Dogs, Cats, and Ransomware Living Together!

The Sodinokibi ransomware group is sponsoring a hacking contest.
The future is NOW.


Trello info found in Google, boards left open.
Trello's default is closed, so do the math


Speaking of which, 200k WordPress sites vulnerable to plugin flaw.
From observation, the only change here is which vulnerability


The UN was hacked because of an unpatched SharePoint server.
That's it - kick them out.



Know why Gentoo is known as a secure distro?
Because most humans can't install it, no less work it.


Trickbot uses new Win10 UAC bypass to launch quietly
Overall, I'd say the UAC has been a real success


MS detects new Evil Corp malware attacks
C'mon - like they're really separate entities...


Top 14 open source web development tools
No, it doesn't come with instructions on how to leave your buckets open 

LINUX 

You can't stream Picard on linux w/o this workaround
more DRM crap


Snowflake is the SSH GUI you didn't know you needed


Bash break and continue
break and continue is my M.O.


How to install software through Flatpak on Debian 10
I was right! I was right! You have to install Flatpak first!

UK Solves IoT Security Issues

Yes, the UK has come through for its citizens, and the citizens of the world, with legislation that IoT devices cannot have default passwords. No longer will they have any IoT issues!

Government never met a thing they couldn't make worse with legislation.


In a race with Microsoft, Sprint exposed their support portal to the world.






LINUX


How to encrypt partitions with VeraCrypt on Debian 10


Basic network troubleshooting with nmap


Kali first release of 2020  (ethical hacking OS)


CBS All Access serves ads, but not content, to linux users.
What's that phrase?  "Perhaps a hot poker up the old wazoo will help them see reason."


32 bit linux will keep going, into the future
I just resurrected an old laptop with 32 bit. This is good news.





Everybody has problems. Even blog authors. Even me!
One of my old laptops was so old (how old was it?) it was so old, it had a dual boot with linux and Win XP. I made an account for Mrs lefty and it was 'her' laptop. After noticing it gathered more dust than my tech gadgets, I decided to update it and make it ready to act as a spare, for the next time something stupid happened to my other laptop. And by something stupid, I mean something I did.

It booted with its usual efficiency and I noticed the boot option screen was very much Not There. Then I noticed it booted into a GRUB rescue prompt. I decided right away that I didn't like this and rebooted. Like all bad news, it repeated itself.

Naturally, I cannott remember a single GRUB rescue command.
The internet had several suggestions, or rather several hundred suggestions. Most were based upon the same 2 suggestions: use a very confusing set of command line inputs, or some other thing I probably should've written down. I tried 'Some Other Thing,' largely because it required much less typing.  It failed miserably, making assumptions about what I wanted. Method #1, with tons of input and 2 variations was tried. It was a boot repair, so it looked pretty good, and I was advised it was safe - I couldn't hurt anything. They obviously don't know me.  The results were not correct and not even predictable: the machine booted right into XP. This was not handy, convenient, or even correct. It was the least important thing on the entire hard drive.

Another option was this BOOT REPAIR image, which I downloaded and put on a usb stick. Booted up, hit the SAFEr option, and rebooted. It guessed completely wrong. The 2nd time, it was even more wrong. People raved about this option, so I guess they, like me, just like to see the world burn.

Speaking of hard drives, I had about 7 partitions and needed to remember what they all contained. XP was not helping, and I still didn't have my boot choice screen. To make things even more amusing, my bootup partition was different from my root partition, which did not exist in any help document or suggestion. I am a very special person, with very special options.

So I typed more commands and reinstalled GRUB. This actually worked!
And when I say 'worked,' I mean it installed a fresh copy of GRUB, which merely booted to the GRUB (not rescue) prompt. Some would scream. Some would pull out their own hair. Some would pull out someone else's hair. I laughed maniacally.

If this were Windows, I'd put in an install cd, do a REPAIR, and be done with it.
Since this is a multi-boot system, they would nuke every partition that wasn't Windows. I'm having a good time here.

