You are not logged in.
Heart of South Korea’s satellite operations breached in cyberattack
https://www.chosun.com/english/national … LOLWV4DJ4/
The Korea Satellite Operations Center, tasked with managing Multipurpose Satellites for reconnaissance satellites, and the Compact Advanced Satellite 500, a public satellite, has fallen victim to a hacking incident. The full extent of the breach remains uncertain, highlighting significant vulnerabilities in South Korea’s space infrastructure. This comes at a critical time, just before the inauguration of the Korea Aerospace Administration, a significant initiative under President Yoon Suk-yeol’s administration.
South Korea’s National Intelligence Service (NIS) has confirmed a recent cyber intrusion at the Korea Satellite Operations Center in Jeju.
KARI oversees critical Earth observation satellites, such as the Multipurpose Satellites and Compact Advanced Satellite 500, with the NIS being its principal client. The Arirang 3 satellite has an optical camera capable of detailed ground observations (to 70 centimeters), whereas the Arirang 3A features a 55-centimeter resolution camera and an infrared camera for nighttime surveillance.
The NIS is currently working to identify the perpetrators, the methods employed in the hack, and the nature of the compromised data. An NIS official emphasized the agency’s crucial collaborative efforts with the Ministry of Science and ICT.
A security control specialist suggested the likelihood of North Korea’s involvement, saying, “The hack likely originated from North Korea.” Given the history of cyber-attacks on governmental bodies, often traced back to North Korea, and the similarities in the hacking techniques observed, there is a strong suspicion that North Korea could be behind this incident. A breach of the Korean Satellite Operations Center by North Korean operatives could endanger a wide range of sensitive data, including security, economic, and environmental information, gathered by South Korea’s Multipurpose Satellites. These satellites have monitored South Korea and other global regions for over two decades, holding potentially sensitive data about crucial allies.
Offline
A major hacking seems to be under way....
Void reported the 404 Not Found for NewMars.com, and I decided to send email to a major US TV network, in hopes someone there would investigate and report on air if there is something major going on.
One interpretation of the behavior we are seeing is that DNS servers have been taken over, and not every web site is being intercepted, but ours obviously is.
The behavior we are seeing can be explained if a DNS server that is supposed to forward packets to us is returning the 404 message when it gets a match on the URL.
The hacking might be localized. Void and I are served by different DNS servers. Or the hacking could be at a higher level, so that more Internet users would see the error.
(th)
Offline
ChatGpt4 has some general advice...
Web Security Incident Report
Overview: We have observed unusual behavior on our website, characterized by a specific error message "404 Not Found CIPI CIPI CAPA CAPA DUBI DUBI" appearing in lieu of expected content. This incident suggests potential security concerns that warrant immediate attention.
Potential Causes:
DNS Hijacking or Poisoning: The possibility of DNS compromise, affecting traffic direction.
Web Server or Website Compromise: Indications of alterations or malicious rule injections on the web server.
Misconfiguration or Malicious Scripts: Potential misconfigurations or the presence of malicious scripts causing unintended behavior.
SEO Spam or Defacement: The unusual message might be an attempt at either SEO manipulation or simple defacement.
Recommended Actions:
Immediate Investigation: Review web server logs for anomalies and check for unauthorized changes to website files or configurations.
Security Audit: Conduct a thorough security audit for vulnerabilities and ensure all components are up to date.
Check DNS and Web Server Configuration: Verify the integrity of DNS settings and web server configurations.
Contact Hosting Provider: Notify your hosting service of the incident for additional support and insights.
Conclusion: While a broad DNS attack is less likely, the evidence suggests a compromise localized to our web infrastructure. Immediate and comprehensive measures are crucial to identify the breach, secure the website, and prevent future incidents.
(th)
Offline
Some in overseas places to avoid a spying government politically intrusive instead bounce their signals and use VPN. Not every fix solution offered will be helpful, you will have to use common sense some people can be a wolf in sheep's clothing, some offered solutions will be trying to collect your data or 'Phishing'. An attack and then something 'is inaccessible' Some build their own computers and networks, others said OpenDNS was maybe going to be a thing. This could be the new world we enter and we can expect more world website shutdowns and disruptions, life essential and safety sites like weather info getting hit? sometimes someone might wrongfully report a site for 'offense' to an Internet Company linked to government, file reports suddenly a biggest ISP will then start DNS blocking, other sites get reported for a copyright on images or song links, artist property or 'File Sharing site' goes down, a site can get hit because it has a post which criticized a certain Government.
The Best Free and Public DNS Servers (2024)
https://www.lifewire.com/free-and-publi … rs-2626062
Use 8.8.8.8 and 8.8.4.4 for Google's DNS service. Here are more options from other companies
2019 article
Internet gatekeeper warns of 'ongoing and significant' DNS attacks
https://www.engadget.com/2019-02-24-ica … tacks.html
It's urging tighter security for web domains.
'There have been escalating reports of attacks on DNS, ICANN said, including hijacking attempts that point domain visitors to rogue servers. Some of these appear to have been state-sponsored attacks from Iran'
one way I knew people got back into their site was to try directly accessing the IP addresses, the the future AI might fall into the wrong hands pressure from the political groups or gangsters is maybe going to be extreme. Some say Red Hat Hackers they say are Not to be confused with the Red Hat Linux OS or Red Hat Inc an open source software company...they say Red Hat are good guys but sometimes support vigilantes?
'introduction to Domain Name Servers article'
https://www.redhat.com/sysadmin/dns-domain-name-servers
Tahanson is it coming from within the US or is it an attack by proxy say India, Cambodia, Qatar, South Africa, Vietnam, if attacks come from one place you could put a temporary 24 hr ban on the origin of attack.
anyways some possible relevant stuff
'How can you tell if HNS is working?'
https://www.privateinternetaccess.com/b … ystem-hns/
Build your own DNS server on Linux
https://opensource.com/article/17/4/bui … ame-server
Learn how to use BIND to set up your own server for resolving domain names.
Offline
For Mars_B4_Moon re #154
Thank you for your review of multiple topics in the theme of hacking...
I wondered about your suggestion of using the IP address, and got this:
Site Not Found
Well, this is awkward. The site you're looking for is not here.Is this your site? Get more info or contact support.
This message comes from Dreamhost, which is our Internet provider. I interpret this as a sign they are aware of and working on the problem.
The web page that should appear is not available, but it is not a major attraction for us or for Mars Society.
It is helpful that the subfolder "forums" is still operating normally.
The main function of the top level page was to provide a link to the forums.
For a while it appears we need to make sure anyone we point to the forum is aware they need to add the folder "/forums" to the URL.
***
If anyone is interested, the main Mars Society site is working normally...
we are still operating with http: (no security)
I expect that this incident will lead to pressure to convert the forum to https....
Our current work on FluxBB to enable it to run with modern PHP and MySQL would be a step toward that goal.
(th)
Offline
hackers and bots backed up by Hindu Nationalism?
Intelligence Report Says Bots and Fake Accounts Linked to India’s Governing Party are Harassing Canadians
https://pressprogress.ca/intelligence-r … canadians/
Offline
For SpaceNut ....
Thanks to your leadership, our forum is free of hacker attack successes.... We are still being attacked by bots every day and every minute of every day, but for several years now not ONE of those bots has penetrated the strong defense you set up.
However, Dr. Lewis Dartnell's older phpBB forum is under serious attack and the hackers have found a way to promote themselves from Newbee to Regular Member. I've notified Dr. Dartnell, and he responded recently to acknowledge the situation.
Below I will show the status of the Knowledge forum as of a few minutes ago. I'm planning to post similar messages to show the progress of the assault. Eventually I assume/hope Dr. Dartnell will decide on a response. In the meantime, the number of fake members is growing at the rate of hundreds per day.
WHO IS ONLINE
In total there are 372 users online :: 2 registered, 0 hidden and 370 guests (based on users active over the past 5 minutes)
Most users ever online was 437 on Thu Apr 18, 2024 9:51 pmRegistered users: Barbarafrers, tahanson43206
STATISTICS
Total posts 2371 • Total topics 323 • Total members 27849 • Our newest member eseiceseqav
Note: there are only about a 1000 ** real ** members in the Knowledge forum, just as we have about 1000 ** real ** members in NewMars.
The total number of fake accounts is therefore on the order of 27,000 and growing rapidly.
***
Update ... here is the corresponding report for NewMars...
Newest registered user: GStanley2023
Registered users online: 0
Guests online: 115
Of the 115 "guest" I am the only "real" entity. All 114 of the others are bots.
