmosphere are detected & sensed.
From here we gain a pinpoint location of the airplane & all given people around involved. To the point, where yes as weird as it is for you all, you can vibrationally see & know lightwave interference wise the people inside as well, even some conversations had if they were loud enough. The detail & fidelity is harder as that requires better & more accurate data with larger amounts to help. But! you can get blobs of people to even good shaping provided it, in those moments, has enough data to correct the fuzziness of the movement & so on.
Anyways, this (without gov't military data) can put this to rest as to what & where it all went & had happened. To be clear & fair, the military for sure, mostly likely several of them, have satellite data that could easily pick out what was going on with this flight. They could conclusively say it was shot down or not. A big poofy fireball isn't hard to see on even older crappy satellites. But so too, for that soundwave sonar data. They can all act as triangulation points, to what happen & when. Even for it flying, but that's been de-noised data for earthquake, boat, whales, & more data mapping for a long time now. They are extremely sensitive, for what its worth.
Which, has me thinking the military could, unfortunately, very well be involved. But this would easily clear it up, if it was the case they never were.
Scary sidenote, at all times this is data & easily calculated & used data being created all the time & used all the time by corporations, gov't, military, & more. In fact, hackers & regular people can get access to it with no trouble. A few routers & a few cell phones & you have many ways to listen to people from a few houses down without having any issues what-so-ever, like many people believe you would. You can absolutely see inside of peoples homes. Because its "bleeding edge" for consumers its not for people with money & an incentive to use it. I.e. your gov't & military that like to spy on the rest of the world, to even their citizens with almost impunity. Hackers, truthfully, haven't really not been able to & they just like playing around to and or using it to their advantage all the same. You are always watched, always listened to, always manipulated & always being turned into something for something, for whatever reason it is for whomever it is. It's why I know they were listening to me almost a decade ago & why I know a level of constant verbatim studies that I said should work out the way they are written in the studies that have kept steadily coming out are mine, to multiple youtube videos, to too many different things.
Those calculations aren't terribly hard now, they are github opensource de-noising, interference, wifi beam forming, radar beam forming, soundwave interference for voice to de-humming, etc programs. All of them can even be found in most graphics cards tools for voice amping, clarity, to making the video look a little more detailed, colorful, blurry, so on & so on. Effectively, all of this has been around for more than 2 decades & only gotten faster & better for even larger data models that now can use large language modeling, neural networking, "multiple dimension" neural networking (chatgpt stuff), branch networking (then logic branch networks that just use dimension neural networks that have it head to a more specific neural network model to make it faster to calculate larger data sets faster), & even simple old school chaos theory mathematical programming, which can now take advantage of the protein folding stuff like deepmind/alphafolding stuff.
This means, its extremely easy, it would be possible to do on your standard mid-tier phone, although it would take like 30min or something, but still nothing that bad. So, yes, for people & cars, planes, & more to be tracked & hunted down by your gov't its easier than ever. But that's real time data stuff, so everything is usually behind about 3-30 mins. This is old data, this would take like a few minutes to fully calculate & brute force everything until you have more than enough to know if the military shot flight m370 down & or they didn't, while then you can comb through all data of them online & around & know how much it was planned & what they were saying outloud, writing on papers (its that good yes) to any number of events leading up to the tragedy. Fully removing the mystery of the flight & what happened.
That's why I would do first, for that one. Then second, after doing it, I would let you watch it all & make for conclusions & resolutions to find closure for it all & know what you need to know. While also giving you a horrifying glimpse into all those with money & power; what they intend to do to you with it & why you shouldn't think its okay unless you don't live in America as it is now.
73 to 967 hours awake, milage may vary obviously for the d1000 roll to see how long you will be staying awake for in real life, from Twitter (x) This is the d1000 roll I keep talking outloud about you hackers when you have to roll to see how long you are going to be awake for in real life 😉
I posted about how to use math to use other die, ie d20, that's on my YouTube channel here
http://youtube.com/post/UgkxElUtEEBjRhqBX8pA3esSG7ZOGSx-9Ln1?si=FsT84H1s3YmBT4YO
The hackers Have some live stream of constantly hacking me or whatever, I dunno, point is that in there is the d1k 3d die shape. Personally I said out loud, having intersecting multi-sided elongated pyramids form to a center that upon resting create a clear 360 degree field of view Number that is the body of the die. Basically, a bunch of spikes, the right way to create a outline in the clear, translucent, & opaque materials that puzzle piece together to form a rough 3d geometric shape that has to lay in-between a few points to form the needed Intersection points for the number to be seen. Mostly from the sides. But the top as well.
