Hello everyone! Its been a while eh? Well I made this blog/cyber news site mostly for my college classes for some of the projects I had to to. The plan was to keep it exclusively for that and then drop the site and forget about it when I was done with said projects but I noticed whenever I looked at my traffic for the site I would always get a few people visiting every month or so and I kinda do find writing on this site somewhat therapeutic. So for now I’m back, but you may have a few questions like “What is going to happen with this site now?” or “Why did you write a random blog post about a Switch Joy-Con controller after over half a year without any posts?”. One of those questions and many others will be answered as best as I can starting with…

What’s the plan with this site and are there any changes coming?

Ok, first of all I do NOT plan on adding any ads or stuff to this site in case any of my many readers were wondering. I’ve always hated news sites that welcome me with a bombardment of ads when I just want to read an article and tell all my friends how I read a cool article about the dangers of microwaving your food. I would consider doing a sponsored post if any company cared to have me promote their stuff (Probably not gonna happen but I can dream!) but I am sticking to my guns with this no ad policy because they’re obnoxious.

Secondly, I plan to try and write one news story a week. The news stories are still going to cover the usual cyber news I usually do, but I would consider adding game reviews or maybe even tech reviews. I would be down to write some guides as well if anyone would like that but I don’t know what types of guides I’d make or if anybody would be interested. The point is more content will probably be added to this blog page other than just cyber news because it’s nice to write about something different every now and then and I’m sure the reader would like a little variety as well.

Third, one of my biggest issues with writing these news stories or reading them in general is that I feel like things nowadays are way too negative, especially in the news. I have been critical of some of the stories I’ve written about in the past and have offered no solutions or help to fix the problem I wrote about. I don’t wanna be the guy that yells “THE WORLD IS ENDING AND EVERYTHING SUCKS AND THERE’S NOTHING YOU CAN DO ABOUT IT!!!!”. As fun or as easy as it is to be that guy I want to offer some positive outlook or useful advice with news stories I write if I can offer that. I’m still going to be critical and maybe even insulting but generally I want to try and help fix the problem, not point at it and say its a problem while offering no advice to fix it.

Lastly, I would like to say that I would consider moving the site to a more professional setting if I can. I don’t have any major gripes with WordPress right now but I would consider either restructuring this entire site in general or moving it altogether to a new website. Its more of a structure and setting issue that might be able to stay on this site if I can set this site up to be less of a blog and more of a news site. I figured I’d let you people know about that now so you know if there’s any major changes coming in the future.

Now that we’ve covered the major steps for this site here’s a few smaller (possibly weirder) questions I’m going to answer in case YOU had any questions to ask. If you do have any questions that I didn’t cover feel free to ask in the comments. I usually read them.

Are you going to cover the 2020 elections at all?

God no. I mean I will cover them cyber news wise but I am going to try my best to not have an opinion at all because I’m a professional and professionals don’t have opinions!!!

Did you learn anything or do any huge projects while you were gone?

Well I’m trying on focusing on getting through college but there have been a few things I’ve worked on while I was away. One thing I’ve learned while I was away from writing this site is that I was too critical of things not only on here but in real life as well. I’ve gotten better at being more positive I think and I am hoping that translates to writing these blog posts/news stories.

One “big” project I’ve been on and off working on thjroughout the last year-and-a-half is a video game making project. I’ve been using GameMaker Studio 2 to try and make a game since I’ve always wanted to try and make one ever since I was a young boy. Its nowhere near completion and I currently don’t have any good game-play ideas implemented in it yet but I have been working on it more consistently over the past month or two. Hopefully I’ll be able to get a demo out at some point but at the rate its currently going it doesn’t look like that’ll be happening soon. This has been a project I’ve always wanted to do so I don’t think I will give up on it unless something traumatic happens.

In Conclusion…

I should start writing news stories again hopefully by next week. Maybe I’ll get one out this week but we’ll see if I’m feeling up for it. The plan is to get one out a week as of right now, but in the future I may put two or more out in a week if I feel like I have something to say about a news story that interests me.

Sorry for the long hiatus guys but I am back and I will be writing again so stay tuned!

This post was made by Leech of the Cyberleech blog on 2/11/2020

This post was mode on 10/13/2019.

In this post I will be doing a step by step breakdown of how to replace the left Joy-Con analog stick with pictures and instructions. Strap in cause this is gonna be FUN!

