-
Scott Radaszkiewicz wrote a new post on the site MIS 5212-Advanced Penetration Testing 7 years, 8 months ago
Link to Article: Click Here
An Australian Hotel was hacked and their electronic key card system was compromised. The hotel admitted to paying $1,600 US in bitcoins to unlock doors. The hackers gained access t […]
-
Scott Radaszkiewicz posted a new activity comment 7 years, 10 months ago
In the presentation, we see that there are two actions when not passing traffic… We can reject or deny. What is the difference between these? When might you use one or the other?
Most firewalls today support the ability to either reject or deny traffic. If a Firewall is set to Deny, also referred to as Drop, then the Firewall will discard t…[Read more] -
Scott Radaszkiewicz posted a new activity comment 7 years, 10 months ago
Nice summary Arkadiy. It’s a bit funny, I was going to to Philly.com for my assignment too, but decided to stick with the company that I researched in the first two assignments. I did do a Burp Suite analyis of Philly.com for fun and found much of what you did. And I think many of us who did this on Windows 10 were amazed at the traffice to…[Read more]
-
Scott Radaszkiewicz posted a new activity comment 7 years, 10 months ago
Good article. Of course, after the latest round of attacks, everyone is worried about their IP enabled devices, such as cameras. I have many IP enabled devices, including cameras in my work place. Because of dumb luck, or genius, even with vulnerable software, we are ok. When we setup our network, we reconfigured separate VLAN’s for…[Read more]
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 10 months ago
Click for Article
Fresh off the heals of another Linux vulnerability discovered about a month ago, another flaw has been discovered. CVE-2016-8655 is a flaw that could allow a local user to gain root access […]
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 10 months ago
Executive Summary
PowerPoint Presentation
-
Scott Radaszkiewicz posted a new activity comment 7 years, 11 months ago
Really interesting article. I think with all the hacking of accounts in the past few years, some form of two factor authentication is going to become the common standard. Single Sign on just isn’t going to cut it as hacking gets more sophisticated and data becomes more sensitive. Bio metric authentication is great, but I think a key factor…[Read more]
-
Scott Radaszkiewicz posted a new activity comment 7 years, 11 months ago
I have used Shazam for years and I never even thought for a second that it would leave the mic open for recording, even if I was not using the app. It’s scary to think how much of our life is being invaded by the technology that we use to make it easier.
I can only assume that this was unintentional by Shazam, because of their expression to…[Read more]
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Article Link
Just to prove again that nothing is safe in this world, the Google Pixel Phone and Microsoft Edge were both hacked in less than a minute each in hacking competitions.
Google Pixel was hacked by […]
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
I found this to be very interesting. A very good interactive tutorial on how SQL injection works.
Click Here
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Click for Article
Two new security vulnerabilities have been found in MySql, an opensource database management system. MySQL is extremely popular and is listed as the #2 world’s most popular database.
One […]
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Executive Summary
Presentation
Video
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Click for Article
This article is about a flaw in iOS 10 which allows the execution of malicious code if your view a JPEG, font files or PDF file through a website or email. The good news is that Apple has […]
-
Thanks for sharing Scott. I updated to iOS 10.1 yesterday. Glad to see that this was addressed in that update. It’s interesting that mobile malware following the same trajectory of desktop malware and is starting to mature. I think a lot of this is due to nation state actor investments in these activities and subsequently leaking their efforts (intentionally or unintentionally) to other actors.
-
Mobile OS’s are also now just as important as Desktops since many people many not even use a desktop anymore so the malware developers are going to be focusing on mobile platforms.
-
-
-
Scott Radaszkiewicz commented on the post, 'Root' Of More IoT-Based DDos Attacks, on the site 7 years, 11 months ago
This DDoS attack has to make you think. Hackers are always one step ahead of the security. Organization spend resources to keep devices secure, and don’t even think about some of these things that were used in this attack. We can do the best we can, but must always be prepared to deal with a breach or hack. It’s inevitable.
