Pages with tag Security

A Technologists Deep Dive into indictment detailing Russia's Hacking of the 2016 USA elections Since the 2016 USA elections evidence is piling up that Russia's Intelligence services attacked the election process with an attempt to derail Hillary Clinton's candidacy. Evidence is piling up in other countries about similar cybersecurity attacks by Russia against other elections. On Friday, the special prosecutors office investigating the USA election hacking (Robert Meuller's team) released an indictment laying out the Russian Intelligence service officers involved, and more importantly the technology and techniques being used. In part this story is about misapplying technology in order to create more chaos and confusion in the world.
Block remote root login via ssh on Ubuntu/etc to keep your server safe A moment ago I was checking the system logs on my Ubuntu server and found that in auth.log reports that someone was repeatedly trying to SSH login as root. The "root" entry in /etc/passwd is setup so that no password will ever be matched, so perhaps this potential cracker would never get into my server anyway. But the requests are using bandwidth - and what if they were able to figure out a password that would work? Why not just block remote SSH login access to logging in as root in the first place? It's a bad idea to login directly as root - instead the recommended best practice is to login as a regular user then use sudo to perform things requiring super user access.
Brickerbot, vigilante software aiming to kill malicious botnets by killing IoT devices The last few months has seen escalating botnet activity on the Internet. The botnet operators are targeting non-existent security in certain Internet of Things devices. Some devices, like wireless security cameras or baby monitors, are not only connected to the Internet, but have gaping security holes. Using those holes, botnet operators have ammassed vast flotillas of Internet devices that can be commanded to attack targets on the Internet. Last fall several attacks, larger than any previously seen, attacked several large sites and even brought down critical Internet infrastructure on a few instances. The Brickerbot appears to be a Botnet purposed with destroying those malicious botnets. One hopes the cure is better than the illness.
Build a security camera system with Raspberry Pi Zero and cheap webcams Implement a full security camera system supporting multiple cameras, with night vision, motion detection, uploading video to Google Drive, all built on the Raspberry Pi Zero platform. The Zero W makes a perfect security camera because of its small size, and the NO-IR camera supports night vision (with IR light source) in a slim case that directly supports the camera.
Build your own security camera system with Raspberry Pi and cheap webcams You can build a powerful and flexible motion sensing security camera system using open source software on a Raspberry Pi and similar single board computers. The key is the MotionEyeOS that neatly bundles everything you need into a Raspberry Pi image. Simply burn it to an SD card, attach cameras, boot the Raspberry Pi, and start configuring. It easily supports monitoring multiple cameras, which can be USB webcams, WiFi cameras, the Raspberry Pi camera, or other MotionEyeOS instances. I have an original-version Raspberry Pi (low CPU power) driving two cameras and it handles things just fine.
Example phishing attempt - bogus try at grabbing $10,000 in BTC In the interest of exposing scammers let me share a phishing attempt I just recieved. The email includes a lot of technological-sounding phrases that are a threat to reveal compromising information. The supposed kompromat would be deleted if one sent some BTC to a named address, otherwise it'll be shared to all my friends.
Fixing 'Enter passphrase for /dev/fd/63' in a Gitlab CI job If you're a Gitlab user you're probably hoping to use Gitlab CI to automate builds and deployments. You probably want to deploy something using rsync, using an SSH key for security. Unfortunately (in my opinion) the official Gitlab documentation is confusing. While the Gitlab team does provide example .gitlab-ci.yml files that are supposed to work, the actual specifics of what to do are sketchy, and I found myself puzzling over a curious error message: "Enter passphrase for /dev/fd/63" ... WTF?
Guccifer 2.0 and fake Romania connections to Russia hacking 2016 USA elections Last Friday (July 13, 2018), the Meuller team issued an indictment of a handfull of Russian GRU agents who are claimed to have hacked the DNC and DCCC servers, then distributed stolen information in an attempt to discredit the Hillary Clinton campaign. Or maybe the goal was to have Donald Trump elected President, which did happen. In any case a big figure in the story is Guccifer 2.0, who purported to be a Romanian hacker, but the Meuller team claims was actually Russian agents. This seems like an interesting angle to explore a bit.
Installing OpenVPN on a Raspberry Pi Zero W, inexpensive security for your peace of mind Nowadays our personal privacy is being threatened by new government policies. Fortunately the open source world gives us tools with which to secure our lives. This tutorial goes over installing OpenVPN on your home network, giving you a secure method to access resources on your home network from anywhere else. Suppose you have a NAS with many terabytes of data at home, but you're traveling thousands of miles away and need to access that data. A VPN service on your home network provides a porthole through which to do so, provided you have VPN software on the computer you're carrying.
Is HTTPS Dangerous? HTTPS is incredibly useful but there may be critical flaws making it dangerous

HTTPS encrypts our website connections and it authenticates website identity. Both are excellent reassurances for website users, to give us a feeling of safety online. The video attached here makes a bold claim that HTTPS is actually dangerous. Let's take a look at that claim.