First, your going to need to make sure you have a 2.0 tri-wing screwdriver to open the Joy-Con shell. Your also going to need a 2.0 Philips head screwdriver to unscrew some screws and some tweezers to detach and attach small cables. You are also going to have to get a replacement analog stick a have a link here. There is a link here for the tools to take apart a Nintendo Switch and the Joy-Cons but you could also just find individual tools on Amazon if you just need one or two tools. You should also have a small box or container to put your screws in so you don’t lose them

The first thing your going to want to do is flip your left Joy-Con over and find the four tri-wing screws. I have arrows pointing to them in the picture above. Grab your tri-wing screwdriver and screw them off the controller. After the screws are off, put the tri-wing screws aside and pry off the shell casing carefully because there are some cables attached to them.

Now that the shell is off, you can see the inside of the Joy-Con and there is a lot of stuff in there but the only thing your going to want to worry about right now is the battery in the picture above. Now your going to want to get under the battery and pry it off gently as to not break any wires. This part can be tricky because the battery is glued to the plastic but you can use the tweezers to get under it and pry it off.

Now that the battery is off put it to the side while it’s still attached to the controller. There are 5 screws that you can see in the plastic holding the battery you only need to unscrew the 3 pictured in order to get the plastic piece off. Grab your Philips head screwdriver and unscrew the 3 screws listed above. Once those 3 screws are unscrewed you can put the screws aside and put the plastic piece off to the side but still attached to the controller with a cable.

Now you can see the motherboard and this is where all the buttons and functions of a controller are, so be careful with this part. Along the right side of the motherboard you’ll see a metal-looking square with two screws holding it down. This is the analog stick that were going to replace but first were going to have to detach a cable that is blocking one of the screws.

In the picture above, you’re going to have to detach those cables to remove the analog stick. Grab your tweezers and go to the end of the cable, where it is attached to the motherboard, and you’ll find a port that has a little plastic lever piece on top of it. This plastic lever holds the cable in place when it is locked so were going to flip the plastic lever piece upward to release the cable and then use your tweezers to remove the cable from the port. Do this for the two cables above to access the analog sticks screws.

Now were going to unscrew the screws on the analog stick with our Philips head screwdriver to fully remove it. You may have to move the cable covering the one screw in a 90 degree angle to unscrew that screw. Put the screws aside once unscrewed and now you can now gently remove the analog stick and put it aside.

Now that we have the old analog stick removed we can replace it with a new one. Put the new analog in the controller and make sure its screw holes line up with with the screw holes on the controller.

Put the new analog stick in.

Now screw it in properly.

Now that the analog stick is in and lined up properly were going to screw it in with the Philips head screws that were used on the old analog stick.

These two detached cables have to go back into their ports.

Make sure these cables are attached properly and locked in place.

Now were here is the tricky part. We have to put the cables that we detached back into the ports we removed them from. Grab your tweezers and grab one of the ends of two detached cables and guide the cable back into its assigned port. This can take a few tries to do but once the cable is in the port use the tweezers to flip the tiny plastic switch on top of the port into the locked position. You can tell the little plastic switch is locked when it is downward facing. Once both of these cables are in their ports we can move on to the next step.

Put the plastic piece back on and screw it back in with the three screws.

Put the plastic piece back on and make sure it is lined up with the proper screw holes and then screw in the Philips head screws back into place with your Philips head screwdriver. You can use the picture above with red arrows to help you line up the plastic piece properly.

Now you can put the battery back in place on the plastic piece. Make sure the battery cable is in the proper place inside the controller.

Screw back in the four tri-wing screws to attach the back shell of the controller.

Now were going to put the plastic shell back on and click it back into place. The screw holes should line up properly and the shell should be fully back on the controller. Now let’s grab our tri-wing screwdriver and the tri-wing screws and screw them back into the four holes listed in the picture with the red arrows above.

You did it! The left Joy-Con controller is now fixed with a brand new analog stick! You should test it out on a Nintendo Switch console to make sure it works properly and there are no issues.

I hope you found my instructions for the Nintendo Switch left Joy-Con controller analog replacement helpful and useful in your repair!

This post was made on 11/13/2018.

This Monday, the Internet Governance Forum was held in Paris and French president Emmanuel Macron announced a declaration called “Paris Call for Trust and Security in Cyberspace”.

This declaration (which is linked here.) focuses on bringing government and companies together in order to make the Internet more secure and safe. It will also deal with “fake news” and malicious cyberattacks by trying to prevent them with this more secure Internet.

The declaration has many big supporters like; Google Facebook, Microsoft and many more big tech companies. It also has garnered the support of other countries governments who are as listed; Canada, UK, Ireland and Germany.

It should also be noted that big governments like the U.S., China and Russia are not on this list and this could have all sorts of implications. Perhaps these governments are dealing with the safety of the Internet in their own ways or perhaps these governments don’t trust each other.

The U.S. is trying to deal with cyberattacks in a more aggressive way (I wrote about that here.) and God knows if China and Russia are even taking cyber security seriously. Either way these countries should be all for a more secure Internet that protects government data better. If we worked together with big tech companies and governments from all across the world then we would be able to make way more progress in cyber security that makes the Internet better for everyone. I personally think these big countries don’t trust each other with their data in fear that it could be used against them and I also think these countries are using shady cyber methods that would be questioned by this declaration. It’s a real shame these countries just can’t get along to fight the growing concern of cyberattacks and “fake news”.

If we all worked together to come up with a way to make the Internet more safe and secure, then everyone would benefit from this. But as it stands right now we have some countries working with this declaration but none of the big players are participating in this which makes progress a lot slower. Hopefully this declaration will have positive results in the future and show that if we work together then we can fight cyber threats effectively.

Source: In Paris, Government and Tech Giants Commit to a more Secure Cyberspace

This post was made on 11/11/2018.

According to a senior U.S. Intelligence official, China has broken the agreement between the U.S. and China that states that both parties agreed to stop cyber espionage through the hacking of government and corporate data.

There have been allegations that China’s government has been supporting hacking groups for the past year or two. But what got the U.S. concerned about China is that there was a massive hack on the U.S. federal government’s personnel office that effected the data of more than 20 million people and this hack traced all the way back into China.

Now U.S. officials won’t say they if they believe this hack was condoned by the Chinese government, but it wouldn’t be such a far-fetched idea. The Chinese government of course have denied these allegations calling the allegations “baseless”. A Chinese government representative also said that “the U.S. should meet China halfway in jointly safeguarding the two countries”.

Both the U.S. and China are planning on having delayed top-level security dialogue on Friday but who knows if anything will actually be done about this whole Chinese hacking situation. Hopefully both parties will uphold to anti-hacking deal they have and try and prevent hacking groups from interfering both governments and societies. I do certainly hope both the U.S. and China do try to get along and actually make progress with ethical cyber-security laws because we need more of those. It would also help to have China with the U.S. on enforcing these laws so that other countries don’t try to interfere with each other through the cyberspace. In this time I think it is of utmost importance that we try and make these laws apply to all countries so we can have a well rounded cyber laws that clearly state what you can and cannot do. It’s time to stop dancing around these hacker groups like their above the law and actually make them pay for their crimes.

Source: China May Have Broken U.S. Cyber-Security Deal

This post was made on 11/09/2018.

A new botnet was recently discovered by security researchers with over 100,000 infected machines. This botnet infects computers with UPnP enabled.

UPnP stands for Universal Plug and Play and is used to share data by devices with UPnP with other devices that use UPnP. These devices are aware of other devices and are constantly sharing data with each other.

The botnet uses the UPnP to try and infect the user with a URL that will give the bots the ability to communicate with your email. Researcher’s believe these bots are using the emails to send spam mail in order to catch more victims in it’s network and exploit them for money.

This botnet was coded in a very organized fashion and was well written. This means that the creator of this botnet knows what he/she is doing and could be very tricky to track down.

These botnets have the ability to scam a large number of people in very little time. Who really knows how much money is being made from this, but judging by all the trouble of getting or coding a botnet its probably a really high amount. It really is the ideal way of scamming people because all the botnet creator has to do is regulate the botnet and make sure it’s doing it’s job. You can’t exactly track these guys either because most botnets are constantly jumping from one domain to another in order to not get tracked, and it works.

If we are ever going to be able to deal with cyber threats in the future, then we’re going to have to find a way to properly deal with botnets. Botnets are only going to become more and more common as technology advances and more people see the potential of using them for their own malicious purposes. Computer security researchers certainly have their work cut out for them in the future in trying to stop botnets and it’s certainly no easy task. Researchers currently have no solution to stop botnets but we can prevent them from spreading. If researchers found a way to secure the UPnP then this will prevent other botnets from using the same exploit, making it harder on the botmaster to spread bots. Perhaps if we also educated the public on botnets and let them know how they can prevent their computers from being infected by them, then maybe we’ll see a major slowdown in botnet usage.

Source: New Botnet Infected over 100k Internet Devices

This post was made on 11/8/2018.

Facebook announced on Tuesday that they banned over 100 accounts on Facebook due to “inauthentic behavior”. Interestingly, these accounts also had links to Russia’s Internet Research Agency (IRA). These accounts falsely claimed that Immigration and Customs Enforcing agents were patrolling the voting booths during the 2018 midterm elections. These accounts were banned before the midterms by Facebook thanks to their fishy behavior.