Here's a post about this picture that is involved in #hackers & me talking outloud to them about how long they are going to be awake for in real life but also how to make a real d1000, yes a d1k
All I know is that it seems to line up with actually happening consistently for the last 15+ years.... & You agreed i Have people hacking & watching me. Because realistically, we are in a police state at all times & are always sending compression data of our microphone & more as the binary that is used for the data going on for our apps to reach the server (basically it's just interpreted to be the text for the App but the big data hoarding server actually gains a whole hell of a lot more, even with small pings & back & forths for where we are & what we did on it. Same for our operating systems, that's what the leakers stating they are watching us (leaving meta & more) more than we know were talking about
Personally I said out loud, having intersecting multi-sided elongated pyramids form to a center that upon resting create a clear 360 degree field of view Number that is the body of the die Basically, a bunch of spikes, the right way to create a outline in the clear, translucent, & opaque materials that puzzle piece together to form a rough 3d geometric shape that has to lay in-between a few points to form the needed Intersection points for the number to be seen. Mostly from the sides. But the top as well. #dnd #d1000 #fbi whatever
Here's the reddit post https://www.reddit.com/r/XenonrealityHub/s/eKTsVet2ld
About it.
My First CTF (Capture the Flag)
I've never had any experience doing CTF's or using nmap, but today has been really fun as I continued to learn how to find flags using nmap. For this to be able to happen, I went on Hack The Box and started practicing on there.
My experience with this was actually quiet fascinating. I learned about port scanning through nmap and have picked up a skill in knowing how to use the Linux terminal and navigate through it. Today, two of my CTF's contained lessons about using nmap to find open ports for Telnet and FTP (File Transfer Protocol). I'll admit it took me a while to learn how to find the flags within those services but I found great enjoyment in it. To be honest, I want to do so much more as I develop these skills and learn how to use new tools. Doing this also has helped me stay off the phone for a bit because doom scrolling on Instagram or YouTube is really unhealthy.
As a beginner in this area, I highly encourage newcomers to get on Hack The Box if you want to learn how to use nmap, as it also gives you a step by step lessons on how to find the flags and teaches you what to look for, for your future use of nmap.
I felt like sharing this post today because I wanted to show the hacking community how excited I am learning these skills, and even though I haven't done as much and an experience hacker, I'm still proud of the work I've done. If there's any advice, or pointers that anyone is willing to give me, I'll gladly take it. Anyways, thank you for reading this post.
And as always, Godspeed everyone.
First Time Setting Up Arch Linux
Today I finally decided to practice setting up Arch Linux on a virtual machine and not gonna lie, that was TOUGH. I was only having trouble installing grub because I didn't know the difference between UEFI and BIOS, lmao. All good though.
Within the last hour, my user had a password already which had left me stuck because I couldn't log in. So i had to look up online how to delete the password for my user. Luckily I figured it out,(still learning the terminology so please be patient with me) I had to be in root or chroot and use the command passwd -d [user] which then I could put a new password for my user.
I know my situation sounds dumb but I had a lot of fun setting up Arch Linux, and I hope to learn more as I continue using Arch.
Anyways, thank you for reading this post, and Godspeed :)
Hacking di impronte digitali: configurazione da $ 5 bypassa l’autenticazione biometrica
Sul blog della Kraken Security Labs è stato condivisa la dimostrazione dell’hacking di impronte digitali e quindi sostenuto come ciò può rendere inutile l’autenticazione biometrica come metodo di verifica.
La ricerca che porta il titolo “Your Fingerprint Can Be Hacked For $5. Here’s How” mostra quindi un trucco per hackerare le impronte digitali, che può essere elaborato con l’utilizzo di apparecchiature facilmente reperibili che possono essere trovate sul mercato a circa $ 5.
L’autenticazione delle impronte digitali è una comoda alternativa alle password e ai codici PIN.
Continua a leggere su Andrea Biraghi Blog
DragonForce Malaysia hack: hacking, abuso di privacy e fuga di informazioni personali
DragonForce Malaysia Hack: l’hacktivismo in Medio Oriente persiste: nuovi attacchi digitali durante il mese di maggio 2021 e le crescenti tensioni in Medio Oriente hanno portato a rinnovate operazioni di attivisti informatici in tutta la regione.
Gli attacchi digitali di maggio hanno presentato un certo livello di rischio per i siti non protetti poiché gli attori delle minacce hanno preso di mira le organizzazioni delle telecomunicazioni, i settori finanziari e le agenzie governative.
