American progressive metal progenitors Queensryche firing on all cylinders with “Digital Noise Alliance“, delivering one of the best releases in the bands history and possibly one of this years most notable metal recordings. Once again full disclosure, I’m a life long fan of Queensryche going back to 1984 when The Warning was released and changed the American progressive metal landscape. Often considered one of the original “Big Three” of the American prog-metal scene – I’d argue “Big Four or Five” to include Watchtower and Crimson Glory – Queensryche changed everything.
read more
The IRVA Remote Viewing Conference 2022 starts today. The IRVA Remote Viewing Conference 2022 begins today, I’m excited, I am attending virtually providing a daily recap and “almost live blog” here. The IRVA Remote Viewing Conference 2022 is being broadcast live via Zoom for special pricing for those unable to attend in person. A few days after the conference, live-stream registrants will be granted access to recordings of the talk live-streams, which will be available online for 14 days.
read more
The IRVA Remote Viewing Conference 2021 wrapped you over this past weekend, 10-12 September 2021. It was a resounding success, great attendance both physically and virtually, excellent presentations and thought provoking discussion. Wait a second though… I think revisiting remote viewing stage 5 may be warranted. Why would I suggest revisiting remote viewing stage 5? One of the talks I was looking forward to was Thomas (Tom) McNear’s presentation on “Phonetics: Discovering CRV Stage Seven”, specifically to see how this may relate to my own experimentation with phonetics.
read more
The IRVA Remote Viewing Conference 2021 kicked off today. My travel ability changed last minute this week and I cannot attend the IRVA Remote Viewing Conference 2021 in person, however I am attending virtually and providing a daily recap and “almost live blog” here. The IRVA Remote Viewing Conference 2021 is being broadcast live via Zoom for special pricing for those unable to attend in person.
read more
In this post we look at one of remote viewing’s biggest challenges, location, and some ideas on remote viewing stage 6 location and directionals. Anyone who has spent a decent amount of time remote viewing, teaching or discussing remote viewing will inevitably field the questions – “Can you remote _\__”, “can you remote view the lottery?”, “please remote view this missing person”, “when will __ happen?
read more
I’m looking forward to the 2021 International Remote Viewing Conference this year. Last year’s IRVA conference was virtual, which was a great success, I do hope they continue to offer virtual options for those unable to attend in person. Nothing beats in person discussions, meetings and training, however technology has progressed to the point where virtual or online options are a viable and sometimes preferred delivery format for many things.
read more
This driver works great on various distros but specifically for myself provides a working solution for PopOS 20.04 (or Ubuntu 20.04) with Apple Magic Mouse 2 scrolling. I know this will likely get me flamed, but while Linux is and continues to be my computing platform of choice the past few decades for work and personal computing, my workplace requires me to use an Apple laptop.
read more
Unleash the Archers Abyss, a conceptual sequel to 2017’s “Apex”, establishes the band as an elite powerhouse with a release that will be recognized in time as of one the most brilliantly crafted and executed collections of aural storytelling ever created. Unleash the Archers “Abyss” Music Review I’ll state it ahead of time for full disclosure – I was a fan prior to hearing Unleash the Archers (UTA) new release “Abyss” , so I’m admittedly biased.
read more
Caught up with ScottL and Amber of Ghostly Talk podcast to discuss remote viewing, what’s new and just general babble. It’s way, way too long – just way too long! On Tuesday September 1st, 2020 I had the pleasure to virtually sit down to chat and catch up with Scott and Amber for episode 134 of their Ghostly Talk podcast. I’ve been so fortunate in my life and relationships – the friendship I’ve established with Ghostly Talk and Scott/Amber goes back to 2004.
read more
If you’ve been remote viewing for a good amount of years you’ve accumulated boxed archives with many thousands of sheets of paper. I know I have. Plain ole 8-1/2″ x 11″ white stock paper and a good pen were a remote viewers standard issue tools for decades. The ole adage was “pen on paper, go!”. Times have changed. While nothing will arguably ever completely replace the tactile feel and response of “pen on paper”, and that’s absolutely fine, current technology has gotten so good that the advantages of devices such as tablets and digital white boards far outweigh the few shortcomings – in my opinion.
read more
Remote Viewing What Happened to Flight 19 Remote viewing targets can be divided in to two main types at a fundamental macro level – those that can be validated with tangible feedback, and those that cannot be validated. Scientifically speaking you are not remote viewing unless what you are remote viewing has verifiable feedback to analyze the accuracy of the data perceived under blind or double-blind conditions.
read more
Remote Viewing the Elizabeth Smart Disappearance and the Dangers of Consensus Reporting On June 5, 2002, Elizabeth Smart was abducted from her bedroom in her family’s house in Salt Lake City, Utah. A few days later, I was given a tasking by one of my remote viewing teachers and advised it was time sensitive. At this juncture I had received “intermediate” levels of professional, in person remote viewing instruction and had been actively doing training style targets for a few years.
