Recent Posts

11

Blog / Re: SCAM ALERT: VULNERABILITY REPORT- DMARC RECORD MISSING.

« Last post by kat on March 16, 2024, 03:08:16 PM »

Another bug bounty scammer, this time with a LinkedIn profile (not shown) claiming to have found a domain vulnerability due to a missing DMARC record. The scam here is claiming a quarantine policy setting (intentionally set the way it is) as a missing DMARC record while including screenshots confirming the scams. In other words, someone knowledgeable of 'IT' and/or 'security' would know the difference, and what the report actually means.

From
Ali Azhar thewhitehat862@gmail.com

Subject
VULNERABILITY REPORT- DMARC RECORD MISSING.

Body
What Is DMARC:

There is an email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.

How To Reproduce:
1.GO TO- https :// mxtoolbox.com/
2.ENTER THE WEBSITE ( https://www.katsbits.com/ ).CLICK GO.
3.YOU WILL SEE THE FAULT (No DMARC Record found)
4.In the new page that loads change MXLookup to DMARCLookup
POC-ATTACHED IMAGE

POC





Spammers can forge the "From" address on email messages to make messages appear to come from someone in your domain. If spammers use your domain to send spam or junk email, your domain quality is negatively affected. People who get the forged emails can mark them as spam or junk, which can impact authentic messages sent from your domain.

[signature image]

12

Blog / GamerGate Never Ends... Gamers as National Security Risks

« Last post by kat on March 15, 2024, 08:47:50 AM »

GamerGate never ends... because it's far too useful a tool to The Invisible Hand(TM) that are societies "Stakeholders".

In other words the propensity of gamers to be disagreeable is reason enough to 'monitor' and 'watch' their activities, in the name of redirecting or "countering disinformation" - the 'politically correct' way to say "terrorists" and/or "national security threats" without saying "terrorists" and/or "national security threats".

Gamers

cf. pages 50 & 51 in particular in the below (snapshot attached to post) - what's being described in the below screenshot, these 'alternative networks' of 'self-validating' "research", is Wikipedia. Or rather, information hubs that are not as formalised but function as alternative to Wikipedia.

What's interesting here is the outright dismissal of who the people involved in these 'alternative networks' are - they are as likely, if not more likely, to be in fields of science, engineering, math, politics etc., but are instead diminished and minimised whole-cloth, and simultaneously elevated to positions of being, essentially, "right-wing conspiracy theorists" and national security risks.

Note: the document below was originally published in 2021.

USAID Disinformation Primer... by FoundationForFreedomOnline

13

Blog / Re: SCAM WARNING - Bitcoin Sextortion & Blackmail Scams

« Last post by kat on March 14, 2024, 08:49:53 AM »

Subject: Familiarize yourself with the factual points of your case.


Hello, my perverted friend,

Unfortunately, the fact that our paths have crossed doesn't mean anything good for you.
I have some good news and bad news.
I'll start with the bad news.

While you were surfing **** sites, I managed to install a spyware using your browser.
It has gained access to your webcam, your browser history, and all your devices, not just your computer.

This alone wouldn't be a problem if only I wasn't particularly interested in your love of the very controversial genre of ****.
You know what I mean. I saved a backup copy of your webcam and screen recordings as you enjoy **** to these videos.
The video on the left shows a recording of your screen with the clip, while the one on the right shows you in real time.

There is no need to feel sorry for yourself or blame me for the situation - the fault here is yours alone because if you gaze into a dark abyss for too long, this darkness eventually will come knocking at your door.
You should even be grateful to fate that I'm the only one who discovered your unhealthy obsession and not your friends, family and colleagues.

And this is where I get to the essence of my message - I can easily organize this. Everyone you know, love and cherish, everyone you've spent years building your reputation as a respectable and honorable person in front of, will get a copy of the video of you **** yourself while watching these controversial videos.

All of your email and messengers contacts will get these videos at the same time.
You will have nothing left but to move to another city, and perhaps even another country, to get rid of the sick guy trail that will be running behind you.
However, this also might not help. As they say, the Internet remembers everything.
There's a good chance you will have to deal with the consequences for the rest of your life, despite your efforts to clear your name.

