Game Cheats 1337 Dirty Bomb

1. Game Cheats 1337 Dirty Bomb Game
2. Game Cheats 1337 Dirty Bomber
3. Game Cheats 1337 Dirty Bombs
4. Game Cheats 1337 Dirty Bomb Games

Game Cheats 1337 Dirty Bomb Game

• Game Cheats 1337 May 4, 2015 Frontline Commando WW2 Hack can be used to get free Gold, Gems and Warcash as well as unlimited Energy, Health or unlocking weapons instantly, all for free!
• Find all our Need for Speed: Most Wanted Cheats for PlayStation 2. Plus great forums, game help Here are some of. Game cheats 1337. Cheats and hacks for games on any platform, including Android, iOS and PC. Gamecheat13's second account for everything else. CHANNEL; Subscribe Subscribed Unsubscribe 6,502.
• Kategorie: OldSchoolHack Entwickler: DrPepper Beschreibung: OldSchoolHack Community SWBF2 Simple Wallhack for StarWars Battlefront 2 (2017) Version: 1.0.0 by DrPepper Features: - Name ESP - Box ESP - Health ESP - Enemy only ESP Usage: - inject dll into - menu key: insert.
• Dirty Bomb Cheat Tool - How to Get Credits Cases Free & Other Hacks Our Dirty Bomb cheats give you the option to add premium resources to your account for fr.

You can support the project on patreon: https://patreon.com/nadekobot or paypal: https://www.paypal.me/Kwoth

Game Dirty Bomb; 2015; Category Gaming; Song A Dark Machine; Artist ShockOne; Album A Dark Machine; Licensed to YouTube by WMG, Monstercat (on behalf of Monstercat); UNIAO BRASILEIRA DE EDITORAS. Dirty Bomb Cheats and Cheat Codes, PC. Web Media Network Limited, 1999 - 2020. This site is not affiliated in any way with Microsoft, Sony, Sega, Nintendo or any video game publishers. Capture fourteen of Gotham's most wanted by the end of the game to view an alternate ending. Secret Knightfall Protocol ending. Get a 100% game completion to view the true Knightfall Protocol ending and get the 'Knightfall' achievement. To get a 100% completion, you must complete the following tasks: 1. Successfully complete the main story.

Table Of Contents

Administration

Command and aliases	Description	Usage
.voice+text.v+t	Creates a text channel for each voice channel only users in that voice channel can see.If you are server owner, keep in mind you will see them all the time regardless. Requires ManageRoles server permission.Requires ManageChannels server permission.	.voice+text
.cleanvplust.cv+t	Deletes all text channels ending in -voice for which voicechannels are not found. Use at your own risk. Requires ManageChannels server permission.Requires ManageRoles server permission.	.cleanv+t
.greetdel.grdel	Sets the time it takes (in seconds) for greet messages to be auto-deleted. Set 0 to disable automatic deletion. Requires ManageServer server permission.	.greetdel 0 or .greetdel 30
.greet	Toggles anouncements on the current channel when someone joins the server. Requires ManageServer server permission.	.greet
.greetmsg	Sets a new join announcement message which will be shown in the server's channel. Type %user% if you want to mention the new member. Using it with no message will show the current greet message. Requires ManageServer server permission.	.greetmsg Welcome, %user%.
.greetdm	Toggles whether the greet messages will be sent in a DM (This is separate from greet - you can have both, any or neither enabled). Requires ManageServer server permission.	.greetdm
.greetdmmsg	Sets a new join announcement message which will be sent to the user who joined. Type %user% if you want to mention the new member. Using it with no message will show the current DM greet message. Requires ManageServer server permission.	.greetdmmsg Welcome to the server, %user%.
.bye	Toggles anouncements on the current channel when someone leaves the server. Requires ManageServer server permission.	.bye
.byemsg	Sets a new leave announcement message. Type %user% if you want to show the name the user who left. Type %id% to show id. Using this command with no message will show the current bye message. Requires ManageServer server permission.	.byemsg %user% has left.
.byedel	Sets the time it takes (in seconds) for bye messages to be auto-deleted. Set 0 to disable automatic deletion. Requires ManageServer server permission.	.byedel 0 or .byedel 30
.leave	Makes Nadeko leave the server. Either name or id required. Bot Owner only.	.leave 123123123331
.die	Shuts the bot down. Bot Owner only.	.die
.setname.newnm	Gives the bot a new name. Bot Owner only.	.newnm BotName
.setstatus	Sets the bot's status. (Online/Idle/Dnd/Invisible) Bot Owner only.	.setstatus Idle
.setavatar.setav	Sets a new avatar image for the NadekoBot. Argument is a direct link to an image. Bot Owner only.	.setav http://i.imgur.com/xTG3a1I.jpg
.setgame	Sets the bots game. Bot Owner only.	.setgame with snakes
.setstream	Sets the bots stream. First argument is the twitch link, second argument is stream name. Bot Owner only.	.setstream TWITCHLINK Hello
.send	Sends a message to someone on a different server through the bot. Separate server and channel/user ids with | and prepend channel id with c: and user id with u:. Bot Owner only.	.send serverid|c:channelid message or .send serverid|u:userid message
.announce	Sends a message to all servers' general channel bot is connected to. Bot Owner only.	.announce Useless spam
.adsarm	Toggles the automatic deletion of confirmations for .iam and .iamn commands. Requires ManageMessages server permission.	.adsarm
.asar	Adds a role to the list of self-assignable roles. Requires ManageRoles server permission.	.asar Gamer
.rsar	Removes a specified role from the list of self-assignable roles. Requires ManageRoles server permission.	.rsar
.lsar	Lists all self-assignable roles.	.lsar
.togglexclsar.tesar	Toggles whether the self-assigned roles are exclusive. (So that any person can have only one of the self assignable roles) Requires ManageRoles server permission.	.tesar
.iam	Adds a role to you that you choose. Role must be on a list of self-assignable roles.	.iam Gamer
.iamnot.iamn	Removes a role to you that you choose. Role must be on a list of self-assignable roles.	.iamn Gamer
.slowmode	Toggles slowmode. Disable by specifying no parameters. To enable, specify a number of messages each user can send, and an interval in seconds. For example 1 message every 5 seconds. Requires ManageMessages server permission.	.slowmode 1 5 or .slowmode
.antiraid	Sets an anti-raid protection on the server. First argument is number of people which will trigger the protection. Second one is a time interval in which that number of people needs to join in order to trigger the protection, and third argument is punishment for those people (Kick, Ban, Mute) Requires Administrator server permission.	.antiraid 5 20 Kick
.antispam	Stops people from repeating same message X times in a row. You can specify to either mute, kick or ban the offenders. Requires Administrator server permission.	.antispam 3 Mute or .antispam 4 Kick or .antispam 6 Ban
.antispamignore	Toggles whether antispam ignores current channel. Antispam must be enabled.	.antispamignore
.antilist.antilst	Shows currently enabled protection features.	.antilist
.rotateplaying.ropl	Toggles rotation of playing status of the dynamic strings you previously specified. Bot Owner only.	.ropl
.addplaying.adpl	Adds a specified string to the list of playing strings to rotate. Supported placeholders: %servers%, %users%, %playing%, %queued% Bot Owner only.	.adpl
.listplaying.lipl	Lists all playing statuses with their corresponding number. Bot Owner only.	.lipl
.removeplaying.rmpl.repl	Removes a playing string on a given number. Bot Owner only.	.rmpl
.setmuterole	Sets a name of the role which will be assigned to people who should be muted. Default is nadeko-mute. Requires ManageRoles server permission.	.setmuterole Silenced
.mute	Mutes a mentioned user both from speaking and chatting. Requires ManageRoles server permission.Requires MuteMembers server permission.	.mute @Someone
.unmute	Unmutes a mentioned user previously muted with .mute command. Requires ManageRoles server permission.Requires MuteMembers server permission.	.unmute @Someone
.chatmute	Prevents a mentioned user from chatting in text channels. Requires ManageRoles server permission.	.chatmute @Someone
.chatunmute	Removes a mute role previously set on a mentioned user with .chatmute which prevented him from chatting in text channels. Requires ManageRoles server permission.	.chatunmute @Someone
.voicemute	Prevents a mentioned user from speaking in voice channels. Requires MuteMembers server permission.	.voicemute @Someone
.voiceunmute	Gives a previously voice-muted user a permission to speak. Requires MuteMembers server permission.	.voiceunmute @Someguy
.migratedata	Migrate data from old bot configuration Bot Owner only.	.migratedata
.logserver	Enables or Disables ALL log events. If enabled, all log events will log to this channel. Requires Administrator server permission.Bot Owner only.	.logserver enable or .logserver disable
.logignore	Toggles whether the .logserver command ignores this channel. Useful if you have hidden admin channel and public log channel. Requires Administrator server permission.Bot Owner only.	.logignore
.logevents	Shows a list of all events you can subscribe to with .logRequires Administrator server permission.Bot Owner only.	.logevents
.log	Toggles logging event. Disables it if it's active anywhere on the server. Enables if it's not active. Use .logevents to see a list of all events you can subscribe to. Requires Administrator server permission.Bot Owner only.	.log userpresence or .log userbanned
.fwmsgs	Toggles forwarding of non-command messages sent to bot's DM to the bot owners Bot Owner only.	.fwmsgs
.fwtoall	Toggles whether messages will be forwarded to all bot owners or only to the first one specified in the credentials.json Bot Owner only.	.fwtoall
.autoassignrole.aar	Automaticaly assigns a specified role to every user who joins the server. Requires ManageRoles server permission.	.aar to disable, .aar Role Name to enable
.resetperms	Resets BOT's permissions module on this server to the default value. Requires Administrator server permission.	.resetperms
.delmsgoncmd	Toggles the automatic deletion of user's successful command message to prevent chat flood. Requires Administrator server permission.	.delmsgoncmd
.setrole.sr	Sets a role for a given user. Requires ManageRoles server permission.	.sr @User Guest
.removerole.rr	Removes a role from a given user. Requires ManageRoles server permission.	.rr @User Admin
.renamerole.renr	Renames a role. Roles you are renaming must be lower than bot's highest role. Requires ManageRoles server permission.	.renr 'First role' SecondRole
.removeallroles.rar	Removes all roles from a mentioned user. Requires ManageRoles server permission.	.rar @User
.createrole.cr	Creates a role with a given name. Requires ManageRoles server permission.	.cr Awesome Role
.rolecolor.rc	Set a role's color to the hex or 0-255 rgb color value provided. Requires ManageRoles server permission.	.rc Admin 255 200 100 or .rc Admin ffba55
.ban.b	Bans a user by ID or name with an optional message. Requires BanMembers server permission.	.b '@some Guy' Your behaviour is toxic.
.softban.sb	Bans and then unbans a user by ID or name with an optional message. Requires KickMembers server permission.Requires ManageMessages server permission.	.sb '@some Guy' Your behaviour is toxic.
.kick.k	Kicks a mentioned user. Requires KickMembers server permission.	.k '@some Guy' Your behaviour is toxic.
.deafen.deaf	Deafens mentioned user or users. Requires DeafenMembers server permission.	.deaf '@Someguy' or .deaf '@Someguy' '@Someguy'
.undeafen.undef	Undeafens mentioned user or users. Requires DeafenMembers server permission.	.undef '@Someguy' or .undef '@Someguy' '@Someguy'
.delvoichanl.dvch	Deletes a voice channel with a given name. Requires ManageChannels server permission.	.dvch VoiceChannelName
.creatvoichanl.cvch	Creates a new voice channel with a given name. Requires ManageChannels server permission.	.cvch VoiceChannelName
.deltxtchanl.dtch	Deletes a text channel with a given name. Requires ManageChannels server permission.	.dtch TextChannelName
.creatxtchanl.ctch	Creates a new text channel with a given name. Requires ManageChannels server permission.	.ctch TextChannelName
.settopic.st	Sets a topic on the current channel. Requires ManageChannels server permission.	.st My new topic
.setchanlname.schn	Changes the name of the current channel. Requires ManageChannels server permission.	.schn NewName
.prune.clr	.prune removes all nadeko's messages in the last 100 messages..prune X removes last X messages from the channel (up to 100).prune @Someone removes all Someone's messages in the last 100 messages..prune @Someone X removes last X 'Someone's' messages in the channel.	.prune or .prune 5 or .prune @Someone or .prune @Someone X
.mentionrole.menro	Mentions every person from the provided role or roles (separated by a ',') on this server. Requires you to have mention everyone permission. Requires MentionEveryone server permission.	.menro RoleName
.donators	List of lovely people who donated to keep this project alive.	.donators
.donadd	Add a donator to the database. Bot Owner only.	.donadd Donate Amount

