Saturday, December 20, 2014

Malware used in the SONY hack - What we are facing from now on...

Shared by the Freedom Writers Project:

US-CERT (United States Computer Emergency Readiness Team) released details of the malware involved. The full release is available by clicking here: Alert (TA14-353A) - Targeted Destructive Malware

SMB Worm ToolThis worm uses a brute force authentication attack to propagate via Windows SMB shares. It connects home every five minutes to send log data back to command and control (C2) infrastructure if it has successfully spread to other Windows hosts via SMB port 445. The tool also accepts new scan tasking when it connects to C2. There are two main threads: the first thread calls home and sends back logs (a list of successful SMB exploitations), and the second thread attempts to guess passwords for SMB connections. If the password is correctly guessed, a file share is established and file is copied and run on the newly-infected host.
Listening Implant: During installation of this tool, a portion of the binaries is decrypted using AES, with a key derived from the phrase "National Football League." Additionally, this implant listens for connections on TCP port 195 (for "sensvc.exe" and "msensvc.exe") and TCP port 444 (for "netcfg.dll"). Each message sent to and from this implant is preceded with its length, then XOR encoded with the byte 0x1F. Upon initial connection, the victim sends the string, "HTTP/1.1 GET /dns?\x00." The controller then responds with the string "200!\x00" (for "sensvc.exe" and "msensvc.exe") or with the string "RESPONSE 200 OK!!" (for "netcfg.dll"). The controller sends the byte "!" (0x21) to end the network connection. This special message is not preceded with a length or XOR encoded.
Lightweight BackdoorThis is a backdoor listener that is designed as a service DLL. It includes functionality such as file transfer, system survey, process manipulation, file time matching and proxy capability. The listener can also perform arbitrary code execution and execute commands on the command line. This tool includes functionality to open ports in a victim host's firewall and take advantage of universal Plug and Play (UPNP) mechanisms to discover routers and gateway devices, and add port mappings, allowing inbound connections to victim hosts on Network Address Translated (NAT) private networks. There are no callback domains associated with this malware since connections are inbound only on a specified port number.
Proxy Tool: Implants in this malware family are typically loaded via a dropper installed as a service, then configured to listen on TCP port 443. The implant may have an associated configuration file which can contain a configurable port. This proxy tool has basic backdoor functionality, including the ability to fingerprint the victim machine, run remote commands, perform directory listings, perform process listings, and transfer files.
Destructive Hard Drive ToolThis tool is a tailored hard-drive wiping tool that is intended to destroy data past the point of recovery and to complicate the victim machine’s recovery. If the CNE operator has administrator-level privileges on the host, the program will over-write portions of up-to the first four physical drives attached, and over-write the master boot record (MBR) with a program designed to cause further damage if the hard drive is re-booted. This further results in the victim machine being non-operational with irrecoverable data (There is a caveat for machines installed with the windows 7 operating system: windows 7 machines will continue to operate in a degraded state with the targeted files destroyed until after reboot, in which the infected MBR then wipes the drive.) If the actor has user-level access, the result includes specific files being deleted and practically irrecoverable, but the victim machine would remain usable.
Destructive Target Cleaning ToolThis tool renders victim machines inoperable by overwriting the Master Boot Record. The tool is dropped and installed by another executable and consists of three parts: an executable and a dll which contain the destructive components, and an encoded command file that contains the actual destruction commands to be executed.
Network Propagation WiperThe malware has the ability to propagate throughout the target network via built-in Windows shares. Based on the username/password provided in the configuration file and the hostname/IP address of target systems, the malware will access remote network shares in order to upload a copy of the wiper and begin the wiping process on these remote systems. The malware uses several methods to access shares on the remote systems to begin wiping files. Checking for existing shares via “\\hostname\admin$\system32” and \\hostname\shared$\system32” or create a new share “cmd.exe /q /c net share shared$=%SystemRoot% /GRANT:everyone, FULL”. Once successful, the malware uploads a copy of the wiper file “taskhostXX.exe”, changes the file-time to match that of the built-in file “calc.exe”, and starts the remote process. The remote process is started via the command “cmd.exe /c wmic.exe /node:hostname /user:username /password:pass PROCESS CALL CREATE”. Hostname, username, and password are then obtained from the configuration file. Afterwards, the remote network share is removed via “cmd.exe /q /c net share shared$ /delete”. Once the wiper has been uploaded, the malware reports its status back to one of the four C2 IP addresses.”
OK. As I said above, this is a bit technical. But, it’s not the technical aspects I want you to grasp. I just want you to come away with an understanding of how sophisticated, pervasive and destructive some malware is and how it can be (and is being) used as a cybercrime and cyberwar weapon.
Boiled down to its essence, this attack broke into the entirety of Sony's computer network, stole almost all of the data on the network, and then destroyed the network so that Sony lost most of the data on the network.
The significance for the rest of us is that the Sony incident is just a taste of what we will all confront with increasing frequency in the future.
Please share this with your friends and family so that they will also have a better understanding of what’s involved than the nonsense the mainstream media is broadcasting.
As always, share your thoughts with me at
Be safe, secure and free!
Rob Douglas – Former Washington DC Private Detective

