Spiritual Spa: Happiness Frequency, Calming, Relaxing Music (Serotonin, Dopamine and Endorphin release)

Nice post, thank you Lada!

Futurist Trendcast

Mar 31 at 8:00am, Lada on Patreon – FREE public post!
Dear friends,

WELCOME TO LADA RAY’S SPIRITUAL SPA ON PATREON!

In this first post, listen to the Happiness Frequency, Binaural Beats Relaxing Music (while listening, you may experience a lovely and positive Serotonin, Dopamine and Endorphin release).

The issue of how to stay centered and what music to choose for meditations frequently comes up in our Private Personal Skype Consultations. With all the craziness going on in the world, to stay balanced and to remain in your power, I highly recommend you regularly meditate and listen to a highly calibrated spiritual frequency music.

I often listen to the higher-dimensional, highly calibrated binaural beats as my background positive frequency when I write, research, create webinar banners and book covers, or do something else intense and creative.

I’ve recently posted a couple of the deep healing music videos on FuturisTrendcast, as…

View original post 121 more words

Advertisements

Infowar: RT kicked out of Washington

When Russia decides to kick out US fifth column/ fifth estate out of Moscow, quid pro quo, Washington has much more to lose!

Better yet, President Putin could use this as an opportunity to point out the hypocrisy and allow western MSM to stay! After all, not many believe in western propaganda anymore as more and more awaken everyday.

Fascinating case study of inverted collapse from the collective West. 🙂

Futurist Trendcast

View original post

Hacker News: Microsoft’s Meltdown Patch Made Windows 7 PCs More Insecure

microsofts-meltdown-vulnerability

Meltdown CPU vulnerability was bad, and Microsoft somehow made the flaw even worse on its Windows 7, allowing any unprivileged, user-level application to read content from and even write data to the operating system’s kernel memory.

For those unaware, Spectre and Meltdown were security flaws disclosed by researchers earlier this year in processors from Intel, ARM, and AMD, leaving nearly every PC, server, and mobile phone on the planet vulnerable to data theft.

Shortly after the researchers disclosed the Spectre and Meltdown exploits, software vendors, including Microsoft, started releasing patches for their systems running a vulnerable version of processors.

However, an independent Swedish security researcher Ulf Frisk found that Microsoft’s security fixes to Windows 7 PCs for the Meltdown flaw—which could allow attackers to read kernel memory at a speed of 120 KBps—is now allowing attackers to read the same kernel memory at a speed of Gbps, making the issue even worse on Windows 7 PCs and Server 2008 R2 boxes.

Frisk is the same researcher who previously discovered a way to steal the password from virtually any Maclaptop in just 30 sec by exploiting flaws in Apple’s FileVault disk encryption system, allowing attackers to unlock any Mac system and even decrypt files on its hard drive.

The discovery is the latest issue surrounding Meltdown and Spectre patches that were sometimes found incomplete and sometimes broken, making problems such as spontaneous reboots and other ‘unpredictable’ system behavior on affected PCs.

According to Frisk, the problem with MS’ early Meltdown fixes occurs due to a single bit (that controls the permission to access kernel memory) accidentally being flipped from supervisor-only to any-user in a virtual-to-physical-memory translator called PLM4, allowing any user-mode application to access the kernel page tables.

The PML4 is the base of the 4-level in-memory page table hierarchy that Intel’s CPU Memory Management Unit (MMU) uses to translate the virtual memory addresses of a process into physical memory addresses in RAM.

The correctly set bit normally ensures the kernel has exclusive access to these tables.

“The User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself,” Frisk explains in his blog post.

To prove his claim, Frisk also provided a detailed breakdown and a proof-of-concept exploit. The issue only affects 64-bit versions of Windows 7 and Windows Server 2008 R2, and not Windows 10 or Windows 8.1 PCs, as they still require attackers to have physical access to a targeted system.

Buggy Patch Allows to Read Gigabytes of Data In a Second

Also since the PML4 page table has been located at a fixed memory address in Windows 7, “no fancy exploits” are needed to exploit the Meltdown vulnerability.