I decided on the high yield nuclear option (no, not to reinstall each OS): I'd get out my linux install disk and bloody fix it that way. I'd be up to date, and I could spend the next 10 hours setting it up, hopefully undisturbed.

Install I did. gparted helped me remember which partition was which, and off I was. Really far off. I use a different partition for HOME, so I made sure Xubumtu knew it was the HOME partition. When I rebooted, there was the bloody GRUB selection menu! I could boot into whatever I wanted! The sun had come out. I could hear the cherubim singing outside, warbling horribly out of tune on some current song I've never heard. Supermodels kept calling and coming to the door.

So there I was, with a current laptop, needing just a short 10 hours to customize it to my liking. I had to look through the Xubuntu archives for a 32 bit version, as this laptop must be from 1975 and had an unthinkable amount of RAM (2G). Fortunately 32 will continue, per the above.

As my 10 hours uninterrupted started, I discovered there would be a slight modification to uninterrupted, this being Wife, who had all the sudden gotten chatty, and needed to be reminded ever hour or so that this was Uninterrupted Time.

"HI how are you did I tell you about my day Guess where I went - guess Wrong HAHA - I went to visit your mother She's in rare form, but at least she tried to cook her steak before eating it cuz you remember what happened last time What are we having for dinner No, I'm not hungry now but what if I need to get something from the store I stopped at a major anchor store and looked at shoes but it was only a look because I already have most of them The sales staff all liked my jewelry like normal I really have to get some new jewelry Since most of it came from Arizona anyway we should take a trip OMG they won't let the dog sit with us shes too big to fit under the seat and if we tell them she's a helper dog, she'll probably bark the entire plane flight and you know you can't stop her when she starts....

Hi. Hello. HELLO. HHHHEEELLLLOOOOO???

Oh, I'm sorry, was I talking too much?

Only when your mouth was moving. Why do you speak in paragraphs?

My mom does that It's not the first time anybody said that to me Are you working on my laptop What happened What's wrong Why did it happen Do you mean your MAIN laptop..

HELLOOOOOOOOO????

Oh, sorry.

Remember I said I was configuring the laptop?

Why?

I said I needed some quality, uninterrupted time with it.

Oh, I'm sorry. I'll shut up now [tv turns on]

[5 minutes]

Do you need anything from the store I'm going food shopping later What are you doing Why...

UNINTERRUPTED.

Oh, sorry.

[5 minutes]

Oh I love this show What did you want for dinner I thought of a good slaughterhouse we can tour tomorrow...

STILL uninterrupted.

I'm sorry (makes zipping up lip motion)

[5 minutes]

I'm going on the back steps I have to pay some bills.

STILL uninterrupted.

I know, I'm just saying..

You're ALWAYS just saying.

Well, I'm just saying...

STOP saying. I really need to get this done. If I don't, the zombies will eat me.

OOH! I love those zombie movies I know I said I would be quiet but just one thing My favorite Z-level movie is coming on at 8:30 You don't mind missing all your shows tonight so I can watch it I'm going to visit my mom this weekend No you can not have Emilia Clarke babysit you so don't ask You think you're so funny...

When I die, will you still be talking? Will you dig my body up and regale it with what you found on sale today? We can get you permission to dig me up regularly. Yes, they'll let you run the Caterpillar. Yes, you can put your 8' pink Barbie flag on it.

Ubiquiti Hears You on the Toilet

Ubiquiti UniFi routers will beam performance data back to mothership automatically. You just try opting out....


Win 10 update fixes file explorer bugs


OOPS - Wawa breach breach - possibly more than 30 million cards
Wawa is assuring people they'll help




LINUX

How to use iptables


What's new in Ubuntu 20.04 LTS?
exotic Gnome theme! How Exciting!
And so much more!
Ok, one thing more.