Back to TOC

ClashOfClans

Command and aliases	Description	Usage
,createwar,cw	Creates a new war by specifying a size (>10 and multiple of 5) and enemy clan name.	,cw 15 The Enemy Clan
,startwar,sw	Starts a war with a given number.	,sw 15
,listwar,lw	Shows the active war claims by a number. Shows all wars in a short way if no number is specified.	,lw [war_number] or ,lw
,claim,call,c	Claims a certain base from a certain war. You can supply a name in the third optional argument to claim in someone else's place.	,call [war_number] [base_number] [optional_other_name]
,claimfinish1,cf1	Finish your claim with 1 star if you destroyed a base. First argument is the war number, optional second argument is a base number if you want to finish for someone else.	,cf1 1 or ,cf1 1 5
,claimfinish2,cf2	Finish your claim with 2 stars if you destroyed a base. First argument is the war number, optional second argument is a base number if you want to finish for someone else.	,cf2 1 or ,cf2 1 5
,claimfinish,cf	Finish your claim with 3 stars if you destroyed a base. First argument is the war number, optional second argument is a base number if you want to finish for someone else.	,cf 1 or ,cf 1 5
,endwar,ew	Ends the war with a given index.	,ew [war_number]
,unclaim,ucall,uc	Removes your claim from a certain war. Optional second argument denotes a person in whose place to unclaim	,uc [war_number] [optional_other_name]

Back to TOC

CustomReactions

Command and aliases	Description	Usage
.addcustreact.acr	Add a custom reaction with a trigger and a response. Running this command in server requires Administration permission. Running this command in DM is Bot Owner only and adds a new global custom reaction. Guide here: http://nadekobot.readthedocs.io/en/latest/Custom%20Reactions/	.acr 'hello' Hi there %user%
.listcustreact.lcr	Lists global or server custom reactions (20 commands per page). Running the command in DM will list global custom reactions, while running it in server will list that server's custom reactions. Specifying all argument instead of the number will DM you a text file with a list of all custom reactions.	.lcr 1 or .lcr all
.listcustreactg.lcrg	Lists global or server custom reactions (20 commands per page) grouped by trigger, and show a number of responses for each. Running the command in DM will list global custom reactions, while running it in server will list that server's custom reactions.	.lcrg 1
.showcustreact.scr	Shows a custom reaction's response on a given ID.	.scr 1
.delcustreact.dcr	Deletes a custom reaction on a specific index. If ran in DM, it is bot owner only and deletes a global custom reaction. If ran in a server, it requires Administration priviledges and removes server custom reaction.	.dcr 5
.crstatsclear	Resets the counters on .crstats. You can specify a trigger to clear stats only for that trigger. Bot Owner only.	.crstatsclear or .crstatsclear rng
.crstats	Shows a list of custom reactions and the number of times they have been executed. Paginated with 10 per page. Use .crstatsclear to reset the counters.	.crstats or .crstats 3

Back to TOC

Gambling

Command and aliases	Description	Usage
$flip	Flips coin(s) - heads or tails, and shows an image.	$flip or $flip 3
$betflip$bf	Bet to guess will the result be heads or tails. Guessing awards you 1.8x the currency you've bet.	$bf 5 heads or $bf 3 t
$draw	Draws a card from the deck.If you supply number X, she draws up to 5 cards from the deck.	$draw or $draw 5
$shuffle$sh	Reshuffles all cards back into the deck.	$sh
$roll	Rolls 0-100. If you supply a number [x] it rolls up to 30 normal dice. If you split 2 numbers with letter d (xdy) it will roll x dice from 1 to y. Y can be a letter 'F' if you want to roll fate dice instead of dnd.	$roll or $roll 7 or $roll 3d5 or $roll 5dF
$rolluo	Rolls X normal dice (up to 30) unordered. If you split 2 numbers with letter d (xdy) it will roll x dice from 1 to y.	$rolluo or $rolluo 7 or $rolluo 3d5
$nroll	Rolls in a given range.	$nroll 5 (rolls 0-5) or $nroll 5-15
$race	Starts a new animal race.	$race
$joinrace$jr	Joins a new race. You can specify an amount of currency for betting (optional). You will get YourBet*(participants-1) back if you win.	$jr or $jr 5
$raffle	Prints a name and ID of a random user from the online list from the (optional) role.	$raffle or $raffle RoleName
$cash$$$	Check how much currency a person has. (Defaults to yourself)	$$$ or $$$ @SomeGuy
$give	Give someone a certain amount of currency.	$give 1 '@SomeGuy'
$award	Awards someone a certain amount of currency. You can also specify a role name to award currency to all users in a role. Bot Owner only.	$award 100 @person or $award 5 Role Of Gamblers
$take	Takes a certain amount of currency from someone. Bot Owner only.	$take 1 '@someguy'
$betroll$br	Bets a certain amount of currency and rolls a dice. Rolling over 66 yields x2 of your currency, over 90 - x3 and 100 x10.	$br 5
$leaderboard$lb	Displays bot currency leaderboard.	$lb

Back to TOC

Games

Command and aliases	Description	Usage
>trivia>t	Starts a game of trivia. You can add nohint to prevent hints.First player to get to 10 points wins by default. You can specify a different number. 30 seconds per question.	>t or >t 5 nohint
>tl	Shows a current trivia leaderboard.	>tl
>tq	Quits current trivia after current question.	>tq
>typestart	Starts a typing contest.	>typestart
>typestop	Stops a typing contest on the current channel.	>typestop
>typeadd	Adds a new article to the typing contest. Bot Owner only.	>typeadd wordswords
>typelist	Lists added typing articles with their IDs. 15 per page.	>typelist or >typelist 3
>typedel	Deletes a typing article given the ID. Bot Owner only.	>typedel 3
>poll	Creates a poll which requires users to send the number of the voting option to the bot. Requires ManageMessages server permission.	>poll Question?;Answer1;Answ 2;A_3
>publicpoll>ppoll	Creates a public poll which requires users to type a number of the voting option in the channel command is ran in. Requires ManageMessages server permission.	>ppoll Question?;Answer1;Answ 2;A_3
>pollstats	Shows the poll results without stopping the poll on this server. Requires ManageMessages server permission.	>pollstats
>pollend	Stops active poll on this server and prints the results in this channel. Requires ManageMessages server permission.	>pollend
>pick	Picks the currency planted in this channel. 60 seconds cooldown.	>pick
>plant	Spend a unit of currency to plant it in this channel. (If bot is restarted or crashes, the currency will be lost)	>plant
>gencurrency>gc	Toggles currency generation on this channel. Every posted message will have chance to spawn currency. Chance is specified by the Bot Owner. (default is 2%) Requires ManageMessages server permission.	>gc
>hangmanlist	Shows a list of hangman term types.	> hangmanlist
>hangman	Starts a game of hangman in the channel. Use >hangmanlist to see a list of available term types. Defaults to 'all'.	>hangman or >hangman movies
>cleverbot	Toggles cleverbot session. When enabled, the bot will reply to messages starting with bot mention in the server. Custom reactions starting with %mention% won't work if cleverbot is enabled. Requires ManageMessages server permission.	>cleverbot
>acrophobia>acro	Starts an Acrophobia game. Second argment is optional round length in seconds. (default is 60)	>acro or >acro 30
>choose	Chooses a thing from a list of things	>choose Get up;Sleep;Sleep more
>8ball	Ask the 8ball a yes/no question.	>8ball should I do something
>rps	Play a game of rocket paperclip scissors with Nadeko.	>rps scissors
>linux	Prints a customizable Linux interjection	>linux Spyware Windows
>leet	Converts a text to leetspeak with 6 (1-6) severity levels	>leet 3 Hello

Back to TOC

Help

Command and aliases	Description	Usage
-modules-mdls	Lists all bot modules.	-modules
-commands-cmds	List all of the bot's commands from a certain module. You can either specify full, or only first few letters of the module name.	-commands Administration or -cmds Admin
-help-h	Either shows a help for a single command, or DMs you help link if no arguments are specified.	-h !!q or -h
-hgit	Generates the commandlist.md file. Bot Owner only.	-hgit
-readme-guide	Sends a readme and a guide links to the channel.	-readme or -guide
-donate	Instructions for helping the project financially.	-donate

