YES! EMPHATIC YES!!
In recent years, the democratic party had lost its way. Standing up for fairness, equity, people’s rights, justice and equal opportunity are all noble and worthwhile causes, but in the past, it was also the champion for the labor unions and the plight of the average Joe worker. As the labor union member numbers have dwindled, the party has lost this focus.
It appears that the democratic party is finally waking up to realizing that there has to be a pragmatic approach to governing as well as protecting and fighting for people’s rights and airing complaints about the other party or its candidates. Instead of focusing too much on justified grievances, their has to be a message with a glimmer of hope, like democrats promising to fight hard for increasing the minimum pay wage rates to living wage rates; a plausible way for young people to pay down student loans…
View original post 992 more words
Great post, addresses the underlying issue created by the cabal to keep the sheeple divide and fighting amongst themselves. Free our minds, live in peace. ❤
This is one of the questions submitted for the INVERTED COLLAPSE – 3-WEBINAR SERIES!
And it is simultaneously a new Ask Lada episode!
Frankly, I never intended to talk about this, as this is NOT one of my CORE subjects. However, I get such questions more often than I’d like. Therefore, even though you wanted it answered privately, after a consideration, I have decided to set the record straight once and for all publicly, and I trust this answer will put this issue to REST FOREVER. I do not intend to get back to it in the future!
Me personally — I feel strongly that the gay issue should be a complete non-issue, an entirely private matter. We, as humans, should…
View original post 1,212 more words
A cyber attack has hit the email system of UK Houses of Parliament on Friday morning that breached at least 90 emails accounts protected by weak passwords belonging to MPs, lawmakers, and other parliamentary staff.
Meanwhile, as a precaution, the Security service has temporarily shut down the remote access (outside the Westminster) to its network to protect email accounts.
“We have discovered unauthorized attempts to access accounts of parliamentary networks users and are investigating this ongoing incident, working closely with the National Cyber Security Centre,” the spokesperson said.
“Parliament has robust measures in place to protect all of our accounts and systems, and we are taking the necessary steps to protect and secure our network.”
The authorities found less than 1% of parliament’s 9,000 email addresses had been compromised using the brute-force attack that lasted for more than 12 hours.
It is unclear who is responsible for the attack, but the breach has happened just two days after the passwords of British cabinet ministers and officials were reportedly being sold online by hackers on Russian underground forums.
However, most UK officials suspect Russia and North Korea for the British Parliament cyber-attack.
“We are continuing to investigate this incident and take further measures to secure the computer network, liaising with the Britain’s National Cyber Security Centre (NCSC).” spokeswoman said.
A massive archive of Microsoft’s top-secret Windows 10 builds, and the source codes for private software has been reportedly leaked online, which could lead to a nasty wave of Windows 10 exploits, journalist at the Reg claims.
The Leaked files – uploaded on BetaArchive website – contains more than 32 terabytes of data, which includes many non-public Windows 10 and Windows Server 2016 builds created by Microsoft engineers for testing purpose.
Private debugging symbols reveal some sensitive in-depth knowledge about the operating system that could be used by exploit writers to find vulnerabilities.
Moreover, the dump also contains Microsoft’s Shared Source Kit, which includes source code for Windows 10 hardware drivers, such as:
- Plug-and-Play system
- USB Stacks
- Wi-Fi Stacks
- Storage Drivers
- ARM-specific OneCore kernel code
According to Microsoft’s website, Shared Source Kit is available only for “qualified customers, enterprises, governments, and partners for debugging and reference purposes.”
However, BetaArchive says that the leak is just 1.2GB in size and now has been removed.from its servers.
The leaked files also contain Microsoft’s Windows 10 Mobile Adaptation Kit, a private software toolkit created by Microsoft designed to run Windows 10 operating system on mobile devices.
So far, it’s unclear who is behind this massive leak, but it could be from one of the Microsoft OEM partners.
Microsoft Confirms the Leak
Microsoft has confirmed that a portion of Windows 10 source code has leaked online.
“Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners,” confirms a Microsoft spokesperson to The Verge.
Stay tuned for more information.
WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a tool suite – which is being used by the CIA for Microsoft Windows that targets “closed networks by air gap jumping using thumb drives,” mainly implemented in enterprises and critical infrastructures.
Air-gapped computers that are isolated from the Internet or other external networks are believed to be the most secure computers on the planet have become a regular target in recent years.
Dubbed Brutal Kangaroo (v1.2.1), the tool suit was allegedly designed by the Central Intelligence Agency (CIA) in year 2012 to infiltrate a closed network or air-gapped computer within an organization or enterprise without requiring any direct access.
Here’s How the Air-Gap Attack Works
Like most air-gapped malware techniques we reported on The Hacker News, this hacking tool first infects an Internet-connected computer within the target organization and then installs the Brutal Kangaroo malware on it.
Even if it’s hard to reach an Internet-connected PC within the target organisation, they can infect a computer of one of the organisation’s employees and then wait for the employee to insert the USB drive into his/her computer.
Now, as soon as a user (the employee of the organisation) inserts a USB stick into the infected computer, Shattered Assurance, a server tool infects the USB drive with a separate malware, called Drifting Deadline (also known as ‘Emotional Simian’ in the latest version).
The USB drive infects with the help of a flaw in the Microsoft Windows operating system that can be exploited by hand-crafted link files (.lnk) to load and execute programs (DLLs) without user interaction.
“The .lnk file(s) must be viewed in windows explorer, and the tool will be auto-executed without any further input.” the manual says.
“If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked,” WikiLeaks said.
“Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables,” a leaked CIA manual reads.
The malware then starts collecting data from infected air-gapped computers (which utilizes Shadow, the primary persistence mechanism) covertly and a module within the Brutal Kangaroo suit, dubbed “Broken Promise,” analyzes the data for juiceful information.
Previous Vault 7 CIA Leaks
Last week, WikiLeaks dumped an alleged CIA framework used for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices.
Dubbed “Cherry Blossom,” the framework was basically a remotely controllable firmware-based implant for wireless networking devices, including routers and wireless access points (APs), which exploits router vulnerabilities to gain unauthorized access and then replace the firmware with custom Cherry Blossom firmware.
Since March, the whistleblowing group has published 12 batches of “Vault 7” series, which includes the latest and last week leaks, along with the following batches:
- Pandemic – a CIA’s project that allowed the agency to turn Windows file servers into covert attack machines that can silently infect other computers of interest inside a targeted network.
- Athena – a spyware framework that has been designed to take full control over Windows PCs remotely, and works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.
- AfterMidnight and Assassin – Two apparent CIA malware frameworks for the Windows platform that has been designed to monitor and report back activities of the infected remote host computer and execute malicious actions.
- Archimedes – Man-in-the-Middle attack tool allegedly created by the CIA to target computers inside a Local Area Network (LAN).
- Scribbles – Software reportedly designed to embed ‘web beacons’ into confidential files and documents, allowing the agency to track whistleblowers and insiders.
- Grasshopper – A framework which allowed the agency to easily create custom malware for breaking into Windows operating system and bypassing antivirus protection.
- Marble – The source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the spying agency to hide the actual source of its malware.
- Dark Matter – Revealed hacking exploits the CIA designed to target iPhones and Macs.
- Weeping Angel – A spying tool used by the CIA to infiltrate smart TV’s and then transform them into covert microphones.
- Year Zero – Disclosed several CIA hacking exploits for popular hardware and software.