• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • About
  • Structure
  • Schedule
    • First Half of the Semester
      • Week 1: Overview of Course
      • Week 2: TCP/IP and Network Architecture
      • Week 3: Reconnaissance
      • Week 4: Vulnerability scanning
      • Week 5: System and User enumeration
      • Week 6: Sniffers
      • Week 7: NetCat, Hellcat
    • Second Half of the Semester
      • Week 8: Social Engineering, Encoding, and Encryption
      • Week 9: Malware
      • Week 10: Web application hacking, Intercepting Proxies, and URL Editing
      • Week 11: SQL injection
      • Week 12: Web Services
      • Week 13: Evasion Techniques
      • Week 14: Review of all topics and wrap up discussion
  • Assignments
    • Analysis Reports
    • Quizzes & Tests
  • Webex
  • Harvard Coursepack
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackay

Burp Suite exercise

Burp Suite exercise

December 19, 2016 by Roberto Nogueda 1 Comment

burp-suit-exercise burp-suite-exercise

Quest Diagnostics Investigating Data Breach Affecting More Than 30,000

December 12, 2016 by Shain R. Amzovski Leave a Comment

Quest Diagnostics, a company based in Madison, New Jersey that provides laboratory services came out on November 26, 2016 and said that a breach leaked patient information for 30,000 clients.  They stated none of the information was credit cards or social security numbers.

 

Source: Article

Full List of all Slide Decks

December 12, 2016 by Wade Mackey Leave a Comment

intro-to-ethical-hacking-week-2 intro-to-ethical-hacking-week-1 intro-to-ethical-hacking-week-3 intro-to-ethical-hacking-week-4 intro-to-ethical-hacking-week-5 intro-to-ethical-hacking-week-6 intro-to-ethical-hacking-week-7 intro-to-ethical-hacking-week-8 intro-to-ethical-hacking-week-9 intro-to-ethical-hacking-week-10 intro-to-ethical-hacking-week-11 intro-to-ethical-hacking-week-12 intro-to-ethical-hacking-week-13 intro-to-ethical-hacking-week-14

Ransomware Under Development Gives Option to Pay or Infect Others

December 10, 2016 by Josh Zenker 1 Comment

Malware researchers recently discovered a particularly dastardly new type of ransomware, still under development. It gives its victims the option to either pay up or infect others to get the decryption keys to their data. At the very least, it sounds like an evil social experiment.

https://threatpost.com/ransomware-gives-free-decryption-keys-to-victims-who-infect-others/122395/

Nessus Scan – Metasploitable

December 9, 2016 by Noah J Berson Leave a Comment

noah-berson-nessus-doc

nessus-presentation-noah-berson

video download: nessus-presentation-noah-berson

http://community.mis.temple.edu/itacs5211fall16/files/2016/12/Nessus-presentation-Noah-Berson.mp4

Nine in Ten NHS Trusts Still on Windows XP

December 8, 2016 by Mengxue Ni Leave a Comment

Security experts have warned that patient data is at risk after it was revealed that 90% of NHS Trusts in England are still running the unsupported Windows XP operating system. A Freedom of Information Act request from Citrix also found that just over half are not sure when they’ll upgrade to a newer system, while 14% think they’ll do so by the end of the year and 29% said the migration would happen some time in 2017. Unless these systems are being protected by virtual patching, they’ll be far more exposed to the threat of attack as Microsoft stopped issuing security updates for government PCs in April 2015. Many healthcare organizations have single purpose devices that don’t require network connection for their main purpose.

Windows XP operating system is a legacy system in my mind, support for Windows XP was ended on April 8, 2014. According to Microsoft, there will be no more security updates or technical support for the Windows XP operating system after this date. So Windows XP is very easy to be hacked today. But a lot of healthcare organizations didn’t update the systems yet. All the patients’ information remain risky before they update their operating system.

http://www.infosecurity-magazine.com/news/nine-in-ten-nhs-trusts-still-on/

5-Year-Old Linux Kernel Local Privilege Escalation Flaw Discovered

December 8, 2016 by Scott Radaszkiewicz Leave a Comment

Click for Article

Fresh off the heals of another Linux vulnerability discovered about a month ago, another flaw has been discovered.   CVE-2016-8655 is a flaw that could allow a local user to gain root access privileges to the Linux operating system.  This flaw effects almost every Linux distribution that is available.

A patch was released last week, so users are encouraged to patch their Linux distributions.

I always find Linux flaws to be of particular interest.  I think Linux has that inherent stigma that it’s for “techies” and you have to be super technical to get it to work.   And, I think part of that is true, Linux is probably more prevalent among the “techie” users.   So, it always amazes me that flaws, like the one above are found 5 years later.

Mystery device could let criminals get in your car in seconds

December 7, 2016 by Jason A Lindsley 2 Comments

If you still do your shopping in stores, there is reason to be cautious this holiday shopping season when parking your car.  A device has surfaced that intercepts clones the signal sent from a key fab and allows an individual to gain access to your automobile.  In some cases, it also allows the thief to start the car and drive away!

I’ve always wondered how high the risk was to intercepting signals from key fabs.  Personally, I’m not very concerned because I’ve transferred the risk of loss to my insurance company.  Also, I don’t drive the most desirable vehicle.  Still, it’s important that we all be aware of our surroundings and these security vulnerabilities, even when we aren’t online.

http://www.today.com/money/mystery-device-could-let-criminals-get-your-car-seconds-t105627

IBM Watson security program goes for trail with 40 firms bringing up the question -Will Future cyber security will be mainly automated, based on Artificial Intelligence ?

December 7, 2016 by Vaibhav Shukla Leave a Comment

IBM has announced that 40 companies around the world have signed up for its IBM Watson for Cyber Security Beta Program.

The companies will test the ability of IBM’s cognitive computing technology  to help in the battle against cyber crime. The trial will include representatives of the banking, healthcare, insurance, education and other key industry sectors.

Watson for Cyber Security uses technologies such as machine learning and natural language processing, which is being trained to understand the language of security.IBM claims the combined technologies will help security analysts make better, faster decisions from vast amounts of data, including unstructured data that has been “dark” to security defenses until now.On other hand some threat intelligence experts have cautioned against the total reliance on cognitive technology could be dangerous

Intel Security is pursuing this hybrid approach and is working with a select group of customers to develop systems to enable human machine teaming to get the best of both worlds in applying cyber threat intelligence

http://www.computerweekly.com/news/450404252/40-firms-to-trial-IBM-Watson-cognitive-computing-for-cyber-security

 

Backdoor accounts found in 80 Sony IP security camera models

December 7, 2016 by Brent Easley 3 Comments

http://www.pcworld.com/article/3147311/security/backdoor-accounts-found-in-80-sony-ip-security-camera-models.html

Network security cameras that were created by Sony could have been compromised with botnet malware if their firmware is not updated to the latest version.  This was detected by SEC Consult, they found two backdoor accounts that existed in 80 models of professional Sony security cameras.  Some of these devices were used at government agencies.  Sony was notified about the vulnerability in October and released firmware updates for all the affected camera models on November 28th.

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 28
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (133)
  • Week 01: Overview (1)
  • Week 02: TCP/IP and Network Architecture (8)
  • Week 03: Reconnaisance (25)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (15)
  • Week 06: Sniffers (9)
  • Week 07: NetCat and HellCat (11)
  • Week 08: Social Engineering, Encoding and Encryption (12)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (12)
  • Week 11: SQL Injection (11)
  • Week 12: Web Services (10)
  • Week 13: Evasion Techniques (7)
  • Week 14: Review of all topics (5)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in