Al momento, le azioni fisiche sono diminuite nella regione dall’ultima incursione, ma gli attacchi digitali sono continuati fino a giugno. La più grande paura nell’hacking informatico risiede nell’abuso della privacy — come la fuga di informazioni personali nell’hack DragonForce Malaysia a giugno — così come la preoccupazione che le forze straniere possano dirottare i sistemi e prendere il controllo dei database nazionali e dei sistemi operativi
Leggi la news
Asia: hacker cinesi prendono di mira le telecomunicazioni
Gli hacker cinesi prendono di mira le principali società di telecomunicazioni del sud-est asiatico.
Da anni tre distinti gruppi hacker cinesi operano per conto dello stato organizzando attacchi informatici per colpire le reti di almeno cinque società di telecomunicazioni del Sud-Est Asiatico.
Martedì la società di sicurezza Cybereason Inc. ha pubblicato un rapporto. L’analisi tecnica afferma che i gruppi hacker hanno condotto una campagna in tutto il sud-est asiatico dal 2017 al 2021 n alcuni casi sfruttando le vulnerabilità della sicurezza nei server Exchange di Microsoft Corp. per ottenere l’accesso ai sistemi interni delle società di telecomunicazioni. Lior Rochberger, Tom Fakterman, Daniel Frank e Assaf Dahan di Cybereason hanno rivelato che l’obiettivo è quello di tenere un monitorgaggio contino per facilitare lo spionaggio informatico:
“L’obiettivo degli aggressori dietro queste intrusioni era quello di ottenere e mantenere l’accesso continuo ai fornitori di telecomunicazioni e facilitare lo spionaggio informatico raccogliendo informazioni sensibili, compromettendo risorse aziendali di alto profilo come i server di fatturazione che contengono dati Call Detail Record (CDR), così come i componenti di rete chiave come i controller di dominio, i server Web e i server Microsoft Exchange”.
Leggi su Andrea Biraghi Medium
La campagna di hacking che prende di mira le passwords di centinaia di organizzazioni in tutto il mondo
Una campagna di hacking – che si crede ancora in corso – ha preso di mira le passwords di centinaia di organizzazioni in tutto il mondo tra cui partiti politici, uffici governativi, appaltatori della difesa, compagnie energetiche, studi legali, media e università.
I funzionari dell’Agenzia per la sicurezza nazionale, l’FBI, il Dipartimento della Sicurezza Nazionale e del GCHQ del Regno Unito, oltre a ritenere la campagna ancora in corso, affermano che si tratti di un tentativo di uno sforzo più ampio del GRU russo per raccogliere informazioni da un’ampia gamma di obiettivi sensibili come rivela CNN. La campagna – è stato riportato pubblicamente – è iniziata a metà del 2019 ed è stata attribuita per la prima volta questa settimana.
Questa campagna di hacking – con attacchi diretti alle passwords – è stata distinta da altre operazioni russe nel cyberspazio come ad esempio la campagna SolarWinds – di cui si dice condotta dal servizio di intelligence estero russo, l’SVR e basata su codice dannoso incorporato in un software.
Continua a leggere su Andrea Biraghi Cyber Security News
Campagne di spionaggio e hacking: mentre Microsoft avvisa che il gruppo APT Nobelium – il collettivo hacker legato all’intelligence russa – ha colpito ancora, un report dell’FSB avvisa che hacker stranieri hanno compromesso le agenzie federali russe in una campagna di spionaggio digitale che i funzionari russi hanno descritto come senza precedenti per portata e raffinatezza.
Il Cyber attacco Nobellium
Nella scorsa settimana Microsoft ha osservato un’ondata di attacchi informatici verso 150 diverse organizzazioni – tra agenzie governative e organizzazioni non governative – che ha preso di mira circa 3.000 account di posta elettronica. La maggior quota di attacchi è stata diretta verso gli Stati Uniti ma il numero delle vittime si è eseto sino a 24 diversi paesi. Un quarto delle organizzazioni coinvolte sono coinvolte in attività di sviluppo internazionale, umanitarie e per i diritti umani.
Gli attacchi – secondo gli esperti di sicurezza – sembrano fare parte di una campagna di raccolta informazioni presso le agenzie governative coinvolte nella politica estera. Microsoft – che continua a monitorare la situazione ha avvisato gli utenti di aumentare l’attenzione sulle partiche di sicurezza informatica – compreso l’utilizzo dell’autenticazione a più fattori, dell’antivirus – avvisando di non cliccare collegamenti sospetti nelle e-mail, a meno che non sia possibile confermare l’affidabilità per ridurre al minimo il rischio di phishing. Le Formiche evidenziano come l’attacco si sia svolto in vista del bilaterale Biden-Putin.
Continua a leggere su Andrea Biraghi Cyber Security
Facebook blocca hackers con base in Cina: i malware colpiscono Uiguri attivisti e dissidenti
Facebook ha bloccato un gruppo di hackers con sede in Cina che hanno utilizzato la piattaforma per colpire Uiguri che vivono all’estero con collegamenti a malware che infetterebbero i loro dispositivi e consentirebbero la sorveglianza.
