Securing Social Media

As always, strong password protection is the number one priority for securing social media accounts. This includes using your phone to enable two factor authentication (2FA) for them. Due to the simple fact that social accounts usually hold far less important data/information than emails, I am willing to bet anything that close to 100% of all hacks against your social accounts will be deterred if you simply enable 2FA for them. It is also a widely known fact that more social accounts are compromised as a result of weak passwords than any other single factor.

Password Security Guide + 2FA: https://roguemedia.co/2019/10/30/tutorial-learning-how-to-write-remember-un-hackable-passwords/

While using your social media accounts, just as with emails, never open a message from or click on links by users, senders or accounts you do not know personally, were not expecting to hear from or haven’t done business with in the past. As I have already with emails, hackers can phish your social media accounts all the same. Moreover, it is actually much easier for a hacker to uncover your “IP Address” through something like Facebook Messenger than it is through email. This can also be done without you clicking on any individual hyperlink. For example, you can find someone’s IP when engaging them on Facebook by using a simple sequence of “cmd commands” – which are freely available on every Windows device.

Like your mother always told you, never talk to strangers – especially online 😉

You can add an extra layer of security to your accounts by preventing them from being “indexed” by search engines and web crawlers. This can be accomplished by making small changes to your account settings. By default, the largest social media platforms are all designed to connect to search engines like Google, Bing or Yahoo, in order to make social networking more accessible and convenient for everyone. However, allowing your account to be indexed means that theoretically anyone in the world could search for and find your account if they really wanted. Whereas if you disable your account from being indexed then the only people you personally give your account information to will know where to find it.

To do this, simply go under your accounts setting, scroll to Privacy Settings and uncheck the “Public Search Results” box. This will remove your profile’s page from Google, Bing, and Yahoo search returns. This is also a security practice instructed to Federal Employees and members of the US Defense Department.

CyberGuerrilla Anonymous Nexus (CgAn) Begins Fighting Back After Twitter Censorship

So, this is an article I was going to write about maybe 2-3 months ago, but never got around to it for some reason. But, for those of you whom might not have been aware, over the course of the last 9 months or so Twitter has been active in an international crack down against Anonymous, Anarchists and Antifa members alike. In fact, in October 2018 I wrote an article about Twitters mini-purge of Anonymous accounts after the fall of several high profile accounts – going as far as to personally ask Twitter if they had longer term plans to crackdown on all hacktivists on their service in the future?

Learn More – Twitters Mini-Purge of Anonymous: https://roguemedia.co/2018/10/27/twitter-begins-purge-of-anonymous-accounts/

With that established, this article is not about Anonymous, necessarily, but rather about some of my fellow “comrades” working over at CyberGuerrilla Anonymous Nexus (CgAn). For those of you whom might not be aware, CyberGuerrilla has been home to the undergrounds best hackers and cyber security practitioners for quite some time, and I have ties to them going back to “Operations Africa” (#OpAfrica) in 2015.

With that out of the way, earlier this year one of the CyberGuerrilla‘s biggest accounts “International CyberGuerrilla Column A” was shut down by Twitter – once active with I believe over 61,000 followers at the time of their closing if I remember right. It also wasn’t an isolated incident either, and Twitter has made it a point to specifically take on CyberGuerrilla online. In fact, at one point just a few months ago, Twitter began censoring and deleting all hashtags with “CgAn” in it, making it harder for anyone online to see or follow them, or read any of the material they post online. This is why researchers/activists such as myself have been going our of my way to make as many #CgAn‘s as possible – just to keep them indexed.

Even more recently than that, Twitter has also begun cracking down on several other large and prominent accounts within the CgAn community – as you can see via the Tweets provided below.

Getting back to the story at hand, CyberGuerrilla has been attempting to fight back against Twitter for closing their accounts – all legally too. For example, despite Twitter claiming that their account was closed for breaking the terms of Twitters rules and conditions, Doemela is fighting back against Twitters decision. Below you can find a transcript of their appeal to Twitter, learn more about the case, find a link to their information/blog posting about it, as well as the location to their new Twitter account – should you feel compelled to follow them again. 😉

Doemela’s Appeal To Twitter:

Hello Twitter,

I noticed that my account is suspended. I have read all terms and
conditions on your support page but cannot see any reason why I may have
been suspended. I’ve certainly taken every step to ensure that my
account is not breaking any rules.

I’ve been suspended several times, and the reason supplied to me is
always ‘it was done in error’. I kindly explain I don’t feel I am
violating any of Twitters’ rules, and politely request examples of me
doing this. There is also no one I know of that reported this account
for violation of Twitter’s Rules. I’m a keen user of Twitter, and if you
could please let me know why I was suspended then I will ensure I will
take whatever steps necessary so that it does not happen again.

This at the very least would be helpful, so I may learn what is
acceptable and adjust my behaviour accordingly. I think the bigger issue
is however; I’m not in violation of your terms. It seems to me your
‘report abuse’ function is being abused in order to silence dissenting
voices or genuine civil criticism. Abuse and harassment are both awful
and incredibly serious things. I applaud and support Twitters’
commitment to penalizing those who feel it’s acceptable to engage in
such a deplorable way.

However, your system is flawed. I appreciate you have far too many users
for it to be anything but automated, but it is currently punishing users
that are using your services legitimately, for discussion, challenging
ideas, and promoting worthy causes and dialogue.