Arrest young substitute teacher for holding heroin at Waco school

Alayne Caroline Ballantine

Six Shooter– The war on drugs claimed another casualty when “the system” swallowed a youthful woman whole, the end result of a somewhat lengthy, very exacting legal process.

On a gray and rainy Friday morning before Christmas, two months after she was first questioned, a Waco Independent School District police officer arrested Alayne Caroline Ballantine, who resides in the 1900 block of Howard, Waco, for forgery and possession of heroin at the Lake Air Montessori Magnet School.

At the time of the offense, October 20, she worked there as a substitute teacher.
Officers arrived promptly to arrest her at half-past 9 a.m. on Friday, December 19, at a location in the 2000 block of Alexander in this city. Their arrest report lists her as unemployed.

To read more, follow this link:

Thursday, December 18, 2014

Top cops oppose media job for ex-Chief Deputy

Ex-Chief Deputy Matt Cawthon says McLennan County Sheriff Parnell McNamara and Woodway Public Safety Director/City Manager Yost Zachary are opposing his proposed retainer as a television crime consultant...

To read more, follow this link:

Tramp on your street

Billy Joe Shaver revealed something about the art of the gunfight that only an "old school man of the world" could explain. As a result, honky tonk heroes all over the world revere his outlaw songs.

To read more, follow this link:

Wednesday, December 17, 2014

Health plan lowers bottom line

Employees moving to a lean, mean, more streamlined “consumer-driven” health plan with a $3,000 annual deductible made nearly a million dollars difference in claims costs for McLennan County during the previous budget year, according to health consultant Randy McGraw, vice president of HUB International.

To read more, follow this link:

Friday, December 12, 2014

Failure of a partnership

Waco - Matt Cawthon is a retired Texas Ranger who reached the end of his string in October, resigned his position as Chief Deputy, and went fishing. Why? First in a series of articles examining that question:

To read more, follow this link:

Monday, December 8, 2014

Top cop on open carry

Waco – Sheriff Parnell McNamara thought hard about open constitutional carry of firearms; he answered a remark about people shooting cops and cops shooting people.
I had to be certified by the U.S. Marshal’s Service in 1987. I was hired in 1970, and later I had to be certified; that was in 1987.”
He recalled the opening day of class, how the Justice Department instructor started things off with a bang, how they flashed a macbre picture of the U.S. Marshal for the jurisdiction of South Dakota  – dead – laid on the medical examiner’s slab, his body riddled with bullets, his soul departed, long gone and far away, to a better place.
To read more, follow this link:

Saturday, December 6, 2014

Grand Juries in 50 states indict Officer Pantaleo

New York, N.Y.  – Fifty common law grand juries – one for each state – filed Presentments of indictment against New York Code Enforcement Officer Daniel Pantaleo in the Southern District of New York for the murder of Eric Garner, suspected of selling untaxed tobacco on a Staten Island street in July, according the National Liberty Alliance.