Ubuntu invites Win 7 users with linux switch guides
very smart, imho


How to install Yii PHP framework on CentOS 8
$5* to anyone who can explain what this means.

*not really

How to use when conditionals in Ansible playbook
$10* for this one

*not really also

Monday Malware

Microsoft's IE Zero Day Fix is breaking some Windows Printing
This is a mess. Many other symptoms.

10% of all Macs have Schlayer malware

UK proposal mandates IoT security



Linux

How to resume partially transferred files over ssh using rsync


How to prepare for the Red Hat Certified Processional (RHCP) exam


Linux on laptops: sometimes later is better

scrcpy added to Debian testing: allows controlling android devices from the desktop

pidof will print the PIDs of all running programs that match with the given name

You Picked a Bay Day to Be in IT

Microsoft Search Office 365 ProPlus Bing Force
These are all very bad keywords. Read at your own peril.


German car renter Buchbinder exposed a 10T MSSQL backup.
How?  Unsecured.


Critical unpatched bugs in hospital devices
Please don't fuck with the patients. Telling them they're dead might sound like fun, but you probably shouldn't.


How to secure Apache with Let's Encrypt SSL cert on CentOS 8
Otherwise, Let's NOT Encrypt


Looking for silver linings in the CVE-2020-0601 crypto vuln


Cisco warns of critical network security tool flaw


LINUX

How to find broken symlinks and delete them


tcpdump


How to check and kill zombies (processes) in Debian 10


Terminal Phase - space shooter game that runs in terminal


Set up passwordless logins using public/private keys




FRIDAY THOUGHTS  

• Be green (it looks really funny)
• Over the weekend, treat yourself to some really good stuff: ice cream, bbq, sleep
• Just say NO to clicking anything
• Touch yourself (if no one else will)

Pay Pay Pay the Ransomware

In a recent survey, 33% of ransomware victims are paying.
In other news, there is a severe shortage of backup systems people.


Google researchers find serious privacy risks in Safari's anti-tracking protections.

This is the most irony you'll see this month.

Apple addresses iDevice 11 location problem
that wasn't a problem when asked initially






LINUX  


How to compare local and remote files


Zorin OS 15.1 review


s-tui CPU monitoring/stress testing tool


Wine 5.0 released - multi monitor support


bandwich - bandwidth tool for lin and macOS

Beware of Tomato(es)

Routers running Tomato are being probed for default credentials and remote administration, attempting to add it to the Muhstik botnet.

I'm hoping that anyone smart enough to use alternative firmware is smart enough not to use default credentials and leave remote admin on. We shall see.


Recognizing router problems


Final Win7 update gives some users wallpaper problems: installs a black wallpaper. Can you imagine the horrors? All network staff pulled off updates to see to floor staff about this horrendous side effect. All other work stopped, weekend hours authorized. Emergency protocols in effect. Therapists brought in to talk to the users down.


The German government has to pay $887,000 for Win 7 support because they didn't move to Win 10.  As much as I hate MS, it wasn't like they didn't provide notice of end-of-life for Win 7. This really shouldn't have been a shock to anybody.

Speaking of which....
Microsoft discloses security breach of customer support database.
Let's face it - they couldn't get much.




LINUX

The userdel command. It (hold on...) deletes users

dnf-automatic: install security updates automatically in Cent)S 8

Put Passwords in the Cloud. What's the worst that could happen?

Lastpass has been down for days. Staff is hard to reach or denying there's an issue on Twitter.


Citrix ships patch for VPN vuln



600 computers taken down in Volusia County Public Library system cyberattack.
50 back up.


Hans Andersson online payment portal hacked, info stealer injected for 2 months.


More than 500k telnet credentials for IoT devices leaked.
This is a biggie.


Apple is genuinely concerned about your privacy. Except if the FBI asks.




LINUX


Official Kubuntu laptop goes on sale.
Starting at $2395, I'd buy a good laptop and load Xubuntu, as I've done since my first laptop.


