Saturday, July 14, 2018

Canada CRA Phone Call Scam Fraud Recording 2018

Here are a list of  my recent recordings for this notorious CRA phone scam. For somehow, they targeted my business phone number and called many times. In order to reveal the tricks they played to me over the phone and warn to others, I managed to record some of calls.

First "CRA" scam call for TAX dispute, which happened on May 16 2018:

Friday, July 13, 2018

Check Your Site Vulnerability if Listing on Bounty Site.

As long as your web application published on Internet, one day it will face the hackers scanning. There is no 100% security and you always want to find out the vulnerability first before it can be exploited. There are many bounty programs online to attract hackers to search those vulnerabilities and publish out, also notify web master. Open Bug Bounty is one of them and probably most popular one.

1. Open Bug Bounty Website
Started in June 2014, Open Bug Bounty is a non-profit platform designed to connect security researchers and website owners in a transparent, respectful and mutually valuable manner. Open Bug Bounty’s coordinated vulnerability disclosure platform allows any security researcher reporting a vulnerability on any website as long as the vulnerability is discovered without any intrusive testing techniques and is submitted following responsible disclosure guidelines.

Sunday, July 8, 2018

Sumuri Paladin 7 Forensics Suite Basic Usage

PALADIN is a bootable forensic Linux distribution based on Ubuntu and is developed and provided as a courtesy by SUMURI. The boot process has been modified to assure that the internal or external media of computers and devices are not modified or mounted. PALADIN is available as an ISO which can be used to make a bootable DVD or USB. Once booted, the user will find a host of pre-compiled open-source forensic tools that can be used to perform various tasks.

Boot Sumuri Paladin Live Session into Forensics Mode:
Boot Screen

Thursday, June 28, 2018

Gartner Magic Quadrant for Cloud Infrastructure as a Service(Worldwide)(2018,2017,2016,2015,2014,2013,2012...)

In the context of this Magic Quadrant, cloud compute IaaS (hereafter referred to simply as "cloud IaaS" or "IaaS") is defined as a standardized, highly automated offering, where compute resources, complemented by storage and networking capabilities, are owned by a service provider and offered to the customer on demand. The resources are scalable and elastic in near real time, and metered by use. Self-service interfaces are exposed directly to the customer, including a web-based UI and an API. The resources may be single-tenant or multitenant, and hosted by the service provider or on-premises in the customer's data center. Thus, this Magic Quadrant covers both public and private cloud IaaS offerings.
Gartner's two top leaders, AWS and Microsoft, didn't change for all the time from 2010 to 2018. But Google Cloud Platform has made to leader quadrant this year.

Friday, June 22, 2018

Wednesday, June 20, 2018

CISCO ASA VPN Tips and Tricks

1. Clear VPN Configuration: 

clear configure crypto map VPN_AAAA

2. Debug and show commands:

Enable logging:

ciscoasa#terminal monitor
ciscoasa(config)# logging buffer-size 1048576
ciscoasa(config)# logging buffered 7
ciscoasa(config)# logging monitor 7
ciscoasa(config)# debug crypto condition peer
ciscoasa(config)# debug crypto ipsec 127

Monday, June 11, 2018

Basic Procedures to Troubleshoot an Infected Computer

Today received a report from user, computer is slow and seems have been infected with unknown virus or malware. No special symptoms except slow.

1. Check task manager and resource monitor

There is a process smss.exe which description is "Microsoft ? Console Based Script Host " using almost 75% CPU all the time.

From task manager, I found system was rebooted a couple of hours ago at very early morning and user was not around.

Also, no matter how you ended this process, it will come back in 10 seconds and take your CPU away and use about 4M your memory.