Divemedic – Page 228

Spear Phishing

Your phone rings. The caller ID is one you recognize as being from Chase bank. The call sounds legit:

A few seconds later the phone buzzes and it’s a text message from 227895 number which is the same number you always receive the verification code from.

You quickly type it in to confirm that it is in fact you. You sure are glad that the Chase Fraud department is working overtime, you think to yourself….

Your bank account has just been cleaned out because the hackers that spoofed you just transferred all of the money in it to an offshore account.

These bots can target Banks, Credit cards, Apple Pay, PayPal, GoDaddy, Amazon, Coinbase, and virtually any platform that is “secured” with the SMS version of 2FA or MFA. The process for these bots is so streamlined that just about anyone with virtually no IT knowledge (script kiddies) can quickly get this bot up and running. The hackers no longer have to even be fluent in English or converse with their victims on the phone to con their way in.

At this point, we are all used to recorded voice calls, SMS authentications, etc., and we don’t think twice about it. Some of these bots are open source, with instructions on how to run them, but a black hat can pay a few hundred bucks to get a good one that is pre-configured and comes with tech support. With these SMS Bypass Bot calls as a service, any wannabe hacker can pull it off fairly easily with very little tech background or hacking skills needed.

So a hacker gets himself a computer system with a high end graphics card and installs one of these password cracking programs, and armed with the information from a data breach, soon has your login credentials. So for less than $1,000 and about 2 hours’ work and a few hours of letting the cracking tool find valid credentials, he now has your username/password pair.

Now he initiates the MFA calling bot, and soon has your one time pin. Call it a $1500 investment, a day’s labor, and a week of elapsed time, and he just made off with the contents of your bank account. How much was in there? Twenty thousand? Forty? Or only a couple of thousand bucks?

Since many countries have an average annual income that is far less than $10,000 a year, even $850 is a month’s pay and is certainly worth a criminal’s time. Now imagine that he is likely doing this a hundred times a week.

It’s just that easy.

By Divemedic, 3 yearsJanuary 16, 2023 ago

Crime

Criminal Operation Zone

A family at the Orlando airport discovered that gun free zones are simply areas where criminals can operate in a safe environment. The patriarch dropped his wife and kids off curbside, but was immediately car jacked at gunpoint, and his car stolen. The car was later recovered about 20 miles away from the airport.

Criminals know that everyone entering and leaving the airport are disarmed. This creates a safe working environment for them to carry out their violent, armed crimes.

By Divemedic, 3 yearsJanuary 16, 2023 ago

economics

No Money for White People

Wells Fargo was sued in April 2022 for not loaning money to enough black people. On December 21, the bank reached a settlement agreement where they agreed to pay $3.7 billion in damages and civil penalties.

The bank has decided to take the only path that makes sense from a business standpoint. They are not going to lend any more money to white people. The noose tightens. If you are a white person with a job, you aren’t wanted in this society.

By Divemedic, 3 yearsJanuary 16, 2023 ago

COVID

Back Pay

So now the military wants to reinstate those who were kicked out for refusing the vax, complete with back pay. So what happens to those who were kicked out, but whose normal EOAS date has since passed? Do they still get their checks? Or is it only the ones who agree to be reinstated?

But who says that any of them want to serve under the freak show that is their chain of command?

By Divemedic, 3 years ago

Gaming the Courts

Late to the Party

I can’t believe that I missed this story, but better late than never.

At first glance, you would not think that Nikki Fried would be suing the Florida Department of Law Enforcement because the FDLE declared that a woman was ineligible for a Florida CCW. After all, Fried is a notorious antigun asshat. But sue the Florida Department of Agriculture did.

It all started when a woman, identified by her initials of M.S., tried to get a concealed weapons permit. In Florida, it is the Department of Agriculture that issues the permits, but it is the Florida Department of Law Enforcement that does the background checks. So FDLE did the background check and declared that M.S. has items in her criminal past that would make her ineligible to receive a CWP. The woman did what any of us would do and appealed the decision, demanding to know why she was denied. That’s when things went sideways.

In preparing for the appeal, the Dept of Agriculture asked FDLE to list the specific disqualifying offenses, but FDLE replied that her offenses must be kept secret due to Federal Law. Since Florida case law is explicit on this- if the Dept of Agriculture can’t list the specific disqualifying events, they must go ahead and issue the CWP.