All I ask is that you please review my case by putting actual human eyes
on the tweet examples provided to you, as I believe examples are
mandatory when making these reports. When doing so, please ask yourself
whether these constitute ‘abuse’ in any meaningful sense and whether
it’s more likely your reporting function is being exploited to silence
genuine, but undesired criticism by the same individual, or individuals.

In your worthy commitment to providing a report function for genuine
abuse, it appears you have overlooked the possibility of that function
actually becoming abused as a tool to constantly silence legitimate
voices. What measures can you suggest preventing this function from
becoming an actual tool of harassment? It appears I am a casualty.

Thank you! Look forward to really hearing back from you. 

Review: White Unveils New Tool for Reporting Social Media Account Closures

While I’m far from the first to report of it unveiling, I don’t really give a fuck – so I am writing this review here today. But, last night I decided to test out Donald Trumps newly unveiled tool/creation – an official web page launched by the White House designed solely to report the “unfair” closing of social media accounts While Trump is doing his best to sell this as an anti-censorship endeavor, indubitably, this move was designed to show support for the alt-right, White Nationalists, White Supremacists and neo-Nazi’s – essentially, the foremost outspoken groups in favor of our Commander In Chief.

If you need any proof of this, look no further than the fact that, starting just about two weeks ago, Facebook began blocking “White Nationalists.” This also adds to a very serious crackdown on conspiracy theorists and outspoken members of the alt-right over recent months/years, such as Alex Jones and Milo Yiannopoulos – just to name a few. However, what I think most people are missing, or deliberately ignoring, is the fact that this crackdown is not only just effecting racists and extremists on the political right. Believe it or not, the crackdown have also effected many of my fellow “Comrades” working for on behalf of both Anonymous and CyberGuerrilla. For example, over the course of the last month alone, Twitter has closed the accounts of LulzSec Kurdistan, Pinoy LulzSec, International CyberGuerrilla A Column, and has even begun scrubbing the hashtag #CgAn offline as much as possible.

To this effect, I decided to investigate Donald Trumps new tool by reporting the closing of @CgAn_Doemela – a loose collection of CyberGuerrilla activists with over 21,000 followers which was inexplicably closed by Twitter just a couple weeks ago. For those of you whom haven’t used or investigated the tool for yourselves, I was actually quite surprised. I say this because the vast majority of information asked by the White House is about yourself, who you are, where you live, what social demographics do you belong to – et cetera. In fact, out of maybe 13 questions, only 2 of them are about the social accounts you are reporting closed in the first place 🤔.

Needless to say, while my actions were sincere, they were also kind of a troll – just to see what the White House was up to and to investigate whether or not they care about the closing of accounts of activists on the extreme political left, in addition to those on the extreme political right? I suppose we will have to wait to find out and see. In the mean time, if you haven’t tried to tool for yourself, you can access the White House’s page below.

White House Reporting Tool: https://wh.gov/techbias

Op-Ed: The Upcoming Trial of Julian Assange Is Much More Than A Court Case, It’s A Symbol of Our Time

I’m not exactly sure what it is I’m feeling today, but I fundamentally believe that humanity/society is on the verge of reaching a critical turning point in time/history – a time when we are all collectively going to have to decide if the internet is a tool for good or for bad? Perhaps it’s my past, perhaps it was the arrest of Julian Assange yesterday after 8 years of asylum, perhaps it was news that the President of Sudan resigned just weeks after the President of Algeria, perhaps its the result of all my coverage into “fake news” laws/regulations in countries such as France, China, Jordan, Iraq, Canada, Ethiopia and others, all while state run propagandists organizations like the Institute for State craft and Mossad receive millions/billions in taxpayer funding to do the same – or perhaps still maybe it’s a result of ACTA2 and Copyright reform protests around Europe.

I don’t know and I cant quite say for certain, but I can’t help but feel that humanity/society is on the cusp of something major right now – something revolutionary that will dictate all of our collective freedoms and futures. However, the questions I think we all need to ask ourselves is if we are on the right side of history? Are we all looking out for our own collective best interests/futures?

Anonymous African Operations:

3/07/2019 – Origin #OpAlgeria: https://roguemedia.co/2019/03/07/ahead-of-aprils-presidential-elections-international-hacktivists-launch-opalgeria-in-solidarity-with-the-people-of-algeria/
12/26/2018 – Origin #OpSudan: https://roguemedia.co/2018/12/26/government-of-sudan-shuts-down-national-internet-access-so-anonymous-shuts-down-the-government/

Institute for Statecraft Leaks:

All Coverage: https://roguemedia.co/?s=Institute+for+Statecraft&x=0&y=0
Round 7: https://roguemedia.co/2019/03/25/cyberguerrilla-releases-integrity-initiative-leaks-part-7-detailing-the-uks-use-of-international-espionage-unit-referred-to-as-the-expose-network/
Round 6: https://roguemedia.co/2019/02/09/anonymous-cyberguerrilla-releases-integrity-initiative-institute-for-statecraft-leaks-6/
Rounds 1 -5: https://roguemedia.co/2019/01/26/anonymous-cyberguerrilla-publish-integrity-initiative-leaks-part-5/

Censorship/Fake News Regulation 2019 & Beyond:

