-
Mengxue Ni commented on the post, Malware disguised as Pokemon Go Help in Android App, on the site 8 years, 1 month ago
I played Pokemon Go for a while, and I downloaded another app that could help me to find the exact position and Pokemon. I think I read another article coupe days ago, it also mentioned Pokemon Go was a major game that hackers used to spread malware. It is a very popular game now, and players all want to get better Pokemons. Therefore, a lot of…[Read more]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
Russian Hackers Leak Simone Biles, Serena Williams Medical Records
A Russian APT group known as Fancy Bear has leaked confidential medical information for US Olympic gymnastics star Simone Biles as well as Serena Williams.
The documents don’t show that the athletes “doped”. They do suggest Biles has ADHD and takes medication for that, and t…[Read more] -
Mengxue Ni wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
Distributed denial of service attacks are on the rise, even as attack volume falls. According to the article, total DDoS attacks increased 129 percent in Q2 2016 from Q2 2015, and during the second quarter, Akamai […]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
Definition: Information risk profile is an evaluation of organization’s willingness (usually rated in high, moderate and low) to take risks, as well as the threats to which an organization is exposed.
How to use: A risk profile is important for determining a proper investment asset allocation for a portfolio. Organizations use a risk profile a…[Read more]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
Using authentication services outside our organizational boundaries will come along with several concerns:
Easy to be hacked if hacker obtained one combination of password and username-bad practice to use the same password and username on all our various web services. It is also dangerous to let one password and username combination unlock all…[Read more] -
Mengxue Ni commented on the post, Question for this week, on the site 8 years, 1 month ago
NSO Group which created the malware crossed the ethical line because they sold the malware to anyone who is willing to pay. For this kind of IT Security companies, there should be a regulation or law sets up for who and where and why they can sell malwares. As people are always saying, if power goes to wrong place, it will be tragedies. In…[Read more]
-
Mengxue Ni commented on the post, Obama signs two executive orders on cybersecurity, on the site 8 years, 1 month ago
This new was all over the internet. It seems like Obama starts to pay attention on cyber crime after what happened to Hilary Clinton. For short term, they should worry about if hackers attack on election day. For long term, they need to prepared for cyber way because nowadays information is more valuable than anything else. It is great to see…[Read more]
-
Mengxue Ni commented on the post, Oh, It’s On Sale! USB Kill to Destroy any Computer within Seconds., on the site 8 years, 1 month ago
In the past, USB drives are always a device that help virus or malware to get in our computers. This is a $50 USB destroys a $1000 computer. I would say let’s not use USB anymore. Cloud is more convenience and safer to use. Cloud’s password may be breaching too but it won’t destroy your computer at least. Personally, I think USB is old technology…[Read more]
-
Mengxue Ni commented on the post, 5,300 Wells Fargo employees fired over 2 million phony accounts, on the site 8 years, 1 month ago
This is really shocking. If Wells Fargo couldn’t protect their company internally, how could we trust them to control our capital? This will definitely affect WF’s reputation and financial. 5300 employees fired over 2 million phony accounts, who knows 5300 are all the people involved, if there are still some people left in the company they can…[Read more]
-
Mengxue Ni commented on the post, 911 could face its own emergency: Hackers, on the site 8 years, 1 month ago
We posted same thing! Roberto. But the article I looked at missed the North Carolina research part. I think this should be a issue that PCC should take a serious look at because DDoS attack is relatively simple and 911 is so important that related to people’s lives. They should hire experts to implement call firewalls and figure out some solutions…[Read more]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
Yelp Launches Public Bug Bounty
Yelp is well known as search engine for local business, restaurant and hospitality reviews and tips. Starting today, the door will open to researchers and bug-hunters who are invited to participate in Yelp’s public bug bounty. The company has, for two years, participated in a private bounty program with H…[Read more]
-
Mengxue Ni wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
According to researchers at Israel’s Ben-Gurion University, they have discovered a way to disable the emergency system across an entire state for an extended period using a telephony denial of service (TDoS) a […]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
What are the 3 types of risk mitigating controls? Which is the most important? Why is it the most important?
1. Preventive—some of the best controls prevent fraud, theft, misstatements, or ineffective organization functioning. For example, the effectiveness of segregation of duties to prevent fraud. Preventive controls can be as simple as l…[Read more] -
Mengxue Ni commented on the post, Progress Report for Week Ending, March 1, on the site 8 years, 1 month ago
It seems like there is a rule that when things become easier, it also comes with more risk. Allowing people to work remotely helped some employees who had special situation and retained valuable employees. However, it comes with some risk of information leak. It will be better if organizations reminds employees not to work in public. Starbucks is…[Read more]
-
Mengxue Ni commented on the post, Progress Report for Week Ending, March 1, on the site 8 years, 1 month ago
I like what you have done with the student who broke into the teacher’s account and showed how good he was, Scott. In the article, students hired hackers to help them to change their grades which sounded fashion to me. In my mind, cheating is just copying others’ work, asking people to take exam for you and etc. I also agree with Wade that even…[Read more]
-
Mengxue Ni commented on the post, Progress Report for Week Ending, March 1, on the site 8 years, 1 month ago
Thanks Loi for posting this interesting article. Passwords are made to protect our information, but it also becomes a problem for some people. Usually, people like using same password for everything because it is easy to remember and use. However, we always have a time that we need other people to enter the password for us. In this way, other…[Read more]
-
Mengxue Ni commented on the post, Progress Report for Week Ending, March 1, on the site 8 years, 1 month ago
This is an interesting article, Ryan. I don’t use Dropbox often but I do use google drive as my primary document backup. I worried about the data breach at the beginning, but it is so easy and convenience to use. So I just forgot about the risk. It is shocking that only one password can allow hackers to do this much. Firewall is not the only thing…[Read more]
-
Mengxue Ni wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
I believed everyone had heard more or less about that Hilary Clinton’s computer systems were hacked about two months ago and about 20,000 emails from top Democratic National Convention (DNC) officials were l […]
-
Mengxue Ni posted a new activity comment 8 years, 1 month ago
Information security is not just a technical problem anymore. It is a technical and business problem that the entire organization must frame and solve. Data breach has become a significant security risk to all business. I have done a case study of Home Depot data breach in 2014 which could be the largest breach after Target. They detected the…[Read more]
-
Mengxue Ni commented on the post, Weekly Question #8: Complete by November 2, 2017, on the site 8 years, 6 months ago
This course gives me a good understanding of the relationship between supply chain and technology. It is difficult to find the right position for technology in a company, but there is always a place for it. All the cases that we have read help me to learn how supply chain can changed by technology and vice versa. Reading all the cases are very…[Read more]
- Load More
One thing the article didn’t discuss is that DDoS protections are getting much better. So yes, there is a lot of growth in DDoS, but it is getting less and less effective as companies adopt DDoS protection systems. Akamai is one of the major suppliers of this service.
Wade
It is interesting to consider the race in DDOS power vs. DDOS protection. I think DDOS volume being down is at least a good thing since multiple companies are popping up to help defend companies. There is a danger of this becoming a protection racket however.
The bad news is as we require faster connections and shorter latency times, DDOS protection gets exponentially harder. DDOS protection for static websites are easy for services like Akamai but protecting things like gaming servers or even live financial data may be extremely hard.