read more
Remote Viewing the Jessica Lunsford Disappearance – A heartbreaking breakthrough. By 2005 I had established a direct relationship with law enforcement after assisting in several investigations. I was contacted, if I recall correctly, on Friday the 25th with a request for remote viewing data. It was my birthday week so it still sticks in my head a bit as I spent the weekend getting a few sessions done.
read more
Here’s an excellent example of remote viewing the winning lottery numbers by one of my students for a small “Cash 3” type of lottery from our archives. Alphanumerical information with remote viewing has always been considered by many as “impossible” or quite challenging at the very least. Several methods to work around this difficulty has been utilized over the years, such as associative remote viewing or kinesthetic dowsing type of approaches, but here at TSI we spent a substantial amount of time, many years ago developing a very specific technique and targeting cue.
read more
Vance West Linux Systems and Investigation Vance West is the founder of the investigation and training firm Trinity Science International (TSI). Initiated in 1999, TSI offers instruction and services utilizing diverse skill-sets for problem-solving, unconventional intelligence collection, cyber security and all aspects of investigative assessment. Vance also works within the IT industry where he’s spent the last two decades specializing in Linux based systems, networking, digital forensics, systems engineering and security administration.
read more
A local privilege escalation in snapd versions 2.28 through 2.37 that could allow the creation of root level accounts – may give you a Dirty Sock !
Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges.
read more
PhpMyAdmin security fix v4.8.5 will patch an SQL Injection and arbitrary file read vulnerability. Security is a daily ongoing endeavor and discipline in today’s online world. In a security blog post the developers of phpMyAdmin announced version 4.8.5 of its software to address a few security related issues.
The security fixes involve:
Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1) SQL injection in the Designer interface (https://www.
read more
Original Source: BleepingComputer
Independent consultant and security contractor Max Justicz discovered a remote code execution issue in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions.
As described by Justicz, the APT vulnerability present in the package manager starting with version 0.8.15 “allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package.
read more
In a vulnerable web and cloud based world, KeePassXC offers excellent password management that’s secure, reliable, offline by default and open source. A password manager is a tool that creates and stores passwords for you, so you can use many different passwords on different sites and services without having to memorize them all, and/or more importantly avoid using the same non-secure password.
read more
Examine Network Socket Connections with Linux ss Command Instead of Netstat The Linux ‘ss’ command replaces the older ‘netstat’ and makes a lot of information about network and socket connections available for you to easily examine or troubleshoot issues. The ss (socket statistics) command provides a lot of information by displaying details on socket activity. Whatis a Socket? A socket is a Linux file descriptor for communicating with the network.
read more
PhpMyAdmin MySQL Table Export SQL Format Not Available phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web, it’s a very popular tool included with many server control panels such as Plesk and cPanel. Recently an incident was sent my way where a large customer was advising the ability to export single MySQL tables within PhpMyAdmin was no longer providing the expected SQL format by default.
read more
HealthEquity Email Hack Breaches Data of Users… Again ! An email hack security breach on their mail has again potentially exposed personal data of HealthEquity customers. This is not the first time however, in June, an unauthorized user hacked into an employee’s email account and breached the data of 16,000 customers according to HealthEquity Email Hack. The most recent breach is similar according to this site notification to customers:
read more
Issue
Had this pop up today, been several years since the ugly Apache semaphore scenario reared its messy head. You’ll have an Apache http web service down, upon typical quick look and attempt to restart, Apache fails to kick off. No biggie, whether digging through logs, systemctl status and journalctl stuffs you’ll eventually come across something similar to:
[Sun Dec 23 15:22:11.
read more
The team is proud to announce the release of Linux Mint 19.1 “Tessa” Cinnamon Edition.
Linux Mint 19.1 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.
New features:
This new version of Linux Mint contains many improvements.
read more
VPN use is very prevalent these days, especially for businesses and the number of mobile workers, remote offices and tunneled cloud infrastructure. Inevitably at some point the IP address of an end point will need to be changed.
This can be accomplished quickly and easy in a few steps, in this blip we’ll look at a simple IKEv1 VPN tunnel -while IKEv2 is the way to go these days – there are still a gazillion IKEv1 tunnels in operation.
read more
Internal scenario recently. Some Ubuntu Server guest VMs running on top of vmWare ESXi server. Everything running fine, no issues, then the Ubuntu guest VMs will just randomly become utterly unresponsive.
Nothing happening before, the only thing on the Ubuntu guest logs are just a crap ton of carrot jibberish:
"^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@" Luckily I came across this post related to Mastodon that described the exact same event:
read more
Roku OS 9 Update Spotify It’s no secret I’m a big ROKU appliance fan on my TVs, been using them for years & love them. Roku has been in the process of rolling out their big Roku OS version 9 to supported devices, and yes I’ve been anxiously awaiting. Why ?
Spotify is back, that’s why !
Well, after anxiously manually checking, refreshing and more manual checking… this morning I was finally greeted to the OS 9 update, wheeeee !
read more
WordPress 5.0.1 Security Release
WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.