The murder took place when “the victim was robbed of life by said officer under the color of law protected by the Amendment V.” This is a violation of the amendment's guarantee that no person shall be deprived of life, liberty or property, “without due process of law...,” indictment says.

To read more, follow this link:

School district spin cycle

Waco - The spin doctor is in.

Like any large corporate organization, the pedagogues have need of a spin doctor when times get rough, and in a depressed economy, it's always rough. 

In fact, they have established a website for spin control, and it's a very sophisticated operation. 

To read more, follow this link:

Thursday, December 4, 2014

Breathtaking developments in The Big Apple...

"NEW YORK'S VERDICT: WE CAN'T BREATHE!" - headline in a tabloid... It's simple enough, what happened. Eric Garner bought himself some untaxed - that is, packs of tailor-made Carolina cigarettes unstamped by the New York Department of Revenue - from the Mafia, and he was peddling them on the sidewalk in an upscale shopping district of Staten Island - the quietest, almost countrified, borough of the Big Apple. Wrong, wrong. wrong. Someone, probably a merchant, got uptight and let the finest know. They warned the big man. He weighed nearly 400 pounds, all flab and phlegmatic, asthmatic, and arrogant difficulty packed onto a massive and lofty frame, outfitted with an enlarged heart. Then they warned him, again. And again.

Monday, November 24, 2014

Ferguson Cop no-billed

St. Louis County prosecutor Bob McCulloch
St. Louis - Citing a legal authority for a law enforcement officer to use deadly force when necessary and the human right of all persons to use deadly force to defend themselves, St. Louis County Prosecutor Bob McCulloch announced that after an exhaustive 3-month investigation, the Grand Jury returned no true bill of indictment against against Officer Darren Wilson on all of five counts leveled against him.
The prosecutor remarked that many witnesses who alleged he shot Michael Brown, 18, in the back, changed their stories or merely refused to testify once they were confronted with physical evidence to the contrary.
To read more, follow this link:

Saturday, November 22, 2014

Pretending to be asleep

Thomas Maddux, a chief of the III%er's
Limestone County, Texas – Koloneh would know. He spent time in this country.
In this country, the people strive to be hard-headed, are obedient to their dreams, and live to be free. No one knows it better than the riders of the great, shiny two-hearted beasts, the bikers.
They are not satisfied, as usual, with the way the man behind the badge handles the fact of their right to keep and bear firearms – who can and can’t carry one, and in what matter. It’s for their own protection, the badges say.

To read more, follow this link:

Wednesday, November 19, 2014

War and Rumors of War

When it's way too late to just say no...

Meridian, Bosque County, Texas – It’s been a long war.
Even at home, the iron fist in the velvet glove is in all ways both seen and heard, as 220th District Judge Phil Robertson instructs the veniremen called for jury duty on a frosty Monday morning.
They are so-called because the Latin elliptical, venire, recalls the antiquated opening phrase of a writ to a Sheriff ordering a jury summons, to cause you to come. He is light-hearted and cheerful as he explains the large number of no-shows and just why it takes so much time to call the roll of a throng that completely packs a ceremonial courtroom covering the entire second floor of the towered Italianate palace of justice.
Formerly, the jury wheel was composed of registered voters. “As you may imagine,” he tells the standing room only crowd, “those who bother to register to vote will likely bother to show up.”
To read more, follow this link:

Monday, November 3, 2014

AG's Office corrects DA, orders Reyna to hand over information

Caitlynn Reed
Moody, Texas - In a lightning-quick response, the Attorney General's Office responded to a complaint by Legendary Reporter R.S. Gates.
Lance Kutnick, an assistant Attorney General, determined that the DA's office violated "various sections" of the Public Information Act by withholding requested information in the murder of Caitlynn Reed, a young mother of two who perished from a gunshot wound at her home near Tokio:
To read more follow this link:

Sunday, November 2, 2014

To Seek Note From The Judge

McLennan County Commissioner Lester Gibson

Waco – As election Tuesday looms, the reality of politics is thrown into stark relief against the brilliant surface of a black and white screen that is plainly visible from the nickel seats.
When McLennan County Commissioner Lester Gibson, a Democrat, slipped out of a Court session last Tuesday only minutes after the session opened, Republican County Judge Scott Felton said he left to fulfill prior commitments on the campaign trail, where he is defending his seat against Republican challenger Tony Abad after 6 terms of service.
To read more, follow this link:

Thursday, October 30, 2014

Why is the DA so secretive?