In our multiple initiatives to investigate options for the forum, we have the opportunity to investigate whether we might be able to characterize the "guests". There may be a way to determine if they are human or bot, but at this point, I don't know what such a method might be. Analysis of the IP address ** is ** possible, and we could easily report the country of origin of each "guest". Google does something similar with it's web site reporting tool.
Come to think of it, we might be able to install the Google web site reporting tool. We set that up for the Living Universe web site, and it produced interesting results.
(th)
Offline
For SpaceNut re Turning off Registrations...
If you will document how to do that, I'd be happy to forward your instructions to Dr. Dartnell.
As you do so, please keep in mind that it has literally been years (since 2018) that he opened a session on the Knowledge forum.
Your advice needs to be written for someone who has forgotten almost everything about how to run the site, and in any case, never knew how to shut off Registration. While you're at it, please find out where the text we see at our Registration page is stored. That needs to be changed to point to our new registration procedure, and now that we have a Webmaster (kbd512) we can change it. (Assuming you cannot, which is possible).
(th)
Offline
For SpaceNut re Turning off Registrations....
Please document how to do that in the new phpBB3 test site.
I'd be happy to forward your instructions to Dr. Dartnell at discuss.the-knowledge.org
***
Here is the status of the hacker assault today:
WHO IS ONLINE
In total there are 156 users online :: 3 registered, 0 hidden and 153 guests (based on users active over the past 5 minutes)
Most users ever online was 582 on Fri Apr 19, 2024 10:08 pm
Registered users: epehobo, tahanson43206, valtrex 500mg coupon
STATISTICS
Total posts 2382 • Total topics 323 • Total members 28274 • Our newest member valtrex 500mg coupon
Here is yesterday's report:
Total posts 2371 • Total topics 323 • Total members 27849 • Our newest member eseiceseqav
The increase of "members" is 425 That's a ** lot ** ... the hackers seem to have found a weak site and are going after it.
(th)
Offline
For SpaceNut re hacker attacks on Knowledge web site...
Just FYI ... this is like watching a slow train wreck ...
206,944,697 km [26.5 km/s] Update Monday 2024/04/22 12:20 UTC Sun Mars Distance
Total posts 2383 • Total topics 323 • Total members 29137 • Our newest member abigiux
29137 - 28278 >> 859 << Number of new spammer accounts added in 24 hours
(th)
Offline
So, if we can do what we have done with registration and spammer account conversion then there is no reason from what I have seen to turn it off as we have done here.
Offline
For SpaceNut re #161
Thanks for thinking about Dr. Dartnell's situation.... His forum is being flooded with spammer applications for "membership".
He has written (by email) to confirm that he is (now) aware of the situation.
I have recommended turning off registration as you have done.
However, to this point, Dr. Dartnell has not logged in.
I'll continue to report on the increases of spammer accounts.
(th)
Offline
Status of Knowledge forum on 2024/04/24...
206,880,333 km [26.5 km/s] Update Wednesday 2024/04/24 12:10 UTC Sun Mars Distance
Total posts 2383 • Total topics 323 • Total members 30015 • Our newest member ufwrasikosm
30015 - 29578 >> 437 << Number of new spammer accounts added in 24 hours (crossed 30,000)
For SpaceNut ... if this pace keeps up, and Dr. Dartnell takes no action to stem the flood, the site will cross 40,000 in 25 days or so.
One benefit of all this activity is that it gives the Knowledge forum server some exercise.
(th)
Offline
Graham says FBI has his phone after possible hack
https://thehill.com/homenews/senate/463 … hone-hack/
Sen. Lindsey Graham (R-S.C.) says the FBI has his phone after someone tried to scam him by impersonating a communication from Senate Majority Leader Chuck Schumer (D-N.Y.), raising the possibility that one of the senators’ phones was hacked. “My phone is in the hands of the FBI now,”
Offline
German foreign minister says Russia will face consequences for 'absolutely intolerable' cyberattack
https://apnews.com/article/australia-ge … 7b0f0b5971
Offline
Russia leaves thousands of planes without GPS in northern Europe
Offline
Yet another top US healthcare service provider has been hacked, with patient data exposed
Following the likes of ChangeHealthcare, Kaiser, Cencora, and several others during the past few months, another major US healthcare service has reported suffering a cyberattack that resulted in the theft of sensitive patient data.
