(2020-02-11) Fox-IT Report Available On Cyber Attack Against University Of Maastricht

On December 23^rd 2019 a cyber-attack occurred against the University of Maastricht. Fox-IT, a Dutch security company and part of the NCC Group, supported the University of Maastricht and in the end wrote a report with the findings. The University of Maastricht made that report publicly available so that others could learn from it. Kudos to the University of Maastricht for sharing this information.

–

The report is in Dutch and can be found through: https://www.maastrichtuniversity.nl/file/49715/download?token=B0jN2wyV

–

If you do not understand Dutch, or do not want to read the full report, below you can find an extract in English of that report. Please be aware that the text below is a summary of the Dutch report written by Fox-IT. This summary may lack the required (detailed) context that is available in the report.

–

High Level:

• Cyber-attack on December 23rd 2019
• Infrastructure of 1647 Linux/Windows Servers and 7307 workstations. Attack against part of the infrastructure, 267 servers in the AD domain (e.g. domain controllers, e-mail servers, file servers, backups servers)
• Attacker focused on encrypting data in the AD domain to demand ransom in the end. Part of systems were compromised, incl. (online) backups

–

Environment:

• University of Maastricht
• Public organization, with 4500 employees, 18000 students and 70000 alumni
• Infrastructure contains multiple server (types) and workstations that are not (fully) controlled by central IT
• Part of the infrastructure centrally managed and part decentrally managed by faculties, and both connected to central network
• Workstations are desktops, laptops and VDIs. VDIs accessible through thin-clients and browsers

–

Lessons Learned

• Multiple phishing mail variants received. Because phishing mails looked similar, one variant did not get enough attention. Better detection needed
• Signed macros only. Phishing mails contained links to Excel files with unsigned macros
• Improved processes for vulnerability and patch management. Keep systems up-to-date and make sure updates are installed successfully. Attackers used vulnerabilities in software (Eternal Blue Exploit). (e.g. One patch was not installed because its installation had failed.)
• Better segmentation of the AD domain (tiering and delegation) and implement secure configurations as much as possible, and get rid of insecure configurations. Default domain admin account was used for work on regular servers (was against existing policy!). Due to a compromised server and usage of a very powerful account on that server, AD domain was compromised too. Malware and ransomware got installed after that using default domain admin account
• Better segmentation of the network itself. Current network has multiple VLANs, but still too open. Due to that openness of the network it was still too easy to move around. Stricter segmentation would have made it more difficult to move around by the attacker
• (Better) 24/7 monitoring/logging through SIEM and SOC. Signals with unusual patterns, peak activities and/or high risks need to be filtered and detected better/easier/earlier and become more visible from the huge amount of data (per second 30000 breach attempts blocked, 1400 malware attacks stopped, thousands of signals a day in multiple logs). Implementation of end-point monitoring and network sensors started to detect traffic and distinguish between regular and malicious traffic (both incoming as lateral movement) (was already planned before breach to do so)
• Up-to-date and clean CMDB. During recovery lots of time was invested to determine impact on systems/environment. View on active systems and decommissioned systems was not good enough, which made it more difficult to get understanding of actual status
• Multiple backups, both online for quick recovery as needed and offline availability of backups to make sure these remain uncompromised. Due to having only online backups for quick recovery when system(s) became unavailable, the backups were also encrypted
• Make sure to have incident response plans for different scenarios and keep it up-to-date. On planned basis, practice different crisis scenarios and improve plans as needed
• Increase security awareness of both employees as students

–

More details (not in structured order):

