@mengqi-he
Active 7 years, 2 months ago-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 5 months ago
Metasploit Analysis
Metasploit Analysis PPT
Webgoat Exercise
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 6 months ago
A newly released Dell End-User Security Survey showed that even employees with information security education and training could engage in risky security practices. According to the survey, a good news is that 76% […]
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 6 months ago
This week, OWASP released a working draft of its latest OWASP Top 10 vulnerabilities list. This is the first time that changes were made on this industry benchmark list in four years, even though many of the […]
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 7 months ago
Pwn2Own 2017 contest, an annually computer hacking contest, has ended in March 17. During the three-day contest, Google Chrome remained unscratched; Mozilla Firefox fell once; Apple’s Safari was taken down f […]
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 7 months ago
New RF Transceiver extension for the Metasploit Hardware Bridge API now is available for organizations to detect and scan wireless IoT devices operating outside the standard 802.11 specification. The new extension […]
-
Thank you Mengqi for this article. I believe this Metasploit extension is a crucial step towards improving IoT security. Pen-testers and companies should take full advantage of this to stay a couple steps ahead of the bad guys.
-
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
Recently, the whistleblower website WikiLeaks publicly leaked 8,761 documents purportedly containing highly confidential information on the CIA global hacking capabilities and malware arsenal. The data dump was […]
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
In a recent report, Rapid7 found that two thirds of penetration test engagements were not discovered at all by the organization being tested. The detection rates were nearly identical between large and small […]
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
New research found that the pitch and speed human voice would likely change over a period of several months and years, and therefore voice biometrics might not be considered as adequate evidence for authentication […]
-
Interesting article. I’m not really surprise that an individuals voiceprint changes over time. I can usually guess whether I’m talking to an older person or a younger person on the phone. Sometimes I’m fooled. Either way, I agree this isn’t a great form of biometric security. It might be helpful in identifying any individual, but I would not rely on this alone for authentication.
I was surprised that men’s voices change more than men and thought it was interesting that this change is due to muscle fatigue. Us men need to shut our mouths I guess!
-
Great post Mengqi! I’m going to conduct a research to find out how reliable is this claim. I currently use several devices from which I set voice recognition as one of the authentication methods. Also, I am using a banking service that allows account access via voice recognition. I recently enabled this feature, so I am anxious to verify how accurate is this claim. Thank you for the heads up.
-
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
At the recent RSA Conference, Trend Micro researchers presented the result of their investigation data on exposed cyber assets in the top 10 largest US cities by population. They found tens of thousands of […]
-
Hi Mengqi,
Great post and very informative. Because we are in the cyber security profession and are security focused, it is easy to forget how many systems remain at risk for trivial reasons such as default or weak passwords. The IoT has definitely added to the number of exposed systems exponentially, I was also a little surprised at the issues with the firewalls, as often times these are the main line of defense for networks. It goes to show that more often then not, production drives our society, and the desire to get products,devices, etc on the market as fast as possible often results in products released with vulnerabilities that can expose sensitive networks.
-
-
Mengqi He wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 9 months ago
Based on their two-year studying on cybercrime forums, IntSights and RedOwl recently released a report on how hackers recruited and worked with insiders with access to corporate networks. Recruitment of insiders […]
-
Mengqi He posted a new activity comment 7 years, 10 months ago
D14.1:
It’s important to comply HIPPA to protect patient information and privacy. However, I don’t think it is necessary to regard HIPPA as the top priority in a emergency room (ER). The ER is one place where unpredictability is the norm, saving lives should always be the main priority, and HIPPA compliance should be considered as the sec…[Read more] -
Mengqi He wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Researchers from the UK’s Newcastle University have developed a so-called Distributed Guess Attack that essentially circumvents all security features for protecting online payments to steal card number, CVV and e […]
-
Mengqi He posted a new activity comment 7 years, 11 months ago
In the presentation, we see that there are two actions when not passing traffic… We can reject or deny. What is the difference between these? When might you use one or the other?
When receiving a data packet, firewall mechanism gives two options: reject or deny. The reject option will block the traffic and notify the source that the d…[Read more]
-
Mengqi He posted a new activity comment 7 years, 11 months ago
1. What is buffer bloat, and what does it have to do with TCP?
Bufferbload is jitter and high latency in networks due to excess buffering of packets. It reduces the overall network throughput and is a common cause of poor performance and congestion collapse of networks, especially for TCP. The problem is that the TCP congestion avoidance…[Read more] -
Mengqi He posted a new activity comment 7 years, 11 months ago
I think IT professionals in an organization should be authorized to use these security tools but segregation of duty, background scan, appropriate training and ethical guidelines are also necessary for them. These security tools are usually used by security professionals to protect and recover systems, data and networks, and detect vulnerabilities…[Read more]
-
Mengqi He wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
burp-proxy-analysis-for-barnes-noble-ppt
burp-proxy-analysis-for-barnes-noble-summary
-
Mengqi He wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Recently, researchers at Israel’s Ben-Gurion University have devised a way to turn any computer into an eavesdropping device by surreptitiously getting connected headphones or earphones to function like mi […]
-
Mengqi He wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
In a recent Computop report, a survey of over 1,900 consumers in the US and UK indicated that 71% of consumers would check that SSL certificates of ecommerce sites they shopped, and 61% would check the liability […]
-
Mengqi He posted a new activity comment 7 years, 11 months ago
BYOD is an increasing trend toward employee-owned devices within a business. BYOD increases productivity and flexibility through allowing employees to work using their familiar devices outside of workplace, and also lowers company’s acquisition costs. However, it also brings security issues such as data breach. For healthcare organizations, BYOD p…[Read more]
-
Mengqi He wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
A recent research found gaping security holes in several SuperPAC public websites that may expose personal information of donors and other sensitive data. These vulnerabilities range from weak or nonsexist […]
- Load More