Back to TOC

Music

Command and aliases	Description	Usage
!!next!!n	Goes to the next song in the queue. You have to be in the same voice channel as the bot. You can skip multiple songs, but in that case songs will not be requeued if !!rcs or !!rpl is enabled.	!!n or !!n 5
!!stop!!s	Stops the music and clears the playlist. Stays in the channel.	!!s
!!destroy!!d	Completely stops the music and unbinds the bot from the channel. (may cause weird behaviour)	!!d
!!pause!!p	Pauses or Unpauses the song.	!!p
!!fairplay!!fp	Toggles fairplay. While enabled, music player will prioritize songs from users who didn't have their song recently played instead of the song's position in the queue.	!!fp
!!queue!!q!!yq	Queue a song using keywords or a link. Bot will join your voice channel.You must be in a voice channel.	!!q Dream Of Venice
!!soundcloudqueue!!sq	Queue a soundcloud song using keywords. Bot will join your voice channel.You must be in a voice channel.	!!sq Dream Of Venice
!!listqueue!!lq	Lists 15 currently queued songs per page. Default page is 1.	!!lq or !!lq 2
!!nowplaying!!np	Shows the song currently playing.	!!np
!!volume!!vol	Sets the music volume 0-100%	!!vol 50
!!defvol!!dv	Sets the default music volume when music playback is started (0-100). Persists through restarts.	!!dv 80
!!shuffle!!sh	Shuffles the current playlist.	!!sh
!!playlist!!pl	Queues up to 500 songs from a youtube playlist specified by a link, or keywords.	!!pl playlist link or name
!!soundcloudpl!!scpl	Queue a soundcloud playlist using a link.	!!scpl soundcloudseturl
!!localplaylst!!lopl	Queues all songs from a directory. Bot Owner only.	!!lopl C:/music/classical
!!radio!!ra	Queues a radio stream from a link. It can be a direct mp3 radio stream, .m3u, .pls .asx or .xspf (Usage Video: https://streamable.com/al54)	!!ra radio link here
!!local!!lo	Queues a local file by specifying a full path. Bot Owner only.	!!lo C:/music/mysong.mp3
!!move!!mv	Moves the bot to your voice channel. (works only if music is already playing)	!!mv
!!remove!!rm	Remove a song by its # in the queue, or 'all' to remove whole queue.	!!rm 5
!!movesong!!ms	Moves a song from one position to another.	!!ms 5>3
!!setmaxqueue!!smq	Sets a maximum queue size. Supply 0 or no argument to have no limit.	!!smq 50 or !!smq
!!setmaxplaytime!!smp	Sets a maximum number of seconds (>14) a song can run before being skipped automatically. Set 0 to have no limit.	!!smp 0 or !!smp 270
!!reptcursong!!rcs	Toggles repeat of current song.	!!rcs
!!rpeatplaylst!!rpl	Toggles repeat of all songs in the queue (every song that finishes is added to the end of the queue).	!!rpl
!!save	Saves a playlist under a certain name. Name must be no longer than 20 characters and mustn't contain dashes.	!!save classical1
!!load	Loads a saved playlist using it's ID. Use !!pls to list all saved playlists and !!save to save new ones.	!!load 5
!!playlists!!pls	Lists all playlists. Paginated. 20 per page. Default page is 0.	!!pls 1
!!deleteplaylist!!delpls	Deletes a saved playlist. Only if you made it or if you are the bot owner.	!!delpls animu-5
!!goto	Goes to a specific time in seconds in a song.	!!goto 30
!!autoplay!!ap	Toggles autoplay - When the song is finished, automatically queue a related youtube song. (Works only for youtube songs and when queue is empty)	!!ap

Back to TOC

NSFW

Command and aliases	Description	Usage
~hentai	Shows a hentai image from a random website (gelbooru or danbooru or konachan or atfbooru or yandere) with a given tag. Tag is optional but preferred. Only 1 tag allowed.	~hentai yuri
~autohentai	Posts a hentai every X seconds with a random tag from the provided tags. Use | to separate tags. 20 seconds minimum. Provide no arguments to disable.	~autohentai 30 yuri|tail|long_hair or ~autohentai
~hentaibomb	Shows a total 5 images (from gelbooru, danbooru, konachan, yandere and atfbooru). Tag is optional but preferred.	~hentaibomb yuri
~danbooru	Shows a random hentai image from danbooru with a given tag. Tag is optional but preferred. (multiple tags are appended with +)	~danbooru yuri+kissing
~yandere	Shows a random image from yandere with a given tag. Tag is optional but preferred. (multiple tags are appended with +)	~yandere tag1+tag2
~konachan	Shows a random hentai image from konachan with a given tag. Tag is optional but preferred.	~konachan yuri
~gelbooru	Shows a random hentai image from gelbooru with a given tag. Tag is optional but preferred. (multiple tags are appended with +)	~gelbooru yuri+kissing
~rule34	Shows a random image from rule34.xx with a given tag. Tag is optional but preferred. (multiple tags are appended with +)	~rule34 yuri+kissing
~e621	Shows a random hentai image from e621.net with a given tag. Tag is optional but preferred. Use spaces for multiple tags.	~e621 yuri kissing
~cp	We all know where this will lead you to.	~cp
~boobs	Real adult content.	~boobs
~butts~ass~butt	Real adult content.	~butts or ~ass

Back to TOC

Permissions

Command and aliases	Description	Usage
;srvrfilterinv;sfi	Toggles automatic deleting of invites posted in the server. Does not affect Bot Owner.	;sfi
;chnlfilterinv;cfi	Toggles automatic deleting of invites posted in the channel. Does not negate the ;srvrfilterinv enabled setting. Does not affect Bot Owner.	;cfi
;srvrfilterwords;sfw	Toggles automatic deleting of messages containing forbidden words on the server. Does not affect Bot Owner.	;sfw
;chnlfilterwords;cfw	Toggles automatic deleting of messages containing banned words on the channel. Does not negate the ;srvrfilterwords enabled setting. Does not affect bot owner.	;cfw
;fw	Adds or removes (if it exists) a word from the list of filtered words. Use;sfw or ;cfw to toggle filtering.	;fw poop
;lstfilterwords;lfw	Shows a list of filtered words.	;lfw
;cmdcooldown;cmdcd	Sets a cooldown per user for a command. Set to 0 to remove the cooldown.	;cmdcd 'some cmd' 5
;allcmdcooldowns;acmdcds	Shows a list of all commands and their respective cooldowns.	;acmdcds
;ubl	Either [add]s or [rem]oves a user specified by a mention or ID from a blacklist. Bot Owner only.	;ubl add @SomeUser or ;ubl rem 12312312313
;cbl	Either [add]s or [rem]oves a channel specified by an ID from a blacklist. Bot Owner only.	;cbl rem 12312312312
;sbl	Either [add]s or [rem]oves a server specified by a Name or ID from a blacklist. Bot Owner only.	;sbl add 12312321312 or ;sbl rem SomeTrashServer
;verbose;v	Sets whether to show when a command/module is blocked.	;verbose true
;permrole;pr	Sets a role which can change permissions. Or supply no parameters to find out the current one. Default one is 'Nadeko'.	;pr role
;listperms;lp	Lists whole permission chain with their indexes. You can specify an optional page number if there are a lot of permissions.	;lp or ;lp 3
;removeperm;rp	Removes a permission from a given position in Permissions list.	;rp 1
;moveperm;mp	Moves permission from one position to another in Permissions list.	;mp 2 4
;srvrcmd;sc	Sets a command's permission at the server level.	;sc 'command name' disable
;srvrmdl;sm	Sets a module's permission at the server level.	;sm ModuleName enable
;usrcmd;uc	Sets a command's permission at the user level.	;uc 'command name' enable SomeUsername
;usrmdl;um	Sets a module's permission at the user level.	;um ModuleName enable SomeUsername
;rolecmd;rc	Sets a command's permission at the role level.	;rc 'command name' disable MyRole
;rolemdl;rm	Sets a module's permission at the role level.	;rm ModuleName enable MyRole
;chnlcmd;cc	Sets a command's permission at the channel level.	;cc 'command name' enable SomeChannel
;chnlmdl;cm	Sets a module's permission at the channel level.	;cm ModuleName enable SomeChannel
;allchnlmdls;acm	Enable or disable all modules in a specified channel.	;acm enable #SomeChannel
;allrolemdls;arm	Enable or disable all modules for a specific role.	;arm [enable/disable] MyRole
;allusrmdls;aum	Enable or disable all modules for a specific user.	;aum enable @someone
;allsrvrmdls;asm	Enable or disable all modules for your server.	;asm [enable/disable]

Back to TOC

Game Cheats 1337 Dirty Bomber

Pokemon

Command and aliases	Description	Usage
>attack	Attacks a target with the given move. Use >movelist to see a list of moves your type can use.	>attack 'vine whip' @someguy
>movelist>ml	Lists the moves you are able to use	>ml
>heal	Heals someone. Revives those who fainted. Costs a NadekoFlower	>heal @someone
>type	Get the poketype of the target.	>type @someone
>settype	Set your poketype. Costs a NadekoFlower. Provide no arguments to see a list of available types.	>settype fire or >settype