Facebook has been stating that they have been taking care of this issue over the past year and have been getting a lot of coverage from the press telling them to not let outsiders have an influence on our political elections. Facebook has been heavily scrutinized for allowing this type of behavior on their platform, which is understandable, but we should also be keeping a sharp eye on our other social media platforms as well.

Both Twitter and Reddit are culprits for having Russian hackers on their websites, yet we don’t seem to criticize them as harshly as we do on Facebook. Now I’m not saying we should also outrage against Reddit and Twitter, you can blame them for what happened in the 2016 elections, but who could have seen what power social media had in the elections? Social media is still a fairly new idea to us. The fact that we can write something and communicate it to the rest of the world in seconds is incredible! Social media has truly transformed us in a way that makes information quickly and easily accessible for the first time ever. We don’t fully understand this and neither do social media corporations, but that doesn’t mean we should let them off the hook so easily.

Hopefully social media platforms will learn from this whole “Russian hacker” situation and make a system that prohibits this type of behavior in the future because I have a sneaking suspicion other countries are going to try and do this type of political interference during election seasons. China has already shown that they are completely capable of attacking us with cyber attacks, so there’s no saying whether or not they already had an influence on the 2016 or 2018 elections. This just means it’s time for big social media companies to find a liable solution to this predicament they are in, because if they don’t we could have a political and cultural mess that could do some serious damage.

Source: Facebook Bans more Russian Hackers Before the Midterm Elections

This post was made on 11/2/2018.

Armis lab is a security company that specializes in researching software and hardware that use the Internet of Things. Researchers of Armis found a major security flaw in Bluetooth Low Energy chips that could give attackers network access points allowing them to spread malicious code.

These Bluetooth Low Energy Chips (We’ll call them BLE for short.) have a much better battery life then its predecessor and are used in a variety of devices. These BLE’s are used in a lot of devices connected to the Internet of Things and medical devices. Now we know if something is connected to the Internet, then there is a high chance that someone will try to attack it.

In order for a hacker to get access to the device they had to be in the range of the device. But once the hacker was in range of said device they would use a hacking tactic called Buffer Overflow. Buffer Overflow essentially overloads the chip with more data than it can handle causing the system to either shut down or give involuntary access to the attacker. Once the router is accessed by the hacker they are free to spread all sorts of malicious code to the users of the router.

There is also another major flaw in Aruba’s Wi-Fi access point Series 300 that allows malware to be installed on what seem to be updates for the software. This vulnerability comes from the development tool on the program, which has no security. The Aruba Wi-Fi access point Series 300 also has BLE chips, which have access to these development tools. Once these development tools are accessed a user can make malware that disguises itself as a software upgrade and gets access to devices using Over Air Download.

There is an update that fixes the security flaw in most of these systems but Aruba Wi-Fi access point Series 300 still can send disguised updates to devices. The solution for this is to turn off your Over Air Download on your devices. Over Air Download is a completely optional feature that downloads the latest updates to the software on your devices from just about anywhere with a WiFi device.

The are so many devices that use the BLE chips that I’m genuinely surprised that there isn’t many major news sites talking about it. These chips could be used in your local supermarket, banks, business firms and even hospitals. These BLE chips can even be used in insulin pumps and pacemakers! A complete stranger could have access to a device that is attached to your body and that is scary!

Any company that used the BLE chips in their devices should issue a statement that their devices need an update to fix this security flaw. I also think that the general public should know about this too in order to be aware of the dangers of using public WiFi. But let’s be real here, we are two weeks away from midterm elections and the only thing major news organizations care about is politics and if the security flaw is not related to politics, then the general public will go blissfully unaware of this. It’s really annoying seeing that but if you happen to be one the readers of this blog post, then you can thank me(or the news source) for letting you know about it. Now you can go out to shop for ice cream paranoid that someone will send malware to your phone through the Internet. Have fun knowing that!

Source: Security researchers find flaws in chips used in hospitals, factories and stores

This post was made 11/2/2018.

The news network Vice did a test on Facebooks ad verification by buying ads that seem to support 100 sitting U.S. senators. These ads had a statement that stated “Paid for by *insert U.S. senator here” at the beginning of every ad.

The Vice news team tried to see if they could buy political ads under the senators Mitch McConnell and Chuck Schumer. Vice news got approval for their fake political ads on Facebook with almost no problems at all.

This “paid for by” system doesn’t seem to work to well if a team of journalists from Vice news can easily make fake news on Facebook. I can imagine there are people have already started abusing this system and using it for their own malicious purposes. Can you imagine if a well organized group of hackers could do with this easily manipulated system? (If they haven’t already.) They could have ads that could malicious links, there could be ads that are political propaganda, there could even be ads for radical extremists groups if Facebook doesn’t monitor itself well enough.

