ITACS 5211: Introduction to Ethical Hacking
Wade Mackay
Quest Diagnostics, a company based in Madison, New Jersey that provides laboratory services came out on November 26, 2016 and said that a breach leaked patient information for 30,000 clients. They stated none of the information was credit cards or social security numbers.
Source: Article
Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware. Locky arrived on computers via a “malicious macro” in a Word document. Locky has now spread to social media sites such as Facebook.
Typically what happens is that when you click on an image thumbnail, rather than displaying the image in a separate window, the file automatically downloads. It would be natural for most people to then click on the downloaded image — and that’s what executes the Locky code and immediately locks up all your files and demands ransom.
This article discusses how the IoTs have been being used in botnets created by malware to attack companies. The FBI warns that new attacks may occur, different from the Mirai attacks that took place last month. Since most IoTs were not designed to withstand attacks, it is hard to prevent these attacks from occurring.
Article:
This article talks about the success of the Mirai DDoS botnets that are made up of IoT devices. The software enabling them is publically available, which makes it easier for inexperienced hackers to set them loose. The devices are mostly made up of security cameras, DVRs, and home routers.
An indicator that one of your IoT devices may be infected with Mirai is that the SSH and Telnet ports (22 and 23) are closed. Mirai does that so administrators can’t get in and nobody else can attack the machine in the same way.
This article discusses the breach of OPM (Federal Office of Personal Management), this breach leaked information about roughly 22 million current and former employees became public in mid-2015. It took close to another 15 months for Congress to complete a report on it. Hackers, said to be from China, were inside the OPM system starting in 2012, but were not detected until March 20, 2014. A second group, who worked as a third-party contractor was also able to get access to OPM’s system, and it was not discovered until May 2015. I was employed with the federal government in May 2014, so there was a chance that my information was apart of this 22 million names that were sent out. I received several e-mails and letters in the mail informing me about the breach. Below is a list of what the inspector general found about the security in place at OPM.
An inspector general’s report from November 2014 was blunt about a lack of basic security measures including:
Article Link:
Hackers are looking to disrupt the upcoming U.S. election in November by hacking voter registration databases. A few disappearing names here and there wouldn’t make a difference, but if millions of people showed up to the polls and weren’t registered to vote, that would make a huge difference. Voters can still vote with provisional ballots, but they usually do not carry many at each polling location and it can cause chaos at the polls. If certain areas, such as L.A. county are hacked, that’s 4.8 million people that could be affected.
Link: http://www.csoonline.com/article/3128034/security/hacked-voter-registration-systems-a-recipe-for-election-chaos.html?google_editors_picks=true
Link:http://www.techtimes.com/articles/180357/20161001/bug-bounty-hunters-can-earn-1-5-million-for-a-successful-jailbreak-of-ios-10.htm
An American Information Security Company, Zerodium, is offering up to $1.5 million “for original and unreported vulnerabilities with fully functional exploits on major operating systems, software and/or devices.” With iOS 10 recently released, this OS can offer the biggest chance of payouts. Zerodium’s main business focuses on “acquiring zero-day vulnerabilities and exploits and creating protective security measures and recommendations for them.” The biggest bounty paid by the company was to a team of Zerodium researchers who “successfully made a remote browser-based untethered iOS 9.1/9.2b jailbreak.”
Brian Krebs is a reporter who does stories on cyber attackers that attack for profit. In his line of work, he is often subject to several threats. He has had SWAT teams show up at his house before, and death threats in the form of flowers. Most recently, his website was the subject of a DDoS attack, sending 600-700 gigabits per second of internet traffic. The security company protecting his site, Prolexic, had to stop supporting his website because it was the subject of so many attacks. His site is now back up and running with Google’s Project Shield. It is meant to protect activists from DDoS attacks. Hackers are using unsecured devices from the Internet of Things, (IoTs) to launch this attacks. A botnet of 25,000 CCTV cameras was being used to launch attacks across the world.