Node Cookbook is great for deeper understanding of Node.js programming
Node Web Development 2nd edition has been released!!
Wikileaks reveals CIA iPhone penetration team: hacking the iPhone A new batch of 8,761 files was released on Tuesday by WikiLeaks that alleges that the U.S. Central Intelligence Agency (CIA) has a dedicated iOS exploit team —and lacks the ability to keep the attack vectors under lock and key. They either bought or developed in-house a large pile of iPhone hacking tools. They were collected by the CIA's Center for Cyber Intelligence (CCI), a group of over 5000 members, and have been used to directly target over 10,000 people. However, the tools have escaped the CIA and are now circulating among former U.S. government hackers and contractors in an unauthorized manner. It is one of those people who released the information to Wikileaks.
2016 Election Acer C720 Ad block AkashaCMS Amazon Amazon Kindle Amazon Web Services America Amiga and Jon Pertwee Android Anti-Fascism AntiVirus Software Apple Apple Hardware History Apple iPhone Apple iPhone Hardware April 1st Arduino ARM Compilation Artificial Intelligence Astronomy Astrophotography Asynchronous Programming Authoritarianism Automated Social Posting AWS DynamoDB AWS Lambda Ayo.JS Bells Law Big Brother Big Data Big Finish Big Science Bitcoin Mining Black Holes Blade Runner Blockchain Blogger Blogging Books Botnets Cassette Tapes Cellphones China China Manufacturing Christopher Eccleston Chrome Chrome Apps Chromebook Chromebox ChromeOS CIA CitiCards Citizen Journalism Civil Liberties Clinton Cluster Computing Command Line Tools Comment Systems Computer Accessories Computer Hardware Computer Repair Computers Conservatives Cross Compilation Crouton Cryptocurrency Curiosity Rover Currencies Cyber Security Cybermen Cybersecurity Daleks Darth Vader Data backup Data Formats Data Storage Database Database Backup Databases David Tenant DDoS Botnet Department of Defense Department of Justice Detect Adblocker Developers Editors Digital Photography Diskless Booting Disqus DIY DIY Repair DNP3 Do it yourself Docker Docker MAMP Docker Swarm Doctor Who Doctor Who Paradox Doctor Who Review Drobo Drupal Drupal Themes DVD E-Books E-Readers Early Computers Election Hacks Electric Bicycles Electric Vehicles Electron Eliminating Jobs for Human Emdebian Encabulators Energy Efficiency Enterprise Node EPUB ESP8266 Ethical Curation Eurovision Event Driven Asynchronous Express Face Recognition Facebook Fake News Fedora VirtualBox Fifth Doctor File transfer without iTunes FireFly Flash Flickr Fraud Freedom of Speech Front-end Development G Suite Gallifrey git Github GitKraken Gitlab GMAIL Google Google Chrome Google Gnome Google+ Government Spying Great Britain Green Transportation Hate Speech Heat Loss Hibernate Hoax Science Home Automation HTTP Security HTTPS Human ID I2C Protocol Image Analysis Image Conversion Image Processing ImageMagick In-memory Computing InfluxDB Infrared Thermometers Insulation Internet Internet Advertising Internet Law Internet of Things Internet Policy Internet Privacy iOS Devices iPad iPhone iPhone hacking Iron Man iShowU Audio Capture iTunes Janet Fielding Java JavaFX JavaScript JavaScript Injection JDBC John Simms Journalism Joyent Kaspersky Labs Kext Kindle Kindle Marketplace Large Hadron Collider Lets Encrypt LibreOffice Linux Linux Hints Linux Single Board Computers Logging Mac Mini Mac OS Mac OS X Machine Learning Machine Readable ID macOS macOS High Sierra macOS Kext MacOS X setup Make Money Online March For Our Lives MariaDB Mars Mass Violence Matt Lucas MEADS Anti-Missile Mercurial MERN Stack Michele Gomez Micro Apartments Microsoft Military AI Military Hardware Minification Minimized CSS Minimized HTML Minimized JavaScript Missy Mobile Applications Mobile Computers MODBUS Mondas Monetary System MongoDB Mongoose Monty Python MQTT Music Player Music Streaming MySQL NanoPi Nardole NASA Net Neutrality Network Attached Storage Node Web Development Node.js Node.js Database Node.js Performance Node.js Testing Node.JS Web Development Node.x North Korea npm NVIDIA NY Times Online advertising Online Community Online Fraud Online Journalism Online Photography Online Video Open Media Vault Open Source Open Source and Patents Open Source Governance Open Source Licenses Open Source Software OpenAPI OpenJDK OpenVPN Palmtop PDA Patrick Troughton Paywalls Personal Flight Peter Capaldi Peter Davison Phishing Photography PHP Plex Plex Media Server Political Protest Politics Postal Service Power Control President Trump Privacy Production use Public Violence Raspberry Pi Raspberry Pi 3 Raspberry Pi Zero ReactJS Recaptcha Recycling Refurbished Computers Remote Desktop Removable Storage Republicans Retro Computing Retro-Technology Reviews RFID Rich Internet Applications Right to Repair River Song Robotics Robots Rocket Ships RSS News Readers rsync Russia Russia Troll Factory Russian Hacking Rust SCADA Scheme Science Fiction SD Cards Search Engine Ranking Season 1 Season 10 Season 11 Security Security Cameras Server-side JavaScript Serverless Framework Servers Shell Scripts Silence Simsimi Skype SmugMug Social Media Social Media Networks Social Media Warfare Social Network Management Social Networks Software Development Software Patents Space Flight Space Ship Reuse Space Ships SpaceX Spear Phishing Spring Spring Boot Spy Satellites SQLite3 SSD Drives SSD upgrade SSH SSH Key SSL Stand For Truth Strange Parts Swagger Synchronizing Files Tegan Jovanka Telescopes Terrorism The Cybermen The Daleks The Master Time-Series Database Tom Baker Torchwood Total Information Awareness Trump Trump Administration Trump Campaign Twitter Ubuntu Udemy UDOO US Department of Defense Virtual Private Networks VirtualBox VLC VNC VOIP Vue.js Walmart Weapons Systems Web Applications Web Developer Resources Web Development Web Development Tools Web Marketing Webpack Website Advertising Weeping Angels WhatsApp William Hartnell Window Insulation Windows Windows Alternatives Wordpress World Wide Web Yahoo YouTube YouTube Monetization