The murder of Caitlyn Reed has the McLennan DA's staff stonewalling The Legendary

Waco - The final moments of Caitlyn Reed's life must have been filled with terror. Her alleged attacker had beaten her with a cane, threatened to rape and beat her again in a telephone message, and even attacked the ambulance in which she was transported to get medical attention.

She went to her father's house and “borrowed” a Springfield XD .40 caliber semiautomatic pistol to defend herself. Her attacker came to her home, took it away from her, and gave it back to her father, the owner of the weapon.

Ms. Reed made a second trip to her father's house to get the pistol. She had it when on April 5, he returned to her home on Tokio Loop Road near West.

Following whatever happened next, he phoned McLennan County Sheriff's officers and said he had found her dead, an apparent victim of suicide.

They didn't buy his story. They accused him of taking the firearm away from her, and shooting her with it. They arrested him for murder because the physical scene, the location of the gun, her body at repose in death, did not match what he told them.

It's hardly an isolated incident, when it comes to official offense reports authored by investigators looking into the couple's rocky relationship....But they were under no obligation to protect the young mother of two small children. Courts have ruled that way repeatedly. Look it up...

To read more, follow this link:

Monday, October 27, 2014

Star Wars Stealth Attacks

Singer-Songwriter, bass man Tony Calhoun of The Mojo Assassins

WACO – Tony Calhoun wears an ascot that conceals a shield against beams of radiation he says are aimed at his throat. It’s similar to the kind x-ray technicians wear. He wears a quarter inserted in his left ear.
For the past decade and a half – ever since the Patriot Act took effect by a near-unanimous act of Congress – he has had the feeling he is bombarded with microwaves, tingling radioactive waves that burn his skin, irritate his throat and leave scars on his back and face.
“They shoot me through my ear,” he says. “It burns my throat…It feels hot; it feels like someone has a blow dryer on my back.”

To read more, follow this link:

Thursday, October 23, 2014

'Rusty's Rangers' busted

Zastava Model PAP M92PV, 7.62 x 39mm AK-47 clone "pistol"
import model by Century International Arms (CIA)

Brownsville – Southmost, Texas – They call it “no man’s land,” and it’s walled off from the rest of America by an 18-foot picket fence made of square rusted iron tubing  with spiked tops sunk into deep-seated concrete footers.
A middle-class residential neighborhood and an international airport backs up to the isolated farm land, much of which has been converted to “wildlife sanctuaries” along this narrow strip of river bottom where citrus, cotton, grain and produce fields once thrived.
When on August 29 the young man in camouflage fatigues stepped out of the brush that lines the litter-strewn trafficking corridor, a well-worn groove along this meandering stretch of the Rio Grande, the Border Patrol Agent thought he pointed the foreshortened assault rifle with the pistol grip at him.
He didn’t have to think about it. Reflexes got the better of him, and he slapped the trigger five times...
To read more, follow this link:

Wednesday, October 22, 2014

Graf's defense backfired

Admitted arson murderer Ed Graf's defense team succeeded in creating a reasonable doubt in the minds of two jurors who refused to convict him for capital murder for setting the 1986 gasoline blaze that killed his two step sons Jason, 8, and Joby, 9, in a storage shed in order to receive a $100,000 life insurance benefit.

The panel deadlocked on the question 10 to 2 on the first vote, according to published reportsd, and remained so throughout their deliberations.

Graf's fortunes changed dramatically when the boys' mother testified on cross examination as to the family's financial affairs when he bought the double indemnity life insurance policy on the children.

State 54th District Court Judge Matt Johnson reversed his pre-trial ruling and allowed damning testimony about Graf's $75,000 embezzlement of Community State Bank on the record.  

