-
Mauchel Barthelemy posted a new activity comment 8 years ago
Mengqi – It is a good sign to see several big players from the IT industry are joining forces for a common cause. I perceive this as one of the best strategies to overcome cyber threats. IT Security is such a difficult hurdle that joining forces alone is insufficient; however, constitutes of a good first pawn against hacking. You mentioned that…[Read more]
-
Mauchel Barthelemy commented on the post, Volkswagen and former members of Israeli intelligence agency form automotive cyber security firm, on the site 8 years ago
This is a good initiative, but also a part of Volkswagen’s campaign to repair its image and reputation after being under fire regarding the emissions scandal. It’s a good sign that cyber security is already considered as an area of focus for car companies. Internet-connected and driver-less cars will inevitably become mainstream in the near…[Read more]
-
Mauchel Barthelemy commented on the post, Is port scanning illegal?, on the site 8 years ago
I agree with you Jon. I don’t believe port scanning neither should be illegal nor would otherwise be one of the best solutions against hacking. In the above example, Ryan explained that home owners would not be happy that a stranger shows up at their door steps to check whether doors are properly locked. On way to combat that is to install…[Read more]
-
Mauchel Barthelemy wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Apparently, the latest development on the Wells Fargo controversy takes interesting new twists.
Last Tuesday (9/20/16), John Stumpf, CEO of Wells Fargo, spoke to the Senate Banking Committee to apologize for […]
-
Mauchel Barthelemy posted a new activity comment 8 years ago
I know Marissa Mayer, current CEO of Yahoo, must be asking herself, “What did I get myself into?” I love Yahoo, but it is sad to see what is happening to the company. Yahoo simply failed to innovate the right way. They lost focus on who they are and the direction they should have taken. I believe Yahoo would have been in a much better place had…[Read more]
-
Mauchel Barthelemy wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Reconnaissance Report of ForManMills
Scope:
Reconnaissance is the first crucial step to launch a successful hacking attack. It enables an attacker to become familiar with basic, or not so basic […]
-
Mauchel Barthelemy commented on the post, Federal Judge: Hacking Someone's Computer Is Definitely a 'Search', on the site 8 years ago
It is difficult to have an absolutist view on this Privacy vs Security controversy. I believe this is something that must be done in a way that is fair for all parties involved. Should companies like Google, Samsung or Apple create a back door specifically for law enforcement? Probably yes, probably no. If they do, then hackers will figure out a…[Read more]
-
Mauchel Barthelemy commented on the post, Cybersecurity: Two-thirds of CIOs say threats increasing, cite growth of ransomware, on the site 8 years ago
Thanks Jason. I find this hard to believe too the fact that most companies facing Ransomware rush to make payments. This shows how unprepared even certain big organizations are or how poorly they are managing their IT risks. Hopefully this is a wake-up call to all companies to better prepare for these types of attacks. It’s time re revisit, update…[Read more]
-
Mauchel Barthelemy commented on the post, Google Launches Android Hacking Contest, on the site 8 years ago
Nice article Roberto and I agree with Natalie Silvanovich. Additionally, a similar approach can be emulated to combat ransomware. This is a solution that can invite and encourage hackers to work with companies from all industries in an effort to minimize unethical hacking. Especially, companies in the healthcare and financial industries should…[Read more]
-
Mauchel Barthelemy wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Over the past few years, it is no secret that Malware, Denial of Service Attacks and Zero Day Exploits have been among the most popular ways hackers launch cyber-attacks. Also, as cyber threats is becoming a more […]
-
Good articles Mauchel. Ransomeware is one of the top and emerging risks at our organization as well.
I recently read the article below from Krebs on Security. Not only is the frequency of ransomeware increasing, but the financial demands of the attackers are also increasing. This article also supports the position that ransomeware attacks are shifting from “opportunistic” campaigns (using general exploit kits) to more targeted campaigns (e.g. spear phishing).
It does amaze me how some companies simply pay these ransoms because they do not have the appropriate controls in place to mitigate the risk of ransomeware. For example, in the Krebs article, one company quickly made payments of $600 in bitcoin because “the data on one of the infected systems was worth millions — possibly tens of millions — of dollars, but for whatever reason the company didn’t have backups of it.”
No backups….what?!? This is security 101!
Here’s a link to the related article:
http://krebsonsecurity.com/2016/09/ransomware-getting-more-targeted-expensive/
-
Thanks Jason. I find this hard to believe too the fact that most companies facing Ransomware rush to make payments. This shows how unprepared even certain big organizations are or how poorly they are managing their IT risks. Hopefully this is a wake-up call to all companies to better prepare for these types of attacks. It’s time re revisit, update or improve some Enterprise IT Architecture policies.
-
Mauchel,
Great article! Ransomeware has definitely been more relevant over the last few years, especially with untraceable payment methods such as bitcoin. It makes it possible for hackers to encrypt a company’s data and essentially get paid to give up the decryption key. Most companies will pay the ransom just to restore operations as quickly as possible. Although some companies may have complete back-ups, the time to get back up and running will cost more than the ransom being asked for. In the case of the Hollywood Hospital, they paid almost $17,000 to have their systems up and running again. This hackers could essentially exploit the same security flaws and hold them for ransom daily.
-
-
Mauchel Barthelemy commented on the post, Hacker-Friendly Search Engine that lists Every Internet-Connected Device, on the site 8 years ago
Thank you Scott for bringing this to our attention. I will play around with this tool to see what I may be able to find. There are so may tools out there that people can utilize for “Pentests,” it would require a great deal amount of time to know which is really better than another.
