-
BIlaal Williams posted a new activity comment 8 years ago
I believe the business climate enables cyber-security awareness that lacks actual practice. To the non-technical business person, in my experience it seems that cyber attacks remain a somewhat mythical thing, even though news reports continue to surface daily about new hacks. Until the company is actually victimized, many business practitioners…[Read more]
-
BIlaal Williams posted a new activity comment 8 years ago
My very first experience with Linux was in my first programming class using my temple Unix Astro account. At first it seemed very confusing and I was totally unaware of the power and customizability it had. As I continued to explore the OS I began to appreciate it’s possibilities. When I became interested in pentesting and downloaded the kali…[Read more]
-
BIlaal Williams commented on the post, WordPress user enumeration hacking, on the site 8 years ago
Thanks Ryan..I run a couple of WordPress sites and checked it, sure enough my username popped up. This is great info and I’ll be adding that php code asap!
-
BIlaal Williams wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
This paper summarizes a year’s worth of credential scanning data collected from Heisenberg (Breaking Bad fan’s anyone?), Rapid7’s public-facing network of low-interaction honeypots. Instead of focusing on the pas […]
-
BIlaal Williams commented on the post, “FAA Advisory Body Recommends Cybersecurity Measures”, on the site 8 years ago
Due to the high risk involved and the importance of technology in the aviation industry I’m actually surprised that these measures haven’t already been taken. That being said I’m definitely glad that the aviation industry is aware of the significant impact cyber-related issues could have and are taken the necessary steps to help mitigate these…[Read more]
-
BIlaal Williams wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
executive-summary
-
BIlaal Williams changed their profile picture 8 years, 1 month ago
-
BIlaal Williams commented on the post, Hacker-Friendly Search Engine that lists Every Internet-Connected Device, on the site 8 years, 1 month ago
Right, thanks Scott..this is a great tool. I like how it lists the protocols and ports that are being used.
-
BIlaal Williams commented on the post, Hacker making up money by revealing client vulnerability through stock market, on the site 8 years, 1 month ago
Interesting article..It will be interesting to see if this becomes a more common occurrence and if so, how will the SEC respond? As the article says, the idea that something like this would happen has been mentioned in security conferences for several years but this is the first “mainstream” occurrence. Since the findings were found by an outside…[Read more]
-
BIlaal Williams's profile was updated 8 years, 1 month ago
-
BIlaal Williams commented on the post, How much of a risk is BYOD to network security?, on the site 8 years, 1 month ago
I can definitely see how BYOD would be a cost saver for businesses as long as the opportunity cost associated with increased vulnerability to your network is not too high. The more sensitive information the user is requesting access to, the more tricky the situation when handling BYOD. Restricting access to a specific subnet, and limiting access…[Read more]
-
BIlaal Williams posted a new activity comment 8 years, 1 month ago
That definitely makes sense, according to the article, the FBI actually encourages victims to pay the ransom in most cases. So it really is a catch 22..and as you stated the more sensitive information , the more important it is to re-gain access to the data as soon as possible. Along with preventative measures and controls, I’m hoping that sites…[Read more]
-
BIlaal Williams wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
This is an interesting article which talks about 7 cases where compromised ransomware victims paid to regain access to their data. The victim’s vary from police department’s to a Nascar race team. Payment was made […]
-
I totally agree with your statement that paying the ransom will “encourage more ransomware campaigns..” However, I remember reading an article a few months back where a hospital”s information system was basically held hostage until a ransom was paid. It is one thing if a company like Target experienced a data breach, but it something entirely different when we are dealing with a life and death situation in the case of the hospital IT system being non-functional until a ransom is paid. In this case, I can understand where paying the ransom makes sense. However, like you said, in order to avoid these types of situations, there needs to be more awareness for the employees in terms of the security of their systems. There should also be controls in place which considers these types of issues.
-
That definitely makes sense, according to the article, the FBI actually encourages victims to pay the ransom in most cases. So it really is a catch 22..and as you stated the more sensitive information , the more important it is to re-gain access to the data as soon as possible. Along with preventative measures and controls, I’m hoping that sites such as ‘No More Ransom’ can provide additional assistance to victims and help to mitigate ransomware campaigns.
-
Bilaal, thanks for the post.
I just read on ZDNet that ransomware is now the biggest cybersecurity threat mainly because it uses simple attack and the willingness of its victims to pay to unlock their files. This willingness makes it more profitable for cybercriminals to use ransomware for a quick profit. Even the FBI encourages victims to just pay. This is definitely not the best way to battle against these types of attacks. Even if the attackers gave you the key to unlock your files, they have already infiltrated your network and probably have a back door to your systems. What’s to stop them from locking it again?
-
-
BIlaal Williams wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
Hi all,
I found this video on Lynda.com and it’s a pretty good tutorial on configuring a cisco switch and setting up VLANs. It’s not long and broken up into short segments. Definitely helped me with […]
-
BIlaal Williams joined the group Fox MIS Developers 8 years, 9 months ago
Perhaps the real question is why is it legal for regular people to access such tool without being registered. Accessibility plays a big part of the problem. Major corporations that are licensed and government officials should have access to these type of technologies. Other security professionals would need to be registered to use these tools.