To read more, follow this link:

Tuesday, October 21, 2014

Monday, October 13, 2014

To "Instruct" the witness...

Innocence Project associate Walter Reaves won Ed Graf a new trial for capital murder
by challenging and suppressing "junk science" used in testimony to obtain a 1986 conviction 
WACO - District Judge Matt Johnson sent jurors to lunch when a lawyer for accused capital murderer Ed Graf  made vigorous and incessant objections to hearsay testimony about the defendant's state of mind.

Graf is standing trial for the second time for the alleged murder for renumeration by arson of his two stepsons, Jason, 8, and Joby, 9, in a fire that engulfed a back yard tool shed in the flames of a gasoline explosion. Convicted of capital murder, he served 25 years in the penitentiary before Walter Reaves, a lawyer for the Innocence Project, won a new trial for him in an appeal that objected to testimony based on "junk science," since discredited. All such former testimony about the fire and its cause has been suppressed. No previous testimony may be allowed, and expert witnesses have no physical evidence to investigate because the debris of the fire was buried in a landfill within days after the fire, which occurred on August 26, 1986.
To read more, follow this link:

Wednesday, October 8, 2014

Fire: 'A tragic accident'

Waco – Prosecutors opened their arguments against Ed Graf in a re-trial of a capital murder for a 1986 renumeration-by-arson case on a weaker note than was presented 25 years ago.
The expert testimony offered by arson investigators in that trial is to be suppressed in this trial. Assistant District Attorney Michael Jarret told jurors, “What you will hear is evidence surrounding the circumstances surrounding this fire.”
To read more, follow this link:

Saturday, October 4, 2014

Choked by the old school tie...

Jennifer Jarvis, executive secretary to Baylor President Ken Starr

Waco – McLennan County District Attorney Abel Reyna is a Baylor man hanged by his old school tie following a gossipy, contentious hearing over the prosecution of a couple employed in positions of high responsibility at the nation’s largest religious university. 

To read more, follow this link:

Sunday, September 28, 2014

'In a world of steel-eyed death where men are fighting to be warm'

Oklahoma City - When members of the Oklahoma III%er militia heard that law enforcement and media characterized the beheading murder of a woman at her place of work by a Muslim man who had just been fired after attempting to convert other workers to Islam, they responded by staging an event at the area's largest, most opulent shopping mall. It is the same place where the Council on American Islamic Relations (CAIR) had demonstrated the previous Friday to insist that Islam as practiced by the mainstream is a far cry from the radical approach taken by ISIS (Islamic State in Syria) and other terrorist groups.

To read more, follow this link:

Monday, September 22, 2014

Maestro of the trailer truckers' DC traffic jam

Former flip and foreclose operator

Go figure.
In the great scheme of things, you have the builders of bridges, the scions of progress who make new bridal paths for the iron monsters; they level the hills, straighten the curves.
And then you have those who specialize in traffic jams, the creators of confusion. You will find them everywhere, but especially around the produce districts, the places where garments are produced, liquor is sold, served, consumed, in the hell towns of the frontier, where money changes hands on the turn of the wheel, a toss of the dice.
It’s an art, a game played for keeps. In the great scheme of history, some play on a grand scale that spans continents, this ringolevio perfected in the market stall, the tailor shop, the trattoria.
Consider, then, a certain bambino of bombast, Pete Santilli, a self-described guerilla journalist of social media, talk show host, an activist, a man whose hyperbolic rhetoric stands out in stark relief among overarching competition from both left and right.
For a sample of what this ex-Marine is capable of in his daily rant, follow this link:
To read more, follow this link:

'Is that all there is to it?'

The busiest commercial bridge in the world
On the Texas-Mexico Border – A commander of armed patriots helping property owners slow the tide of illegal immigration and drug smuggling had a national impact on a protest scheduled to take place over the weekend, an action that would have slowed international traffic from San Diego to the Gulf of Mexico.