Now, as I promised, the good news.
I have a win-win solution for both you and me.
You regain your old free life and I make a small profit.

You should transfer $1340 to my Bitcoin wallet: [bitcoin address]

If you are unfamiliar with cryptocurrency, it's simple.
Type "crypto exchange" into the search engine and choose the option that suits you.
You can think of me as a kind of your life coach because if I didn't show up in your life, you would continue to lead the same destructive lifestyle as before.
So I kind of did you a favor, and favors are never free.

I must warn you not to do something stupid that you might do due to your lack of experience, such as:
; Contacting law enforcement.
I'm untraceable anyway, because cryptocurrencies are anonymous and I have access to all your devices, so as soon as I notice you trying to do something like this, the compromising clips will be made public.
; Negotiating with me by responding to this letter. My demands are ultimatums.
I generated this letter using your own email client, therefore it is impossible to contact me!
; Resetting, reinstalling your system or destroying your devices won't help you.
I repeat: I have access to them and if I notice such activity, hasta la vista, baby.

I wish you all the best and especially get rid of your "interesting" habits.
Then you will not only no longer encounter people like me, but you will also be able to reach a new quality level in your self-development.

Bye!

P.S. A little friendly advice: from now on, take what you do online more seriously.

14

Blog / GamerGate2 - SweetBaby Boogaloo

« Last post by kat on March 11, 2024, 05:36:47 PM »

GamerGate2 - SweetBaby Boogaloo shows that GamerGate never truly died. Instead the leopard simply changed its spots from an issue involving and revolving around a few infamous individuals, to one now involving businesses, organisations and corporations, and how the same brand of divisive toxic politics and 'activism' can be used to leverage compliance in support of a particular 'diverse, inclusive and equitable' (DIE) outlook that, as gamers see it, pollutes established Intellectual Properties and 'cannon' stories. The question has always been though, how exactly do these types of organisations and business find favour with game development studios and publishers, especially when they often have little or no writing, creative or other design experience?

They, game studios/developers/publishers etc., are basically gambling, weighing/running the risk of undermining an IP or brand for sake ESG/DIE to get "cheap money", against the projected big payoff at the end through sales.

Former game executive and develop at Blizzard Mark Kern
@Grummz: "The way games are funded you don't use your own money. Even EA, it's games are hugely expensive to make they're they're upwards of you know 250 sometimes 600 million dollars it's for certain live games it's incredibly how expensive they are and to do that uh your CFO is your best friend.

"You're counting on your CFO to get you tax breaks to get you in to put studios in regions which are financially favorable and you will borrow the cheap money you will get a cheap money to do it. Even EA does this. I worked with EA; we were putting together a deal where they were taking bailout money from the banks in the last financial crisis that we had, and they were applying that cheap money towards games same thing with Covid money. They're applying that cheap money towards games, and what has been the cheapest money while interest rates were still low, you know a couple of years ago it was ESG financing, and so they're going to take this money."

"Because the returns on investment have been so poor on Wall Street for ESG funds, that source of Revenue is drying it up. This Woke machine cannot continue in the way that it is now for AAA gaming, and I think unfortunately, it's so entrenched that you're not going to see - you're not going to see much of an ability to course correct because the studios are - they're just gonna shut down." [source]

Mark Kern explains how ESG money comes with strings attached inside corporations and is used to make companies partner with DEI consulting companies like Sweet Baby Inc:

"Everyone needs to realize is that it's not that these Studios are funding the games out of their own pocket; that would be very expensive for them. Cash is king. They will preferably go out and get money from other sources if it's cheap enough to help spread the risk of these massive titles, and so you have a lot of quid pro quo happening, and I can tell you that developers have been approaching me and giving me some inside baseball on what's been happening, and there are deals funding deals out there for studios - and I can't get too specific; I don't want to out sources - that have certain strings attached like a company will suddenly sign with a developer and now that developer needs to hire a DEI director and needs to go out and hire consultancy firms to gender balance."

"Their staff quite specifically go out and hire companies like SBI to consult on their writing and do sensitivity reading and changes for that, and what does, all this does, it boosts their ESG score. It allows them access that funding so ESG is not going away entirely."