• Compromised system is system with attacker activity of malware traces. 269 servers were determined to be compromised
• Compromised account is account used by attacker, after forensic analysis. 5 accounts were determined to be compromised
• Next to Windows systems, Linus and OS X systems are in use that were not touched by the attack. Attack focus was Windows servers
• 2 phishing e-mails opened on October 15th and 16th 2019. Phishing mails contained links to Excel file with Macro that downloaded malware (SDBBot) from server on internet.
• Multiple systems compromised between October 16th 2019 and December 23rd 2019
• On November 21st 2019 attacker gained access to infrastructure through a server that was missing security updates (vulnerable for Eternal Blue exploit)
• On December 23rd 2019, "Clop-ransomware" was deployed to 267 Windows Servers. "Clop-ransomware" uses RC4 encryption algorithm. RC4 key is generated randomly per file and encrypted with an RSA 1024 bit public key. Only the attacker has the private key. All encrypted file received the “.CIop” extension and in every folder the file “CIopReadMe.txt” with instructions was added
• After thorough analysis of the breach, ransom was paid on December 30th 2019
• Traces were found that attacker gained information amongst others about topology, servers, usernames and passwords
• Carbon Black was installed by security company and used to get insights on traffic and activity. Installation was initiated on compromised servers followed by non-compromised servers and workstations (more than 90% of systems were covered by this tool)
• Focus was on quick recovery of functionality, but also safeguarding all kinds of research information to be able to perform forensic analysis at a later stage
• With forensic analysis, attack path and scope or attacker was made visible
• Counter measures to stop attack (amongst others): close network traffic to and from internet, and to and from WIFI networks, reset passwords of all accounts (admin, service, regular)
• Network traffic gradually being allowed again after setting up monitoring/sensors
• Definition of so called crown jewels determine the priority of recovery
• Malware communicated on regular basis with home server (every 15 minutes) and registered itself to become and remain persistent, event after reboots. Through this malware other tools (Meterpreter) were used for interaction. Meterpreter was installed on other servers (2x Windows Server 2003 R2 lacking the MS17-010 patch, 1x Windows Server 2012R2 and 1x unnamed), most likely through the Eternal Blue exploit as those servers were vulnerable for it. Other unnamed server was not vulnerable for Eternal Blue exploit, but still got infected somehow. Patch KB4525243 prevents the Eternal Blue exploit
• PowerSploit was used for reconnaissance of systems/network and vulnerabilities
• PingCastle was used to get graphical view of AD structure and misuse weak configurations
• Cobalt Strike with mimikatz was used
• SAGE.EXE was “installed” on 4 servers and was used to distribute ransomware and at the same time turn off Windows Defender, all through the use of the default domain admin account. On one server antivirus detected and removed SAGE.EXE. In the end attacker removed antivirus and reinstalled SAGE.EXE. Later antivirus was removed from other servers too
• Attacker activity was already detected in earlier stage and send to central log server. Unfortunately those detections were not proactively taken care of or actioned upon (Windows Defender detected, removed (and logged this) PowerSploit) (Antivirus multiple times detected and logged use of Cobalt Strike and Mimikatz, but did not stop due to “observer/audit only mode”)

–

Info about attacker:

• Group “TA505” or “GraceRAT” or “Dridex-RAT-Group”
• Use Clop ransomware
• Targets orgs with AD
• 150 victim orgs in 2019
• In period 2014-2017 attacker focused on attacking orgs in financial sector in EU as USA
• In period 2017-2019 attacker focused on attacking financial orgs with creditcard issuing systems in South- and Central America, Africa and Central and Southeast Asia.
• Attacking orgs in financial sector still takes place

–

Modus operandi attacker:

• Infect systems through phishing mails
• Identify org
• Lateral movement within network
• Remove and encrypt backups
• Deploy ransomware on as many systems as possible
• Demand ransom per e-mail (amount depends on size of org)

–

–

Cheers,

Jorge

————————————————————————————————————————————————————-
This posting is provided "AS IS" with no warranties and confers no rights!
Always evaluate/test everything yourself first before using/implementing this in production!
This is today’s opinion/technology, it might be different tomorrow and will definitely be different in 10 years!
DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
————————————————————————————————————————————————————-
########################### Jorge’s Quest For Knowledge ##########################
#################### http://JorgeQuestForKnowledge.wordpress.com/ ###################
————————————————————————————————————————————————————-

(2014-03-19) Top 6 (Independent) Microsoft Active Directory Integration Experts To Follow Now

The guys from OneLogin have written a blog post about the 6 independent Microsoft AD Integration Experts to follow.

–

Figure 1: Independent Microsoft AD Experts

–

In any particular order:

• Brian Desmond
• Sean Deuby
• Joe Richards
• Mark Parris
• John Policelli
• et moi (Jorge de Almeida Pinto)

–

For more details see the following blog post: Top 6 (Independent) Microsoft Active Directory Integration Experts to Follow Now

–

So how can you follow me?:

• This blog! –> https://jorgequestforknowledge.wordpress.com/
• Twitter –> https://twitter.com/JsQForKnowledge
• Facebook –> https://www.facebook.com/JorgesQuestForKnowledge

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2013-12-17) Important Changes To The Forefront Product Line

MSFT has announced changes to the Forefront Product Line. In summary:

• UAG – THE END! Is the Web Application Proxy in W2K12R2 a simple replacement in some way?
• FIM -  New major version in 2015

More details below.