Locking and unlocking accounts

Yet Another Win10 Vuln to be Patched

A new RDP vulnerability included in the WIN10 EMERGENCY PANIC PATCH!


Critical Cisco flaws now have PoC exploit


Satan ransomware born again
I love this title.


A comprehensive view of pen testing


So those thermal paste syringes?
No, parents, your kids aren't on drugs.
Keep one on your desk - people go mad






LINUX

df vs du commands

How to mount a drive

broot is an interactive treeview directory navigation tool for the CLI
inspired by tree

11 linux browsers
no, Goog Chrome, Opera are not open source
Falkon is pretty good, fast
(Web) Epiphany is a little silly and doesn't have many options, but this blog is put together on it
Links is the Stuff!

Trust No One

A Practical Guide to Zero-Trust Security


Online pharmacy PlanetDrugsDirect discloses breach


Critical WordPress but leaves 320,000 sites open to attack
it's like MS: Gee, what's wrong this week?


Hey, all the hoo-ha over the Win10 bug?  A researcher used it to Rickroll the NSA and Github
The good news? Firefox may be exempt.
The bad news? NSA employees can't get "Never Gonna Give You Up" out of their heads.




LINUX


systemd service sandboxing and security handling 101


How to get your IP address on linux

Patch em if you Got em

Patch Win10 and Server now because certificate validation is broken
They're not kidding
This discovery was per NSA.
They probably installed it.


The patch fixes 50 security holes (Krebs)

Oracle previous all time patch high (300+)





LINUX

How to completely delete a file

How to use the ss command

How to temporarily drop admin privs to admins using delayed admin

6 best CCleaner alternatives for Ubuntu

It's Only 200 Million Cable Modems

JS Vulnerability affects 200 million cable modems


Never before-seen virus in China kills one, spreads to Thailand.
McAfee won't fix.


First 2020 Patch Tuesday grumbling


Microsoft spots malicious npm package stealing data from UNIX systems.
Not widespread but notable.
Have I mentioned the world is ending?



LINUX

You can now run android 10 on your PC with AndEX10, an android-x86 fork, Also in a VM. It's $9.
Of course most of us can't run android 10 on our phones....


How much education do you need to be a linux sysadmin

Citrix, Cisco, whatever....

Citrix ADC CVE-2019-19781 Exploits Released, Fix Now!

PoC exploits released for Citrix ADC and Gateway RCE vulns

Cisco webex bug allows remote code execution.

Sodinokibi ransomware publishes stolen data for the first time

not only stolen, but published

LINUX 

How AppArmor can protext your linux system

Microsoft proprietary software that spies on everyone 'does an AWS' on free software

10 methods to view different file formats in linux

Linus Torvalds says "Don't use ZFS" - but doesn't seem to understand it

SHA-1 Breakage?

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out.


Info on California schools and Las Vegas attacks


Android flaw being exploited in the wild.
"..some Android devices, including the Pixel 2, Samsung S7-S9, Moto Z3, and Huawei P20, among others."


Hey, CheckPeople - your 22GB database containing 56 million US people's details is open for all, out of China.



LINUX

How to find high CPU consumption processes in linux
Or just install Glances, which gives you this and more.


5 favorite linux sysadmin tools

Wherefore Art Thou, Citrix?

Attackers are scanning for vulnerable Citrix servers. Secure yours NOW.


Firefox 0-day - Active Attacks
Update NOW.


5 ways to do serverless on Kubernetes
I have no idea what it means, but Kubernetes is a buzzword lately.


How to set up an anonymous ftp download server in Fedora

You Bomb - We'll Tech

Linksys routers, already able to sense movement, will soon be able to monitor your breathing.  I feel queasy.  Naturally this means they will sell millions to well-meaning idiots, who will then complain when their health info and movement history gets into the hands of the insurance industry and hackers.


REvil ransomware exploiting VPN flaws made public last April.


DHS warns of Iranian cyber threat.