All he had to do was post a simple statement on a social media site, his Facebook wall. The word spread like wildfire.
K.C. Massey, III, heads up Camp Lone Star in Brownsville’s “no man’s land” – an area walled off from the rest of America. With command of a lean force of a dozen men, he is particular about who he welcomes and when he receives visitors.
He put his foot down Friday when he learned that a man he had previously run off was spreading rumors about a bomb attack on the international truck bridge at Laredo, something that would have had a devastating impact on the economy of an entire continent.
To read more, follow this link:

Tuesday, September 16, 2014

From the Memory Hole

Houston – This guy is from old-line upstate New Yorker origins, looks like he just stepped out of a Washington Irving tale, and claims multi-generations of relations with a long line of “poor fellow soldiers of Christ of the Temple of Solomon at Jerusalem,” the famed Knights Templar of the Crusades.
Until you get a chance to talk to the man, you don’t really grasp the burning anger that drives his need.
Judson Witham has spent years upon years making smirking, half-insulting videos in which he makes obscure references to people and places that seem so remote from the normal person’s life that one gets lost in the blur. The simple truth is, he is here to tell all comers, is he got ripped off by bankers and public officials he feels he can prove have deceived he and millions of other people to the tune of trillions of dollars raised through illicit means to finance undeclared, clandestine wars they can’t begin to pay for from the public coffers of the U.S. Treasury.

Tuesday, September 9, 2014

Constitutional amendment to nullify Citizen United v. FEC

Citizen United v. F.E.C. Is a landmark high court decision handed down in 2010 that granted First Amendment rights to corporations and political action committees to buy and pay for political advertisements, granting those legal entities the same right to political speech as individuals. Backers of the litigation included such deep pockets conservative luminaries as the Koch Brothers, funders of many astroturf Tea Party conservative causes. These Senators seek to nullify that right through this constitutional amendment, which if it passes both houses by a super majority of three-quarters, will be sent to be ratified by at least three-fourths of the 50 states.
Senator Tom Udall of New Mexico is the author of the amendment, which was backed by petition signatures of more than two million voters. He stated that the proposed amendment is about “restoring the First Amendment so it applies equally to all Americans.” He went on to say that “our access to constitutional rights and our ability to participate in the democratic process should not be based on our net worth.”

To read more, follow this link:

Sunday, September 7, 2014

The Drug Corridor

C-D-G stands for "Cartel del Golfo," on of coastal Mexico's largest smugglers
No Man’s Land – Brownsville – In a spy vs. spy dispute that looks like it might be a double cross, federal agents kept armed volunteers busy in a dispute over whether a volunteer citizen soldier had the right to carry a weapon on private property.
When K.C. Massey’s armed volunteer III%er’s arrived at their post in “no man’s land” with intentions to keep a watch for persons attempting to cross the river from Mexico, they didn’t realize they were smack dab in the “corridor” drug smugglers use to bring in contraband through a wooded area of a wildlife refuge.
They got there at the invitation of a caretaker who said he needed help cleaning up garbage and trash left behind by smugglers. It helps when you need to determine if they have come through since the latest time you perused their tracks.
As they settled down to wait, they saw a man whistling and beckoning to others who were out of their line of vision, followed by Border Patrol Agents who had agreed to let them help force illegals into an ambush by pursuing them down the wooded path.
Things came to a screeching halt, and the agents detained K.C., Wolf, and Jesus for 5 hours before Sheriff’s officers made a decision to confiscate their weapons and a video camera in an investigation of the shooting incident. Meanwhile, the smugglers ostensibly went their merry way.
To read more, follow this link:

To live in "no man's land"

Southmost” – Brownsville, Texas – Cuban Alfredo Monsees lives in “no man’s land,”  a neighborhood the locals jokingly call “the gated community,” which lies between the Rio Grande and the fabled border wall, cut off from America by a tall fence of steel pickets that cuts through his land.
He’s lived on his grandfather’s 34-acre farm most of his life. His father rode with Pancho Villa and Emiliano Zapata, raiding and skirmishing along the Texas border because, “He knew that if there is no middle class, there is no possibility the people of Mexico may accumulate wealth.” A rotund, russet-colored man, “Rusty” is 66 and lives on about $750 per month in Social Security benefits.
To read more, follow this link: