Josh Zenker

Ransomware Under Development Gives Option to Pay or Infect Others

December 10, 2016 by Josh Zenker 1 Comment

Malware researchers recently discovered a particularly dastardly new type of ransomware, still under development. It gives its victims the option to either pay up or infect others to get the decryption keys to their data. At the very least, it sounds like an evil social experiment.

https://threatpost.com/ransomware-gives-free-decryption-keys-to-victims-who-infect-others/122395/

Burp Suite Analysis of CNN.com

December 4, 2016 by Josh Zenker 2 Comments

CNN.com has a reputation among my colleagues in IT for how long it takes to load its front page. I reasoned that it must be pulling in many resources from third party sites. Therefore I thought it would be an ideal target for the Burp Suite intercepting proxy.

Presentation [PDF]
Executive Summary [PDF]

Nessus Vulnerability Scan of Metasploitable

October 31, 2016 by Josh Zenker 1 Comment

I ran a vulnerability scan against Metasploitable 2. Here are the results.

https://youtu.be/UfL2TePYnrc

Nessus Scan Report (PDF)
Presentation (PDF)
Executive Summary (PDF)

Recon on Hahnemann University Hospital

September 23, 2016 by Josh Zenker 1 Comment

I performed reconnaissance on Hahnemann University Hospital, a major hospital located in Center City Philadelphia. Please see the video presentation and attached PDFs below.

https://youtu.be/gEpvfzoDEHk

Slide Deck: PDF

Executive Summary: PDF

Energy Sector IT Professionals Overconfident in Cyber Security Capabilities as Attacks Increase

September 19, 2016 by Josh Zenker 1 Comment

When I originally posted, I didn’t see that someone already posted the news about CyMotive, so here is a different article that focuses on a study conducted by Tripwire, an industry leader in enterprise-class security, compliance, and IT operations solutions.

“According to the Department of Homeland Security, the energy sector faces more cyber attacks than any other industry. Despite the frequency in attacks, energy IT professionals participating in Tripwire’s survey were very confident in their ability to collect the data needed to detect a cyber attack…

“‘These results show that most security professionals are assuming they are doing the right things to secure their environments, but lack real world data to back up their assumptions,’ said Travis Smith, senior security research engineer for Tripwire. ‘This highlights the importance of testing security controls to ensure they are functioning as expected. It’s not enough to install security tools throughout the environment. You must test the policies and procedures to be confident the controls in place will stop or detect real-world intrusions…'”

http://www.businesswire.com/news/home/20160919005017/en/Tripwire-Study-Energy-Sector-Professionals-Overconfident-Cyber

I find it especially worrisome that an industry so essential to our success as a country—and demonstrably under constant cyber attack—seems to overestimate its capability to detect and respond to such attacks.

Volkswagen and former members of Israeli intelligence agency form automotive cyber security firm

September 18, 2016 by Josh Zenker 3 Comments

With all the recent concern about the security of Internet-connected cars, it probably comes as no surprise that Volkswagen has formed an automotive cyber security firm with three former members of Israel’s Shin Bet intelligence agency, including its former head Yuval Diskin. They are calling the new firm CyMotive Technologies. According to Gartner, there are already 22 cyber security companies either focused on automobiles or containing divisions that do. The article seems to suggest that CyMotive will be the first such company directly affiliated with a car manufacturer.

http://www.usatoday.com/story/tech/news/2016/09/16/volkswagen-cymotive-israeli-group-car-automotive-cybersecurity-company/90491834/