I fully support this. If the government wants to take action against someone, they have to provide the evidence. If the providing the evidence is counter to the government’s interest, then they have a decision to make- release the evidence, or respect the rights of the citizen. There should be no “Open your mouth and close your eyes, you can trust us” stuff going on with regards to citizen rights.

At any rate, Fried’s department wanted to deny M.S.’s permit, so they filed a lawsuit against the FDLE, intending to force them to release the evidence. Now that Fried is out of office, that lawsuit has been settled out of court. I certainly hope that M.S. got her permit, or at least was able to see why not. A people cannot be free when they are subject to secret courts, hearings, laws, and decisions.

By Divemedic, 3 yearsJanuary 15, 2023 ago

Rigging the vote

Constitution

Congress in the past apparently knew that it takes a Constitutional Amendment for the Federal government to tell the states who can and cannot vote. That appears to no longer be the case*. My how things have changed in only 50 years.

* This has no chance of passing, but still…

By Divemedic, 3 yearsJanuary 15, 2023 ago

Anti American left

Thoughts on ATF rule

Correia for the Win

Talking about the new brace rules I just had some tough guy on FB tell me “who cares what the ATF says?”
Uh…
Everybody with a flammable house and a non-bulletproof dog should care. This is not an agency known for its calm nuanced approach.
— Larry Correia (@monsterhunter45) January 13, 2023

This next one is the truth. I am a life member of the NRA, but mostly because I paid for it almost 20 years ago. I haven’t had faith in them in at least 10 years. Shoot, last month they sent me an email asking me to renew my membership, which shows you how with it they are.

You figured it out, dude. Nobody honestly has interests you don’t or different preferences; we’ve all been tricked somehow, ignorant victims being manipulated by the NRA.

The fact that they still think the NRA is even relevant in gun culture shows how little they know. pic.twitter.com/gIXQOLTQm9
— Mike Kupari 🚀💥 (@RocketPulpHack) January 14, 2023

I wasn’t convinced by gun manufacturers or the NRA that I need military weapons. I was convinced by asshats like you making statements about wanting to eliminate me.

By Divemedic, 3 yearsJanuary 14, 2023 ago

Account and INFO Security

LifeLock Breach

The password manager run by Norton has seen hackers breach its customers’ information in a credential-stuffing attack.

Credential stuffing is the automated use of stolen username and password pairs purchased online. Since many users will re-use the same password and username/email, this sort of thing is frequently successful.

Since these people reused passwords, they exposed their accounts. It didn’t have to happen, but they weren’t using secure password practices.

By Divemedic, 3 yearsJanuary 13, 2023 ago

Cops

Cops Harassing People

Falling asleep on a park bench will get the cops to check up on you. Ok, I’m fine with that. Then they decided that he wasn’t giving them the information they wanted, so they decided to arrest him. This sort of thing is why police immunity should be conditional on whether or not the police were acting within the law, within department policy, or at least making an attempt to do so.

Sometimes I wonder if we would be better off getting rid of the cops and handling criminals ourselves.

By Divemedic, 3 yearsJanuary 13, 2023 ago

Firearms

SB Tactical Gets Pwned

A company that makes pistol braces gets its customer database breached. There are four possibilities here:

ATF was doing a little illegal sneak and peek so they know whose dogs to shoot
ATF had one of their partner informants do it for them
A freelance SJW is planning on outing everyone
Criminals are just doing what they do

I am betting that the incident is either 2, above. Some lefty is going to anonymously notify the ATF that they have a list of lawbreaking owners of SBRs. Since the new rule outlawing unregistered pistol braces was published today, you have 120 days to register your (now) SBR or become a felon. Isn’t that a sweet little coincidence?

The miscreants got away with each user’s credit card number, expiration date, CCV code, cardholder name, address, phone number, and email address. If you have ever done business with SB tactical, you should consider all of that information as being compromised and in the possession of people who mean to steal your money, your life, or your freedom.

We know that the feds are now enlisting people in the private sector to do their unconstitutional dirty work. It can’t be too much longer before the informers are everywhere and people become vzyali.

On a side note, as of today I will no longer be in possession of a pistol brace equipped firearm. I am not registering shit.

By Divemedic, 3 yearsJanuary 13, 2023 ago