Plugin authors are encouraged to read the 5.0.1 developer notes for information on backwards-compatibility.
WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version 5.0.1. Updated versions of WordPress 4.
read more
Fairly interesting Plesk Onyx, ProFTPD, DBUS and Logind scenario recently.
Had a server sporadically terminating FTP sessions that were working fine previously. After verifying overall connectivity and firewalling were not the issue time to start diging through logs. While I could see the incomplete and terminated FTP sessions, there was nothing incredibly insightful as to why. Seeing the FTP daemon had been up & running without issues for almost two years I decided to just restart the ProFTPD service – sometimes stuff just needs to be kicked and if stuff was working before, that’s an easy step to eliminate before introducing ‘changes’.
read more
If you use or keep up with all things Linux you’re no doubt aware that the Linux Mint 19.1 “Tessa” beta dropped last week. Linux Mint 19.1 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use. Mint 19.
read more
WordPress Brute Force Attacks
WordPress’ popularity not only attracts bloggers but also hackers. Hackers try to compromise
WordPress installations to send spam, setup phishing exploits or launch other attacks.
While there are many sophisticated attacks against WordPress, hackers often use a simple brute force
password attack. In these attacks, botnets try to guess your admin password.
You may think that such attacks would fail, but they exploit one of the weakest links in the security
read more
You need to change an IP address of an interface on a Linux server without loosing connectivity, so here’s one way:
First add a secondary IP address to the interface:
ip addr add 192.168.1.10/24 dev eth0<br /> ip addr show eth0
And confirm:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 44:38:39:00:11:aa brd ff:ff:ff:ff:ff:ff inet 192.168.1.5/24 scope global eth0 inet 192.
read more
This is always an interesting one, comes up from time to time especially if you run a server with heavy database traffic.
Possibly you’ve modified you my.cnf with various tweaked settings for ‘max_connections’ or ‘open_files_limit’ but your your ‘mysqld.log’ you start getting:
<span class="pun">[</span><span class="pln">Warning</span><span class="pun">]</span><span class="pln"> Buffered warning</span><span class="pun">:</span><span class="pln"> Changed limits</span><span class="pun">:</span><span class="pln"> max_open_files</span><span class="pun">:</span> <span class="lit">1024</span> <span class="pun">(</span><span class="pln">requested </span><span class="lit">5000</span><span class="pun">)</span><br />
read more
If your like most home/office network tweakers looking for every bit of performance you can squeeze out of your home network. For $49 the small, yet powerful Ubiquiti ER-X is a great value offering gigabit ports, PoE, small form factor and VPN functionality.
As with any router the manufacturers release software updates periodically that offer fixes, security patches and added features. In once example, enabling hardware offloading on the Ubiquiti ER-X models.
Offloading is used to execute functions of the router using the hardware directly, rather than a process of software functions to greatly increase performance. The benefit of enabling offload in EdgeOS is increased performance and throughput by not limiting the performance to the CPU.
read more
Recently I was given a Cisco ASA 5508-X Firepower Threat Defense appliance to deploy. While these are the same hardware platform as the tried-true Cisco ASA 5508 firewalls, these run Cisco’s new ‘unified’ SourceFire linux based operating system (asa-ftd), which is essentially an operating system combining the SourceFire FirePower functionality with Cisco’s conventional firewalling capabilities. It’s Cisco’s new direction for combining these two platforms in to one hardware solution.
Without getting in to uber nerd verbosity, after unboxing the new unit and attempting to patch the OS to a new upgrade (version 6.0.2 -> 6.2.2), I was presented with a failed upgrade due to a corrupt MySQL database. Seriously ? This is why I loved the regular Cisco ASA in the first place, minimal OS running from flash memory, upgrades typically only require putting the new firmware in place, telling the Cisco ASA to boot the new firmware and reboot. The new SourceFire OS – it’s a full blown linux OS using MySQL for its backend, sigh… Since it was a new deployment and I couldn’t repair the tables or database I figured I’d go ahead and reach out to the Cisco TAC for insight.
read more
R1Soft error will resemble something like – “Failed to backup LVM/MD Configuration” with running LVM based commands from R1Soft.
Usually due to an upstream vendor or repo update of the LVM binary that conflicts with the R1soft native configuration “lvm.static” command.
read more
Windows 10 build 1803 April 2018 update now includes by default openSSH for Windows – no
more WSL, emulation or other work arounds – a full blown fully integrated SSH client in Windows.
The executables are stored in C:\Windows\System32\OpenSSH and also include scp.exe and sftp.exe.
A great way of making this even more functional for daily use is creating what we’d call ‘aliases’ in the
read more
Problem
On a Cisco ASA you can specify which interface to launch a ping from, but that’s it. However
sometimes in troubleshooting you may find yourself with access to all remote assets to triangulate
issues full or to properly initiate “interesting” traffic.
We can use TCP PING in an interactive manner with a variety of parameters.
Note: You need ASA version 8.
read more