–

SOURCE: Important Changes to the Forefront Product Line

–

<QUOTE SOURCE=”Important Changes to the Forefront Product Line”>

Today, Microsoft is announcing important changes to the roadmaps of Forefront Identity Manager (FIM) and Forefront Unified Access Gateway (UAG):

• We plan to ship another major release of FIM in the first half of calendar year 2015. 

• Microsoft will not deliver any future full version releases of Forefront UAG and the product will be removed from price lists on July 1, 2014.

Microsoft remains committed to delivering the identity and access capabilities offered in FIM (identity and access management).  Some Forefront UAG scenarios (secure application publishing and remote access) are addressed with new capabilities available in Windows Server 2012 R2 today.

–

Forefront Identity Manager

The next full release of FIM will be delivered as part of Microsoft’s identity and access management product roadmap, which includes both on-premises investments and those we are making in Windows Azure Active Directory and related cloud services.

The investment areas for this next major release of FIM will include:

• Hybrid scenarios with Windows Azure AD

• User & Access Management

• Audit & Compliance

We will share more details on specific features and functionality as we get closer to the release date.

–

Forefront Unified Access Gateway

Based on product strategy, customer feedback, and prevailing market dynamics, Microsoft has made the decision not to deliver any further full version releases of Forefront UAG.

Microsoft customers continue to have access to select remote access and secure application publishing capabilities through Windows Server 2012 R2.  Windows Server is not a complete replacement for all UAG scenarios, but it does provide:

• DirectAccess deployment and policy management.  This capability has been part of Windows Server 2012 since its initial release in September 2012.

• Basic secure application publishing via the new Web Application Proxy service in the Remote Access role of Windows Server 2012 R2.  This new service allows customers to securely publish access to resources through a reverse proxy and includes integration with Active Directory Federation Services (ADFS) for conditional access policy and multi-factor authentication capabilities.

Customers will be granted a Windows Server 2012 Standard server license for each UAG server license with active Software Assurance to allow them to make the transition.  For customers who wish to continue using Forefront UAG, Microsoft will provide maintenance and support through the standard Microsoft support lifecycle.  Mainstream support will continue through April 14, 2015, and extended support will continue through April 14, 2020.  Customers with active Software Assurance on UAG as of Dec. 1, 2013 may also add new UAG server instances, users, and devices without any requirement to order additional licenses.

If you have any questions about these changes, please contact your Microsoft or partner sales representative.

</QUOTE SOURCE=”Important Changes to the Forefront Product Line”>

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2013-09-02) MCM, MCSM And MCA Programs Being Cancelled/Retired

About two weeks or so ago I enrolled, registered and paid for the MCSM (Microsoft Certified Solutions Master) for Directory Services rotation during the month of October in Seattle. After years of experience and being an MVP for Directory Services I thought this would be my next step and goal. I was really looking forward to attend this deep dive training. Passed Saturday morning, while having a cup of coffee and reading my e-mail, I opened the e-mail I had received during the night from MSFT about the MCSM training program. That’s when I read the sad news about Microsoft cancelling/retiring the MCM/MCSM/MCA programs as of 1 October 2013. WHAT!? That sucks! I just registered and paid for this a few days ago and everything was accepted. Made hotel reservations and flight reservations. Ready to go in October! Just a few days after getting everything ready and with just one month to go they cancelled everything!?!?!?!?! How the hell can you accept a registration and say “Welcome to the program” and then a few days later cancel everything and say “sorry for any inconvenience this may cause”? Are you nuts!? If you look below, they already knew about this for months, but were still accepting registrations and payment. How ridiculous is this? Thanks for refunding the training fees. Who’s going to refund the other costs?

–

This is the official mail that I received:

Dear Candidate,

We are contacting you to let you know we are making a change to the Microsoft Certified Master, Microsoft Certified Solutions Master, and Microsoft Certified Architect certifications. As technology changes so do Microsoft certifications and as such, we are continuing to evolve the Microsoft certification program. Microsoft will no longer offer Masters and Architect level training rotations and will be retiring the Masters level certification exams as of October 1, 2013. The IT industry is changing rapidly and we will continue to evaluate the certification and training needs of the industry to determine if there’s a different certification needed for the pinnacle of our program.