Back to TOC

Searches

Command and aliases	Description	Usage
~xkcd	Shows a XKCD comic. No arguments will retrieve random one. Number argument will retrieve a specific comic, and 'latest' will get the latest one.	~xkcd or ~xkcd 1400 or ~xkcd latest
~translate~trans	Translates from>to text. From the given language to the destination language.	~trans en>fr Hello
~autotrans~at	Starts automatic translation of all messages by users who set their ~atl in this channel. You can set 'del' argument to automatically delete all translated user messages. Requires Administrator server permission.Bot Owner only.	~at or ~at del
~autotranslang~atl	~atl en>fr	Sets your source and target language to be used with ~at. Specify no arguments to remove previously set value.
~translangs	Lists the valid languages for translation.	~translangs
~hitbox~hb	Notifies this channel when a certain user starts streaming. Requires ManageMessages server permission.	~hitbox SomeStreamer
~twitch~tw	Notifies this channel when a certain user starts streaming. Requires ManageMessages server permission.	~twitch SomeStreamer
~beam~bm	Notifies this channel when a certain user starts streaming. Requires ManageMessages server permission.	~beam SomeStreamer
~liststreams~ls	Lists all streams you are following on this server.	~ls
~removestream~rms	Removes notifications of a certain streamer from a certain platform on this channel. Requires ManageMessages server permission.	~rms Twitch SomeGuy or ~rms Beam SomeOtherGuy
~checkstream~cs	Checks if a user is online on a certain streaming platform.	~cs twitch MyFavStreamer
~pokemon~poke	Searches for a pokemon.	~poke Sylveon
~pokemonability~pokeab	Searches for a pokemon ability.	~pokeab overgrow
~placelist	Shows the list of available tags for the ~place command.	~placelist
~place	Shows a placeholder image of a given tag. Use ~placelist to see all available tags. You can specify the width and height of the image as the last two optional arguments.	~place Cage or ~place steven 500 400
~overwatch~ow	Show's basic stats on a player (competitive rank, playtime, level etc) Region codes are: euuscnkr	~ow us Battletag#1337 or ~overwatch eu Battletag#2016
~osu	Shows osu stats for a player.	~osu Name or ~osu Name taiko
~osub	Shows information about an osu beatmap.	~osub https://osu.ppy.sh/s/127712
~osu5	Displays a user's top 5 plays.	~osu5 Name
~yomama~ym	Shows a random joke from http://api.yomomma.info/	~ym
~randjoke~rj	Shows a random joke from http://tambal.azurewebsites.net/joke/random	~rj
~chucknorris~cn	Shows a random chucknorris joke from http://tambal.azurewebsites.net/joke/random	~cn
~wowjoke	Get one of Kwoth's penultimate WoW jokes.	~wowjoke
~magicitem~mi	Shows a random magicitem from https://1d4chan.org/wiki/List_of_/tg/%27s_magic_items	~mi
~anime~ani~aq	Queries anilist for an anime and shows the first result.	~ani aquarion evol
~manga~mang~mq	Queries anilist for a manga and shows the first result.	~mq Shingeki no kyojin
~weather~we	Shows weather data for a specified city. You can also specify a country after a comma.	~we Moscow, RU
~youtube~yt	Searches youtubes and shows the first result	~yt query
~imdb~omdb	Queries omdb for movies or series, show first result.	~imdb Batman vs Superman
~randomcat~meow	Shows a random cat image.	~meow
~randomdog~woof	Shows a random dog image.	~woof
~image~img	Pulls the first image found using a search parameter. Use ~rimg for different results.	~img cute kitten
~randomimage~rimg	Pulls a random image using a search parameter.	~rimg cute kitten
~lmgtfy	Google something for an idiot.	~lmgtfy query
~shorten	Attempts to shorten an URL, if it fails, returns the input URL.	~shorten https://google.com
~google~g	Get a google search link for some terms.	~google query
~magicthegathering~mtg	Searches for a Magic The Gathering card.	~magicthegathering about face or ~mtg about face
~hearthstone~hs	Searches for a Hearthstone card and shows its image. Takes a while to complete.	~hs Ysera
~yodify~yoda	Translates your normal sentences into Yoda styled sentences!	~yodify I was once an adventurer like youor~yoda my feelings hurt`
~urbandict~ud	Searches Urban Dictionary for a word.	~ud Pineapple
~define~def	Finds a definition of a word.	~def heresy
~#	Searches Tagdef.com for a hashtag.	~# ff
~catfact	Shows a random catfact from http://catfacts-api.appspot.com/api/facts	~catfact
~revav	Returns a google reverse image search for someone's avatar.	~revav '@SomeGuy'
~revimg	Returns a google reverse image search for an image from a link.	~revimg Image link
~safebooru	Shows a random image from safebooru with a given tag. Tag is optional but preferred. (multiple tags are appended with +)	~safebooru yuri+kissing
~wikipedia~wiki	Gives you back a wikipedia link	~wiki query
~color~clr	Shows you what color corresponds to that hex.	~clr 00ff00
~videocall	Creates a private http://www.appear.in video call link for you and other mentioned people. The link is sent to mentioned people via a private message.	~videocall '@SomeGuy'
~avatar~av	Shows a mentioned person's avatar.	~av '@SomeGuy'
~wikia	Gives you back a wikia link	~wikia mtg Vigilance or ~wikia mlp Dashy
~minecraftping~mcping	Pings a minecraft server.	~mcping 127.0.0.1:25565
~minecraftquery~mcq	Finds information about a minecraft server.	~mcq server:ip
~lolban	Shows top banned champions ordered by ban rate.	~lolban
~memelist	Pulls a list of memes you can use with ~memegen from http://memegen.link/templates/	~memelist
~memegen	Generates a meme from memelist with top and bottom text.	~memegen biw 'gets iced coffee' 'in the winter'

Back to TOC

Game Cheats 1337 Dirty Bombs

Utility

Command and aliases	Description	Usage
.convertlist	List of the convertible dimensions and currencies.	.convertlist
.convert	Convert quantities. Use .convertlist to see supported dimensions and currencies.	.convert m km 1000
.remind	Sends a message to you or a channel after certain amount of time. First argument is me/here/'channelname'. Second argument is time in a descending order (mo>w>d>h>m) example: 1w5d3h10m. Third argument is a (multiword)message.	.remind me 1d5h Do something or .remind #general 1m Start now!
.remindtemplate	Sets message for when the remind is triggered. Available placeholders are %user% - user who ran the command, %message% - Message specified in the remind, %target% - target channel of the remind. Bot Owner only.	.remindtemplate %user%, do %message%!
.listquotes.liqu	.liqu or .liqu 3	Lists all quotes on the server ordered alphabetically. 15 Per page.
...	Shows a random quote with a specified name.	... abc
..	Adds a new quote with the specified name and message.	.. sayhi Hi
.deletequote.delq	Deletes a random quote with the specified keyword. You have to either be server Administrator or the creator of the quote to delete it.	.delq abc
.delallq.daq	Deletes all quotes on a specified keyword. Requires Administrator server permission.	.delallq kek
.repeatinvoke.repinv	Immediately shows the repeat message on a certain index and restarts its timer. Requires ManageMessages server permission.	.repinv 1
.repeatremove.reprm	Removes a repeating message on a specified index. Use .repeatlist to see indexes. Requires ManageMessages server permission.	.reprm 2
.repeat	Repeat a message every X minutes in the current channel. You can have up to 5 repeating messages on the server in total. Requires ManageMessages server permission.	.repeat 5 Hello there
.repeatlist.replst	Shows currently repeating messages and their indexes. Requires ManageMessages server permission.	.repeatlist
.serverinfo.sinfo	Shows info about the server the bot is on. If no channel is supplied, it defaults to current one.	.sinfo Some Server
.channelinfo.cinfo	Shows info about the channel. If no channel is supplied, it defaults to current one.	.cinfo #some-channel
.userinfo.uinfo	Shows info about the user. If no user is supplied, it defaults a user running the command.	.uinfo @SomeUser
.scsc	Starts an instance of cross server channel. You will get a token as a DM that other people will use to tune in to the same instance. Bot Owner only.	.scsc
.jcsc	Joins current channel to an instance of cross server channel using the token. Requires ManageServer server permission.	.jcsc TokenHere
.lcsc	Leaves Cross server channel instance from this channel. Requires ManageServer server permission.	.lcsc
.calculate.calc	Evaluate a mathematical expression.	.calc 1+1
.calcops	Shows all available operations in .calc command	.calcops
.rotaterolecolor.rrc	Rotates a roles color on an interval with a list of supplied colors. First argument is interval in seconds (Minimum 60). Second argument is a role, followed by a space-separated list of colors in hex. Provide a rolename with a 0 interval to disable. Bot Owner only.	.rrc 60 MyLsdRole #ff0000 #00ff00 #0000ff or .rrc 0 MyLsdRole
.togethertube.totube	Creates a new room on https://togethertube.com and shows the link in the chat.	.totube
.whosplaying.whpl	Shows a list of users who are playing the specified game.	.whpl Overwatch
.inrole	Lists every person from the provided role or roles (separated by a ',') on this server. If the list is too long for 1 message, you must have Manage Messages permission.	.inrole Role
.checkmyperms	Checks your user-specific permissions on this channel.	.checkmyperms
.userid.uid	Shows user ID.	.uid or .uid '@SomeGuy'
.channelid.cid	Shows current channel ID.	.cid
.serverid.sid	Shows current server ID.	.sid
.roles	List roles on this server or a roles of a specific user if specified. Paginated. 20 roles per page.	.roles 2 or .roles @Someone
.channeltopic.ct	Sends current channel's topic as a message.	.ct
.createinvite.crinv	Creates a new invite which has infinite max uses and never expires. Requires CreateInstantInvite channel permission.	.crinv
.stats	Shows some basic stats for Nadeko.	.stats
.showemojis.se	Shows a name and a link to every SPECIAL emoji in the message.	.se A message full of SPECIAL emojis
.listservers	Lists servers the bot is on with some basic info. 15 per page. Bot Owner only.	.listservers 3
.savechat	Saves a number of messages to a text file and sends it to you. Bot Owner only.	.savechat 150
.activity	Checks for spammers. Bot Owner only.	.activity