Ethiopia: https://roguemedia.co/2018/12/05/ethiopia-begins-drafting-new-hate-speech-laws-to-crack-down-on-fake-news-social-media/
Jordan: https://roguemedia.co/2018/11/07/jordan-weighs-implementation-of-new-cyber-crimes-laws/
Iraq: https://roguemedia.co/2019/03/02/iraqi-parliament-proposes-draconian-new-cybercrime-laws-designed-to-crackdown-on-political-religious-extremism-online/
Russia: https://roguemedia.co/2019/03/13/russian-parliament-moves-ahead-w-two-new-bills-designed-to-crack-down-on-fake-news-publications-civilian-dissidents/
Singapore: https://roguemedia.co/2019/04/04/joining-countries-from-around-the-world-singapore-officially-introduces-fake-news-bill-to-parliament/
Canada: https://roguemedia.co/2019/04/09/canadas-democratic-institutions-minister-proposes-new-laws-to-regulate-social-media-apps-prior-to-october-elections/

Unfortunately, I believe that whatever this answer is or may be ultimately boils down to politics and political opinion. It seems to have started with extremist liberals in 2015/2016, but has seemingly infected the entire world ever since. For as bizarre a phenomenon as it was, US liberals/globalists in support of Obama/Clinton in 2015 actually subscribed to the notion that everyone must feel, believe and think the same thing about everyone, everything and every issue – almost literally. The idea that anyone whom did not subscribe to their logic or ideologies should be banned, blacklisted, censored or ousted from society. In other words, “it takes a village” and in order for organized society to work there is no room for dissent, and we must all be working together, on the same page and headed in the same direction – right Hillary? In fact, this attempted homogenization of opinion/society is exactly what led to the rise of the alt-right and other conservative extremists over that same time period – one form of extremism resulting in another, symmetrically.

My Video – State of American Politics 2015/2016:

Believe it or not, I still see this same phenomenon today in the arrest of Julian Assange – only in a somewhat different context. I see it in the re-jailing of Chelsea Manning a week before that and the jailing of Reality Winner a few weeks before that. It’s in the in the Mueller investigations of 2017/2018 and the Comey investigations of 2015/2016 before that. What I’m talking about is the weaponizing of political opinion. The arrogant and self-centered notion that it’s not alright for anyone to disagree with your personal opinions, beliefs or political ideology, and that anyone bold enough to do so must be investigated and/or punished to the full extent of your capabilities/authority – at least if you are the one’s currently in charge/power, that is.

The way I look at it, all across the world, its almost as if society/humanity is waging a political War against itself. It’s not only here in the US, its in the Macron Yellow Vests protests in France, all the Brexit nonsense in the the UK, the Turkish elections of 2019 – so on and so forth. In our modern time politics hasn’t just become a matter of intellectual discussion/debate anymore, it has become a weapon of War to be wielded – both literally and figuratively, foreign and domestic.

But ask yourself, who is this War really empowering? Whom is this War really punishing?

Macron is a multimillionaire President – while thousands of citizens have been arrested, dozens blinded and dozens more losing limbs. Donald Trump is still a billionaire/President of the United States, Bill and Hillary Clinton are still worth hundreds of millions in their own right and only their cronies/minions have been arrested – all while US citizens fight, hate and protest one another in the streets because of their words/policies.

On top of this, the Main Stream Media has never been more influential or profitable than it is today, and in 2019 the MSM has only continued to use their platforms to perpetuate belligerence and political Wars throughout society. We see this every night on Fox News and CNN and this also includes includes the publishing/peddling of the PropOrNotList in 2016, the Google Blacklisting’s of 2017 and Facebook/Twitter purges of 2018 – crippling the platforms of hundreds of small time online news startups, limiting competition, spitting in the face of free speech and freedom of the press while increasing the traffic/profit margins of legacy news publishers.

In our modern hatred for our political rivals, when I look around society all I see is people cutting off their own noses to spite their faces – so to speak. In their own political hatreds, people appear blind to fact that we are all collectively shooting ourselves in the foot. Not only have hundreds of online news platforms been shut down and/or banned offline, including some of my own creations, but people are actually now celebrating the arrest of Julian Assange and others like him. This is also much more symbolic than people understand/realize.

Say what you want about the man or his journalism, the fact of the matter is that everything Julian Assange has ever published 100% cut and dry real, factual material/information. Honestly, can Fox News, CNN, The Washington Post or New York Times claim this? Of course not! For God’s sake, even the Washington Post has to retract the PropOrNotList of 2016, months after the damage from it had already been done. Meanwhile, Julian Assange has never released a single “opinion piece” with his leaks, has never taken a deliberate political stand either direction and not a single one of his leaked documents has ever proven to be fabricated. Whether you like him or not, all Julian Assange did was publish real news/evidence and show people the truth.  Yet, Assange is the man society is after? Why? And what is the point?

I’m not sure what I have to say to make society understand, but I can’t help but feel as though we are on the precipice of something large here. In our blind hatred for our political rivals and in our rabid desire to shut them up, we are destroying our own individual freedoms and liberties, whilst simultaneously censoring free speech and spitting in the face of independent journalism. Society has become so shortsighted, it’s almost as if people do not understand or realize that power is temporary or relative. Sure you can pass laws in the here and now to silence your rivals while you are still in power, but what happens 2, 5, 10 years from now when someone else is in power? Congratulations, in your blind hatred you’ve just now censored yourself as well.

I just don’t understand why people in society have become so arrogant, wreckless and belligerent with their own political ideologies, and I don’t know what to say to make them understand how dangerous we have all become to one another and our collective futures as a result. The more I learn/consume, the more f*cked of a place the world feels or seems to be – if not in reality, then certainly in mentality. I don’t know what to do to educate society, I do not know what to say to make more people care or understand, and I certainly don’t know how to combat ignorance, racism, sexism and political extremism on all levels. The worst part is I don’t think people would even care enough to listen or learn even if I did. All I know is that much sooner than latter, before it’s too late, before we lose our rights to do so, society is going to have to make some serious decisions – decisions which threaten to hand over all of our freedoms and rights to Government regulation and large multinational conglomerates if we are not more careful.