"It's [ESG] become an evil brand. People are waking up to this... You have you have a rebranding going on right now. They're not calling it ESG, but it's still out there." [source]

15

News / Rig & Animate a Game Asset in Blender 3D (Gate/Door)

« Last post by kat on March 11, 2024, 10:22:53 AM »

"Rig & Animate a Game Asset (Gate/Door)" https://www.katsbits.com/codex/rig-animate-game-asset/ taking a look at setting up and animating a simple game asset in Blender 3D

16

Blog / Re: SCAM WARNING - eBusiness Number Registry (European Business Registry)

« Last post by kat on March 07, 2024, 03:51:12 PM »

Register-WCR
register@myhrm.org

17

Blog / Re: SCAM WARNING - Bitcoin Sextortion & Blackmail Scams

« Last post by kat on March 05, 2024, 02:11:56 PM »

Greetings,
I am sorry, but I have to start with the bad news.

A few months ago, I gained access to your account linked to OS, and therefore to all the devices you use for internet browsing.
Then it was easy for me to install special software on all your devices that tracked your every keystroke and mouse movement.

After that, gaining access to your personal e-mail [scraped email] was no longer a problem.
I'm not a genius or a brilliant hacker. You are just completely careless about digital hygiene and internet safety.
You seem to be completely unaware of incognito tabs, VPN, TOR, and clicking on suspicious email links.
And here is the point of my email - I have accessed not only your browser history and files but also your webcam.

Not only did I record you **** watching a video of highly controversial content, but I also got all your digital conversations.
Lest you think it's some fake editing, some of the footage of you is duplicated from several of your devices.
Everything you value - your friends', coworkers', and family's opinion of you - is jeopardized.

You've spent a long time building your reputation as a decent and responsible person.
Neither you nor I want to destroy it in one click.
The click which will send everyone you know, love and respect a questionable video with you and the most "remarkable" records from your browser history.

I hope you've begun to realize that I can turn your former life into shame and embarrassment in one moment.
However, I am a rational person and I don't want to make anyone suffer for the sake of suffering, so we can make a deal.

You need to transfer $1000 USD bitcoin equivalent to this BTC crypto wallet: [bitcoin address]

It's a very small amount for not losing the reputation you've been developing for years, maybe even decades.
Once I receive payment, I will delete all materials once and for all.
Since I monitor all your PC and mobile activity, I'll notice when you send the payment as well as when you read this email.
You have 48 hours to make a payment, starting from the moment you open this e-mail.

I'm a man of my word, you can trust me, otherwise, I would have published it long time ago. Some advice in advance:
- Don't reply to this letter. This email was sent from a randomly generated address.
- Don't call the police or any other authorities. As soon as I notice you're trying to contact them,
 the videos will be published online. In addition to that, crypto wallets are anonymous, so no one will ever track me.
- Don't try to reinstall your system or reset your device. As I mentioned, as soon as I get a notification of such activity, I will post all the materials.

I'm sorry that we had to meet under such circumstances, but fate is fate.
Adios, senor. I hope this is the last time we interact.

P.S. Kind reminder: please be more careful about your internet security from now on, and then you will never run into such situations.

18

Blog / Re: SCAM WARNING - eBusiness Number Registry (European Business Registry)

« Last post by kat on February 28, 2024, 11:12:10 AM »

Register.WCR
register@shortn.info

19

News / MacOS, Blender 4 & IMVU Toolkit - Avatar Expressions

« Last post by kat on February 26, 2024, 10:13:07 AM »

"MacOS, Blender 4 & IMVU Toolkit - Avatar Expressions" https://www.katsbits.com/codex/macos-blender-toolkit-expression/ basics of making a facial expression for IMVU using the Animation Tool in Blender. Example *.blend and *.fbx (converted to *.xpf on import to Studio) available.

20

News / Roblox & Blender - FBX Export/Import Object Scale

« Last post by kat on February 23, 2024, 10:58:17 AM »

"Roblox & Blender - FBX Export/Import Object Scale" https://www.katsbits.com/codex/fbx-scale-roblox/ taking a look at a better way to scale FBX models for use in Roblox Studio when exporting them from Blender.