25 Marzo 2021: articolo integrale su Andrea Biraghi Blog Cyber Security
Come riporta Reuters mercoledì 24 Marzo 2021, Facebook Incha affermato che gli hacker, noti nel settore della sicurezza come Earth Empusa o Evil Eye, avrebber preso di mira attivisti, giornalisti e dissidenti che erano prevalentemente uiguri, un gruppo etnico in gran parte musulmano che affrontava persecuzioni in Cina.In un post gli inevstgatori di sicurezza della societò hanno affermato che: “Questa attività ha avuto i tratti distintivi di un’operazione ben intraprendente e persistente, offuscando al contempo chi c’è dietro”.La società di social media ha detto che gli hacker, noti come Earth Empusa o Evil Eye nel settore della sicurezza, hanno preso di mira attivisti, giornalisti e dissidenti che erano prevalentemente Uiguri, un gruppo etnico in gran parte musulmano che affronta persecuzioni in Cina.Continua a leggere…
Ingegneria sociale: l'hacking delle emozioni umane
L'ingegneria sociale è l'arte di sfruttare a proprio beneficio le emozioni umane e le debolezze per avere informazioni utili e rubare le identità. Si tratta di veri e propri cyber attacchi da parte della criminalità informatica, che mediante la manipolazione psicologica sfrutta le debolezze altrui per raggiungere i propri obiettivi. Gli hacker così usano le emozioni come strumento per persuadere le loro vittime a compiere un'azione che normalmente non farebbero.
Gli attacchi messi in moto dall’ingegneria sociale, sfruttando le debolezze umane, possano mettere in moto degli attacchi basati su computer.
Leggi su Andrea Biraghi Blog
Leggi anche: Ingegneria Sociale: l’arte di hackerare gli umani
CryptoMining: attacco ai supercomputer europei
Fonte: Andrea Biraghi CyberSecurity Blog
Attacchi di CryptoMining sono avvenuti in Svizzera, Germania, Spagna in Europa e Regno Unito: sono stati attaccati i supercomputers con malware volti ad ottenere benefici monetari. In Spagna è stato attaccato un centro di calcolo ad alte prestazioni. Gli attacchi, che hanno preso di mira pricipalmente i centri universitari ,nel Maggio del 2020, si sono infiltrati laddove potevano trovare computer con grandi potenze di calcolo. L'Università di Edinburgo, infatti, è stata la prima a segnalare una violazioneal suo supercomputer ARCHER. Tra le vittime: il Leibniz Computing Center, l'Accademia Bavarese delle Scienze, il Julich Research Center, l'Università Ludwig Maximilian, lo Swiss Center of Scientific Computations.
Gli studenti universitari sono fra i principali miner di criptovalute al mondo
Fonte: Andrea Biraghi Medium
Cisco ha scoperto che tra i principali miner di criptovalute vi sono proprio gli studenti dei campus universitari, che sfruttano l’elettricità gratuita dei campus.I dati raccolti dai ricercatori di Cisco rivelano infatti che i campus dei college rappresentano il 22% delle attività complessive di mining, alla seconda posizione dietro soltanto al settore dell’energia e dei servizi pubblici (34%).
Continua a leggere, segui i link.
Cyber crime: Berlino chiede sanzioni agli hacker del Bundestag
Cyber crime: Berlino si sta preparando a sanzionare un gruppo di hacker russi. L'accusa è contro un noto hacker collegato al servizio di intelligence di Mosca. L'attacco in considerazione è quello del Bundestag nel 2015 per il quale oggi arrivano le prove trovate dal governo tedesco.
Articolo integrale su Andrea Biraghi CyberSecurity Blog
Sembra che le cose siano cambiate dopo la dichiarazione del cancelliere Angela Merkel che - precedentemente riluttante a rimproverare la Russia per gli attacchi informatici - ha dichiarato il mese scorso che Berlino non può ancora "semplicemente ignorare" un attacco "scandaloso", per questo si attende una risposta dell'UE. Ciò rappresenterebbe una svolta contro il crimine informatico da parte dell'Europa: i diplomatici si sono riuniti mercoledì a Bruxelles per discutere se la risposta debba utilizzare un nuovo regime di sanzioni informatiche.
Cyber Crime: il bersaglio di Berlino ha il nome di Dmitry Badin
Il bersaglio di Berlino nella lotta contro il cyber crime, oltre al gruppo di criminali informatici, porta il nome di Dmitry Sergeyevich Badin.
Continua a leggere su Andrea Biraghi Blog