Follow Up: Highlights from First Annual April Lulz Day 2019

On March 31st 2019, I published an article advertising “April Lulz Day 2019,”  an international hacking operation to be launched on April 1st 2019 on behalf of international LulzSec affiliates worldwide. Therefore, it only seems right to do a follow up article here today, chronicling all of the “festivities” associated with the operation – you’re welcome @TheInternet. While I’m certain I did not uncover them all, below is a list of hacks, leaks and defaces from April 1st – at least that I was able to find.

So, what were the highlights you ask!? Ohh, I don’t know, nothing major, “only” about 16 websites were crashed via DDoS attack, 5 websites had their databases hacked and leaked online, 28 websites were defaced, at least 500 Twitter accounts were closed and over 1,000 Facebook accounts were hacked – 😏. Below you can see the full run down, attributed to the sources behind them. All sites marked with “hxxp” are websites crashed via DDoS attacks.

LulzSec Argentina (@LulzSeguridad):

hxxp://elmetroonline.com.ar/
hxxp://ccs.com.ar/
hxxp://amcham.org.eg/
hxxp://gov.ua/
hxxp://dak.gov.ua/

Quilmes Encendido Oeste Wifi Passwords Leak: https://pastebin.com/raw/UNk0E21u

LulzSec Kurdistan (@LulzSecKu):

List of 27 Websites Defaced 4/01/2019: https://pastebin.com/JfHwAT02
Deface Mirror of 27 Websites Hacked/Defaced: https://mirror-h.org/search/hacker/30891/

Target: hxxp://borde.com.tr/
Deface: http://borde.com.tr/lulzsecku/

List of 500 Twitter Accounts Taken Down: https://pastebin.com/GbA1fjTM

Pinoy LulzSec (@PinoyLulzSec__):

hxxp://depedzn.net/
hxxp://depedlacarlota.com/
hxxp://uphsl.edu.ph/
hxxp://uphsl.edu.ph/
hxxp://depedlacarlota.com/
hxxp://depedzn.net/

Target: hxxp://bookhub.ph/
Database Leak: https://ghostbin.com/paste/5jqzn

+250 Hacked Facebook Account Logins: https://pastebin.com/gX7809Ag
Additional Facebook Leaks Part 1: https://textuploader.com/15y98
Additional Facebook Leaks Part 2: https://textuploader.com/15y0a

Polytech University of Phillipines: hxxps://www.pup.edu.ph/taguig/
Database Download: https://anonfiles.com/p6NaR2W4me/PUPTAGUIG_SQL
Download Backup: https://www.datafilehost.com/d/c7d4716e

Confidential Doc Stolen from Philippines Army: https://uploadfiles.io/82mtc

Lorian Synaro (@LorianSynaro):

hxxp://uofk.edu/
hxxp://alintibaha.net/
hxxp://akhbarelyoum.net/
hxxp://assayha.net/
hxxp://almeghar.com/

Miscellaneous:

750 Facebook Accounts Hijacked – ClownSec: https://pastebin.com/raw/peCbG4Wf

Target: hxxp://presidencia.gob.sv/
Deface: http://multimedia.presidencia.gob.sv/files/backup/index.html

Pakistani Journalists/Activists Whom Publicly Expressed Support for Slain Saudi Journalist Jamal Khashoggi To Be Investigated by Pakistan’s Cybercrime Division

Last night I came across an interesting piece of information from Pakistan, a copy of a letter from the the Federal Investigation Agency, Cybercrime division, informing its recipients that they are all being investigated for publicly expressing support for slain Saudi dissident/Washington Post journalist Jamal Khashoggi during Mohammad Bin Salman’s visit to Islamabad, Pakistan in February 2019. Sent to 6 journalists and 4 different political parties earlier this month, the letter informs its recipients that the Government of Pakistan is now officially investigating the incident, and asks for all involved to privately/confidentially submit their enquires/correspondences to the FIA for review.

As was explained by Middle East Eye yesterday, March 28th 2019, the journalists and political activists are being investigated for launching a coordinated social media campaign that conveyed disrespect to the Presidents guest; Mohammad Bin Salman – a guest who also visited to sure up a $20 billion dollar investment package with Pakistan. Regardless, the aforementioned journalists refuse to stand for allowing their freedom of speech and expression to come under such heavy scrutiny, and have leaked the letter below to serve as proof of the injustices of their government.

Download Copy of Letter: https://roguemedia.co/wp-content/uploads/2019/03/PK_Warning.png

Copy of Letter:

No photo description available.

Understanding The Weaponization of Modern Cyberspace & The ‘Secret World’ of International Corporate Espionage

This is a concept which needs some explaining, because no one has really ever taken the time to break it down – at least from what I have seen. What you need to understand is that we live in a unique time in world history, and we are all headed towards an equally unique and uncertain future.

What I mean to say is that the 21st century is an exceptionally prosperous time in human history, there is no mass global Wars, there’s no great plague, the majority of us all have running water, plumbing, electricity, refrigeration and the like, we have bikes, cars, automobiles and planes and the entire world can theoretically be accessible/connectable with the click of a button. Not only is the modern 21st century perhaps the single easiest and most peaceful time in human history, but the human race is now also interconnected in ways that prior generations could have never imagined possible.

