-
Jason A Lindsley commented on the post, Week 1 Update, on the site 6 years, 9 months ago
Nice post Mustafa – Has anyone ever tried one of the Mirai scanners that are available such as this one?
https://www.incapsula.com/mirai-scanner/
The scanner checks ports 22(ssh)/23(telnet) to see if it can connect to any IoT devices. I gave this a try, but it did not scan successfully. I got the message “a device being scanned is infected…[Read more]
-
Jason A Lindsley commented on the post, Week 1 In The News, on the site 6 years, 9 months ago
These aren’t showing up as hyperlinks to me (ust plain text). Can you please confirm that we should be installing Windows 10 on VMWare Workstation 12 or VMWare Workstation 14?
I saw in the other thread that we are not going to be using Windows 7. Do the same instructions apply for windows, update Cygwin, Windows_LinkedPS_Scripts, and…[Read more]
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, March 22, on the site 6 years, 9 months ago
I’ve visited the Temple download site, but I’m not finding any of the Windows versions available. I’ve used this site several times to download multiple versions of Windows and office products, but I’m not sure why there are no Microsoft products available to me. I contacted support, but is anyone else having this issue?
Thank you,
Jason -
Jason A Lindsley commented on the post, Discussion Week 13, on the site 6 years, 11 months ago
This is a good explanation Donald. I liked your example of denying spam traffic from genuine traffic. Another example of where you may want to deny traffic without a response is when traffic is suspected to be generated from a botnet attack (e.g. denial of service or brute force credential attack). In those instances, I would want to discard…[Read more]
-
Jason A Lindsley commented on the post, Discussion Week 11, on the site 6 years, 11 months ago
Ahmed, I agree with your comment that this should be based on job function. Another key requirement that we learn about in Ethical Hacking and Penetration Testing is the requirement for written permission. Even those that are trained and experienced with using these tools (e.g. packet sniffers and password crackers) should formally obtain…[Read more]
-
Jason A Lindsley commented on the post, Discussion Week 8, on the site 7 years ago
I do think it is important to be prepared to respond to a pandemic event, however with any incident, it is important that you consider the likelihood of occurrence and the impact to the organization and to the IT department. While it seems unlikely, it is important to prepare for an event that could make your entire staff unavailable in a…[Read more]
-
Jason A Lindsley posted a new activity comment 7 years, 2 months ago
Hi class,
I’m Jason Lindsley and I live in Voorhees, NJ with my wife and three kids (ages 1, 5, and 6).I work full time for a financial institution and my expertise is primarily in softer skills (i.e. Technology Risk Management and Governance), however I really enjoy technical exercises and I have expanded these skills while working through…[Read more]
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 6 months ago
This article is about an attack devised by security researchers to access motion and orientation sensors using JavaScript code to server malicious code through HTML based iframe tags on legitimate sites. The […]
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 7 months ago
This article is about the heavy distribution Cerber ransomeware and how it has taken over Locky in the last three months of the top ransomware threat. Cerber is “ransomeware as a service” which allows novice u […]
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 7 months ago
Hi All,
I was finally able to get my wireless adapter to work. The following helped the most if anyone else has these issues:
Driver Installation
Latest Driver
You also may need to update the Linux […]
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 7 months ago
This is an interesting article on hackers combining their physical penetration skills with technical skills. Hackers were able to drill a whole the size of a golf ball next to the PIN pad and insert a wire to t […]
-
Drilling a whole the size of a golf ball next to the PIN pad and inserting a wire into it requires quite some physical efforts performance. This convinces me be to believe that this form of attack would be difficult to execute successfully if proper surveillance equipment is installed. But hey, hackers are figuring out to bypass whatever surveillance equipment certain banks have in place to do this, so there must be something more that should be done to combat this.
-
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, February 23, on the site 7 years, 7 months ago
Thanks for sharing! I’m glad I recently upgraded to 10.3. I didn’t realize that it addressed 83 vulnerabilities including this one. Good to know.
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
The security breaches that we posted about in 2016 resulted in a $350 million discount in Verizon’s purchase of Yahoo. It also resulted in Yahoo CEO being stripped of her 2016 annual bonus (up to $2 million). […]
-
They are at least trying to do something positive out of this unfortunate situation. It’s hard want to put blames on whoever in a situation like this for a company of Yahoo’s magnitude. Outsiders will never know and understand what really happened besides there was some sort of negligence, and as a result Yahoo got hacked. It’s complicated. It’s sad to see how Yahoo’s legacy summed up to what it is today.
-
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, February 16, on the site 7 years, 8 months ago
I feel like I need a full week off to change all of my passwords! Probably for the better though. There has been a major uptick in brute force password and account enumeration attacks using credentials obtained from breaches such as LinkedIn, Yahoo, etc. Probably a better time than ever to do a massive password update, especially to online…[Read more]
-
Jason A Lindsley posted a new activity comment 7 years, 8 months ago
Blockchain is really interesting technology and I’m very curious in how it will be implemented more broadly. Many folks refer to Blockchain as a trust protocol and expect it to be the most dramatic change in computing since the Internet because of the value it adds to the Internet.
This article was interesting because it focused on…[Read more]
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, February 9, on the site 7 years, 8 months ago
Glad you posted this Ioannis. I saw this earlier this week. It’s an interesting concept, but I imagine this would be really difficult to coordinate. Air-gapped systems also usually have very high physical security controls and are located in rooms with no windows or doors. This is a good reminder of the importance of these controls. The…[Read more]
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, February 9, on the site 7 years, 8 months ago
Interesting Bilaal – did you give this a try? I’d be a little concerned with downloading a program that makes your image vulnerable, but I guess that’s similar to installing Metasploitable.
-
Jason A Lindsley posted a new activity comment 7 years, 8 months ago
Hi Loi,
That sounds like an interesting call. I wonder what his actual motive was. Why do you think he asked you to call back a legitimate number? I would understand if he was asking you to call back a number that was routed to a malicious actor, but doesn’t make sense that he directed you to call back the real police!
I get calls from…[Read more]
-
Jason A Lindsley wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
Hackers compromised PC microphones using malware embedded in Microsoft Word documents. The attack targeted companies in several industries, including critical infrastructure, news media, and scientific research. […]
-
Jason A Lindsley commented on the post, Happy Birthday SNL // the typists from the Carol Burnett show, on the site 7 years, 8 months ago
I’m not surprised that charging stations with USB outlets are at risk, but I’m not clear from this article if traditional outlets could also be used to hack your phone. The article recommends using your own portable USB battery pack, but if you have your own USB cord and plug, are you really at risk if you plug this into a traditional wall outlet?
- Load More