If predictions hold steady, nearly half of the United States will be covered in snow by the time this post goes live, with the Northeast potentially getting buried under more than 18 inches. According to the National Weather Service, the “unusually expansive and long-duration winter storm will bring heavy snow from the central U.S. across the Midwest, Ohio Valley, and through the northeastern U.S. for the remainder of the weekend into Monday.” If that sounds like a fun snow day, they go on to clarify that “crippling to locally catastrophic impacts can be expected”, so keep that in mind. Hopefully you didn’t have any travel plans, as CNBC reported that more than 13,000 flights were canceled as of Friday night. If you’re looking to keep up with the latest developments, we recently came across StormWatch (GitHub repo), a slick open source weather dashboard that’s written entirely in HTML. Stay safe out there, hackers.

Speaking of travel, did you hear about Sebastian Heyneman’s Bogus Journey to Davos? The entrepreneur (or “Tech Bro” to use the parlance of our times) was in town to woo investors attending the World Economic Forum, but ended up spending the night in a Swiss jail cell because the authorities thought he might be a spy. Apparently he had brought along a prototype for the anti-fraud device he was hawking, and mistakenly left it laying on a table while he was rubbing shoulders. It was picked up by security guards and found to contain a very spooky ESP32 development board, so naturally he was whisked off for interrogation. A search of his hotel room uncovered more suspicious equipment, including an electric screwdriver and a soldering iron. Imagine if a child had gotten their hands on them?

But the best part of the story is when Sebastian tries to explain the gadget’s function to investigators. When asked to prove that the code on the microcontroller wasn’t malicious, he was at a loss — turns out our hero used AI to create the whole thing and wasn’t even familiar with the language it was written in. In his own words: “Look, I’m not a very good hardware engineer, but I’m a great user of AI. I was one of the top users of Cursor last year. I did 43,000 agent runs and generated 25 billion tokens.” Oof. Luckily, the Swiss brought in a tech expert who quickly determined the device wasn’t dangerous. He was even nice enough to explain the code line-by-line to Sebastian before he was released. No word on whether or not they charged him for the impromptu programming lesson.

It wasn’t hard for the Swiss authorities to see what was inside the literal black box Sebastian brought with him, but what if that wasn’t possible? Well, if you’ve got an x-ray machine handy, that could certainly help. The folks at Eclypsium recently released a blog post that describes how they compared a legit FTDI cable with a suspect knock-off by peering at their innards. What we thought was particularly interesting was how they were able to correctly guess which one was the real deal based on the PCB design. The legitimate adapter featured things like ground pours and decoupling caps, and the cheap one…didn’t. Of course, this makes sense. If you’re looking to crank something out as cheaply as possible, those would be the first features to go. (Editor’s note: sarcasm.)

It doesn’t take an x-ray machine or any other fancy equipment to figure out that the Raspberry Pi 5 is faster than its predecessors. But quantifying just how much better each generation of Pi is compared to the other members of the family does require a bit more effort, which is why we were glad to see that The DIY Life did the homework for us. It’s not much of a spoiler to reveal that the Pi 5 won the head-to-head competition in essentially every category, but it’s still interesting to read along to see how each generation of hardware fared in the testing.

Finally, Albedo has released a fascinating write-up that goes over the recent flight of their Very Low Earth Orbit (VLEO) satellite, Clarity-1. As we explained earlier this week, operating at a lower orbit offers several tangible benefits to spacecraft. One of the major ones is that such an orbit decays quickly, meaning a spacecraft could burn up just months or even days after its mission is completed. For Albedo specifically, they’re taking advantage of the lower altitude to snap closeup shots of the Earth. While there were a few hiccups, the mission was overall a success, providing another example of how commercial operators can capitalize on this unique space environment.

See something interesting that you think would be a good fit for our weekly Links column? Drop us a line, we’ve love to hear about it.

A New York man is suing Prenuvo, a celebrity-endorsed whole-body magnetic resonance imaging (MRI) provider, claiming that the company missed clear signs of trouble in his $2,500 whole-body scan—and if it hadn't, he could have acted to avert the catastrophic stroke he suffered months later.

Sean Clifford and his legal team claim that his scan on July 15, 2023, showed a 60 percent narrowing and irregularity in a major artery in his brain—the proximal right middle cerebral artery, a branch of the most common artery involved in acute strokes. But Prenuvo's reviews of the scan did not flag the finding and otherwise reported everything in his brain looked normal; there was "no adverse finding." (You can read Prenuvo's report and see Clifford's subsequent imaging here.)