With that established however, not all is right as rain. For example, over the course of the last several years the United States, Germany, NATO and the like have all gone on to officially declare “cyber space” and “the internet” as the 5th domain/relm of Warfare – joining more traditions domains of Warfare such land, sea, air and space.

Learn More – NATO’s Recognition of Cyberspace As New Domain of Warfare: https://apps.dtic.mil/dtic/tr/fulltext/u2/1029776.pdf

However, as humanity continues to grapple with its understanding and regulation of our new technologies, we are only just now beginning to see/realize the weaponizing of the internet, internet conglomerates and their infrastructure – and this phenomenon is slowly beginning to rear its ugly head across nearly every other aspect of society these days. For example, consider the following evidence.

Google & The Department of Defense

I start off with Google for a number of reasons, chief among them is the fact that they are the single largest and highest grossing firm on the net. As Google is an American business, what you should know is that the company has a number of active contracts with the United States Government – particularly the United States military industrial complex. If you would like an example, look no further than “Project Maven,” a joint military operation currently underway with the help of Google researchers, developers, staff and Artificial Intelligence algorithms – some of which have recently made international headlines.

It should therefore go without saying, but you can not have a contract with the United States military without your full loyalties belonging to them. For this very reason, this also means that enemies of the US Government, or any other international Government agency for that matter, cannot rely on or trust Google to ensure their full security, privacy or look out for their best interests – especially in regards to contentious geo-political issues/events. In other words, as an American-based business and active military contractor, Google is loyal to the US military and for better or worse, has become a de facto branch of/for it – even if no one actually admits this out loud.

Consequentially enough, this is also why Google has always been restricted by “The Great Firewall of China,” and has recently faced banishment from Russia entirely as recently as just a few weeks ago.

Microsoft, Encryption Back-doors & Government Espionage

Similar to Google, Microsoft is yet another American based business with deep running ties to the United States military industrial complex. For example, every computer owned by the US Army and US Cyber Command is now literally mandated to run exclusively on Microsoft Windows 10 software and Operating Systems.

https://twitter.com/MSinDOD/status/770962514406313986

Now, I want you to notice the dates of those two Tweets above – August 29th and 31st, 2016. I bring this up because just a few weeks prior to this, on August 10th 2016, the Kremlin came out with a press release announcing how it was their immediate intention to begin switching all government/military computing systems off Microsoft and on onto domestically produced software – directly because of Microsoft‘s deep running ties with the US Government and US military.

It wasn’t until just a few months after this, in November 2016, that the Kremlin literally called switching over all their software away from Microsofta matter of national security.” Going on to explain how the Kremlin now believes that “software developed by American companies, such as Microsoft, could hide back-doors and bugs that could help other nations spy on their plans.” Also going as far as to say “not replacing foreign IT would be equivalent to dismissing the army.

Read More – Russia’s Plan To Abandon Microsoft & Foreign Software 9/17/2016: https://news.softpedia.com/news/president-elect-donald-trump-can-t-stop-russia-s-war-against-american-software-510294.shtml

If you think this conundrum is unique to Russia, you are mistaken. Believe it or not, Microsoft has similarly been banned from all Government systems in China dating back to 2013. This is when the country first interrogated then political asylum seeker/NSA contractor Edward Snowden, whom revealed that the United States has been secretly using Microsoft to conduct espionage on the Chinese Government and its companies for decades. Not only this, but Microsoft‘s own search engine, Bing, was also banned in China as recently as January 2019 – for essentially all the same reasons.

ZTE & Corporate Espionage

Consequentially enough, this sets me up perfectly for my next bit – America’s banning of the Chinese-based telecommunications conglomerate known as Zhongxing Telecommunication Equipment – otherwise simply referred to as ZTE. Truth be told, I first learned of this news after attempting to go into an AT&T in store in downtown New York City for repairs on my phone, only to find out that AT&T refused to fix my screen because it was a ZTE product – based out of China. They informed me that it was no longer their policy to service and/or fix any Chinese based phone, and advised me to purchase a new American phone – to which I declined, and not respectfully.

Regardless, similar in many ways to to the complaints international Government agencies have been levying against American tech giants for years now, the US has now started levying against other international tech giants/conglomerates. It is just a shame that this information is generally not available or public knowledge to the average American hopelessly wandering around our society.

Kaspersky & US Election Hacking

Along the same lines, throughout the course of 2017, the US Department of Homeland Security (DHS) made it a top priority to ban Kaspersky Lab anti-virus and other software from all Government systems around the United States. This is because, upon investigation, the US Federal Bureau of Investigation had come to believe that US government employees and personnel were originally compromised via the Kaspersky Lab products they had installed on their devices, which granted the Russian based software conglomerate root access over all their systems. Put more directly, the US Government had come to believe that Kaspersky Lab roots were the whole reason that Russia was able to hack the 2016 Presidential election and US Government employees so easily in the months just before it – especially considering Russian laws requires Russian companies to make all of their data freely accessible to the Kremlin. These laws are also why Kasperky later moved all of their severs out of Russia and into Switzerland by 2018, even though the public damage to the company had already been done.

However, it must also be stated while there was never any cut and dry evidence released indicating that this was indeed the case, at least publicly, and there are still technically court cases ongoing surrounding these allegations, the US Governments ban of Kaspersky has been implemented nonetheless. As a result, Kaspersky has also faced similar bans throughout Europe.

