Uncategorized

Cybercrime as a Service on the Darknet Has Europol Concerned

October 2, 2016 by Loi Van Tran 1 Comment

Cybercrime as a Service (CaaS) is an emerging concern for the European Police. Although it has not been affected by it yet, it has the potential to disrupt critical IT for European government agencies and law enforcement. CaaS can give militants and activist access to hackers that would provide cyber attacks in exchange for bit coins on the darknet. These attacks can range from malware, ransomware, to DDoS attacks. Bad actors no longer have to rely on their own technical prowess and purchases these services.

Based on the DNS threat index, from CIO Insight, CaaS has grown 7% from Q4 of 2015 to Q1 of 2016. The rise is eminent and the risks to organizations are higher.

More Details Below:

Cybercrime as a Service on the Darknet Has Europol Concerned

Cybercrime-as-a-Service Poses a Growing Challenge

In new email phishing scam, hackers pose as IRS officials sending ACA tax bills

October 2, 2016 by Vaibhav Shukla 3 Comments

Hackers are impersonating the IRS and sending scam emails to victims asking them to pay balances related to health coverage for 2014

The fraudulent emails pretend to be a CP-2000 notice from the IRS, a notice the agency sends to taxpayers if income or payment information does not match information provided on their tax returns. In the email phishing scheme, the scam emails say victims owe a balance related to the Affordable Care Act health coverage requirements

http://www.beckershospitalreview.com/healthcare-information-technology/in-new-email-phishing-scam-hackers-pose-as-irs-officials-sending-aca-tax-bills.html

37-Year-Old ‘Syrian Electronic Army’ Hacker Pleads Guilty in US Court

September 30, 2016 by Scott Radaszkiewicz 2 Comments

Click for Article

Peter Romar, one of the FBI’s most wanted hackers has been captured and plead guilty to federal charges. One of the points from the article that really made me pause was what Romar did with two accomplices. In March of 2016, Romar hacked the Associated Press Twitter account and posted that the White House had been bombed and President Obama was injured. This posting caused a temporary dip in the stock market.

It’s so very scary that the hacking of a Twitter account could cause such a ripple through the financial system. Scarier yet is the fact that, like lambs, we take as Truth what the news media reports, and whatever else we read online. A dip in the stock market, just off the posting that the White House was bombed. Very scary to think what a coordinate attack, that posted the same information on multiple sites would do! Would people then believe it? How long could the charade go on?

Knowledge is power, but it seems like Social Media is giving it a run for it’s money!

WordPress user enumeration hacking

September 28, 2016 by 2 Comments

This article discusses one way in which a hacker can easily enumerate through authors or users of WordPress sites. To do this, the hacker takes the url of the site and places it within this url: http://example.com/?author=1. This queries the database for author=1 and returns the actual author name (username). What was pretty unsettling for me is that I actually run a WordPress site for a foundation I am a part and when I queried the site with the above url, my username was returned. What’s also interesting is that, when I ran the same url against https://mis.temple.edu for ?user=1, the returned value was “admin”. It’s one thing to know who a user is but it’s another thing for a hacker to know that the administrator username is actually admin-this is almost half the battle in carrying out a successful brute force attack. Incorrect username/password entry usually returns a “username/password incorrect” message. If you do not know for certainty what the username is, the previous message becomes more complicated. The article fortunately supplies code to add to index.php of the WordPress site to disable querying author names.

https://perishablepress.com/stop-user-enumeration-wordpress/

Week 5 Presentation

September 28, 2016 by Wade Mackey Leave a Comment

intro-to-ethical-hacking-week-5

Student legally hacks airline and earns $300,000 of miles

September 27, 2016 by Jason A Lindsley 3 Comments

Link: http://www.businessinsider.com/student-legally-hacks-united-airline-earns-frequent-flyer-miles-ryan-pickren-2016-9

This is an interesting short video/article on a Georgia Tech student that has been participating in United Airlines bounty program and has been rewarded in $300,000 worth of miles as a reward for findings security flaws. He’s donated a third of his miles back to Georgia Tech.