“Windows 7 already did the hard work of mapping in the required memory into every running process,” Frisk said. “Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or syscalls required – just standard read and write!”

Once read/write access has been gained to the page tables, it would be “trivially easy” to gain access to the entire physical memory, “unless it is additionally protected by Extended Page Tables (EPTs) used for Virtualization,” Frisk said.

All attackers have to do is to write their own Page Table Entries (PTEs) into the page tables in order to access arbitrary physical memory.

Frisk said he has not been able to link the new vulnerability to anything on the public list of Common Vulnerabilities and Exposures. He also invited researchers to test the flaw using an exploit kit he released on GitHub.

UPDATE: Microsoft Releases Emergency Patch

In the wake of the researcher’s finding, Microsoft released an emergency patch on Thursday for the vulnerability (CVE-2018-1038) introduced as a Meltdown patch issued by the company earlier this year.

The out-of-band security update for Microsoft Windows 7 and Windows Server 2008 R2 “addresses an elevation of privilege vulnerability in the Windows kernel in the 64-Bit (x64) version of Windows.”

According to the Microsoft advisory, the elevation of privilege flaw occurs when the Windows kernel fails to handle objects in memory properly. Successfully exploitation of this flaw could allow an attacker to run arbitrary code in kernel mode.

“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the advisory states.

No other Windows OS version is impacted, except Windows 7 Service Pack 1 (x64) and Windows Server 2008 R2 Service Pack 1 (x64).

So all admins and users of Windows 7 and Windows 2008R2 are strongly recommended to update their systems as soon as possible.

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

♪Black Sabbath – “War Pigs” Live Paris 1970

Dayummm! Can you feel the Love!!

Lyrics:

[Verse 1]
Generals gathered in their masses
Just like witches at black masses

Evil minds that plot destruction
Sorcerers of death’s construction
In the fields the bodies burning
As the war machine keeps turning

Death and hatred to mankind
Poisoning their brainwashed minds

Oh, Lord, yeah!

[Verse 2]
Politicians hide themselves away
They only started the war
Why should they go out to fight?
They leave that all to the poor! Yeah!

Time will tell on their power minds
Making war just for fun
Treating people just like pawns in chess
Wait ’till their judgement day comes, yeah!

[Verse 3]
Now in darkness, world stops turning
Ashes where their bodies burning
No more war pigs have the power

Hand of god has struck the hour
Day of judgement, god is calling

On their knees, the war pigs crawling
Begging mercy for their sins

Satan, laughing, spreads his wings
Oh, Lord, yeah!

STUNNING! FBI informant dropped Obama BOMBSHELL on Monday

The biggest scandal from former President Barack Obama’s eight years in office just added a new twist, thanks to a whistleblowing FBI informant — and it’s a story the mainstream media desperately wants to cover-up.

The Uranium One deal authorized by former Secretary of State Hillary Clinton and overseen by Obama was even more dirty than most people believe.

That’s according to William Douglas Campbell, a former FBI informant on Russia under the Obama administration. Campbell told The Hill on Monday that he provided mountains of evidence to the FBI that Russia was illegally assisting Iran’s nuclear weapons program — which was ignored by the Obama administration while Clinton signed off on Uranium One deal with Russia.

The FBI insider claims that Moscow was stealing secret copies of international monitoring reports on Iran’s nuclear program and sending them to the Ayatollah. Additionally, Russia was providing expertise and equipment to the Islamic dictatorship — which the Obama administration ignored.

At the same time, millions in dollars from this “same king of payment network” was laundering bribes between Moscow and American lobbyists working to win support from Hillary during Obama’s terms in office.

Former President Bill Clinton was also accepting hundreds of thousands of dollars in “speaker fees” from Moscow during this same time period.

“The people I was working with had been briefed by Moscow to keep a very low profile regarding Moscow’s work with Tehran. Moscow was supplying equipment, nuclear equipment, nuclear services to Iran,” Campbell said during his interview. “And Moscow, specifically the leadership in Moscow, were concerned that it would offset the strategy they had here in the United States if the United States understood the close relationship between Moscow and Tehran.”