Game Cheats 1337 Dirty Bomb Games

RISKS-LIST: Risks-Forum Digest Friday 1 April 2016 Volume 29 : Issue 42
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/29.42.html>
The current issue can be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Anonymous hacks NSA's Bluffdale facility (Henry Baker)
'Apple Offers to Buy CryptoWall for $10 Billion' (Henry Baker)
Apple Agrees to DoJ Encryption Demands (Mark Thorson)
Apple, FBI reach historic public key escrow agreement (Henry Baker)
Advances in Autonomous Burgerdom? (PGN)
Re: Pentagon skips tests on key component of U.S.-based missile defense
system (Fred Cohen)
Heating up deep sea water to reduce global warming (Fred Cohen)
1,418 remotely exploitable flaws found in automated medical supply system
(Darlene Storm via Drew Dean)
2000 tons of nuclear materials `just aren't secure as they need be' (Al Mac)
How to Hack an Election (Bloomberg)
Tech titans release new email security standard (Michelle Goodman via DH)
CNBC passwords, mother board (boingboing)
The Apple-FBI Battle Is Over, But the Crypto Wars Have Just Begun (WiReD)
Should hackers help the FBI? (NYTimes)
Hackers Seek Ransom From Two More California Hospitals (Chad Terhune)
Smooth Criminal: Meet USB Thief, Malware That Can Attack Systems Without
Leaving Any Trace (Santiago Tiongco)
More background on the MedStar fiasco (Al Mac)
Why Ransomware loves Hospitals (Al Mac)
Re: Bangladesh bank heist to Philippines to Chinese (sundry sources via Al Mac)
Stefan Savage receives RISKS-relevant award (ACM/Infosys Foundation)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Fri, 1 Apr 2016 00:51:00 -0700
From: Henry Baker <hba...@pipeline.com>
Subject: Anonymous hacks NSA's Bluffdale facility
FYI -- This just in...
Bluffdale, UT -- April 1, 2016 -- Hacker cooperative Anonymous today
announced that they have successfully hacked the NSA's massive Bluffdale,
UT, data storage complex and encrypted all of its petabytes of data with
ransomware.
According to an Anonymous spokesperson 'sneaker', 'This is the largest
encryption operation ever attempted, and the Salt Lake City lights dimmed
measurably throughout the computationally intensive process.'
Anonymous continued, 'We are not holding this data hostage nor are we asking
for any Bitcoins. We will leave the decryption keys to this data under the
front doormat of a U.S. government facility somewhere in the world.'
An NSA spokeswoman said that she 'could neither confirm nor deny' the
Anonymous claims, but she did admit that whenever snow fell on the Bluffdale
facility, it immediately melted.
Anonymous was able to hack into the Bluffdale facility via a simple e-mail
phishing attack that promised cheats, mods and hacks of the Minecraft video
game.
A retired DoD official 'close to the NSA' said that it took an entire year
for Anonymous to encrypt all these petabytes of data, but NSA hadn't noticed
because the Bluffdale stores only internationally intercepted data, which
NSA seldom -- if ever -- examines.
Story developing...
------------------------------
Date: Fri, 1 Apr 2016 00:12:21 -0700
From: Henry Baker <hba...@pipeline.com>
Subject: 'Apple Offers to Buy CryptoWall for $10 Billion'
'Apple Offers to Buy CryptoWall for $10 Billion'
'Plans to dominate the burgeoning data protection market'
One Infinite Loop, Cupertino, CA -- April 1, 2016 -- Apple Computer today
announced its plan to purchase the data protection business CryptoWall for
$10 billion. The deal is expected to close before the end of 2016 after
securing the approval of regulators.
Apple CEO Tim Cook laid out the rationale for the purchase: 'Apple Computer
has always insisted upon the privacy and security of its customers. We were
the first to incorporate default full-disk encryption, and CryptoWall is
the obvious next step in protecting our customers' data confidentiality.'
'CryptoWall's product is in daily use by government agencies, businesses,
and ordinary citizens; they have the best name recognition and brand image
in theWe have to thank FBI Director Jim Comey for continuing to insist upon
thinking out of the box; he thought all along that the tekkies in Silicon
Valley would eventually be able to come up with an equitable solution for
all parties. We and the FBI have been working around the clock for the past
several months and this cooperation has finally paid off.'
'We at Apple have agreed to put all of our customers' public keys into an
escrow database managed by the FBI. When a court so orders, the FBI can
search this database and produce any particular customer's public key,' said
Apple CEO Tim Cook.
FBI's Jim Comey enthusiastically supports the new key-escrow system. 'Back
in the '90's, there were many key escrow suggestions that just couldn't be
made to work. But this new key-escrow system -- which I named 'public key
escrow' -- is an idea whose time has finally arrived.'
MIT Professor Ronald Rivest -- the 'R' in the 'RSA' public-key cryptographic
system devised in the 1970's -- said 'The idea of putting the public key
into an escrowed database managed by a trusted third party never occurred to
any of the three of us during the past 40 years.' Rivest continued, 'Now
that this 'public key escrow' idea is out there, I can see other potential
applications -- such as hiding one's public key under his own front
doormat.'
Whit Diffie -- one of the inventors of the Diffie-Hellman exchange so
critical to e-commerce today -- praised the innovative thinking behind the
public key escrow system, 'It's nice to see that both Apple and the FBI will
be able to save face and claim victory here; this is a win-win solution for
everyone.'
Apple's Cook added, 'We believe we can trust the FBI with our users' public
keys; after all, our country has trusted the FBI with so many citizens'
private data ever since its founding by J. Edgar Hoover in 1924. Apple is
also pleased that the FBI has stepped up to operate this 'public key escrow'
database; the Internet industry has had trouble coming up with a business
model to support this activity.'
[I simply don't know how all of these four items could all appear in the
same issue, even though it is 1 April 2016! PGN]
------------------------------
Date: Fri, 1 Apr 2016 01:23:58 PDT
From: 'Peter G. Neumann' <neu...@csl.sri.com>
Subject: Advances in Autonomous Burgerdom?
In-and-Out Burger is reportedly contemplating some experimental
installations involving completely automated operations at selected
locations around the U.S. The concept does away with local managers,
counter personnel, cooks, clean-up staff, and other employees, and would use
advanced robotics. It could vastly increase the potential size of their
so-called Secret Menu [*] -- permitting selections from among your own
individualized computer-stored customer profiles, specifying your favorite
alternative combinations of ingredients to which you can give your own
creative names (rather than having locally famous people's names). Their
automation is expected to greatly reduce operational costs, while enabling
the company to guarantee that no jobs would be shipped off-shore. Employees
having to pay taxes on tips would be avoided completely. The company press
release indicates they will use secure computing to hinder surveillance by
governments and competitors. while keeping your own preferences private.
However, based on your past orders, they may suggest that you might be
interested in emerging new options -- based on your historical profile. For
example, they might offer mathematicians items such as the Fibonacci Burger,
which is expected to grow on you organically. Ethereum will be a favored
unconventional currency, because of its Turing-complete smart contracts.
Real-time individualized anomaly detection will ensure both quality and
safety of delivered and served food and beverages. I&OB's Corporate
executives and their techies appear to be on the cutting edge of
personalized burgerdom, well aware of recent advances in both artificial
intelligence and security that could greatly increase both efficiency and
security. Financial backers may see this as a harbinger for a new wave of
completely automated restaurants -- although problems might arise such as
when the just-in-time food supplies do not arrive just-in-time, or when your
steak is overcooked. Progress in restaurant automation could also be spun
off into the Internet of Things, exploiting experience gained in robotic
service and maintenance.
* Secret? Perhaps it uses Hambermorphic Encryption? PGN
------------------------------
Date: Sat, 19 Mar 2016 06:24:14 -0700
From: Fred Cohen <f...@all.net>
Subject: Re: Pentagon skips tests on key component of U.S.-based missile
defense system (Willman, RISKS-29.36)
[Peter, Even though my response is in fact rational, it belongs in the
April 1 issue.]
Assuming the facts are correct at stated (which they rarely are), this
sounds as if at least two people should go to jail, and likely many more as
co-conspirators.
For the workers in the US government, in particular the military, it's
called treason, and since we are at war with ISIS, I believe the penalty is
death. Military tribunal is called for.
The lesser charge of fraud should be charged against the non-government
employees, and of course their companies should be debarred from further US
government work until the companies return all monies in excess of the
original bid and produce a working product. Note they should also have to
pay all late penalties associated with not delivering on time.
Fred Cohen - 925-454-0171 - All.Net & Affiliated Companies
http://all.net/ PO Box 811 Pebble Beach, CA 93953
------------------------------
Date: Sat, 19 Mar 2016 06:36:55 -0700
From: Fred Cohen <f...@all.net>
Subject: Heating up deep sea water to reduce global warming
[Re: Microsoft servers to bottom of ocean (I-HLS), RISKS-29.36. PGN]
Another true one for April 1:
A project currently being proposed will heat up deep sea water to reduce
global warming.
The project is intended to take the periodic cold water upsurges from the
Monterey Bay deep sea canyon and use them to cool a major datacenter to be
placed near the shore. The proponents state that the computers will then be
used to model the change in the ocean temperatures by those studying global
climate change. They will also provide the first ecologically sound major
data center in the central coast area, which will also support other
research and business development. Waste water from the plant will be used
to warm up pools used to help recovering sea mammals who get sick from
domoic acid (also associated with climate impacts of warmer sea
temperatures) -- which increases algae and accumulates in shellfish,
sardines, and anchovies. [For non-Californians, I note that domoic acid
essentially demolished (domolished?) the crab season, which was shut down
this year until just a few days ago. PGN]
On an unrelated [???] story, the recent collapse of shellfish populations in
the area is being addressed by a ban on fishing in protected fisheries in
the Monterey Bay area. The reason behind the collapse is unknown, but will
be studied by placing additional ultra-high-speed computing resources at the
planned Monterey Bay data center. The loss in shellfish is being replaced by
local restaurants by new sardine-based dishes.
------------------------------
Date: Thu, 31 Mar 2016 12:12:37 -0700
From: Drew Dean <dd...@csl.sri.com>
Subject: 1,418 remotely exploitable flaws found in automated medical supply
system (Darlene Storm)
Hard to believe, but that really is the headline. To the Pyxis' credit, they
appear to have handled the situation much better than most.
Darlene Storm, Computerworld, 30 Mar 2016
Excerpts:
Security researchers found 1,418 remotely exploitable flaws in CareFusion's
Pyxis SupplyStation medical dispensing system. 715 of those vulnerabilities
in ``automated supply cabinets used to dispense medical supplies' have a
severity rating of high or critical.
The Pyxis SupplyStation system is a 'secure storage device; for medical
supplies that documents supply usage and interfaces with software to bill
the patient. The vulnerabilities can be exploited remotely and exploits for
targeting the flaws are publicly available, the ICS-CERT advisory
notes. Wait, it gets better as it apparently would not require a l33t [for
those behind the times, this refers to *leetspeak*, also known as *leet*,
*eleet*, and even 1337; PGN] hacker to exploit the medical system. ICS-CERT
noted, ``An attacker with low skill would be able to exploit many of these
vulnerabilities.' ...
There are numerous Pyxis software versions affected (8.0, 8.1.3, 9.0, 9.1,
9.2 and 9.3) running on Server 2003 or XP, but since those versions are
running end-of-life software, “a patch will not be provided.” ...
Ahmadi first sent notification of the vulnerabilities to the FDA, he said,
which sent the report on to DHS ICS-CERT. While communicating with ICS-CERT