You are receiving this mail because you have registered for an upcoming Microsoft Certified Solutions Master training rotation that is being cancelled. You will be receiving a refund of the training fees you paid.

If you have paid with a credit card, the refund will automatically be credited to that credit card. If you paid via other means (eg. check, money order, etc.), please contact our Advanced Certifications team at XXX to provide them with the necessary information to issue a refund.

We thank you for your commitment to Microsoft technologies and apologize for any inconvenience this may cause.

–

No more MCSM, crap!

Basically, the general opinion is that people are quite disappointed in MSFT for cancelling/retiring these programs. I’m one of those people. I hope there will be some kind of replacement in the area of Directory Services.

So, what’s next? Killing the MVP Program?

–

Other blogs talking about this:

• http://paulrobichaux.wordpress.com/2013/08/31/microsoft-certified-systems-master-certification-now-dead/
• http://michaelvh.wordpress.com/2013/08/31/microsoft-is-retiring-the-mcsmmca-program/
• http://blogs.technet.com/b/neiljohn/archive/2013/08/31/retiring-the-microsoft-master-certifications-and-training.aspx
• http://up2v.nl/2013/08/31/microsoft-retires-its-top-level-certifications-mcm-mca-and-mcsm/
• http://windowsitpro.com/blog/microsoft-learning-kills-mcm-and-mca-accreditations
• http://www.iamberke.com/post/2013/08/31/Microsoft-killed-MCMMCSMMCA-certifications.aspx
• http://sirsql.net/blog/2013/8/30/so-long-mcm
• http://www.theregister.co.uk/2013/08/31/microsoft_cans_three_pinnacle_certifications_sparking_user_fury/

–

If you want to vote against Microsoft retiring the MCM, MCSM And MCA Programs, go to the following link: Please don’t get rid of the MCM and MCA programs

–

The following is an “explanation” from the person at Microsoft that made the decision to retire these programs:

Posted by Tim Sneath on 8/31/2013 at 1:32 PM

Thank you for the passion and feedback. We’re reading your comments and take them seriously, and as the person ultimately responsible for the decision to retire the Masters program in its current form, I wanted to provide a little additional context.
Firstly, you should know that while I’ve been accused of many things in my career, I’m not a "bean counter". I come from the community myself; I co-authored a book on SQL Server development, I have been certified myself for nearly twenty years, I’ve architected and implemented several large Microsoft technology deployments, my major was in computer science. I’m a developer first, a manager second.
Deciding to retire exams for the Masters program was a painful decision – one we did not make lightly or without many months of deliberation. You are the vanguard of the community. You have the most advanced skills and have demonstrated it through a grueling and intensive program. The certification is a clear marker of experience, knowledge and practical skills. In short, having the Masters credential is a huge accomplishment and nobody can take that away from the community. And of course, we’re not removing the credential itself, even though it’s true that we’re closing the program to new entrants at this time.
The truth is, for as successful as the program is for those who are in it, it reaches only a tiny proportion of the overall community. Only a few hundred people have attained the certification in the last few years, far fewer than we would have hoped. We wanted to create a certification that many would aspire to and that would be the ultimate peak of the Microsoft Certified program, but with only ~0.08% of all MCSE-certified individuals being in the program across all programs, it just hasn’t gained the traction we hoped for.
Sure, it loses us money (and not a small amount), but that’s not the point. We simply think we could do much more for the broader community at this level – that we could create something for many more to aspire to. We want it to be an elite community, certainly. But some of the non-technical barriers to entry run the risk of making it elitist for non-technical reasons. Having a program that costs candidates nearly $20,000 creates a non-technical barrier to entry. Having a program that is English-only and only offered in the USA creates a non-technical barrier to entry. Across all products, the Masters program certifies just a couple of hundred people each year, and yet the costs of running this program make it impossible to scale out any further. And many of the certifications currently offered are outdated – for example, SQL Server 2008 – yet we just can’t afford to fully update them.
That’s why we’re taking a pause from offering this program, and looking to see if there’s a better way to create a pinnacle, WITHOUT losing the technical rigor. We have some plans already, but it’s a little too early to share them at this stage. Over the next couple of months, we’d like to talk to many of you to help us evaluate our certifications and build something that will endure and be sustainable for many years to come.
We hate having to do this – causing upset amongst our most treasured community is far from ideal. But sometimes in order to build, you have to create space for new foundations. I personally have the highest respect for this community. I joined the learning team because I wanted to grow the impact and credibility of our certification programs. I know this decision hurts. Perhaps you think it is wrong-headed, but I wanted to at least explain some of the rationale. It comes from the desire to further invest in the IT Pro community, rather than the converse. It comes from the desire to align our programs with market demand, and to scale them in such a way that the market demand itself grows. It comes from the desire to be able to offer more benefits, not fewer. And over time I hope we’ll be able to demonstrate the positive sides of the changes we are going through as we plan a bright future for our certifications.
Thank you for listening… we appreciate you more than you know.
Tim Sneath
tims@microsoft.com