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Article Link: Click Here
This article explains how researchers from the University of Pennsylvania, INRIA, CNRS and Universite de Lorraine have proven how the NSA broke the Diffie-Hellman key exchange […]
-
Its a great article which even now strengthens the point that why RSA and Diffie-Hellman cryptography method may soon see the slowdown in their usage across industries .Its security relies on the fact that factoring is slow and multiplication is fast.Specialized algorithms like the Quadratic Sieve have been created to tackle the problem of prime factorization and have been moderately successful. These algorithms are faster in finding out prime no
These factoring algorithms get more efficient as the size of the numbers being factored get larger. The gap between the difficulty of factoring large numbers and multiplying large numbers is shrinking now.So RSA is not the ideal system for the future of cryptography. -
Nice article Scott. 22% of the top 140,000 sites use 1024-bit keys despite the fact that NIST has been recommending 2048-bit keys since 2010. That’s quite astonishing!
The SSL pulse survey referenced in this article appears to aggregate the information and does not provide specific sites that are weak. I think the vulnerable sites will be published. Also, our browsers should alert us when we are using sites that have 1024-bit keys for SSL encryption.
-
What I find interesting is that by doubling the bits its actually 16 million times harder to decrypt. I think the slow switch has to due with understanding the raw computer power required to take down a 1024 bit key. 3,000 cpus like an i5 would cost about 600,000 dollars, not factoring in the facility, staff, and power costs to run them for 2 months. If someone wanted to break into your stuff and they had that much cash, they could probably bribe their way into your organization.
-
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Article Link: Click for Article
This article is about Yahoo building a software program that would secretly scan users emails, and this was done at the request of a US intelligence officials. This was done i […]
-
Thanks for the post Scott,
Your last statement make it very clear, don’t digitized anything that you don’t want nobody to see. For consumers using digital applications, they have to make the choice between their privacy and their convenience. It is a decision that should not be taken lightly, but more often than not, people download and install applications without a second thought to their privacy. Just remember that in the digital age, nothing is ever truly deleted.
-
Thanks for sharing this new, Scott! Yahoo is suffering from the data breach crisis now. If this is confirmed to be true, I think they won’t be able to get through it, they may become bankruptcy. I know there are couple companies interested in making an acquisition of Yahoo.
-
-
Scott Radaszkiewicz commented on the post, N.S.A. Contractor steals confidential information., on the site 8 years ago
Brent, this just goes to show you that no matter how safe you are with securing, or attempting to secure, information, the number 1 risk is people. While screenings and background checks can help, there is no sure fire way to ensure people won’t do unethical or illegal things.
-
Scott Radaszkiewicz commented on the post, Reconnaissance Presentation on Cabela's Inc., on the site 8 years ago
AS/400 has been replaced by the IBM Power Solutions since 2008. So I’m hoping that Cabelas is at least up with the latest IBM technology. Either way, it tells me they have been around for a long time, and collecting data for a long time! So, thinking like a hacker, they have YEARS worth of data for me to exploit!
-
Scott Radaszkiewicz wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Weblink: Qubes OS
So, the Hacker news reported that Qubes OS 3.2 has been released. So, I have never heard of Qubes OS, so I figure I better take a peek and see. Basically Qubes OS is an operating system th […]
-
This is pretty interesting and really cool Instead of having to manage multiple VM machines, I guess this OS manages it for you. I will definitely check this OS out. Regarding isolation, what you said make sense. It will always be a cat-and-mouse game when it comes to cyber security. Maybe the best thing to do is just isolate and mitigate as much damage as possible.
-
-
Scott Radaszkiewicz posted a new activity comment 8 years ago
Hi Mengqi, it’s amazing how organized crime can be. It’s not crime to them, it’s a business. Being in the IT field I always new how vulnerable we were to crime. You do what you can to prevent it, but unfortunately, it’s part of doing business. IF we want to bank online, we have to realize that fraud is going to happen. But it’s not ever…[Read more]
- Load More