and CareFusion, Ahmadi said he was impressed that CareFusion – now BD – “did
not deny any of the vulnerabilities existed, and also offered up all
affected systems, voluntarily for use in the advisory.”
Ahmadi said it is important to note “that the issues are in the third-party
packages, which we have been preaching about for the last several years. Up
to 90% of the software used in development today is third-party.”
The 1,418 bugs are present in seven third-party software packages including
Microsoft Windows XP, Sybase SQL Anywhere 9, Symantec Antivirus 9 and
Symantec pcAnywhere 10.5.
CareFusion is attempting to contact affected customers and advising them to
upgrade. Otherwise, ICS-CERT has the list of CareFusion's suggested
mitigations for customers using legacy operating systems.
http://www.computerworld.com/article/3049361/security/1-418-remotely-exploitable-flaws-found-in-automated-medical-supply-system.html
Drew Dean, Computer Science Laboratory, SRI International
[Cave Con-em! PGN]
------------------------------
Date: Thu, 31 Mar 2016 15:43:08 -0500
From: 'Alister Wm Macintyre (Wow)' <macwh...@wowway.com>
Subject: 2000 tons of nuclear materials `just aren't secure as they need be'
2,000 tons of nuclear material may not be well secured.
http://www.emergencyemail.org/newsemergency/anmviewer.asp?a=5454
https://gwtoday.gwu.edu/nuclear-materials-just-aren't-secure-they-need-be'
http://www.defenseone.com/ideas/2016/03/all-too-human-reason-nuclear-material-isnt-secure-enough/126864/
There are lots of stories about missing nuclear material. The missing WMD
of Iraq, claimed in the 1st Gulf War, may have gone to Iran; or may have
been a false statement by a prisoner of torture, telling what he thinks the
torturers wanted to hear; or a false statement by anti-Saddam movement
thinking that will bring in the American rescuers.
https://fas.org/article/u-s-military-nuclear-material-unaccounted-missing-action-just-sloppy/
http://www.cnn.com/2016/02/29/americas/mexico-radioactive-device-missing/
https://www.washingtonpost.com/news/worldviews/wp/2013/12/06/this-alarming-map-shows-dozens-of-nuclear-materials-thefts-and-losses-every-year/
http://www.nti.org/analysis/articles/2012-nis-nuclear-trafficking/
What could go wrong?
Terrorists could deliver dirty bombs to disrupt commerce through busy ports,
canals, government and financial centers, and their usual mass attack sites.
One target might be the facilities they are constantly stealing the
materials from, if they begin to have competent security.
Criminals could announce that such a dirty bomb has been planted some place,
and in exchange for a large sum of money, they will reveal where it is, but
if they are not paid within a week, they will let it go off.
At nuclear power plants, where security is a joke, attackers could seize
them, like they have hijacked airliners, taken over hotels etc. In such an
attack, they might try to dynamite, or otherwise disrupt the concrete
basement which is designed to stop a melt down from exiting. Then they
would trigger a melt down accident on purpose.
Terrorists could work on making a real atomic bomb.
Arms smugglers may deliver more enriched uranium to Iran, North Korea, and
other nations not supposed to have any more.
We may be hearing about this thanks to the 2016 Nuclear Security Summit
(NSS) at the Walter E. Washington Convention Center in Washington, DC from
March 31 - April 1, 2016
https://www.whitehouse.gov/the-press-office/2016/03/29/fact-sheet-nuclear-security-summits-securing-world-nuclear-terrorism
https://content.govdelivery.com/attachments/USDHSFEMA/2016/03/31/file_attachments/525467/FEMA%2BDaily%2BOps%2BBriefing%2B03-31-2016.pdf
------------------------------
Date: Fri, 31 Mar 2016 17:12:57 PDT
From: 'Peter G. Neumann' <neu...@csl.sri.com>
Subject: How to Hack an Election (Bloomberg)
Jordan Robertson, Michael Riley, and Andrew Wills, Bloomberg, 31 Mar 2016
http://www.bloomberg.com/features/2016-how-to-hack-an-election/
Andres Sepulveda rigged elections throughout Latin America for almost a
decade. He tells his story for the first time [perhaps in hopes of
getting his sentence reduced!]
In July 2015, Sepulveda sat in the small courtyard of the Bunker, poured
himself a cup of coffee from a thermos, and took out a pack of Marlboro
cigarettes. He says he wants to tell his story because the public doesn't
grasp the power hackers exert over modern elections or the specialized
skills needed to stop them. ``I worked with presidents, public figures with
great power, and did many things with absolutely no regrets because I did it
with full conviction and under a clear objective, to end dictatorship and
socialist governments in Latin America. I have always said that there are
two types of politics -- what people see and what really makes things
happen. I worked in politics that are not seen.'
------------------------------
Date: Wed, Mar 23, 2016 at 4:30 AM
From: Dewayne Hendricks <dew...@warpspeed.com>
Subject: Tech titans release new email security standard
[Note: This item comes from friend Steve Goldstein. DLH]
Tech titans release new email security standard
Michelle Goodman, FierceCIO, 22 Mar 2016
http://www.fiercecio.com/story/tech-titans-release-new-email-security-standard/2016-03-22
Thanks to a collaboration among developers from Google, Microsoft, Yahoo,
Comcast, LinkedIn and 1&1 Mail and Media Development and Technology, email
security is getting a much needed overhaul.
This engineering dream team has outlined a new safeguard -- called SMTP
Strict Transport Security -- in a draft that's up for consideration as an
Internet Engineering Task Force standard. SMTP Strict Transport Security
would enable email providers to create policies and rules for sending and
receiving encrypted email over the Internet.
Such a mechanism is long overdue. SMTP, or Simple Mail Transfer Protocol,
was established in 1982 and did not allow for encryption. In 2002, the
STARTTLS extension was added to the protocol to improve security of SMTP
connections. But for the most part, email providers lagged in adopting
STARTTLS.
All that changed in 2013, when Edward Snowden revealed the prevalence of
email and other online surveillance by various government intelligence
agencies. As InfoWorld reported, today STARTTLS is fairly ubiquitous in
Internet messaging. Only problem is, the protocol can easily be decrypted or
otherwise compromised.
Enter the new SMTP Strict Transport Security mechanism, which takes a number
of steps to eliminate these vulnerabilities.
Just how vulnerable is today's email? Google has found that among Gmail
users, 83 percent of outgoing messages sent to other email providers around
the globe are encrypted. Incoming emails from other providers worldwide fare
much worse though, with just 69 percent of them arriving encrypted.
As InfoWorld noted, the level of email encryption varies throughout the
world. For instance, Asian and African email providers are much less
reliable than those based in Europe and the U.S.
The Internet Engineering Task Force isn't the only team of engineers working
on the email encryption problem. Last week, the privacy-minded Swiss startup
ProtonMail launched a free, encrypted email service that's supposedly
impossible for governments to crack. [...]
Draft of the new standards:
https://tools.ietf.org/html/draft-margolis-smtp-sts-00
------------------------------
Date: Wed, 30 Mar 2016 12:43:12 -0500
From: 'Alister Wm Macintyre (Wow)' <macwh...@wowway.com>
Subject: CNBC passwords, mother board (boingboing)
Many things on the Internet are broken, including some people trying to
teach the public about cyber security guidelines.
CNBC offered users a way to test passwords to allegedly find one which was
pretty good, and test any you are now using.
However, this password tutorial had a number of flaws.
* Its password testing form was transmitted in the clear, which means that
anyone who shared your Internet connection (that is, everyone on the same
WiFi or neighborhood-wide cable modem connection as you) could see you
sending it.
* CNBC website doesn't use HTTPS web encryption.
* The way that CNBC's website was set up, all 30 of the advertisers, whose
ads appeared on the page, could also spy on your password.
* CNBC sent all the passwords it received to a Google Doc spreadsheet
(itself a prime target for hacking/breaching), despite a notice that said,
'No passwords are being stored.'
* CNBC's system wasn't very good at scoring passwords, giving them higher
grades than they deserved.
http://boingboing.net/2016/03/30/cnbcs-secure-password-tutori.html
http://motherboard.vice.com/read/cnbc-tried-and-massively-failed-to-teach-people-about-password-security
CNBC has taken this down, but you can see an archive of it here:
https://archive.is/kaczF
------------------------------
Date: Wed, 30 Mar 2016 08:27:01 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: The Apple-FBI Battle Is Over, But the Crypto Wars Have Just Begun
The Apple-FBI Battle Is Over, But the Crypto Wars Have Just Begun
http://www.wired.com/2016/03/apple-fbi-battle-crypto-wars-just-begun/
------------------------------
Date: Wed, 30 Mar 2016 10:16:54 PDT
From: 'Peter G. Neumann' <neu...@csl.sri.com>
Subject: Should hackers help the FBI?
Room for Debate, with debaters Fred Kaplan, Alan Butler, Katie Moussouris,
and Matt Blaze
http://www.nytimes.com/roomfordebate/2016/03/30/should-hackers-help-the-fbi/constantly-bolstering-computer-security-is-vital
------------------------------
Date: Mon, Mar 28, 2016 at 11:59 PM
From: Dewayne Hendricks <dew...@warpspeed.com>
Subject: Hackers Seek Ransom From Two More California Hospitals
Chad Terhune)
[Note: This item comes from friend Steve Goldstein. DLH]
Hackers Seek Ransom From Two More California Hospitals
Chad Terhune, Medscape, 24 Mar 2016
<http://www.medscape.com/viewarticle/860921>
Hackers demanded a ransom from two more Southern California hospitals last
week and federal authorities are investigating the case.
Prime Healthcare Services Inc., a fast-growing national hospital chain, said
the attackers infiltrated computer servers on Friday at two of its
California hospitals, Chino Valley Medical Center in Chino and Desert Valley
Hospital in Victorville.
The company said the cyberattack had not affected patient safety or
compromised records on patients or staff.
Two sources familiar with the investigation said the hackers had demanded a
ransom to unlock the hospital computer systems, similar to what happened
last month at Hollywood Presbyterian Medical Center in Los Angeles.
Hollywood Presbyterian said it paid $17,000 in bitcoin to hackers to regain
access to the institution's computers.
Fred Ortega, a spokesman for Prime Healthcare, declined to comment on
whether Prime received a ransom demand or paid any money, citing the ongoing
investigation. ``This is similar to challenges hospitals across the country
are facing, and we have taken extraordinary steps to protect and
expeditiously find a resolution to this disruption, The concern now is to
let law enforcement do their thing and find the culprit.'
FBI spokeswoman Laura Eimiller said Tuesday ``we are investigating a
compromise of the network at these locations.' She declined to discuss
specifics of the case. The FBI also has been investigating the attack at
Hollywood Presbyterian.
Ortega said the two hospitals affected remain operational and steps are
being taken to restore their computer systems to full functionality. He said
some IT systems were shut down by hospital staff as a preventive measure so
malicious software didn't spread further.
The company said it's working with data security experts and the California
Department of Public Health on the matter.
Prime Healthcare, based in Ontario, Calif., has acquired struggling
hospitals across the country and has become one of the nation's largest
health systems. It runs 42 hospitals in 14 states. The company is led by its
outspoken chairman and chief executive, Dr. Prem Reddy.
A series of high-profile data breaches in the past year have raised fresh
questions about the ability of hospitals, health insurers and other medical
providers to safeguard the vast troves of electronic medical records and
other sensitive data they are stockpiling on millions of Americans.
------------------------------
Date: Mon, Mar 28, 2016 at 11:32 PM
From: Dewayne Hendricks <dew...@warpspeed.com>
Subject: Smooth Criminal: Meet USB Thief, Malware That Can
Attack Systems Without Leaving Any Trace (Santiago Tiongco)
[Note: This item comes from friend Steve Goldstein. DLH]
Santiago Tiongco, Tech Times, 26 Mar 2016
http://www.techtimes.com/articles/144306/20160326/smooth-criminal-meet-usb-thief-a-malware-that-can-attack-systems-without-leaving-any-trace.htm
Another new malware has surfaced, but this one is unlike the others. This
alarmingly stealthy trojan cannot be copied or replicated and it can set up