This latest victim is HealthEquity, which was on the receiving end of an apparent supply chain attack. In an 8-K form, filed with the US Securities and Exchange Commission (SEC) earlier this week, HealthEquity reported how earlier this year, as it was routinely monitoring its systems, it discovered “anomalous behavior by a personal use device belonging to a business partner.”
Offline
This is likely the biggest password leak ever: nearly 10 billion credentials exposed
Cybersecurity researchers are calling it the largest password compilation leak of all time.
On July 4, a newly registered user on a popular hacking forum posted a file containing nearly 10 billion compromised passwords in plaintext. "Xmas came early this year," user "ObamaCare" wrote on the forum. "I present to you a new rockyou2024 password list with over 9.9 billion passwords!"
So much for medical systems shielding information...
Offline
Those that like banking by cepllphone look out as Android banking Trojan evolves to evade detection and strike globally
Offline
Yahoo is reporting widespread Internet outages this morning. The impact appears to be significant for major corporations such as banks and airlines. I'd be interested in any impacts our members might see.
NewMars seems to be holding up for now.
(th)
Offline
Crowdstrike struck hard, they struck fast, and apparently they took down many of their own customers, including me. It's a good thing that Microsoft came to terms with how crash-prone their software is, and created a method to recover from their self-inflicted software.
I have a brilliant idea. We should create all-electronic vehicles running that same software, and design them in such a way that they cannot continue to function at all without their operating system, to absolutely ensure we bring everything to a grinding halt. We could control the engines and navigation systems aboard airliners in the same way. Nothing could possibly go wrong with that.
Who really needs banks or airliners to function, anyway?
Offline
Think of how efficient the grid could be if we did that with home appliances too.
Use what is abundant and build to last
Offline
Offline
Here's another wild and crazy thought:
No critical infrastructure should run on a Windows OS. None. Ever. All versions of Windows, from the very first variants to the present variants, consistently fail to operate reliably without an endless stream of software patches to every aspect of the OS. By the time any particular variant of Windows is reasonably stable, Microsoft has already moved on to creating the next generation of fundamentally unreliable software.
A vibrant OS platform is one that provides reliable operation and security to its users, while remaining supportable by the corporation that created it. Seeking endless novelty for the sake of "newness" is not how you make computers more reliable and secure. As time marches on, there seems to be less and less focus on durability and security than on adding new features. Beyond a certain point, adding features only makes the OS so complex to maintain and troubleshoot that it ceases to provide value, because the majority of your development effort is tied up fixing whatever you initially mucked up.
I get that mistakes are inevitable with any type of technology, regardless of complexity, but the word "critical" which appears before "infrastructure" indicates its relative importance if it goes down, and why novelty is neither required nor desirable for "must have" functionality, such as a medical doctor being able to log in to his machine, review patient data, and evaluate how to treat the patients. Similarly, the entire government should not shut down for a day because a software patch knocked out all the computers they rely upon to communicate.
I also feel as though the fellow tahanson43206 had on here, albeit briefly, who was looking at SRAM-based computers, should be something that our government and infrastructure providers give careful consideration to. I read his paper and I think he makes good points about why we need a fundamentally different kind of computing for something like bank transactions vs sending "tweets". A very shrewd evaluation of what is necessary vs what is novel should be made, and then our infrastructure should be secured accordingly.
Offline
How much energy does AI presently use?
The agency says current data center energy usage stands at around 460 terawatt hours in 2022 and could increase to between 620 and 1,050 TWh in 2026 — equivalent to the energy demands of Sweden or Germany, respectively.
If we're presently devoting more energy to computers than all the world's airline services devote to fly commercial jets, and 50% of the cost of a car is all the electronic gadgetry it contains, is that not a sign that we've gone too far?
When, if ever, have we devoted enough energy to trying to replace people with machines?
Do we actually need to replace the labor provided by people with AI machines, or is this merely another hate-based anti-humanist activity masquerading as something it's not?
Assuming that we're not already living in "The Matrix", or some other advanced form of computer simulation, then why are we so desperate to create "The Matrix" or "SkyNet"?
Haven't we already seen how both of those movies ended, or what life was generally like within those dystopias, and thus we already know that we don't want that to be our fate, assuming we're modestly sane and rational?
Offline