-
Mauchel Barthelemy commented on the post, Hacker making up money by revealing client vulnerability through stock market, on the site 8 years ago
Bilaal,
This act becoming a more common practice is the first thing that strikes my mind as a concern. This would not be a good way to commercialize cyber security because it would invite hackers to explore this idea deeper and probably exploit it in a way in their own benefit. For example, they may infiltrate a system, create multiple back…[Read more] -
Mauchel Barthelemy commented on the post, 911 could face its own emergency: Hackers, on the site 8 years, 1 month ago
Roberto – That’s a very interesting article. I think Cyber Security is a bit underrated due to its potential to cause catastrophic consequences. This is one of the reasons I got into this field to hopefully help raise the awareness of a myriad of threats and risks. North Carolina’s appointed officials should take this seriously and implement a…[Read more]
-
Mauchel Barthelemy commented on the post, 5,300 Wells Fargo employees fired over 2 million phony accounts, on the site 8 years, 1 month ago
This is definitely more than a wake up call for WF. On thing I know is that there are always another side to the story. We shall see how this is going to develop. WF’s image will take a big hit regardless the nature or direction of the new twist. A positive way to look at it is that how do we know multiple other banks don’t have something similar…[Read more]
-
Mauchel Barthelemy wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
As often discussed, a company’s most critical threat is no other than its own employees. IT Security threat is most likely to come from within whether it is negligence, honest mistake or intentional wrongdoing. A […]
-
Hello Mauchel/class- This type of situations are completely outrageous. I can’t believe Wheels Fargo didn’t noticed about this nation-wide scam before, let alone getting rid of only 5300 people.
I am so glad that i don’t have this as my bank but we should look close to those we have businesses with and see of something like this or similar already happened and how we can prevent it from happening again.
Have a great weekend all.
Thank you,
Roberto.
-
Wow, one and a half million dummy accounts, over $400,000 in fees, and 5300 employees. How can a bank of this magnitude have such weak internal controls. Knowing that this bank has so much control over a person’s financial record is outrageous. Opening bank accounts and credit cards requires some very sensitive information like SSN, and driver’s license number, and with the bank being able to do it without a customer’s intervention is identity theft on a grand scale. This is exactly why I never bank with them constantly monitor my credit and financial information on a regular basis.
-
This is definitely more than a wake up call for WF. On thing I know is that there are always another side to the story. We shall see how this is going to develop. WF’s image will take a big hit regardless the nature or direction of the new twist. A positive way to look at it is that how do we know multiple other banks don’t have something similar going on and incapable to even uncover that? At least WF develops some sort of effort to do so.
-
This is really shocking. If Wells Fargo couldn’t protect their company internally, how could we trust them to control our capital? This will definitely affect WF’s reputation and financial. 5300 employees fired over 2 million phony accounts, who knows 5300 are all the people involved, if there are still some people left in the company they can continue to do the same thing. I don’t know how they going to fix this, but it will be a serious crisis for Wells Fargo.
-
I used to have a Wells Fargo account, but because they charged me 2 bogus fees I ended up closing the account. What Wells Fargo did is nothing short of stupid. However, I am not going to blame the actual employees that did this. I will blame the lack of IT controls, ethics, and low morals that this company promotes.
These kind of issues start at the top. Many of these employees were pressured by management to meet quota for account openings. In order to save their own jobs, they had to resort into opening these phony accounts. As taken from article below: “Managers constantly hound, berate, demean, and threaten employees to meet these unreachable quotas,” and “When I worked at Wells Fargo, I faced the threat of being fired if I didn’t meet their unreasonable sales quotes every day,”
Obviously, the company culture is the biggest problem here.
http://theweek.com/articles/647873/mindblowing-stupidity-wells-fargo
-
I am wondering how this could be done without anybody noticing this. When I saw this on the news I was shocked that this was happening. If they have individuals make phony bank accounts, then how can we have faith in them to protect our money.
-
I won’t comment much on this since I work in the financial industry, but I will suggest you look up Enron. I have a friend who was an Enron energy trader and from what he has said and what I’m reading now there appear to be some similarities.
Wade
-
This to me almost sounds like a bad policy that was put in place and was interpreted in a way that people found a way to make money for themselves in the way of bonuses. What the article did not mention was how much money they made by moving the money vs fees for insufficient funds and overdraft fees. 200M in fines vs ?. Some businesses are greedy enough to say catch me if you can.
-
-
Mauchel Barthelemy posted a new activity comment 8 years, 1 month ago
Ahmed,
This is a classic example of one of this week’s readings where an organization fails to apply its due diligence to properly vet business partners. As it is stated it SANS’ article, “Using Open Source Reconnaissance Tools for Business Partner Vulnerability Assessment,” IT security is not only about aligning an organization with the most so…[Read more] -
Mauchel Barthelemy posted a new activity comment 8 years, 1 month ago
Wade,
I agree with that to a certain extent. I am sure most of these type of companies would restrict remote employees to do so; however, a good portion of them would simply give you a VPN access and advise to be careful the WiFi network you are is using. -
Mauchel Barthelemy wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
It becomes a common approach for many large organizations to allow people to work remotely. In fact, companies from industries such as: IT Health Care, Manufacturing, Finance etc. have adopted this method to give […]
-
Mauchel Barthelemy posted a new activity comment 8 years, 5 months ago
I am Mauchel Barthelemy and I am holding a bachelor degree in Management Information Systems (MIS) from Temple University. I reside in Northeast Philadelphia, but I am originally from Cap-Haitian, Haiti. Also, I am fluent in two languages in addition to English, Creole and French. Moreover, I am attending graduate school at Temple’s Fox School o…[Read more]
-
Mauchel Barthelemy changed their profile picture 9 years ago