It wasn’t always sunshine and rainbows for Ryan. He got into some trouble with the law when he hacked a rival school’s calendar before a big football game. He was charged, but completed a pretrial diversion program and the charges were dropped.

He began the United Airlines bounty program to earn miles to visit his girlfriend and became the most successful contributor.

I find it interesting when highly technical individuals such as Ryan are given an avenue to utilize these skills in an ethical manner (especially when they are caught doing something unethical). For some folks, the technical part is very easy and the ethical part is challenging. For myself, I’ve always had strong ethical principles and business acumen, but the desire to be more technical is what got me interested in the Temple ITACS program and ethical hacking. How about the rest of you all?

2016 CyberThreat Report by CyberEdge Group

September 27, 2016 by Scott Radaszkiewicz 1 Comment

I came across this report while searching for something else at work. I thought it would be good to share. It’s 36 pages, so don’t go crazy and read it all!

The survey was given to security professionals across North America, Europe, Asia Pacific, and Latin America in November 2015. Results are included from only those organizations with over 500 global employees. There was close to 1000 responses to the questions.

Click for Report

Some noteworthy items from the report(or at least what I found interesting):

page 5, nearly a third of those surveyed report spending more than 16% of their IT budget on security.
page 7, the USA was 5th with organizations reporting at least 1 successful cyber attack against them.
page 24, low security awareness among employees is listed as the highest treat.

And as I read this, I think how useful this information is to a hacker. To know that, from page 9, these professionals feel that mobile devices are their least protected IT resource!! I guess I would start with the weakest link.

Yahoo Confirms 500 Million Accounts Were Hacked by ‘State Sponsored” Hackers

September 26, 2016 by Scott Radaszkiewicz 2 Comments

Article Link: http://thehackernews.com/2016/09/yahoo-data-breach.html

The following article discusses a data breach at Yahoo that happened back in 2014. Account information for over 200 Million Yahoo accounts was being sold on the Dark Web. An estimate claims that 500 Million accounts could have been effected. N credit card information was obtained, but user logins, passwords, security question answers and questions were stolen.

Yahoo claims that it was a state sponsored attack, but have not revealed any proof of that comment.

Yahoo users are urged to change their password.

In reviewing this article, it’s scary. From the teen in the basement to the state sponsored hacker, there is so much to watch out for! I think about my own life. All the information that is put out there in things like Google Mail and Docs. It’s scary to know that we can take the best precautions to protect our information, but once it leaves our hands, it’s out there. We have no accountability for the safety of our information that we put out in Cyberspace! But yet, we continue to do it more and more, at an alarming rate!

97% of Top 1,000 Orgs Suffer Credential Compromise

September 25, 2016 by Mengxue Ni 2 Comments

Digital Shadows has found that, for the largest 1,000 organizations in the world, there are more than 5 million leaked credentials. The company said in blog-for companies that were the victims of breaches, there are clear reputational, brand and financial implications. The breaches impacting the global 1,000 companies that most were heists at LinkedIn and Adobe-both services that employees can be expected to sign up to with their work accounts. The high level of corporate credentials in the 360 million stolen from MySpace. Gaming sites and dating sites also affected organizations.

The report also found that the UK is one of the most affected regions in the world-with an average of 9,000 average leaked credentials per company. Whilst many claimed breaches are often simply copies and reposts of previously leaked database this number is lower than expected-only around 10% of claimed breached credentials are duplicated.

Social media and BYOD are the biggest internal security threats for every organization because it is hard to control and monitor every employee. For LinkedIn and Adobe, I can understand why there is a high chance to get your work account from it. I was surprised that dating and gaming sites also threat organizations. One thing that I can think to mitigate the risk of leakage is warning your employees not to use their work account and email in any other website, not even for LinkedIn. Other than this, social media is still a great external threat for any organizations.

link: http://www.infosecurity-magazine.com/news/97-of-top-1000-orgs-suffer/

Portal Down, Quiz 4 Delayed

September 24, 2016 by Wade Mackey Leave a Comment

With the TU Portal being down until Sunday afternoon, the quiz will be setup for Monday and Tuesday.

Wade