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2012-04-17) Microsoft Announces The Windows 8 Editions

On the “Blogging Windows” blog, Microsoft announces the different Windows 8 Editions for the client.

Read more by clicking on the following link: Announcing the Windows 8 Editions

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2011-09-23) Microsoft Acquires Certain Assets From bHold (Dutch Company)

Read more HERE.

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2011-09-06) Dutch Root Certificate Authority Being Marked As Untrusted By Microsoft

As you may know, a Dutch root certificate authority was hacked a week or so ago. Because of that, it’s root certificate should be marked as untrusted to make sure every issued certificate by that cert authority becomes untrusted to prevent spoofing. Today, Microsoft released an updated fix which marks the root certificate as untrusted. This can see below. More information here.

–

By targeting “MS-KBQ2607712_Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing” you can download the fix manually for every Windows version still supported (WXP and higher). You can also get the fix through Windows Update.

Make sure to install the hotfix to prevent spoofing!

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2011-03-18) RSA Servers Hacked And SecurID Data Stolen

It appears the RSA servers have been hacked and SecurID Data was stolen.

Read more here and here.

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2010-11-27) Microsoft Windows’ 25th Anniversary – Happy Anniversary!

A good morning to you all. It’s quite early on Saturday as we speak. I couldn’t sleep anymore so I decided to do something useful. Get up, get coffee and blog. The advantage? No screaming kids running around! 🙂 I already wanted to blog this post about a week earlier, but I did not because the blog server was not available for a day or two. After that I had forgotten about this until I remember it today, about a week later.

BETTER LATE THEN NEVER!!!

Exactly a week ago on November 20th 2010, Microsoft celebrated their 25th anniversary of Windows. Now think about it. What’s the latest and greatest being available at the moment? For the client that’s Windows 7 available in the 32 bit and 64 bit architecture and for the server that’s Windows Server 2008 R2 in the 64 bit architecture only.

On November 20th 1985 Microsoft released Windows 1.0 which was a 16 bit operating system. In that time, this was a state of the art operating system. Nowadays it would be nothing as most likely any wrist watch runs better stuff! 🙂

On YouTube there are numerous videos of Steve Ballmer selling the product (Windows 1.0) on TV. It really cracked me up! Although Steve now is 25 years older, I think one thing has never changed about Steve, and that’s how energetic he can be about something.

Check the video out, you can see it here.

Happy Anniversary!

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

(2010-03-24) End of Support For Windows 2000, Windows XP SP2 And Windows Vista RTM

I received the following message from Microsoft asking to spread the word…

As you may be aware, there are a number of Microsoft Windows versions which will go out of support during the coming year. We want to help customers avoid the risk of running unsupported products in their environment.

Windows 2000 Professional and Windows 2000 Server are approaching 10 years since their launch and both products will go out of support on July 13, 2010.

Windows XP was launched back in 2001. While support for the product will continue, Service Pack 2 will go out of support on July 13, 2010. From that date onwards, Microsoft will no longer support or provide free security updates for Windows XP SP2. Please install the free Service Pack 3 for Windows XP to have the most secure and supported Windows XP platform.

Finally, Windows Vista with no Service Packs installed will end support on April 13 2010. Please install the free Service Pack 2 for Windows Vista to have the most secure and supported Windows Vista platform.

For more information:

http://blogs.technet.com/lifecycle/archive/2010/02/24/end-of-support-for-windows-xp-sp2-and-windows-vista-with-no-service-packs-installed.aspx

Resources:

Service Pack 3 for Windows XP:

http://www.microsoft.com/downloads/details.aspx?FamilyID=68C48DAD-BC34-40BE-8D85-6BB4F56F5110&displaylang=en

Service Pack 2 for Windows Vista:

http://www.microsoft.com/windows/windows-vista/default.aspx

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————