I also don’t know what it says about me, but I just bought a new computer two weeks ago and the first thing I did was install Kaspersky Lab software on it. I also own a ZTE phone 😉.

Facebook & Psychological Warfare

The last two sections of this article are almost exclusive to Rogue Media Labs, at least I have not seen anyone else reporting on these issues outside of Russia. The first is the fact that Facebook has quite literally become a military weapon – and no, I am not talking about Russia’s use of fake news, fake advertisements or propaganda either. While yes, those were huge problems in their own right throughout 2015/2016, new developments as of 2018/2019 are far more troubling and grotesque. More specifically, I am talking about the US Governments use of Facebook as a means of waging so-called “Psychological Warfare” against our adversaries.

Learn More – Russia Bans Military Personnel from Using Social Media To Counter-Act US Sponsored Psych-Ops: https://roguemedia.co/2018/11/09/russia-bans-active-duty-military-personnel-from-sharing-on-social-media/

You may recall a 2017 statement by James Mattis in which he personally stated how, as a result of complacency and improper funding of the US Department of Defense (DoD) under the previous administration, the United States has now fallen behind the rest of the world in several realms of Warfare – such as cyberspace, ultimately allowing the US elections to be hacked in the first place. Regardless, in an effort to ‘catch back up with the rest of the world,’ not only has Trump begun heavily investing back in the US military industrial complex, but we as a nation have also begun experimenting with new, unconventional forms of Warfare. For the purposes of this particular article I would like to talk specifically about Psychological Warfare and our use of Psych-Ops, as well as how these operations can be and are already actively being carried out online – in some instances, exclusively through Facebook.

Read More – US Military Field Manual on Unconventional Warfare: https://roguemedia.co/wp-content/uploads/2019/03/US_Army_Field_Manual_Unconventional_Warfare_2008.pdf

If you were previously unaware, in November of 2018 the Kremlin signed a new piece of legislation into law officially banning all active duty military personnel from owning social media accounts or sharing across social platforms. This is because, at the time, according to the Kremlin itself, social platforms such as Facebook had begun being used to collect “analysis of the activities of the Russian military.” Explaining how “The data shared by the servicemen online is used to apply psychological and information pressure on Russia and its military as well as forming biased opinions on state policies of Russian authorities in society.” Not only this, but the US Government had also taken it a step further by using platforms like Facebook to wage psychological Warfare against Russian soldiers serving abroad in locations such as Syria and Africa.

For example, given that Facebook hosts its servers inside the United States, the US Government has started hijacking their platform in order to pretend to be friends or family members of Russian troops serving abroad. Not only does the US Government do this to organize psychological profiles on individual members of Russia’s military, but in some instances they also use Facebook accounts to cause Russian troops “distress” back home – by faking/fabricating conflicts, arguments or unfortunate circumstances with friends and family back in Russia.This was done to make Russian troops feel as though aspects of their lives were completely falling apart outside of their control back home, thus taking away pride/focus from their military efforts as they served abroad. It may have taken a few months to figure out, but the Kremlin did eventually catch on.

Despite however low down and “dirty” of a trick that is, this remains our current reality – at least under our new Commander In Chief Donald Trump as we continue to exploit American businesses internationally.

Twitter & Spying

I am proud to say that this last bit is exclusive to Rogue Media Labs, because it features research I have personally pieced together over recent months. They say that some of the worlds greatest discoveries were made by accident, and this last bit of news is no different.

The first bit of information I would like to share is something I have already shared a few months ago, which is the fact that Twitter is absolutely using their service to spy on its users. Not only can this be evidenced by the fact that every deleted Tweet attached to an owners account is secretly sent directly to Twitters internal servers, but also by the fact that I have personally caught the service recording one of my private messages with a famous hacker known as Nama Tikure. As previously reported, as I was physically typing it out on screen, a custom key logger built by yours truly accidentally caught Twitter bots clicking on my URL address literally 19 times in a 17 second time period. For some perspective on this, I never even pressed ‘enter’ onto the chat. Meaning that all of these clicks were recorded on my end, with all 19 IP Address ranges listed assigned exclusively to Twitter bots. In other words, I accidentally caught Twitter red hand trying to secretly record and log every last aspect of my private messages – and I am certain this isn’t or wasn’t an isolated incident.

Learn More- Twitter Caught Clandestinely Intercepting The Messages of Its Users: https://roguemedia.co/2019/01/15/twitter-bots-caught-clandestinely-logging-the-private-messages-of-their-users/

The second bit of research is something I accidentally discovered last night, completely unrelated to this article and also 100% accidentally. I could describe it in more detail, but this article is already long enough. So ironically, I instead direct you to the following Tweet…..

Wrapping Things Up

I’m almost embarrassed to admit it, but the whole reason I got riled up enough to write this article was the fact that, upon buying my computer, I was immediately offered 25 GB of free storage from DropBox. Sounds like an amazing deal – right? Who wouldn’t want to jump all over that – right? How generous and caring of a company Dropbox must be! Right?

Well, I’m sorry to 💩 on your parade, so to speak, but that just isn’t exactly the reality of the situation at hand here. I know it’s getting a bit redundant at this point, but the fact of the matter is that Dropbox is a subsidiary – an American subsidiary. Moreover, as the US Governments Supreme Court case with Microsoft proves, as an American company, the US Government has the right to any/all data owned by that company if the Government truly wants it.