Facebook needs to make itself more secure and less accessible from outside sources. If you want to run any sort of political ad, heck even regular ads, you should have to be verified as a citizen of the U.S. before you can even do that. Facebook needs to start taking stuff like this seriously because if they don’t they will soon find themselves with a website that they no longer have control of.

Source: Vice News Tests Facebooks ad system and Finds a Huge Flaw

This post was made on 10/27/2018.

Many U.S. intelligence agencies have reported that the Chinese were eavesdropping on Trumps phone calls through his personal iPhone. He has two other phones for official use that have been altered by the NSA but he prefers to use his personal iPhone because it can hold contact information.

Now China responded to this statement by calling this claim “fake news” and then said if the U.S. is so worried about hacking then they should try a Huawei phone. This isn’t the first time China may have had its government help hackers access something. (You can read that article I wrote here.) It is also funny how Huawei, a Chinese device maker, is suggested for Trump to switch his phone to. It is also worth noting that Huawei phones have had security concerns that it may be reporting information to the Chinese government. Obviously China is being very smug with the U.S. and it’s no secret that Trump has been escalating trade tensions with the tariffs and China wants to get as much information as they can.

Individual unencrypted phones are not that hard to hack. If you know what your doing or know someone who knows what their doing, then you should easily be able to access that phone. But if China’s government had access to it then there’s a good chance other governments have had access to it as well. Who knows how many people have access to Trumps personal iPhone right now, it could be a lot of people or it could of been just China that managed to access his phone. One thing is for sure though, he should really be switching to the NSA approved phones for the safety of our country.

Sources:

Trumps Personal iPhone Hacked by China

China Responds to Tapping Trumps Personal iPhone

This post was made on 10/23/2018.

For a long time apps have used the location of the device they are installed on to enhance their performance. Some apps like Lyft and Uber, which are driving service apps, use your location to give both the user and the driver your location in order to figure out how the driver can pick you up and how they can get you to where you need to go. But this is not the only type of location sharing I’m talking about, I’m talking about the sharing of a users Internet history too.

App providers apparently need your Internet history to: “measure user reaction to app updates and other changes.” To make matters worse, the apps don’t even need you to give them permission to track your location, they use push notifications to do bypass the users permission entirely. Push notifications are used to keep the lifeline between the developer and the app in order to be regularly updated and refreshed without the user knowing. If the app is deleted, then this lifeline is cut between the developer and the app and the developer can target that user with advertisements of the app they just deleted in order to try and reel them back in.

Now not all app developers do this, but a majority of them do. They use tracking tools and services in order to target you with their ads. These tracking services, such as; Adjust, AppsFlyer and CleverTap, have the sole purpose to target the users Internet history just to sneak ads in to try manipulate the user into clicking the ad.

Now this push notification tracking can be used to to fix bugs in the app and make the app better, and easier to use. But of course companies and developers abuse them in order to try and keep the user attached to their platform. This also directly violates Google and Apples policies which states push notifications should not be used to target users with ads.

The fact that developers can get away with stuff like this is the reason why we have had so many data breaches over the years. Slimy business tactics allow developers to try and manipulate the user in order to keep them attached to their app. It doesn’t take a genius to figure out that tactics like this can have unintended consequences. For example, developers can use these ads, even if they are not in the U.S., to push for their political agenda for specific users with specific Internet search history. This was a big problem for Facebook in the 2016 midterm elections and only now that they were caught doing it are they being questioned and fined by the government. Facebook wasn’t the only one effected by this data breach, pretty much all social media platforms were, but Facebook took the fall because its one of the biggest ones. It took the meddling of a U.S. election to get the U.S. public to care for the security of the users data and the big social media platforms are forced to actually protect user data from outside sources.

Now you can only imagine what apps can track without your knowledge; contact information, web history, location, etc, and they can do most of this without the users permission. This is absolutely disgusting. Developers should not be able to get away with this and should be held accountable to their actions and fined accordingly if they do violate users privacy. However, that’s probably not going to happen until it starts to get in the eyes of the American public or a huge scandal comes out because of this. In the end, companies and developers just want to make a quick buck and will do this until their caught doing it in a way the public doesn’t like. Companies need to be held accountable with what they decide to do with our data, it shouldn’t take a national scandal to get them to actually care for our data. Users are what make these websites functional and if you violate their trust behind their back, eventually users will figure that out and do their business elsewhere.

Source: Now Apps can Track You Even After Their Uninstalled