-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 7 months ago
“Finland’s 3rd Largest Data Breach Exposes 130,000 Users’ Plaintext Passwords”
Finland’s citizens had their credentials compromised in a large data breach. Hackers attacked a new Business Center in Helsinki, […]
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 7 months ago
An interesting read that I found talked about how Memcached servers can be quickly hijacked and compromised by to launch large DDoS attacks. Utilizing IT spoofing and a poorly implemented UDP causes the servers to […]
-
Shi,
Quite an interesting article that talks about how Memcached servers can be hacked using large DDoS attacks. As far as I know, prevention against DDoS is still under research and in fact many organizations still do not have the best practices to prevent such attacks. Such situations can only be avoided by having a centralized monitoring and triggering system to check port status of all devices rather than doing it manually.
-
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 7 months ago
Fresno State data breach, 15,000 affected!!
This article relates to the data breach of the California State University, Fresno. According to the article, “the personal information of more than 15,000 p […]
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 7 months ago
Massive 1.7Tbps DDoS reflection/amplification attack was conducted against one of its unnamed US-based customer’s website.
Attackers exploited vulnerability of many internet facing “Memcached” servers, open- […]
-
Xueming Guo wrote a new post on the site xuemingguo 6 years, 8 months ago
Brief Introduciton of the Project:
There is a real need for the use of better technology to more accurately plan our collective schedules. Sometimes the school has WAY too many sections of a course on the […]
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 8 months ago
Computer Security Firm “CrowdStrike” performed research and analysis of recent attacks (NotPetya, WannaCry) targeting U.S. organizations that caused million of dollars in losses. Especially, it has been fou […]
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 8 months ago
“Hackers Can Now Steal Data Even From Faraday Cage Air-Gapped Computers”
In Wireless Network Security, given the nature of physics related to Wireless Signal propagation in the air, exposure of Wireless Rad […]
-
Shi Yu Dong wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 9 months ago
Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites
According to this article “Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites”, it describes that a simple but serious app […]
-
Shi,
Nice summary of the article. I am quite surprised that WordPress allows execution of the PHP file at run time by changing the parameters. A similar kind of flaw was witnessed a couple of years back when users can potentially change variable parameters of images in WordPress sites and identify information of websites without security logins. The patch needs to be done as soon as possible before it affects users. I am pretty sure a large percentage of SMBs use WordPress for their business needs.
-
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
According to this article, it describes that a former National Security Agency employee named Nghia Hoang Pho pleaded guilty on Friday to Illegally talking classified documents home which were later stolen by […]
-
Will follow up this story in April…
-
Shi Yu,
This is an individual action of someone who is either careless or who doesn’t know what he is doing. his action shows there are government policies that need to be changed and obligate employees to be careful with such sensitive files.
This is a very educative article that I am sure it will teach a lesson to so many people the consequences of taking government documents home. -
It is definitely an interesting read. I wonder what was the motivation of the NSA employee to take the classified documents.
-
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
According to the article, an Iranian web developer named Pouya Darabi discovered and reported a critical vulnerability in Facebook systems that could have allowed anyone to delete any photo from the social […]
-
Quick response by Facebook to fix the bug and it’s interesting to see bug bounty hunters.
-
Interresting…..it s good that they fix it.
-
That’s quite an interesting news and I am surprises to see such flaws from world’s largest social networking community. This is pure case of internal system fix and stands a good example for many businesses related to this. It’s good that it was reported on time before any potential violation occurred and extracted personal images.
-
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 12 months ago
According to the article, a BBC journalist has discovered a security flaw in the office collaboration tool Huddle that leads to private documents being exposed to unauthorized parties. A huddle is an online tool […]
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years ago
This article describes that researchers have found a critical vulnerability that users could leak their real IP addresses to potential attackers when they use TOR anonymity browser. Tor (The Onion Router) is free […]
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years ago
According to the article, research finds that the iPhone has a serious privacy concern that allows IOS app developers to take your photographs and record your live video using both front and back cameras without […]
-
Shi Yu,
your article is very similar to many articles who came one after Iphone 6 came out with the fingerprint login button. Everyone was talking back then about how Apple was collecting fingerprints of millions of customers all over the world. However, the people knew that an important sensitive information (Fingerprint) can be used against them at anytime and they kept using apple logins.
I do believe that this time again, the people will purchase more new IPhones and will activate their cameras to login using the Face-ID feature even tho they pictures of them and the people around them will be taken without their permissions.
-
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years ago
According to the security researcher, it describes that hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange to perform malicious code execution on the targeted device without […]
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years ago
Recently, security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. In the […]
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 1 month ago
According to researchers from the cybersecurity firm Proof point, they recently discovered a large-scale malvertising campaign that exposed millions of internet users in the United States, Canada, the UK and […]
-
I think this is a pretty interesting article but also very scary. I saw some analytical data on reddit at one point that p0rnhub has a crazy amount of hits in any given day. This being the case something like this could be a huge problem even if 1% of the people who go the site will go along with it.
-
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 1 month ago
According to the article, it describes that researchers from security firm Duo Labs analyzed over 73,000 Macs system and discovered that a surprising number of Apple Mac computers either fails to install […]
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 1 month ago
A new email scam is targeting Netflix Users in order to obtain access to their bank account information. According to the article, Netflix customers have been received a fake email that appears to come from […]
-
Xueming Guo created the site Temple Course Scheduling 7 years, 1 month ago
-
Shi Yu Dong wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 1 month ago
My article is about how can an undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted word […]
- Load More
Thanks for sharing the article. This is pretty scary and quite concerning too especially because of the problems in the maritime waters. This type of cross-country digital hacks have become quite common now a days where countries are willing to do anything to get data for their own benefit. It is high time that countries have strong defense mechanisms and legal actions for such acts. You right pointed out that the legal rules between China and the US failed here. Such laws need to be scrutinized further