Clifford suffered a massive stroke on March 7, 2024. Subsequent imaging found that the proximal right middle cerebral artery progressed to a complete blockage, causing the stroke. Clifford suffered paralysis of his left hand and leg, general weakness on his left side, vision loss and permanent double vision, anxiety, depression, mood swings, cognitive deficits, speech problems, and permanent difficulties with all daily activities.

Read full article

Comments

Older adults can dramatically reduce the amount of ultraprocessed foods they eat while keeping a familiar, balanced diet—and this shift leads to improvements across several key markers related to how the body regulates appetite and metabolism. That’s the main finding of a new study my colleagues and I published in the journal Clinical Nutrition.

Ultraprocessed foods are made using industrial techniques and ingredients that aren’t typically used in home cooking. They often contain additives such as emulsifiers, flavorings, colors, and preservatives. Common examples include packaged snacks, ready-to-eat meals, and some processed meats. Studies have linked diets high in ultraprocessed foods to poorer health outcomes.

My team and I enrolled Americans ages 65 and older in our study, many of whom were overweight or had metabolic risk factors such as insulin resistance or high cholesterol. Participants followed two diets low in ultraprocessed foods for eight weeks each. One included lean red meat (pork); the other was vegetarian with milk and eggs. For two weeks in between, participants returned to their usual diets.

Read full article

Comments

SUMNER, Wash. — At Amazon’s Packaging Innovation Lab south of Seattle, boxes are dropped from different heights, jiggled for hours to simulate truck transport, and crushed under weights designed to replicate the pressure of stacked cargo. 

The goal: to ensure that products arrive undamaged — without the benefit of plastics and extra bulky boxes.

The e-commerce giant says it’s working to phase out plastic from the envelopes, bags, boxes and cushioning it uses to ship everything from bobby pins to bicycles. A recent tour of the Sumner facility and an adjacent fulfillment center featured robotic assembly lines making paper bags and trimmed-down boxes to facilitate that transition.

Amazon says it favors paper because there’s better infrastructure in place for customers to easily recycle the material and for it to be turned back into usable items.

“We’re shifting towards all-paper packaging material,” confirmed John Sly, Amazon’s senior lab and field manager at the Sumner site.

An Amazon spokesperson wouldn’t commit to a target date, saying only that the company is working toward the goal and tracking progress in its annual sustainability reports. 

• Amazon said in its most recent report that it reduced its use of single-use plastic delivery packaging by 16.4% globally last year.
• In October 2024, the company announced that it had eliminated the inflated plastic pillows from packages worldwide, replacing them with crunched-up recycled paper for cushioning. 
• More than half of its North American fulfillment centers were weaned off all plastic shipping materials by 2024. As a result, 37% of shipments that year contained single-use plastic delivery packaging — a decrease from 65% the year before.

The shift follows lobbying by the nonprofit Oceana and some Amazon shareholders to reduce plastic use, and as Amazon pursues ambitious net zero climate emissions targets. 

But despite the packaging wins, the bigger picture reveals much harder challenges. Amazon reported a 6% increase in its carbon footprint for last year, driven by data center expansion. And while it’s deploying electric vans for last-mile deliveries, promises of faster shipping are pushing emissions up across the sector, according to new research. In response to the study, Amazon notes that its extensive network of warehouses reduces its impact and emissions per shipment declined from 2019 to last year.

Automating the push towards paper

A key strategy for making packaging more sustainable is incorporating robotics that speed and customize the process.

One solution is an automated system that folds lightweight boxes around individual items. It uses thinner, more sustainable corrugated paper than found in traditional boxes. It’s pliable enough to wrap around products as they move along a conveyor — cutting to size, folding and sealing without requiring added cushioning.

Another technology uses repurposed machines that formerly made plastic bags, swapping in paper. One of the upsides to the solution is fulfillment centers are already built to fit the devices, so the machines just need to be retrofit to handle and seal paper edges instead of plastic.

On a recent morning, Todd Grasser, an Amazon process assistant, was feeding in products for bagging that included a box of probiotic supplements and a Bluey character coloring set.

The device is able to bag up to 500 items an hour, Grasser said, but his fastest speed on the machine is just slightly lower. “Personally, I do about 475,” he said.

The automated packaging solutions are currently limited to single items, which can apply when someone’s order is sourced from different fulfillment centers or if it includes just one product.

The company is also partnering with manufacturers to ship items in their original packaging. That avoids, say, putting a boxed blender inside a bigger box when it doesn’t need additional protection. As part of that initiative, Amazon has worked with Proctor & Gamble to make boxed versions of Tide detergent and Playmobil sets that are offered in brown shipping boxes that can be flipped inside out after delivery to reveal colorful toy photos.

Moving to more sustainable packaging requires testing its properties to ensure that goods arrive to customers undamaged.

