PLEASE HELP! My ClimateViewer PC is Dying!
https://www.youtube.com/watch?v=1KVjw-f7ZwA
Rootkit: What Is a Rootkit, Scanners, Detection and Removal Software
A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words "root" and "kit." Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network. Root refers to the Admin account on Unix and Linux systems, and kit refers to the software components that implement the tool. Today rootkits are generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.
What Can a Rootkit Do?
A rootkit allows someone to maintain command and control over a computer without the computer user/owner knowing about it. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine. A rootkit on an infected computer can also access log files and spy on the legitimate computer owner’s usage.
https://www.veracode.com/security/rootkit
What Is a Master Boot Record (MBR)?
What Does the Master Boot Record Do?
A master boot record consists of three major pieces: the master partition table, the disk signature, and the master boot code. Here's a simplified version of the role the master boot record plays when a computer is first starting up:
- BIOS first looks for a target device to boot from that contains a master boot record.
- Once found, the MBR's boot code uses the volume boot code of that specific partition to identify where the system partition is.
- That particular partition's boot sector is then used to start the operating system.
https://www.lifewire.com/what-is-a-master-boot-record-mbr-2625936
HBGary’s nemesis is a ‘16-year-old schoolgirl’
https://www.theregister.co.uk/2011/03/17/hbgary_anon_hacker_interview/
The WikiLeaks Threat - An Overview by Palan6r Technologies, HBGary Federal, and Berico Technologies
https://www.scribd.com/doc/161382957/US-Defense-Contractors-vs-WikiLeaks-Response-v6
Unmasked - How Anonymous took on a computer security firm, spilled its secrets to the world, and got the attention of Congress - all to keep its own identities a secret. Ars Technica book
The HB Gary Emails “12 Monkeys” - Wikileaks
https://wikileaks.org/hbgary-emails/?q="12+monkeys"
The agenda will be four fold:
Demo 12 Monkeys, for final handoff
Review keyboard emulation on task B, and discuss next steps to fill out the 80k (20k of the 100k has already been consumed)
a. Also, I will look to longer term as I recall there is still an additional 100k on the table) bringing us up to 380k. Based on my last discussion with them, they weren’t planning on dipping into this until Q4, or Q1 though.
Get an update on Project Athena (John Spiller requested we spend some time on this)
Skunkworks (a good couple of hours of sit down time with Shawn & Ben)
https://wikileaks.org/hbgary-emails/emailid/69842
The HB Gary Emails “BIOS rootkit” - Wikileaks
https://wikileaks.org/hbgary-emails/?q=bios+rootkit
From: Roberto Banfi [mailto: roberto.banfi@hackingteam.it]
Posted: Monday 30 March 2009 14.25
To: pt@hackingteam.it
Subject: New Rootkit Attack Hard To Kill
Those of Core Security have written a python program to install
a rootkit in the BIOS.
Not bad !!!
https://wikileaks.org/hackingteam/emails/emailid/978740
Indestructible, badass rootkit BadBIOS: Is this tech world’s Loch Ness Monster? VOTE NOW (2013)
https://www.theregister.co.uk/2013/11/01/breaking_badbios/
[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even “Nuke From Orbit” And HD Swap
CIA Vault 7: Projects - Wikileaks
Unified Extensible Firmware Interface Specification
https://wikileaks.org/ciav7p1/cms/files/UEFI%202_5.pdf
Vault 7: CIA Hacking Tools Revealed
https://wikileaks.org/ciav7p1/cms/page_22642800.html
LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/
Russia’s Sednit Deploys First Firmware-Level Rootkit in the Wild
Top NSA hacks of our computers (USB Hacks)
We've got three devices here: COTTONMOUTH-I, COTTONMOUTH-II and COTTONMOUTH-III, all about compromising systems through USB.
COTTONMOUTH-I is a smart "jacket" around a USB A plug. It monitors what's on the wire and communicates it either wirelessly to other COTTONMOUTH-1 devices or through a covert channel in the USB wire to STRAITBIZZARE software. COTTONMOUTH-II is a USB port with a built-in tap to communicate with STRAITBIZZARE. There is no wireless component.
COTTONMOUTH-III is a COTTONMOUTH-II and a tapped Ethernet port. Like COTTONMOUTH-I it has a wireless capability for communicating with other COTTONMOUTH devices and can talk to STRAITBIZZARE over the wire.
These ports are of the type soldered to the motherboard, and so they have to be installed through an interdiction of the computer or, conceivably, at the factory itself.
The document is dated 8/5/2008.
https://www.zdnet.com/pictures/top-nsa-hacks-of-our-computers/16/
“I am forever a Boy Scout, lifetime artist, nocturnal programmer, music is my life, love is my religion, and I am the luckiest husband and father on Earth. I speak for the trees. I have a passion for mapping, magnets, and mysteries.”
About Jim Lee