Remember - Windows end of support for Windows 7 ends 1/14/2020.
Does it matter? 7 will keep operating. Have you gotten 10 yet? Should you?
-abandon ship.... move to a different OS.


3 Google Play apps exploit android Zero-Day used by NSO group.


City of Las Vegas got breached. No info about severity, method, or backups.



LINUX

How to delete a directory in linux - several different ways.

How to use apparmor: restrict programs' capabilities with per-program profiles



EDITORIAL

Diversity - why open source needs to work on it in 2020

I call BS.

Diversity is like Affirmative Action - discriminatory, demeaning, divisive, and possibly damaging.  I am not restricting this to any business or group: it's all inclusive.

Ask yourself, if you were doing the hiring, do you hire the minority because they're a minority, or do you hire the right person for the job, minority or not?

As someone who did a bit of hiring, in the end, I hired the most competent for the job. In addition to being the only smart decision, I'd have to deal with a less than spectacular hire when they couldn't do their job. No one has the time to train then retrain. I don't have the patience. I want the right person for the job. Someone who is smart enough to figure out what they don't know. Their color, ethnicity, gender, or what they identify as, is a non-starter. It also doesn't matter after they get hired. The fact that they're good at their job will be noticed and appreciated.

In spite of my horrible attitude, all my hires stuck.

It's Tuesday. It could be worse. It could be Monday

More malicious Google Play apps.


An unpatched government website just got pwned by an Iranian script-kiddie.
Hey, at least we bombed them.



iPhone ios13 keeps reminding you an app is tracking you. For each app.



Placed over lock screen, fake Win10 desktop tries to scam by pretending to be police, locking your screen for illegal activity


Apparently getting breached over 20 times upsets the FTC. InfoTrax Systems only detected the last breach when the servers went over capacity and has settled with the FTC. Now you know where to go when you need back-end ops systems and MLM software. Be prepared for neck injuries from shaking your head when you read this.


An IT executive embezzled $6 million and just got caught by Word doc metadata.
Microsoft comes through again!


Travelex, an international foreign currency exchange company, got hit with ransomware, demanding $3 million.

Ladies and Gentlemen, this is a business opportunity. Gather a sheaf of papers (or usb drive) with each significant breach listed. Explain backups. Sell them backups and installation. None of these breaches had backups, reliable or otherwise. Also include a patching service, which is another way the ransomware can get in. As for employee clicking, perhaps a flamethrower. Start small.


EA boots linux users of Battlefield V.
F them with fire.

Today's News

I just stepped in to say that, in today's news, there is no news.
Therefore there will be no blog entry.
Except this one.

Sue the Ransomware - How's That Workin Out for Ya?

Maze ransomware has been sued for publishing victim's stolen data.
They're suing John Doe for injunctive relief and damages.
The anonymous John Doe.
I want to sue the anonymous IRS.

In related news, ransomware attackers are offering holiday discounts and greetings. This makes Black Friday even funnier.

Hey, Kids, it's us - the guys who encrypted your network and stopped business for a few weeks. We noticed that you haven't paid the ransom, and wanted to extend a 25% holiday discount! (and if you act now, we'll throw in the name of a reliable backup company)


While I'm chaining these together (very loosely), Starbucks devs left the API key in GitHub public repo.

The Happy New Year News

Landry's, a popular restaurant owner, was hit by credit card stealing malware.
They own 60 well known brands and own over 600 restaurants.  You have to give them credit - the malware was on their systems from March 13 to October 17. They got right on it. Naturally they are very sorry.


Virus types - take a look.


All Caterpillar padlocks use the same key.
We're doomed.





LINUX

5 New Years resolutions for linux folk
#4 confuses me to no end


Commands: Random one-liners
"Take my CLI, please."


Key considerations when choosing a robot's operating system:
that it not be Windows


8 quick file searching tools
Haven't tried all of them yet, but I like AngrySearch. Just for the name.