The shift means balancing multiple needs, Sly said, that include “prioritizing for protection and minimizing packaging material needed, while also still hitting the delivery speed that we promised.”

The company can move fast in adopting more sustainable packaging and it has in adopting paper bags and paper filler, “but we have to get the right solution,” Amazon spokesperson Saige Kolpack added. “There’s implications down the entire network that we have to consider.”

Editor’s note: Story updated to add a response from Amazon on the new research addressing emissions from faster shipping times.

Hello, aspiring digital forensics investigators!

Welcome back to our guide on memory analysis!

In the first part, we covered the fundamentals, including processes, dumps, DLLs, handles, and services, using Volatility as our primary tool. We created this series to give you more clarity and help you build confidence in handling memory analysis cases. Digital forensics is a fascinating area of cybersecurity and earning a certification in it can open many doors for you. Once you grasp the key concepts, you’ll find it easier to navigate the field. Ultimately, it all comes down to mastering a core set of commands, along with persistence and curiosity. Governments, companies, law enforcement and federal agencies are all in need of skilled professionals  As cyberattacks become more frequent and sophisticated, often with the help of AI, opportunities for digital forensics analysts will only continue to grow.

Now, in part two, we’re building on that to explore more areas that help uncover hidden threats. We’ll look at network info to see connections, registry keys for system changes, files in memory, and some scans like malfind and Yara rules to find malware. Plus, as promised, there are bonuses at the end for quick ways to pull out extra details

Network Information

As a beginner analyst, you’d run network commands to check for sneaky connections, like if malware is phoning home to hackers. For example, imagine investigating a company’s network after a data breach, these tools could reveal a hidden link to a foreign server stealing customer info, helping you trace the attacker.

‘Netscan‘ scans for all network artifacts, including TCP/UDP. ‘Netstat‘ lists active connections and sockets. In Vol 2, XP/2003-specific ones like ‘connscan‘ and ‘connections‘ focus on TCP, ‘sockscan‘ and ‘sockets‘ on sockets, but they’re old and not present in Vol 3.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> netscan

vol.py -f “/path/to/file” ‑‑profile <profile> netstat

XP/2003 SPECIFIC:

vol.py -f “/path/to/file” ‑‑profile <profile> connscan

vol.py -f “/path/to/file” ‑‑profile <profile> connections

vol.py -f “/path/to/file” ‑‑profile <profile> sockscan

vol.py -f “/path/to/file” ‑‑profile <profile> sockets

Volatility 3:

vol.py -f “/path/to/file” windows.netscan

vol.py -f “/path/to/file” windows.netstat

bash$ > vol -f Windows7.vmem windows.netscan

This output shows network connections with protocols, addresses, and PIDs. Perfect for spotting unusual traffic.

bash$ > vol -f Windows7.vmem windows.netstat

Here, you’ll get a list of active sockets and states, like listening or established links.

Note, the XP/2003 specific plugins are deprecated and therefore not available in Volatility 3, although are still common in the poorly financed government sector.

Registry

Hive List

You’d use hive list commands to find registry hives in memory, which store system settings malware often tweaks these for persistence. Say you’re checking a home computer after suspicious pop-ups. This could show changes to startup keys that launch bad software every boot.

‘hivescan‘ scans for hive structures. ‘hivelist‘ lists them with virtual and physical addresses.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> hivescan

vol.py -f “/path/to/file” ‑‑profile <profile> hivelist

Volatility 3:

vol.py -f “/path/to/file” windows.registry.hivescan

vol.py -f “/path/to/file” windows.registry.hivelist

bash$ > vol -f Windows7.vmem windows.registry.hivelist

This lists the registry hives with their paths and offsets for further digging.

bash$ > vol -f Windows7.vmem windows.registry.hivescan

The scan output highlights hive locations in memory.

Printkey

Printkey is handy for viewing specific registry keys and values, like checking for malware-added entries. For instance, in a ransomware case, you might look at keys that control file associations to see if they’ve been hijacked.

Without a key, it shows defaults, while -K or –key targets a certain path.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> printkey

vol.py -f “/path/to/file” ‑‑profile <profile> printkey -K “Software\Microsoft\Windows\CurrentVersion”

Volatility 3:

vol.py -f “/path/to/file” windows.registry.printkey

vol.py -f “/path/to/file” windows.registry.printkey ‑‑key “Software\Microsoft\Windows\CurrentVersion”

bash$ > vol -f Windows7.vmem windows.registry.printkey

This gives a broad view of registry keys.

bash$ > vol -f Windows7.vmem windows.registry.printkey –key “Software\Microsoft\Windows\CurrentVersion”

Here, it focuses on the specified key, showing subkeys and values.

Files

File Scan

Filescan helps list files cached in memory, even deleted ones, great for finding malware files that were run but erased from disk. This can uncover temporary files from the infection.