See where I am going here? The reason why Dropbox is offering 25 GB of free space to anyone who wants it is so that ignorant sheeple, I mean citizens, will upload all of their data to it – so that the US Government can own all that data themselves. The worst part is the fact that Dropbox is subsidized to mislead you to do exactly this, which is also why they can afford to offer up some much free storage space to so many people for free. I know, yay Capitalism – right? 😏.

Online Training Platform TDS Technology Brasil Hacked, Data of 186 Account Holders Leaked Online

Earlier this morning, January 19th 2019, an Indonesian based hacker going by the name of “Al1ne3737” announced a hack of TDS Technologies in Brasil, leaking the account information of 186 customers – including their emails and passwords. While it is unknown how many of the accounts listed below are paid accounts, the website is almost exclusively used as a learning center – connecting students to paid online courses/tutorials covering various professional services/topics, such as webmaster training, CISCO Systems certification, Oracle training, various Microsoft Windows related certifications and much more. Theoretically then, the logins provided below could be used to pirate various courses on these subjects, as well as to gain access to the payment information provided by their customers.

While not much is known about Al1ne3737, what we do know is that they joined Twitter late in December 2019 and have been using the platform to post mirrors of various international website defaces ever since, though primarily over the course of the last week. Their release this morning is the first such leak posted to their online account. To confirm the legitimacy of the leaks, Rogue Media Labs attempted to make contact with the company via their built in web chat, but after waiting 15 minutes never received a reply back from representatives.

Alvo: hxxp://tdstecnologia.com.br/
Raw Leak: https://ghostbin.com/paste/wtefs
Login Page: hxxp://tdstecnologia.com.br/curso.php?id=40

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/01/wtefs-Ghostbin.pdf” title=”wtefs – Ghostbin”]

https://twitter.com/al1ne3737/status/1086534352165584897

Exclusive: Twitter Bots Caught Clandestinely Logging The Private Messages of Their Users

The other day a friend of mine was telling me to get off of Twitter and talk to him elsewhere, because “Twitter is a database for the Feds” and they were worried about what might happen to them if anyone found out their real life identity. While I thought he was just being paranoid at the time, I guess I should have known better because last night I stumbled onto 100% verifiable proof that Twitter is secretly logging the private conversations/messages of at least some of their users -myself included.

The incident occurred the night of January 13th 2019 during a conversation I was having with “Nama Tikure” via Twitter messenger. We were discussing various topics at the time, including spear phishing techniques and styles. He asked me the question, if I were going to launch an offensive to take down a Government agency, how would I go about doing so? To which I explained to him that I would probably just attempt to target the secretary of a politician via spear phishing attack, because it’s their job to process a lot of email in a short period of time and unlike the politicians themselves, are less likely to have strict security measures implemented on their computers/devices.

I explained to him that if I were going to conduct a spear phishing attack against the Greek parliament, for example, I would spear phish the secretaries of various offices affiliated with it. I told him that over the years I have also developed a means to create an un-traceable trap link that could be used to log anyone’s IP Addresses – that will also pass every single security scan you could put the link through. So, as a demonstration, I thought about showing him an example of what it would look like – but decided against doing so at the last second.

Example: https://roguesecuritylabs.ltd/totally-wont-nab-your-IP 😜

However, the interesting thing about all of this was that, despite never pressing “enter” on the chat or sending/sharing the message, and deleting the URL almost as fast as I typed it in, turns out the trap link was magically clicked on approximately 21 times in a 17 second time period – all by four different IP ranges. As a demonstration, below you can literally see the bots clicking on the link I was creating in live time as I was creating it.

IP Ranges Logged: 199.59.150.80 – 199.59.150.183

No photo description available.

No photo description available.

No photo description available.

Entering all of these IP ranges onto a simple WHOIS reverse DNS search reveals that these particular IP ranges all belong to Twitter themselves – presumably hidden web bots working behind the scenes to gather data. Putting this into context though, this means that there are Twitter bots working behind the scenes in the middle of private conversation, secretly logging every last little detail about it – whilst also clandestinely interacting with any/all links contained within it. For reasons that should be obvious to see, this represents a serious violation of user privacy and data collection.

It also makes me wonder if this was happening to me, how prevalent of a feature is this? How much information is Twitter secretly logging from its users, and to what end? For whom is Twitter even collecting this information for? What are they doing with the data they collect? Are they selling it to interested third parties? Who inside the company has access to the logs of private conversations? Are there any safeguards in place to prevent abuses of user data/privacy? Rogue Security Labs has reached out to Twitter support and developers asking these very questions, but as of the afternoon January 15th 2019 has yet to receive a response.

Keep checking back for more information should they ever respond.

Researcher Uses Google Search Strings To Uncover 1,000’s of Active Government Issued ID’s, Passports & More

An online cyber security researcher going by the name of Fabio Castro in Brasil has just disclosed a serious vulnerability attached to the Google search engine. In research revealed via his Twitter page earlier today, January 10th 2019, Mr. Castro has revealed that if you enter a certain string of the right characters and symbols onto a Google search, you are essentially able to nab different portions, sections, folders, files or databases perhaps you otherwise shouldn’t.

As a proof of concept (PoC), Mr. Castro entered the following string onto Google this morning “intitle.”index of / “passport” and managed to stumble across countless international photo Id’s, Passports, Drivers Licenses and the like through Google images. While the exact number exposed is impossible to quantify, we could be talking about thousands upon thousands of active Government issued ID’s compromised by this glitch/vulnerability all across the world. For example, Mr. Castro has already admitted to maliciously downloading documents for himself – primarily targeting Brasilian drivers licenses.

