Mengxue Ni

16,000 WordPress Sites Have Been Hacked

October 4, 2016 by Mengxue Ni 2 Comments

WordPress is a popular target because majority or the web uses it to manage and publish their content. According to the 2016 Sucuri report on WordPress continues to lead the number of infected websites at 74%. This report focuses on four open-source content management systems(CMS). In addition to WordPress, it covers Joomla!(14%), Magento(5%) and Drupal (2%). Sucuri found that on average, WordPress installations had 12 plugins installed at any given time. The top three plugin vulnerabilities contributed to 22% of WordPress site hacks: Gravity Forms, TimeThumb and RevSlider.

I know that sites that we are using for our classes are all WordPress based. It is dangerous if school accounts are hacked. It may lead to identity theft. WordPress is very useful for developers to design but meanwhile, they need to pay attention on the security side of using WordPress.

Link: http://www.infosecurity-magazine.com/news/16000-wordpress-sites-have-been/

97% of Top 1,000 Orgs Suffer Credential Compromise

September 25, 2016 by Mengxue Ni 2 Comments

Digital Shadows has found that, for the largest 1,000 organizations in the world, there are more than 5 million leaked credentials. The company said in blog-for companies that were the victims of breaches, there are clear reputational, brand and financial implications. The breaches impacting the global 1,000 companies that most were heists at LinkedIn and Adobe-both services that employees can be expected to sign up to with their work accounts. The high level of corporate credentials in the 360 million stolen from MySpace. Gaming sites and dating sites also affected organizations.

The report also found that the UK is one of the most affected regions in the world-with an average of 9,000 average leaked credentials per company. Whilst many claimed breaches are often simply copies and reposts of previously leaked database this number is lower than expected-only around 10% of claimed breached credentials are duplicated.

Social media and BYOD are the biggest internal security threats for every organization because it is hard to control and monitor every employee. For LinkedIn and Adobe, I can understand why there is a high chance to get your work account from it. I was surprised that dating and gaming sites also threat organizations. One thing that I can think to mitigate the risk of leakage is warning your employees not to use their work account and email in any other website, not even for LinkedIn. Other than this, social media is still a great external threat for any organizations.

link: http://www.infosecurity-magazine.com/news/97-of-top-1000-orgs-suffer/

Reconnaissance Analysis – Lincoln Financial Group

September 23, 2016 by Mengxue Ni 1 Comment

Created by Mengxue Ni and Mengqi He

Executive summary

PowerPoint (PDF version)

PowerPoint (PPT Version)

Presentation video

DDoS Sees Triple-Digit Growth in One Year

September 19, 2016 by Mengxue Ni 3 Comments

Distributed denial of service attacks are on the rise, even as attack volume falls. According to the article, total DDoS attacks increased 129 percent in Q2 2016 from Q2 2015, and during the second quarter, Akamai mitigated a total of 4.919 DDoS attacks.

This reminds me of last week’s article that talked about 911 emergency phone system is vulnerable to DDoS attacks. When the total volume of attack falls, DDoS is still a major way that used by hackers since it is relatively simple. This gives FCC another warning, they should solve the problem as soon as possible.

The article also mentioned, as far as regional notes go, Brazil experienced a 197% increase in attacks sources from the region-the top country of origin for all web application attacks. The United States meanwhile ranked second among countries for total web application attacks, seeing a 13% decrease in attacks compared to Q1 2016.

Link: http://www.infosecurity-magazine.com/news/ddos-sees-tripledigit-growth-in/

US 911 emergency phone system vulnerable to DDoS attacks, say researcher

September 11, 2016 by Mengxue Ni 2 Comments

According to researchers at Israel’s Ben-Gurion University, they have discovered a way to disable the emergency system across an entire state for an extended period using a telephony denial of service (TDoS) attack targeting 911 call centers. Since 1968, the emergency infrastructure relies on routing and connecting 911 calls to nearby public call centers, known as public safety answering points (PSAP). However, a hacker could cause mobile phones to call 911 automatically without a user’s knowledge, essentially clogging up the PSAP’s queues and preventing legitimate callers from reaching the service. Discussing possible solution to prevent or minimize the impact of possible attack, researchers said a mandatory “call firewall” could be implemented to identify and block DDoS activities. Another solution would have PSAPs implement “Priority Queues” that would priories callers with more reliable identifiers when connecting someone to a call-taker. However, the biggest issue lies in the current regulations set in place by the FCC.

I found this article interesting because these researchers discovered the issue before the loss happens. It might save millions of lives. Even hackers don’t attack every 911 call centers, if he/she is a criminal who kidnap a person, he/she can attack the nearest center to prevent victim to contact 911. The author also gives explanation of DDos, hackers attempt to overload a website’s connections by sending in data requests from multiple sources. Making a DDoS attack-known as “dosing”-is relatively simple. Botnets are available to hire on websites not reachable via dark web. Therefore, I hope FCC can pay enough attention on this and fix it as soon as possible.

Link: http://www.ibtimes.co.uk/us-911-emergency-phone-system-vulnerable-ddos-attacks-say-researchers-1580674

Hilary Clinton’s Presidential Campaign also Hacked in Attack on Democratic Party

September 4, 2016 by Mengxue Ni 2 Comments

Hillary-Clinton-Presidential-Campaign-hacked

I believed everyone had heard more or less about that Hilary Clinton’s computer systems were hacked about two months ago and about 20,000 emails from top Democratic National Convention (DNC) officials were leaked on WikiLeaks. According to the WikiLeaks Founder Julian Assange, he still had more data from the DNC hack and some could eventually result in the arrest of Hilary Clinton.

This action could influence the presidential election in a tremendous way. Hack and leakage is absolutely illegal, but it may help some people to see the real dark side of politic and even Hilary Clinton. If the contents of the emails are true, will you still vote for Hilary Clinton? The candidate of president of USA still have cyber security problem, how could he/she protect our privacy? Or maybe other candidate of president hired hackers to reveal any information they want to know. This makes me very insecure and felt disappointed about the country.

Link：http://thehackernews.com/2016/07/hillary-clinton-hacked.html