Both versions scan for file objects in memory pools.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> filescan

Volatility 3:

vol.py -f “/path/to/file” windows.filescan

bash$ > vol -f Windows7.vmem windows.filescan

This output lists file paths, offsets, and access types.

File Dump

You’d dump files to extract them from memory for closer checks, like pulling a suspicious script. In a corporate espionage probe, dumping a hidden document could reveal leaked secrets.

Without options, it dumps all. With offsets or PID, it targets specific ones. Vol 3 uses virtual or physical addresses.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> dumpfiles ‑‑dump-dir=“/path/to/dir”

vol.py -f “/path/to/file” ‑‑profile <profile> dumpfiles ‑‑dump-dir=“/path/to/dir” -Q <offset>

vol.py -f “/path/to/file” ‑‑profile <profile> dumpfiles ‑‑dump-dir=“/path/to/dir” -p <PID>

Volatility 3:

vol.py -f “/path/to/file” -o “/path/to/dir” windows.dumpfiles

vol.py -f “/path/to/file” -o “/path/to/dir” windows.dumpfiles ‑‑virtaddr <offset>

vol.py -f “/path/to/file” -o “/path/to/dir” windows.dumpfiles ‑‑physaddr <offset>

bash$ > vol -f Windows7.vmem windows.dumpfiles

This pulls all cached files Windows has in RAM.

Miscellaneous

Malfind

Malfind scans for injected code in processes, flagging potential malware.

Vol 2 shows basics like hexdump. Vol 3 adds more details like protection and disassembly.

Volatility 2:

vol.py -f “/path/to/file” ‑‑profile <profile> malfind

Volatility 3:

vol.py -f “/path/to/file” windows.malfind

bash$ > vol -f Windows7.vmem windows.malfind

This highlights suspicious memory regions with details.

Yara Scan

Yara scan uses rules to hunt for malware patterns across memory. It’s like a custom detector. For example, during a widespread attack like WannaCry, a Yara rule could quickly find infected processes.

Vol 2 uses file path. Vol 3 allows inline rules, file, or kernel-wide scan.

Volatility 2:

vol.py -f “/path/to/file” yarascan -y “/path/to/file.yar”

Volatility 3:

vol.py -f “/path/to/file” windows.vadyarascan ‑‑yara-rules <string>

vol.py -f “/path/to/file” windows.vadyarascan ‑‑yara-file “/path/to/file.yar”

vol.py -f “/path/to/file” yarascan.yarascan ‑‑yara-file “/path/to/file.yar”

bash$ > vol -f Windows7.vmem windows.vadyarascan –yara-file yara_fules/Wannacrypt.yar

As you can see we found the malware and all related processes to it with the help of the rule

Bonus

Using the strings command, you can quickly uncover additional useful details, such as IP addresses, email addresses, and remnants from PowerShell or command prompt activities.

Emails

bash$ > strings Windows7.vmem | grep -oE "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}\b"

IPs

bash$ > strings Windows7.vmem | grep -oE "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}\b"

Powershell and CMD artifacts

bash$ > strings Windows7.vmem | grep -E "(cmd|powershell|bash)[^\s]+"

Summary

By now you should feel comfortable with all the network analysis, file dumps, hives and registries we had to go through. As you practice, your confidence will grow fast. The commands covered here will help you solve most of the cases as they are fundamental. Also, don’t forget that Volatility has a lot more different plugins that you may want to explore. Feel free to come back to this guide anytime you want. Part 1 will remind you how to approach a memory dump, while Part 2 has the commands you need. In this part, we’ve expanded your Volatility toolkit with network scans to track connections, registry tools to check settings, file commands to extract cached items, and miscellaneous scans like malfind for injections and Yara for pattern matching. Together they give you a solid set of steps. 

If you want to turn this into a career, our digital forensics courses are built to get you there. Many students use this training to prepare for industry certifications and job interviews. Our focus is on the practical skills that hiring teams look for.

If you are in North America, you likely have pine needles all around you! Did you know that ... Read More

The post Herbal Guide to Pine Needles – How to Identify and Use Pine Needles appeared first on Garden Therapy.

Regulators are scrutinizing cannabis packaging businesses, targeting companies that make unverified claims about their products’ ability to prevent mold.

Cannabis packaging companies scrutinized over mold claims is a post from: MJBizDaily: Financial, Legal & Cannabusiness news for cannabis entrepreneurs

The post How to make sure your site is secure before releasing it to the public appeared first on Detectify Blog.

Boost your personality using positive affirmations to counter negative subliminal messaging Subliminal messages used today...

The post Make your own subliminal messaging appeared first on Aeternet.