An email from the Russian Equifax Hackers

I emailed the Equifax hackers at the email posted on their darknet site and they responded with the following:

We are processing information is not a single file and we must still
unite which data correspond to which people.

We are not going to give interviews.

We do not have expectations to collect anything so that on the 15th
everything will be published except the credit cards.

09/15 at 4pm UTC


PastHole
Оборудование для взлома

Note the Russian signature, loosely translated by Google translate to: “Equipment for hacking”. A quick google search says the name may have to do with Wardriving – an old technique for picking up insecure wifi for mobile roaming wifi. It is rather presumptuous to say they’re a Russian hacking group, but the Russian signature does raise an eyebrow.

The email is signed with their PGP signature.

Mysterious cloudflare.works and eager.works domains

While checking on my site report for google adsense, I came upon this mysterious “cloudflare.works” domain coming up in the referral traffic.

cloudflare.works in AdSense Site Report

The site was only showing up as a couple hits a month. Upon attempting to visit any of the displayed subdomains, I’m presented with a message:

This may not be the page you're expecting (request failed security checks).

The site seems to host a variety of content including some miscellaneous javascript code, apparent court case documents and a cloudflare developer tos page.

    The eager.works domain is used to help users of <a href="https://eager.io">Eager</a> test apps.  Contact       <a href="mailto:help@eager.io">help@eager.io</a> with any questions or concerns.
eager.works domain reference found on cloudflare.works/files/

My guess is these referrals are being generated from automated or manual reviews of websites by developers using cloudflare’s new app platform.

I have installed and uninstalled several apps, reporting some as not functioning properly.  Have you had traffic from similar subdomains on your site?

cpuminer help – Usage, Flags and Command Examples

Example Command for Monero Mining (XMR):

./cpuminer -a cryptonight -o stratum+tcp://pool.usxmrpool.com:3333 -u 48JvicghZt266rgdFvMAAc4yBmRF4FwZecztBKJwQXLJdFkHnD3hetiDwcXGRyScGWgh3D8YoTTwoSx4HCKAoFQf3iQbXd6 -p x

cpuminer –help

 

./cpuminer --help
** cpuminer-multi 1.3.3 by [email protected] **
BTC donation address: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd (tpruvot)
Usage: cpuminer-multi [OPTIONS]
Options:
  -a, --algo=ALGO       specify the algorithm to use
                          axiom        Shabal-256 MemoHash
                          bitcore      Timetravel with 10 algos
                          blake        Blake-256 14-rounds (SFR)
                          blakecoin    Blake-256 single sha256 merkle
                          blake2s      Blake2-S (256)
                          bmw          BMW 256
                          c11/flax     C11
                          cryptolight  Cryptonight-light
                          cryptonight  Monero
                          decred       Blake-256 14-rounds 180 bytes
                          dmd-gr       Diamond-Groestl
                          drop         Dropcoin
                          fresh        Fresh
                          groestl      GroestlCoin
                          heavy        Heavy
                          jha          JHA
                          keccak       Keccak
                          luffa        Luffa
                          lyra2re      Lyra2RE
                          lyra2rev2    Lyra2REv2 (Vertcoin)
                          myr-gr       Myriad-Groestl
                          neoscrypt    NeoScrypt(128, 2, 1)
                          nist5        Nist5
                          pluck        Pluck:128 (Supcoin)
                          pentablake   Pentablake
                          quark        Quark
                          qubit        Qubit
                          scrypt       scrypt(1024, 1, 1) (default)
                          scrypt:N     scrypt(N, 1, 1)
                          scrypt-jane:N (with N factor from 4 to 30)
      --cert=FILE       certificate for mining server using SSL
                          shavite3     Shavite3
                          sha256d      SHA-256d
                          sia          Blake2-B
                          sib          X11 + gost (SibCoin)
                          skein        Skein+Sha (Skeincoin)
                          skein2       Double Skein (Woodcoin)
                          s3           S3
                          timetravel   Timetravel (Machinecoin)
                          vanilla      Blake-256 8-rounds
                          x11evo       Permuted x11
                          x11          X11
                          x13          X13
                          x14          X14
                          x15          X15
                          x17          X17
                          xevan        Xevan (BitSend)
                          yescrypt     Yescrypt
                          zr5          ZR5
  -o, --url=URL         URL of mining server
  -O, --userpass=U:P    username:password pair for mining server
  -u, --user=USERNAME   username for mining server
  -p, --pass=PASSWORD   password for mining server
      --cert=FILE       certificate for mining server using SSL
  -x, --proxy=[PROTOCOL://]HOST[:PORT]  connect through a proxy
  -t, --threads=N       number of miner threads (default: number of processors)
  -r, --retries=N       number of times to retry if a network call fails
                          (default: retry indefinitely)
  -R, --retry-pause=N   time to pause between retries, in seconds (default: 30)
      --time-limit=N    maximum time [s] to mine before exiting the program.
  -T, --timeout=N       timeout for long poll and stratum (default: 300 seconds)
  -s, --scantime=N      upper bound on time spent scanning current work when
                          long polling is unavailable, in seconds (default: 5)
      --randomize       Randomize scan range start to reduce duplicates
  -f, --diff-factor     Divide req. difficulty by this factor (std is 1.0)
  -m, --diff-multiplier Multiply difficulty by this factor (std is 1.0)
  -n, --nfactor         neoscrypt N-Factor
      --coinbase-addr=ADDR  payout address for solo mining
      --coinbase-sig=TEXT  data to insert in the coinbase when possible
      --max-log-rate    limit per-core hashrate logs (default: 5s)
      --no-longpoll     disable long polling support
      --no-getwork      disable getwork support
      --no-gbt          disable getblocktemplate support
      --no-stratum      disable X-Stratum support
      --no-extranonce   disable Stratum extranonce support
      --no-redirect     ignore requests to change the URL of the mining server
  -q, --quiet           disable per-thread hashmeter output
      --no-color        disable colored output
  -D, --debug           enable debug output
  -P, --protocol-dump   verbose dump of protocol-level activities
      --hide-diff       Hide submitted block and net difficulty
  -S, --syslog          use system log for output messages
  -B, --background      run the miner in the background
      --benchmark       run in offline benchmark mode
      --cputest         debug hashes from cpu algorithms
      --cpu-affinity    set process affinity to cpu core(s), mask 0x3 for cores 0 and 1
      --cpu-priority    set process priority (default: 0 idle, 2 normal to 5 highest)
  -b, --api-bind        IP/Port for the miner API (default: 127.0.0.1:4048)
      --api-remote      Allow remote control
      --max-temp=N      Only mine if cpu temp is less than specified value (linux)
      --max-rate=N[KMG] Only mine if net hashrate is less than specified value
      --max-diff=N      Only mine if net difficulty is less than specified value
  -c, --config=FILE     load a JSON-format configuration file
  -V, --version         display version information and exit
  -h, --help            display this help text and exit

cpuminer

California CARB Compliance Search Tool

ARB.parts is a new catalytic converter search tool for CARB / ARB compliant parts. This tool provides an easy and mobile-friendly way of searching for CARB compliant parts. All executive orders are listed as well as notices for rescinded executive orders. Users are able to search by Engine Family/ Test Group, Executive Order, as well as  Year – Make – Model.

CARB Catalytic Converter Search Tool

No longer will you be presented with the error-prone CARB site:

Error-Prone, Not Mobile Friendly arb.ca.gov Site

Heat Your Room With A Computer

It’s totally possible to warm up your room in the cold wintertime using only your computer.

Computers can produce a lot of heat. Many desktops can produce over 300 watts of heat, with laptops clocking in in the 30-80 watt range. Either one, when run at full power, will give you a noticeable boost of heat in your room. The trick is, however, to get the computer running a full steam ahead.

Fireplace.lol can be your burning candlelight to warm your room. It works by carrying out complex computation on your computer in order to produce the excess heat you might need on a cold winters night.

 

 

 

OnionScan –help – Usage, Flags and Command Examples

Command Examples:

Having trouble? You can also run the web-version of onionscan at onionscan.io
Run without OnionScan Correlations Lab

./onionscan --timeout 60 --fingerprint  --depth 2 --verbose --webport 0 examplesite.onion

Basic Scan with Correlations Lab Running on http://localhost:8080/

./onionscan examplesite.onion

Help Printout:

$ ./onionscan
Usage of ./onionscan:
    onionscan [flags] hiddenservice | onionscan [flags] --list list | onionscan --mode analysis
  -batch int
        number of onions to scan concurrently (default 10)
  -cookie string
        if provided, onionscan will use this cookie
  -crawlconfigdir string
        A directory where crawl configurations are stored
  -dbdir string
        The directory where the crawl database will be 
        stored (default "./onionscandb")
  -depth int
        depth of directory scan recursion (default: 100) (default 100)
  -fingerprint
        true disables some deeper scans e.g. directory probing with the 
        aim of just getting a fingerprint of the service. (default true)
  -jsonReport
        print out a json report providing a detailed report of the scan.
  -jsonSimpleReport
        print out a simple report as json, false by default
  -list string
        If provided OnionScan will attempt to read from the given list, 
        rather than the provided hidden service
  -mode string
        one of scan or analysis. In analysis mode, webport must be set. 
        (default "scan")
  -reportFile string
        the file destination path for report file - if given, the prefix 
        of the file will be the scanned onion service. If not given, the report will be written to stdout
  -scans string
        a comma-separated list of scans to run e.g. web,tls,... 
        (default: run all)
  -simpleReport
        print out a simple report detailing what is wrong and how to fix it, 
        true by default (default true)
  -timeout int
        read timeout for connecting to onion services (default 120)
  -torProxyAddress string
        the address of the tor proxy to use (default "127.0.0.1:9050")
  -verbose
        print out a verbose log output of the scan
  -webport int
        if given, onionscan will expose a webserver on localhost:[port] 
        to enabled searching of the database (default 8080)

Adsense Auto Ads with Regular Ads

After seeing Adsense Auto Ads beta feature pop up on my account, I was excited to jump right in. I did, however, worry adsense would be too conservative in placing ads or just not place the right type of ads for my site. In an effort to not have a couple day drop of a good chunk of revenue, I simply placed the auto-ad code in along with the existing ads on my site.

Auto Ads Setup Screen

I will be monitoring the performance closely and may remove the hard-coded ads to see if performance keeps up.

Set up Auto ads on your site

Copy and paste this code in between the <head> tags of your site. It’s the same code for all your pages. You don’t need to change it even if you change your global preferences. See our code implementation guide for more details.
For those of you looking to get started with auto-ads, you may be able to place the following code onto your site (with your own publisher-id).
<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<script>
 (adsbygoogle = window.adsbygoogle || []).push({
 google_ad_client: "ca-pub-0545639743190253",
 enable_page_level_ads: true
 });
</script>

The auto-ads management page can be found at:

https://www.google.com/adsense/new/u/0/pub-0545639743190253/myads/auto-ads

but since the program is still in beta, many users don’t have access yet.

UPDATE:

Google also has the Auto Ads for AMP pages, in their documentation for the AMP implementation,  things are set out more clearly:

 

NoBing Chrome Extension Changing Names

NoBing was removed from the chrome web store after a copyright complaint from Microsoft (see below). Now relaunched as Bongle.

From: <[email protected]>
Date: Sun, Sep 10, 2017 at 5:42 PM
Subject: [7-1658000018900] Chrome Web Store Takedown Notice

Hi,

Google was notified that some of your materials allegedly infringe upon the trademarks of others, the details of the removed extension may be found at the end of this message.

Please note that repeated violations may result in a suspension of your Chrome Web Store Publisher account. If you have any further concerns about this issue, please address them directly to the complainant in the Trademark Infringement Notice provided.

The affected extension(s) are listed below:
https://chrome.google.com/webstore/detail/nobing/gbnjfjhjjemhhfhhdeojkhpjjliaidpfRegards,
The Chrome Web Store Team

On 08/14/17 18:27:22 [email protected]appdetex.com wrote:

full_name: Alexis Meghrouni Rivas {Submitted by AppDetex}
your_title: Director, Enforcement Strategies and Services
companyname: Microsoft Corporation
address: 501 W. Grove Street
Boise
ID
83702
UScountry_residence: US
contact_email_noprefill: [email protected]appdetex.com
phone: 8722402777
trademark_relationship: Note: AppDetex is authorized by Microsoft
Corporation to facilitate the submission of and correspondence regarding
complaints.

tm_work: BING 2008/26333: ZA 2008/26332: ZA BING 2008/26334: ZA 2008/26335:
ZA BING IR 996797: CH IR 996700: CH BING 2008/26331: ZA 2013/15673: ZA BING
228425: EG 228426: EG BING IR 996700: SG IR 996797: SG BING IR 1171876:
SG,CH BING 1641400: TW TN/E/2013/1081: TN BING 9/1/12: EC IR 996700: TR
BING IR 996797: TR IR 1171876: UA BING IR 1171876: TR 46975: TT BING
BOR46697: TH 1383046: TW BING 1378808: TW IR 1171876: WO BING BOR 46695: TH
BOR46696: TH BING 228427: EG 15 Book 225: SV BING 165426: GT 193689: GT
BING 165423: GT 165427: GT BING IR 1171876: PH 4-2009-2253: PH BING 198768:
GT 57278: PE BING 204996: PE 199089: GT BING 83129: PE 57276: PE BING
57277: PE 82295: QA BING 82296: QA IR 1171876: RU BING IR 996797: RU
1232/92: SA BING 1232/93: SA 1232/94: SA BING IR 996700: RU IR 996797: RO
BING 82298: QA 82297: QA BING 82299: QA 82300: QA BING IR 996700: RO
126683: AE BING 161169: AE 159655-C: BO BING 159654-C: BO 159656-C: BO BING
159657-C: BO 388741: CO BING IR 996700: EM 159658-C: BO BING I
trademark_explain: The app uses the trademarks of Microsoft Corporation
without authorization. In this instance, the app uses “Bing” in the title
and “Bing” imagery in the icon.

infringing_location:
https://chrome.google.com/webstore/detail/nobing/gbnjfjhjjemhhfhhdeojkhpjjliaidpf
tm_sworn_statement1: tm_good_faith
tm_sworn_statement2: tm_swear
NoticeToDeveloper: agree1
signature_date: 8/14/17
signature: Alexis Meghrouni Rivas {Submitted by AppDetex}
subject_lr_trademark: Your Request to Google
hidden_product: chromewebstoreextensionsgallery
geolocation: US

:—- Automatically added fields —-:
Language: en
IIILanguage: en
country_code: US
auto-helpcenter-id: 1647639
auto-helpcenter-name: legal
auto-internal-helpcenter-name: legal
auto-full-url:
https://support.google.com/legal/contact/lr_trademark?product=chromewebstoreextensionsgallery
auto-user-logged-in: false
auto-user-was-internal: false
IssueType: lr_trademark
form-id: lr_trademark
form: lr_trademark
subject-line-field-id: subject_lr_trademark
body-text-field-id:
AutoDetectedBrowser: Chrome 45.0.2454.101
AutoDetectedOS: Intel Mac OS X 10_11_0
MendelExperiments: 10800027,10800108,10800141,10800161,10800169
Form.support-content-visit-id: 0-636383500115619980-1101090361

Bongle – The NoBing Extension (Redirect Bing->Google Search)

NoBing has been relaunched as Bongle after a copyright complaint by Microsoft.

NoBing is a simple tool to allow you to have the look of bing while simultaneously giving you the search results of google.

Find Bongle in the chrome web store here.

Questions, comments, and requests can be made below!