Getting a head start. intro-to-ethical-hacking-week-3
First let me say that I have no right or wrong answer for this, just want to see each of you weigh in.
In light of the news around an Israeli company developing malware to facilitate the UAE snooping on human rights activists, how far would you be willing to go if you ran the IT Security company that created this malware?
Here’s a link to the story in case you don’t recall. http://foreignpolicy.com/2016/08/25/the-uae-spends-big-on-israeli-spyware-to-listen-in-on-a-dissident/
Here is the presentation for Week 2
Also, and email has been sent to each participant with a link to the Video.
Behind the scenes, SWIFT is upping the ante for financial institutions. If you do not upgrade your systems and put robust processes in place you find your institution disconnect from SWIFT. This is effectively a death sentence for a bank.
It sounds old fashioned, but I tell students that the may person you cheat is yourself. Much like this course, if you just want to get through with a score. it is not difficult. If you want to learn and be prepared for your future, then you have to put the work in.
This is an area where internal threats may be even greater. Admins of these systems have the ability to “adjust” vote counts. This means processes will need to be put in place to ensure this does not happen or is logged and reported.
One thing to keep in mind is that firms that process PII or other sensitive data may restrict staff that access these systems from working remotely. In particular, financial firms often have sophisticated monitoring programs that may not work for remote users.
One thing to keep in mind is that password keepers and the browser function to remember passwords have their own vulnerabilities that can resut in an attacker taking advantage of these.
Here is the presentation from Week 1