camp in your computer without you ever having a clue.
Nicknamed 'USB Thief' by security experts from the ESET antivirus firm,
this new USB trojan is equipped with self-protecting mechanisms that enable
it to escape detection. It can even infiltrate air-gapped systems, making
it an exceptionally useful tool in industrial as well as cyber espionage.
In relation to this malware's ability to access air-gapped computers - that
is, computers not connected to the Internet for security reasons - the
trojan is introduced to a system via USB devices that contain portable
installers of widely-used applications such as Firefox, NotePad++, and
TrueCrypt. USB Thief exploits this trend by penetrating the command chain of
these applications either as a plugin or a dynamically linked library (DLL),
which is why each time you run the application, the trojan is also executed
in the background.
A key aspect of this malware is that it has a highly sophisticated
mechanism for self-protection against copying or reverse engineering by
employing two operations: AES128 encryption of certain files and generation
of filenames from cryptographic elements.
First, an AES encryption key is computed from that unique USB device ID and
certain disk details from the USB drive hosting the malware, which means the
malware can only successfully run on that one particular USB device.
Second, the naming of the subsequent file in the malware execution chain is
based on actual file content and its creation time, effectively making the
file names different for every instance of this trojan. Because of these
techniques, copying or reproducing the malware is virtually impossible.
In addition to the malware's multi-step self-protection and ability to not
leave any trace on the targeted computer, its <macwh...@wowway.com>
Subject: More background on the MedStar fiasco (RISKS-29.41)
MedStar http://www.medstarhealth.org/ is a $ 5 billion non-profit health
care provider which operates 10 hospitals and 120-250 clinics (conflicting
news stories) serving the Baltimore Maryland area including Virginia and
Washington DC, so it will probably get much more news coverage than the
almost 2,000 other victims of Ransomware. MedStar treated 4.5-million
patients in 2015. They have 30,000 employees and 6,000 affiliated
physicians.
https://en.wikipedia.org/wiki/MedStar_Health
There are different kinds of cyber security incidents, happening at a high
rate of speed. With some, they release necessary details, then soon the
public forgets, in the wake of hundreds of incidents reported at other
places, but looks like MedStar is operating on the dribble approach, let
info dribble out as they figure things out, and permit any of the 30,000
employees to speak with the media, which guarantees that with each drop of
additional info, news media around the world will be trumpeting the story
again, so this place's problems will be remembered for much longer than most
others.
Initially they said virus, no evidence any info stolen, too early to say
ransomware, no disruption to health care for patients.
Now we know it is ransomware, and there has been disruption to patients and
their families.
We also know, that to install the ransomware, the hackers had to have had
access to PII of patients, employees, their medical records, financial info,
all of the computer records impacted, which invokes some laws regarding
disclosure of numbers of people potentially at risk of breach.
Later info may dribble out from investigations, to refresh the news stories.
This close to DC, Congress will probably hold hearings on this and other
similar incidents.
http://www.zdnet.com/article/virus-hits-medstar-health-hospital-network-but-denies-data-theft/
When the first stories came out about the apparent virus attack on MedStar,
we were not being told many details.
On Monday 28 Mar morning, the hospital discovered the problem, that many
computer access points had been attacked, so they shut the whole system down
to try to stop the spread of whatever it was. That afternoon, they released
a statement about the situation on their web site, and Facebook page.
The shutdown impacts access to Electronic Health Records (EHR), e-mail,
laboratory results, financials, just about all record keeping you would
expect at any medical institution. Many doctor PCs are okay, showing data
from the days before the attack, they just cannot access the MedStar
network, or access this week's e-mail. I hope their ISP has sufficient data
storage to hold the accumulated e-mail until these systems are back up
again.
The old paperwork system 'works' for employees who remember it, but there
may be recovery hassles after systems restored, making sure the records are
complete for the downage days.
The FBI had been contacted.
Initially we were not told what kind of attack it was, but from clues, there
was lots of speculation.
https://www.washingtonpost.com/local/virus-infects-medstar-health-systems-computers-hospital-officials-say/2016/03/28/480f7d66-f515-11e5-a3ce-f06b5ba21f33_story.html
http://www.healthcare-informatics.com/article/breaking-news-medstar-health-hacked-ehr-down-fbi-investigating
http://money.cnn.com/2016/03/28/technology/medstar-hospital-hack/
http://inhomelandsecurity.com/virus-infects-medstar-health-systems-computers-hospital-officials-say/
On Monday 28 Mar, hospital spokespersons had claimed that this incident
would not disrupt health care. On Tuesday, news media was publishing lots
of stories about disruptions to patient health care, thanks to this
incident.
By Wednesday, historical EHR records were accessible read-only, but not from
all work stations.
Some patients have been turned away, because of this incident, refused
renewal of prescriptions. Hospital spokespersons said that no one will get
delayed medical treatment because of this, but news media has been
interviewing patients for whom that was exactly what happened, and/or
subjected to scary, and health-threatening, inconveniences. One hospital
lost track of a man's invalid wife, falsely claiming she had been released,
which caused him lots of anxiety until they located her getting the proper
treatment.
Patients arrive for appointments, only to find they have been canceled
because the medical staff cannot do a proper job without access to the
computer records, and apparently they also need access to the computer to
notify patients that their appointments have been canceled. Other patients
get daily calls 'Don't come in, the computers are down again today.'
In addition to official spokesperson statements, news media is talking with
lots of the medical staff, who explain serious medical safety issues, which
the official spokesperson is down playing.
https://www.washingtonpost.com/local/medstar-health-turns-away-patients-one-day-after-cyberattack-on-its-computers/2016/03/29/252626ae-f5bc-11e5-a3ce-f06b5ba21f33_story.html
http://wtop.com/local/2016/03/medstar-still-dealing-problems-cyber-attack/
http://www.usnews.com/news/articles/2016-03-29/medstar-struggles-to-work-around-computer-hacking-crisis
http://www.pressreader.com/usa/the-washington-post/20160331/282024736400036/textview
There's also news stories about what Congress persons are saying. They
passed a law in 2015 calling for the federal Health and Human Services (HHS)
to:
* Create a task force of health industry leaders and cyber security
professionals to identify the biggest threats, and to suggest mitigation
approaches;
* Provide doctors and hospitals with guidance on the best ways to protect
themselves from cyber attack,
* Have service from the agency, to help any medical institution which
suffers a cyber attack;
* Issue reports to the health industry on emerging threats and risks they
need to protect themselves against;
* And more . the legislation = Information Sharing Act of 2015.
http://www.healthcareinfosecurity.com/obama-signs-cyber-info-sharing-bill-a-8762
So far HHS has not yet implemented any of this, according to some news
stories, while others talk about the progress being made implementing it.
But without the task force, it has been a slow learning process for an
agency new to this topic, making some judgment errors, in selecting which
risks to prioritize warnings about. There may be a need for agencies,
experienced in cyber-threats by industry and how attackware gets delivered,
to provide initial training for agencies new to providing cyber security
guidance.
Other people are calling for an update to HIPPA = US gov regulations about
health care records. That system already has a requirement for hospitals to
report incidents like this.
HHS Office of Civil Rights (OCR) investigates all cyber incidents of health
care providers, either reported to them directly, under HIPPA regulations,
or found out via news reports. They also have guidance on how to report
incidents, such as to the FBI Internet Crime Complaint Center.
http://www.ic3.gov/default.aspx
They have also told medical institutions about the Better Business Bureau's
scam tracker.
https://www.bbb.org/scamtracker/us
Apparently some people are ignorant of the fact that there are laws already
on the books, calling for the reporting of cyber insecurity incidents, some
of which have not yet been implemented, or are not enforceable.
Almost every state of the USA has a requirement that places hit by cyber
attack, either located in that state, or with customers in that state,
report them to the Attorney General of the state, and take measures to
compensate victims of the attacks (their customers, and others). However,
many institutions do not know they are under attack, until the damage has
been done, plus some do not know what to do, after they discover they have
been attacked.
http://www.govinfosecurity.com/ransomware-time-for-hipaa-update-a-9002
http://www.healthcareinfosecurity.com/ocr-cyber-awareness-effort-will-have-impact-a-8846
So proper precautions have been sporadic throughout the health care
industry.
* We can see from the discrepancies between stories of medical staff and
hospital spokesperson statements, that there's a lack of training how to
deal with this kind of incident, and a lack of internal communications to
cope when computers are down.
* We have not yet been told how this happened to MedStar, but with many
other institutions it was a lack of training to avoid one employee
victimized by phishing taking down the entire computer system. There's
also backups, and keeping software up to date.
http://hitconsultant.net/2016/03/30/medstar-cyber-attack/
When the US government first was pushing EHR, there was an outpouring of
cyber security concerns from the security industry.
The medical profession and government had to learn from medical breaches
that those concerns were valid, and remediation investment was essential.
We are flooded with cyber security warnings, and few employers have budgeted
the resources to cope with them effectively.
In April 2014, there was an FBI warning about a growth in cyber attacks upon
the health care industry.
The FBI predicted that movement to on-line systems, without provision for
how to handle themselves, when those systems go down, is inviting trouble.
That trouble has now arrived, inconveniencing many portions of the health
care industry.
http://www.fiercehealthit.com/story/when-it-comes-cybersecurity-staff-education-matters/2016-03-29
Next the news media learned that MedStar was a ransom ware attack, where if
the hospital pays $18.5K in bitcoins, the crooks promise to send the keys to
unlock their system. Instead, the hospital system is restoring from
backups, with partial recovery, and has suffered at least $1 million per day
thanks to the down time.
http://www.baltimoresun.com/health/bs-md-medstar-ransom-hack-20160330-story.html
http://www.ibtimes.co.uk/hospitals-crippled-by-cybercriminals-ruthless-medstar-hack-demands-12900-unlock-computers-1552429
I found out about this news story, because I subscribe to KnowBe4 -- training
in how not to be a victim of cyber attacks.
They use breaking news stories about cyber security incidents to explain how
their training can prevent such incidents.
https://www.knowbe4.com/
The challenges, the hospital staff and patients are dealing with,
demonstrates some flaws in planning for the possibility of computer
downtime, when everyone becomes dependent on the digital data. What could
go wrong, when a hospital runs purely on electronic records, then their
computer systems go down? MedStar has learned about that this week, and
also has had earlier lessons.
http://catless.ncl.ac.uk/Risks/29.31.html#subj4
Before any hearings into what if anything should be done about such
incidents, maybe Congress should get a report from CRS = Congressional
Research Service,
https://www.fas.org/sgp/crs/misc/
and from GAO = Government Accountability Office,
http://www.gao.gov/products/GAO-16-265
to communicate:
* What laws and regulations already exist regarding health care cyber
incidents, their prevention and disclosure.
* What is the status of implementation of those rules.
* Statistics on this kind of attack.
* Status of investigations into major attacks.
Here are some CRS reports on Health Care, other than the cyber security
dimension:
http://www.ncsl.org/research/health/congressional-research-service-reports-on-health.aspx
------------------------------
Date: Fri, 1 Apr 2016 00:16:28 -0500
From: 'Alister Wm Macintyre (Wow)' <macwh...@wowway.com>
Subject: Why Ransomware loves Hospitals
Ransomware <https://en.wikipedia.org/wiki/Ransomware> is a threat to:
* Hospitals
* Police stations
* Cloud services
* Mobile phones
http://krebsonsecurity.com/tag/ransomware/
In addition to all the data placed at risk, which I mentioned in my earlier
MedStar post, medical devices may also be at risk.
* To install the ransomware, the hackers had to have had access to PII of
patients, employees, their medical records, financial info, all of the
computer records impacted, which invokes some laws regarding disclosure of
numbers of people potentially at risk of breach.
Sergey Lozhkin, a senior researcher at Kaspersky Lab said ``in lots of cases
medical equipment is not isolated from the local office network.' A month
ago, he detailed the results of his penetration test of a Moscow hospital.
Among other issues, Lozhkin discovered a login portal for a CT scan machine
on the open Internet, and once inside the hospital's local network, he found
a control panel for an MRI machine that was not password protected.
<https://threatpost.com/medical-device-health-care-security-continues-to-ail/116228/>
There have been at least a dozen hospitals, or hospital chains, inflicted
with ransomware just in March 2016.
http://motherboard.vice.com/read/the-spreading-epidemic-of-hospital-ransomware
Thursday, March-31, the U.S. Department of Homeland Security (DHS). and the
Canadian Cyber Incident Response Centre, issued a joint alert about the risk
of ransomware.
http://www.reuters.com/article/us-cyber-ransomware-alert-idUSKCN0WY3BN
US Hospitals are juicy targets for ransomware because:
* Their care depends on access to up-to-date complete records, which thanks
to the US government, are now electronic.
* Their care is critical. Disrupting it can mean serious complications for
patients. And law suits because of that.
* Very few hospitals conduct security training for their staff.
* What has been more critical for them is HIPPA compliance, because the US
government has emphasized patient privacy much more than cyber security.
http://www.wired.com/2016/03/ransomware-why-hospitals-are-the-perfect-targets/
MedStar reacted by shutting down their servers the moment they realized
they'd been hit. KnowB4 says that is the correct first step. They
distribute a 20-page hostage manual (.pdf) instructing ransomware victims on
what to do after an attack, and how to prevent one.
<http://www.wired.com/wp-content/uploads/2016/03/RansomwareManual-1.pdf>
There are several ways computers get hit by ransomware.
* Someone falls for a phishing spam scam, which installs attackware on their
computer.
* Hacked or malicious sites exploit browser vulnerabilities with drive-by
attackware.
* Once either approach has gained access to a system, the hackers can easily
follow, to perform their mischief.
It goes after individual PCs, servers, while deleting any connected backups.
In MedStar's case, the malware is Samsam, also known as Samas and MSIL.
This tells us a hacker had to install the ransomware, but it does not tell
us how the hacker got into MedStar=92s systems.
Samsam exploits vulnerabilities which have been patched, so this also tells
us that MedStar had not stayed current on critical patches for their
systems.
http://arstechnica.com/security/2016/03/maryland-hospital-group-hit-by-ransomware/
The FBI issued alerts about this recently.
https://motherboard.vice.com/read/fbi-warns-about-ransomware-attacks-infecting-whole-networks
https://www.fbi.gov/news/stories/2015/january/ransomware-on-the-rise
I believe IT should take systems down, so nothing connected to Internet, to
run a complete backup to media not left connected to the servers, then let
the network re-connect, only after each device is checked to be clear of
security problems, and make sure its backup is up-to-date. Unfortunately,
many outfits need to be up 24x7, and won't approve the resources needed to
run high speed backups, in short scheduled down time, like wee hours, when
business is at its lowest volume, or have client devices which gather info
to update the server, from activity during the short down time for backup.
I believe all institutions should do a periodic search, to identify all the
ways they are connected to the Internet, in case of any inadvertent errors,
adding poorly secured links.
https://www.shodan.io/
Search for *hospital* and find
* 144 in USA
* 133 in Brazil
* 69 in Thailand
* 67 in South Korea
* 54 in India
Connection info for specific hospitals is provided.
No hits for MedStar -- hopefully that means that any past flaws have now
been fixed.
Example of a USA hit:
Health First Viera Hospital 6450 US Highway 1, Rockledge, FL 32955
------------------------------
Date: Wed, 30 Mar 2016 15:01:38 -0500
From: 'Alister Wm Macintyre (Wow)' <macwh...@wowway.com>
Subject: Re: Bangladesh bank heist to Philippines to Chinese
(RISKS-29.36,37,38,40)
In any breaking story, mainstream media has high levels of speculation,
leading to conflicting stories.
Fraudulent bank transfers were allegedly communicated via the SWIFT network.
Some stories say SWIFT was compromised. Others say no SWIFT was not
compromised, rather the communications system at one end was breached.
The Bangladesh Central Bank may sue the NY Fed, to try to recover some of
the lost money. I predict this effort will fail, because US courts have
usually ruled in favor of the bank which held the money which was stolen,
and against the business enterprises that owned that money. Judges have
ruled that way, even when it is proven that the NY Fed equivalent
institution was in the wrong, or made cyber security errors.
So far, no evidence has surfaced in the news media, that the NY Fed did
anything wrong.
http://www.nbcnews.com/tech/tech-news/bangladesh-bank-might-sue-ny-fed-after-1b-hack-heist-n544046
http://www.en.prothom-alo.com/bangladesh/news/98969/Bangladesh-Bank-weighs-lawsuit-against-NY-Fed
In this case, the Bangladesh Central Bank has been found to have been
infected with malware, which facilitated access to their credentials for
managing money. Invariably in past US court cases, when the business,
owning the bank account, was hacked, breached, or social engineered,
triggering info needed to file a false money transfer request, judges have
ruled that the bank from which the money was transferred from, is not
responsible for the negligence of the place which got malwared, hacked,
breached, etc.
How the malware got onto the Bangladesh Central Bank system, has not yet
been made public by investigators.
Spam Phishing is the usual route.
http://www.marketwatch.com/story/malware-used-in-100-million-bangladesh-bank-heist-2016-03-21
Philippine authorities now believe 2 Chinese men stole the Bangladesh money,
but are they mules paying off casino debts, or addicted to gambling, where
the casino operators aided in setting up the money transfer system? Since
those 2 men have been identified, but not yet located, are they in fact
false identities created by a casino operator and a friend at the Philippine
bank?
The money arrived in fictitious accounts at RCBC bank in the Philippines.
Bank officials have conflicting testimony about the process by which those
accounts were authorized & setup.
http://www.securityweek.com/chinese-high-rollers-moved-stolen-bangladesh-millions-philippines-witness
http://www.straitstimes.com/asia/se-asia/missing-link-in-us81-million-bangladesh-bank-heist-set-to-testify-before-philippine
http://www.themalaymailonline.com/world/article/witness-millions-from-bangladesh-bank-heist-moved-to-philippines-by-chinese
WSJ has a video of what's known so far about the travels of the stolen
money.
http://www.wsj.com/articles/businessman-denies-planning-central-bank-heist-1459261342
Philippine legislators have had a hearing on where the money ended up, and
how it got there.
Now US Congress woman Carolyn Maloney (D-NY) http://carolynmaloney.com/
wants a US hearing on this bank heist, and what standards are needed to put
a stop to such activities. There may be no solution so long as:
* Businesses are vulnerable to phishing, malware, hackers taking over their
institutions, with them oblivious to this happening;
* Judges rule in favor of banks which violate contracts, to not move money
to new locations, or in excess of some ceilings, without personal contact
with officials of institution owning the money, who are authorized to
approve such actions.
http://carolynmaloney.com/multimedia/latest_news/view/2016-03-maloney-wants-probe-on-bangladesh-bank-heist
http://news.yahoo.com/u-congresswoman-wants-probe-bangladesh-bank-heist-200449682.html
Wikipedia is periodically updated as more info is found, released, and
confirmed.
https://en.wikipedia.org/wiki/2016_Bangladesh_Bank_heist
------------------------------
Date: Wed, 30 Mar 2016 12:22:14 -0400 (EDT)
From: 'ACM TechNews' <technew...@acm.org>
Subject: Stefan Savage receives RISKS-relevant award
ACM and Infosys Foundation Honor Innovator in Network Security Research
Association for Computing Machinery (03/30/16)
ACM TechNews, 30 Mar 2016
Stefan Savage from the University of California, San Diego has been selected
to receive the 2015 ACM-Infosys Foundation Award in the Computing Sciences.
Savage was cited for research in network security, privacy, and reliability
that has showed people how to perceive attacks and attackers as components
of an integrated technological, societal, and economic framework. Savage's
approach is embodied in his recent work with collaborators to fight spam by
exploring how spammers generate revenue, and what steps might be taken to
neutralize this incentive. One project involved the researchers
infiltrating a botnet to extract insights about the economics of spam
schemes. By monitoring millions of spam emails and identifying the
individual services needed to monetize them, Savage's team built a model of
dependencies in the spam supply chain. They demonstrated merchant bank
accounts used to receive credit card payments were the most valuable and
prone to disruption. 'Stefan Savage has shifted thinking and prompted us to
ask ourselves how we might impede the fundamental support structure of an
attacker,' says ACM president Alexander L. Wolf. 'His frameworks will
continue to significantly influence network security initiatives in the
coming years.'
http://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-ed5ax2e0c5x065760&
------------------------------
Date: Mon, 17 Nov 2014 11:11:11 -0800
From: RISKS-...@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. The mailman Web interface can
be used directly to subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
Alternatively, to subscribe or unsubscribe via e-mail to mailman
your FROM: address, send a message to
risks-...@csl.sri.com
containing only the one-word text subscribe or unsubscribe. You may
also specify a different receiving address: subscribe address= ... .
You may short-circuit that process by sending directly to either
risks-s...@csl.sri.com or risks-un...@csl.sri.com
depending on which action is to be taken.
Subscription and unsubscription requests require that you reply to a
confirmation message sent to the subscribing mail address. Instructions
are included in the confirmation message. Each issue of RISKS that you
receive contains information on how to post, unsubscribe, etc.
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines.
=> .UK users may contact <Lindsay...@newcastle.ac.uk>.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you NEVER send mail!
=> SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line.
*** NOTE: Including the string `notsp' at the beginning or end of the subject
*** line will be very helpful in separating real contributions from spam.
*** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
or ftp://ftp.sri.com/VL/risks for previous VoLume
http://www.risks.org takes you to Lindsay Marshall's searchable archive at
newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
<http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
> PGN's historical Illustrative Risks summary of one liners:
<http://www.csl.sri.com/illustrative.html> for browsing,
<http://www.csl.sri.com/illustrative.pdf> or .ps for printing
is no longer maintained up-to-date except for recent election problems.
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 29.42
************************