Scott Radaszkiewicz

37-Year-Old ‘Syrian Electronic Army’ Hacker Pleads Guilty in US Court

September 30, 2016 by Scott Radaszkiewicz 2 Comments

Peter Romar, one of the FBI’s most wanted hackers has been captured and plead guilty to federal charges. One of the points from the article that really made me pause was what Romar did with two accomplices. In March of 2016, Romar hacked the Associated Press Twitter account and posted that the White House had been bombed and President Obama was injured. This posting caused a temporary dip in the stock market.

It’s so very scary that the hacking of a Twitter account could cause such a ripple through the financial system. Scarier yet is the fact that, like lambs, we take as Truth what the news media reports, and whatever else we read online. A dip in the stock market, just off the posting that the White House was bombed. Very scary to think what a coordinate attack, that posted the same information on multiple sites would do! Would people then believe it? How long could the charade go on?

Knowledge is power, but it seems like Social Media is giving it a run for it’s money!

2016 CyberThreat Report by CyberEdge Group

September 27, 2016 by Scott Radaszkiewicz 1 Comment

I came across this report while searching for something else at work. I thought it would be good to share. It’s 36 pages, so don’t go crazy and read it all!

The survey was given to security professionals across North America, Europe, Asia Pacific, and Latin America in November 2015. Results are included from only those organizations with over 500 global employees. There was close to 1000 responses to the questions.

Click for Report

Some noteworthy items from the report(or at least what I found interesting):

page 5, nearly a third of those surveyed report spending more than 16% of their IT budget on security.
page 7, the USA was 5th with organizations reporting at least 1 successful cyber attack against them.
page 24, low security awareness among employees is listed as the highest treat.

And as I read this, I think how useful this information is to a hacker. To know that, from page 9, these professionals feel that mobile devices are their least protected IT resource!! I guess I would start with the weakest link.

Yahoo Confirms 500 Million Accounts Were Hacked by ‘State Sponsored” Hackers

September 26, 2016 by Scott Radaszkiewicz 2 Comments

Article Link: http://thehackernews.com/2016/09/yahoo-data-breach.html

The following article discusses a data breach at Yahoo that happened back in 2014. Account information for over 200 Million Yahoo accounts was being sold on the Dark Web. An estimate claims that 500 Million accounts could have been effected. N credit card information was obtained, but user logins, passwords, security question answers and questions were stolen.

Yahoo claims that it was a state sponsored attack, but have not revealed any proof of that comment.

Yahoo users are urged to change their password.

In reviewing this article, it’s scary. From the teen in the basement to the state sponsored hacker, there is so much to watch out for! I think about my own life. All the information that is put out there in things like Google Mail and Docs. It’s scary to know that we can take the best precautions to protect our information, but once it leaves our hands, it’s out there. We have no accountability for the safety of our information that we put out in Cyberspace! But yet, we continue to do it more and more, at an alarming rate!

Reconnaissance Presentation on Cabela’s Inc.

September 22, 2016 by Scott Radaszkiewicz 2 Comments

Reconnaissance Document

Reconnaissance Powerpoint

Reconnaissance Video

Hacker-Friendly Search Engine that lists Every Internet-Connected Device

September 15, 2016 by Scott Radaszkiewicz 3 Comments

Article Link: http://thehackernews.com/2015/12/internet-of-things-search-engine.html

After the presentation last night on Reconnaissance using some Google Tools, I thought it this was a perfect addition. For fun, I put in a:temple.edu in the search.

FYI – it only allows 5 searches per day without creating an account!

Oh, It’s On Sale! USB Kill to Destroy any Computer within Seconds.

September 11, 2016 by Scott Radaszkiewicz 6 Comments

Article link: http://thehackernews.com/2016/09/usb-kill-computer.html

Wow! Talk about your Super Spy type stuff. (Queue Mission Impossible Theme Music now: https://www.youtube.com/watch?v=XAYhNHhxN0A).

So now do we not only have to worry about the digital data that can be stolen or compromised, but now comes this new item that will basically destroy the internal components of your computer.

This killer USB stick, once plugged into a USB drive, will charge capacitors within it and then release a deadly charge back into the system that will destroy internal components. The company claims they developed the device for companies to test their devices for USB power surge attacks.

You’ve been hacked and now, destroyed. Trying to piece together what information has been compromised from a functional machine can sometimes be impossible. Now, you might be left trying to figure out what happened without even having the machine available to you.

It’s mind boggling that any person can get one of these devices for $49.95 over the Internet. How do we combat hacking and theft, and now destruction, when the tools necessary to wreak havoc come so cheap! Just another item in the constant dance to keep us on our toes!

September 1, 2016 by Scott Radaszkiewicz

Article: Students can use the dark web to cheat their way through school

Link: http://www.businessinsider.com/students-can-use-the-dark-web-to-cheat-their-way-through-school-2016-8

I work in education, K-12 and this article is a constant reminder to me on how students are constantly one step ahead of us. Sure, I know some of the kids in the schools who have a interested in computers, and some I have actually taken under my wing and worked to provide them proper resources to explore their passion. Years back I had a student who used a USB key to boot a teacher workstation and hack the SAM to get the local administrator password. The student didn’t do anything with it, but showed the teacher what he had done. Kind of a, “hey, look how smart I am” gesture. So, we put that student into an independent study program for computer networking, and to this day, I still keep in touch with the student who is now in college.

But this offers a whole new level of hacking. Not only am I on the lookout for those students who will tinker and hack themselves, but any student can pay for the service, if they want to take advantage of it. Security is a constant life of catch up. We can’t fix an issue, until we know it’s an issue and we are constantly chasing after the next generation of kids who know more then us. And kids sometimes have nothing better to do than sit in class and “tinker”.

This is just plain and simple fact. At my school, we work very hard to educate students about the rights and wrongs of use. I can attempt to stop as much unethical behavior as I want, but the reality is that I can’t. So, education on what is the proper use is paramount! But at the end of the day, we can make it tough for students to cheat/hack/etc, but anyone intend on real harm can either do it themselves if they have the skill, or hire a professional to get it done!

https://community.mis.temple.edu/itacs5211fall16/2016/09/01/3158/