Wednesday, February 21, 2024

Law Enforcement takes down major ransomware site

This operation is pretty impressive:

Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group.

...

But Europol has reportedly taken credit for shutting down LockBit, so perhaps Operation Cronos really has disrupted the gang’s operations.

If that's the case, this action will be welcome. LockBit is prolific and vicious: we've reported it attacking a children's hospital, Infosys, sandwich chain Subway, and many other attacks.

Reportedly there have been multiple arrests, data has been found that is expected to lead to more arrests, and multiple crypto currency accounts have been seized.  Eleven countries worked together on this which is also impressive.

We will see how much impact this has but Lockbit is one of the biggest ransomware schemes out there.  

And this isn't the only one of these takedowns in the last couple of months.  Well done.

 

Tuesday, February 20, 2024

Security is hard

This is bad.  Really bad

A single packet can exhaust the processing capacity of a vulnerable DNS server, effectively disabling the machine, by exploiting a 20-plus-year-old design flaw in the DNSSEC specification.

That would make it trivial to take down a DNSSEC-validating DNS resolver that has yet to be patched, upsetting all the clients relying on that service and make it seem as though websites and apps were offline.

The academics who found this flaw – associated with the German National Research Center for Applied Cybersecurity (ATHENE) in Darmstadt – claimed DNS server software makers briefed about the vulnerability described it as "the worst attack on DNS ever discovered."

What's bad is that you don't get more mission critical than DNS - Domain Name Service, the service that translates names (like borepatch.blogspot.com) into Internet addresses (like 192.1.7.200).  No DNS, no Internet.

If you run a DNS or DNSSEC server look at this ASAP.

Monday, February 19, 2024

President's Day - Best and Worst Presidents

It's not a real President's birthday (Lincoln's was the 12th, Washington's is the 22nd), but everyone wants a day off, so sorry Abe and George, but we're taking it today.  But in the spirit intended for the holiday, let me offer up Borepatch's annual bestest and worstest lists for Presidents.

Top Five:

#5: Calvin Coolidge

Nothing To Report is a fine epitaph for a President, in this day of unbridled expansion of Leviathan.

#4. Thomas Jefferson.

Jefferson is perhaps the last (and first) President who exercised extra-Constitutional power in a manner that was unambiguously beneficial for the Republic (the Louisiana Purchase).  He repealed Adam's noxious Alien and Sedition Acts and pardoned those convicted under them.

#3. Grover Cleveland. 

He didn't like the pomp and circumstance of the office, and he hated the payoffs so common then and now.  He continually vetoed pork spending (including for veterans of the War Between the States), so much so that he was defeated for re-election, but unusually won a second term later.  This quote is priceless (would that Latter Day Presidents rise so high), on vetoing a farm relief bill: "Federal aid in such cases encourages the expectation of paternal care on the part of the Government and weakens the sturdiness of our national character."

#2. Ronald Reagan

He at least tried to slow down the growth of Leviathan, the first President to do so in over half a century (see entry #5, above).  He would have reduced it further, except that his opposition to the Soviet fascist state and determination to end it cost boatloads of cash.  It also caused outrage among the home grown fascists in the Media and Universities, but was wildly popular among the general population which was (and hopefully still remains) sane.

#1. George Washington

Could have been King.  Wasn't.  Q.E.D.

Bottom Five:

#5. John Adams.

There's no way to read the Alien and Sedition Acts as anything other than a blatant violation of the First Amendment.  It's a sad statement that the first violation of a Presidential Oath of Office was with President #2.

#4. Woodrow Wilson.

Not only did he revive the spirit of Adams' Sedition Acts, he caused a Presidential opponent to be imprisoned under the terms of his grotesque Sedition Act of 1918.  He was Progressivism incarnate: he lied us into war, he jailed the anti-war opposition, he instituted a draft, and he was entirely soft-headed when it came to foreign policy.  The fact that Progressives love him (and hate George W. Bush) says all you need to know about them.

#3 Lyndon Johnson.

An able legislator who was able to get bills passed without having any real idea what they would do once enacted, he is responsible for more Americans living in poverty and despair than any occupant of the White House, and that says a lot.