After thinking for a while about how this sort of thing could have happened and after analyzing the URL structure tied to the photo’s leaked onto Googles servers, it is my professional opinion that this is a glitch resulting from Google web bots and crawlers. For example, nearly every Government or corporate website in the world is attached to Google‘s search engine on one level or another, meaning that the site has been indexed to be crawled by Google‘s various artificial intelligence web bots – seemingly at random.

Now, unless you are a security 🤓 like me, or don’t have insanely strict firewall rules, you might not realize how much Google actually attempts to “learn” about any/every website located on the ClearNet. For example, every once and a while Rogue Security Labs manages to catch Google‘s web bots attempting to crawl/index things they should have no business learning – such as my site’s json files. Tying things together, especially given the developments of today, I am also willing to bet that none of this is an isolated process, and Google‘s bots have either been intentionally configured to or accidentally reconfigured to crawl various file systems across the web – there’s no telling which really, only Google developers know that answer.

For Example:

No photo description available.

No photo description available.

No photo description available.

If you do not block these bots or employ strict enough rules on your firewall, then Google will do anything and everything it can to index everything on it – seemingly with no abandon whatsoever. After thinking about it for long enough and after piecing some more information together in my head, unfortunately, this appears to be a variation of the same exact bug/vulnerability leading to the death of 30 Clandestine CIA agents in Iran last November.

For those of you whom do not remember, as was first reported by Yahoo News on November 2nd 2018, Iranian agents managed to enter different search strings together on Google‘s search engine, leading hackers directly to site pages attached to the back-end of “secret” websites used by various CIA agents/operatives to coordinate, communicate and exchange messages with one another. For example, a later report revealed that a search comprising of the words “CIA secret website login” really did lead hackers to web pages of undercover operatives – web pages that hackers were then able to Brute-Force and/or hack. Later reports revealed that undercover agents in China were also able to compromise undercover operatives by similar hacks/vulnerabilities throughout the course of 2009 – 2013, leading to the deaths of dozens more.

Honestly, there really is no easy fix to this problem. If you are one of the websites effected, considering that Google has already indexed the web pages and files in question, Google would have to audit its own systems and servers to remove them manually. If you are a website owner looking to build your site in the future, then either hire Rogue Security Labs to manage your website security or learn how to build and employ stricter firewall rules yourself. The only way to prevent Google from indexing your site is by blocking different web bots/crawlers from doing so. It is such an advanced problem that is so easily exploited – that’s the real problem here.

On a side note, considering that I was one point a Clandestine agent in waiting and literally wrote the book how to keep an Anonymous identity online, I am quite frankly dumbfounded that agents actually employed by the CIA were dumb enough to coordinate with each other and Government offices on the ClearNet, nevermind on an unsecure website located on the ClearNet to boot- that’s just a literal face palm to me. But then again, I’m the one the CIA choose not to hire – so I guess that’s their problem. Well done America.

Poison.sh of Tenebris Hacks/Defaces 169 Websites Across The World

If you are a regular reader of this website you would know that rarely do I ever feature reports on website defacing, it just isn’t really my “thing.” However, that does not mean I dismiss the subject entirely either. For example, this morning I managed to come across a Twitter posting from a relatively new group of South American hackers going by the name of “Tenebris,” whom claim to have hacked 169 websites around the world throughout the course of the last several days and weeks. While I was skeptical at first, after conducting a little bit of research into the hacks and clicking through the links provided, it appears as though the group really is telling the truth – which is why I am featuring them here today.

The website defaces are said to have been pulled off by a hacker going by the name of “Poison.sh” – a famous Brazilian hacker well known for permanently disabling and defacing websites throughout the country in the past. Analyzing the URL structure as they exist inside Pastebin suggests that Poison.sh has managed to gain access to each of the websites admin/dashboard panels, where he then uploads a jpeg image/file featuring the groups logo within the websites media folder – thus allowing for him to link to it externally and give the appearance as though the website has been hacked/defaced.

This is also very clever because rarely do website administrators ever audit their own media files, and the more media files/pictures exist on the website itself only makes it hard to find any image(s) that may be out of place on it.  Consequentially enough, this would also explain why Poison.sh‘s ‘defaces’ tend have such long shelf lives.

Full List of Websites Compromised/Defaced: https://pastebin.com/DWugWyiA

Github Servers Were Taken Down Globally Today

In the early hours of the afternoon January 2nd 2018, Github servers were periodically taken offline for short periods of time – with various service outages reported globally. While the attacks were short lived, for the better part of an hour and a half between 12:00 pm – 1:30 pm Eastern Standard Time, Github.com remained inaccessible to the international public. A popular source for open source hacking tools, vulnerabilities and exploits, the site is no stranger to hackers, but rarely does it ever get taken offline – which is what makes today’s attacks so newsworthy.

In a posting to their Twitter page Wednesday afternoon, “Hax Stroke” of Ghost Squad Hackers has claimed responsibility for the attack and subsequent outage. In a breif statement to Rogue Media Labs, Hax Stroke stated that the DDoS attack were “just a little demo” of a much larger project, explaining that he does not want to be famous and that “the attack was made with RPCBIND service DDoS amp.” Similarly, Hax Stroke was also internationally credited for a DDoS attack which took down YouTube servers worldwide on October 17th 2018. Rogue Media Labs has reached out to Github support for comment, but at the time of this article Thursday morning have yet to receive comment.

https://twitter.com/bbrks_/status/1080516738133962753

https://twitter.com/BabyWogue/status/1080518648622665728