“Campbell worked from 2008 to 2014 as an undercover informant inside Rosatom, Russia’s state-controlled nuclear giant, while posing as a consultant. He helped the FBI put several Russian and U.S. executives in prison for a bribery, kickback, money laundering and extortion scheme,” The Hill reported. “He said he became concerned the United States was providing favorable decisions to the Russian nuclear industry in 2010 and 2011 — clearing the way for Moscow to buy large U.S. uranium assets and to secure billions in nuclear fuel contracts — even as he reported evidence of Moscow’s help to Iran.”

In other words, the Obama administration was told by Campbell that Russia was actively trying to arm Iran with nuclear weapons. At the same time, the Clintons were accepting hundreds of thousands of dollars and also signing over control of 20 percent of our nation’s strategic nuclear reserve. Obama later shipped 400 million of dollars of taxpayer money to Tehran as part of his controversial nuclear deal with the Islamic dictatorship.

“I got no feedback. They took the reports and the reports, I assume, went to specific people assigned to analyze the reports and that was the last I heard of it,” Campbell said on his warnings to the FBI.

Democrats pushed back on Campbell’s credibility following his testimony in front of the Senate Judiciary Committee earlier this year. Republicans disagree, however.

White House Press Secretary Sarah Huckabee Sanders even told Fox News that, “if anyone colluded for a foreign government in [the 2016 presidential] election, it was the Clinton campaign — the Democrats.”

She’s right. If the mainstream media is looking for a Russian collusion narrative, they need to stop talking about Russia’s Facebook ad campaign in 2016.

The legacy media owes the American people the truth about Hillary and Obama’s dirty dealings with Russian dictator Vladimir Putin and their connections to Tehran.

Leader of Hacking Group Who Stole $1 Billion From Banks Arrested In Spain

bank-malware

Spanish Police has arrested the alleged leader of an organised Russian cybercrime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013.

In a coordinated operation with law enforcement agencies across the globe, including the FBI and Europol, Police detained the suspected leader of Carbanak hacking group in Alicante, Spain.

Carbanak hacking group started its activities almost five years ago by launching a series of malware attack campaigns such as Anunak and Carbanak to compromise banks and ATM networks, from which they swiped millions of credit card details from US-based retailers.

According to the Europol, the group later developed a sophisticated heist-ready banking malware known as Cobalt, based on the Cobalt Strike penetration testing software, which was in use until 2016.

“The magnitude of the losses is significant: the Cobalt malware alone allowed criminals to steal up to EUR 10 million per heist,” Europol said.

In order to compromise bank networks, the group sent malicious spear-phishing emails to hundreds of employees at different banks, which if opened, infected computers with Carbanak malware, allowing hackers to transfer money from the banks to fake accounts or ATMs monitored by criminals.

According to the authorities, the criminal profits were also laundered via cryptocurrencies, through prepaid cards linked to the cryptocurrency wallets, which were used to buy goods such as luxury cars and houses.

In early 2017, the gang of financially-motivated cybercriminals was found abusing various Google services to issue command and control (C&C) communications for monitoring and controlling the machines of its victims.

In separate news, Ukraine Police announced today the arrest of another member of Cobalt group in Kiev, for developing malware and selling personal data from citizens worldwide.

russian-hacker

The suspect was working with Cobalt group since 2016 and also involved in cyber-espionage activities. He allegedly sold a variety of malicious software in underground markets that allows anyone to access and control victims’ computers remotely.

“This global operation is a significant success for international police cooperation against a top-level cybercriminal organisation. The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity,” said Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3).

“This is another example where the close cooperation between law enforcement agencies on a worldwide scale and trusted private sector partners is having a major impact on top-level cyber criminality.”

Wang Wei - Hacking News
Security Researcher and Consultant for the government, Financial Securities and Banks. Enthusiast, Malware Analyst, Penetration Tester.