#2. Franklin Roosevelt.

America's Mussolini - ruling extra-Constitutionally fixing wages and prices, packing the Supreme Court, and transforming the country into a bunch of takers who would sell their votes for a trifle.  At least Mussolini met an honorable end.


#1. Abraham Lincoln.

There's no doubt that the Constitution never would have been ratified if the States hadn't thought they could leave if they needed to.  Lincoln saw to it that 10% of the military-age male population was killed or wounded preventing that in an extra-Constitutional debacle unequaled in the Republic's history.  Along the way, he suspended Habeas Corpus, instituted the first ever draft on these shores, and jailed political opponents as he saw fit.  Needless to say, Progressives adore him.

So happy President's Day.  Thankfully, the recent occupants of 1600 Pennsylvania Avenue haven't gotten this bad.  Yet.

Cumbersome

 Cumbersome and hilarious.

Friday, February 16, 2024

Rest In Peace, sniper

SGT Chuck Mawhinney - the greatest Marine Corps sniper ever - has reported to the final muster.  As always, Dwight has the writeup (highly recommended).

What struck me was what he did when he came back from Vietnam.  Seeing how other veterans were treated, he pretty much dropped the whole military thing - he got a job with the Forest Service, hunted and shot trap, married and had kids, and seems to have been one of the solid, quiet, dependable community guys.

Then his story came out in the 1990s when the country was ready to treat the 'Nam vets right.  He got some much deserved recognition then, but the years before strike me as nothing so much as a sniper knowing how not to be seen.

103 confirmed kills with another 216 probables.  Wow.

Rest in peace, Sargent.

Now get on over to Dwight's place and read the amazing story.

Help

Not for me, but for Big Country's lovely wife Gretchen.  She's been diagnosed with cancer and any change you can toss her way for medical bills would be greatly appreciated. 

I'm late to this and most of you read the other blogs like Divemedica and BC himself, but Gretchen is super nice and way too young to be going through this.

Thursday, February 15, 2024

Can you call it a "dry stack stone wall" ...

... when it is under the ocean?

A prehistoric stone wall more than half a mile long has been discovered on the floor of the Baltic Sea in the Bay of Mecklenburg off the coast of Germany. Around 11,000 years old, it is the oldest human-made structure in the Baltic Sea and one of the documented human-made hunting structures in the world. More than a half mile long, it is also one the largest known Stone Age structure in Europe.

...

It was built by hunter-gatherers who inhabited the area and was likely a drive lane (a means to control the movement of animals to force them into a restricted space or, in this case, the lake itself) used to hunt migrating Eurasian reindeer. Prehistoric stone walls like these have been found elsewhere in the world (Jordan, Canada, Saudi Arabia, Greenland, the United States) but are all but unknown in Europe. The closest comparable example was found at the bottom of Lake Huron in Michigan where a stone wall was used to hunt migrating caribou 9,000 years ago. It is much shorter a wall than the Mecklenburg megastructure — 98 feet versus 3186 feet. 

That took a lot of work to build.  Maybe it was built over the course of decades, little by little?

Stop using FaceID immediately

Assuming that you use it, of course.  It is a persistently bad idea:

Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.

A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB's researchers, started distributing trojanized smartphone apps in June 2023, however, the latest GoldPickaxe version has been around since October.

...

Once the biometrics scans were captured, attackers then used these scans, along with deepfake software, to generate models of the victim's face.

Attackers would download the target banking app onto their own devices and use the deepfake models, along with the stolen identity documents and intercepted SMS messages, to remotely break into victims' banks.

You can change a compromised password, but you cannot change your face.


Wednesday, February 14, 2024

Dad Joke CCCVIII, special Valentine's Day edition

What did the guy with a broken leg say to his valentine?

"I have a crutch on you."

Monday, February 12, 2024

Lawrence of Arabia's watch found on Antiques Roadshow

Holy cow.

Yanow, Peter O'Toule was robbed of the Oscar that year.

The earliest born person ever photographed

This is just plain interesting.  The first photographs date to the 1820s and 1830s, but there were some very old people alive then, who lived through some really interesting events.  This video covers who some of these people were, and who was born the earliest.