@shain-r-amzovski
Active 3 years, 6 months ago-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
victory-burp-suite-presentation
victory-burp-suite-executive-summary
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 11 months ago
Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware. Locky arrived on computers via a “malicious macro” in a Word document. Locky has now spread to social media sites such as Face […]
-
Shain R. Amzovski posted a new activity comment 7 years, 12 months ago
Policies and Procedures need to be in place to address the concerns of BYOD in the medical industry, specifically doctors carrying around their own devices, and the possibility of a violation of HIPPA. For instances such as this, specific software and a BYOD policy must be in place for employees using their own device. For example, an IT team…[Read more]
-
Shain R. Amzovski posted a new activity comment 7 years, 12 months ago
I agree with everyone who has commented thus far. These tools are critical to helping a Security team, or audit team conduct penetration testing to ensure that the network is secure. As stated above, they should only be used by the Security Team, and only with the permission of the company. No employees should use these tools without notifying…[Read more]
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
This article discusses how the IoTs have been being used in botnets created by malware to attack companies. The FBI warns that new attacks may occur, different from the Mirai attacks that took place last month. […]
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
This article talks about the success of the Mirai DDoS botnets that are made up of IoT devices. The software enabling them is publically available, which makes it easier for inexperienced hackers to set them […]
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
Presentation
Executive Summary
Video Presentation
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years ago
This article discusses the breach of OPM (Federal Office of Personal Management), this breach leaked information about roughly 22 million current and former employees became public in mid-2015. It took close to […]
-
This is why it is extremely important to have some sort of security control measures in place. Even the most basic will include requirements for 2 factor authentication or knowing what systems are connected to the networks. It always seems like Government entities have the worse security measures in place.
-
I think its a very bad approach by a government agency in maintaining its IT infrastructure.
The IT systems were like full of vulnerabilities and the officials were waiting for such data breach event to take place in-order to put everything on track .
The common items mentioned in it are like some of the key in maintaining IT security in an organization and even small business now a days are protecting themselves from these factors
-
-
Shain R. Amzovski commented on the post, Weekly Question #8: Complete by November 2, 2017, on the site 8 years, 1 month ago
Loi,
This is an interesting article. When I used to do technical support for students I used to see this type of malware all the time. Students would install this fakeware, or fake-antivirus because they received a pop-up stating their computer was infected with a virus. Sometimes, you had to purchase the scanner to “remove” the malware, and…[Read more] -
Shain R. Amzovski commented on the post, Weekly Question #8: Complete by November 2, 2017, on the site 8 years, 1 month ago
Vaibhav, this is a great article. It is disturbing the lack of security nuclear sites around the world have. I was watching a news story that focused on the United States Nuclear missile sites, and showed the lack of both physical security and the out-dated technology that was being using to safeguard these sites. To think that hackers could…[Read more]
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
Hackers are looking to disrupt the upcoming U.S. election in November by hacking voter registration databases. A few disappearing names here and there wouldn’t make a difference, but if millions of people sh […]
-
I think the entire election process can be the target of hackers where there is possibility that the election database can be hacked initially to create chaos but even after the elections the hackers can target the final count to make undesirable changes to favour their desirable candidate
-
This will always be an issue when you are using electronic devices to satisfy the election. Maybe its time to go back to paper voting and manually count the votes. Might sound primitive, but at least it will mitigate the fraud that most likely goes on using electronic devices.
-
I think the following comment in the article is interesting:
“Nevertheless, hacking an election would be far from easy, he added. For example, there’s no central authority when it comes to ballot counting or voter registration. Instead, management of U.S. elections is spread out across 50 different states, and then to thousands of counties.”
Complexity is not a control. While it might be complex to create an hack that could greatly impact voter registration data, the individuals that would be interested in doing this are nation state sponsored groups. If hackers find that some systems do not have technical controls to prevent attacks such as SQL injection and unauthorized access, they may invest to use these techniques more broadly to make an impact. All jurisdictions should be held to control standards and their controls should be independently tested for design and effectiveness.
-
This is a topic that has been in the spotlight over the last few months and hopefully states like Florida, North Carolina, and so forth has implemented necessary adjustments to prevent hacking of their voting systems.
It was actually a good thing this point was raised early enough to help all fifty states to better prepare for any possible attacks.
-
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
An American Information Security Company, Zerodium, is offering up to $1.5 […]
-
Shain R. Amzovski commented on the post, iOS 10 Security Flaw makes cracking encrypted backups easier, on the site 8 years, 1 month ago
Jimmy, this is an interesting article. I never usually update to the latest iOS because of all the bugs that the new iOS initially has. This time, I was forced to have iOS 10 because I purchased a new iPhone 7, which came pre-loaded with the software. Typically, I do not use iTunes to back-up my device. I generally use iCloud, and pay $.99 a…[Read more]
-
Shain R. Amzovski commented on the post, Student legally hacks airline and earns $300,000 of miles, on the site 8 years, 1 month ago
Jason,
This is an interesting article/short video. It would have been nice if they would have described how he was able to find bugs in the systems, and what improvements they have made to patch these bugs. What United is doing is a good way to do penetration testing. Tell people to try and hack your system, and you will reward them. -
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
Brian Krebs is a reporter who does stories on cyber attackers that attack for profit. In his line of work, he is often subject to several threats. He has had SWAT teams show up at his house before, and death t […]
-
Shain R. Amzovski wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
Wawa Reconnaissance PowerPoint
Wawa Reconnaissance Executive Summary
Wawa Presentation
-
Nice you work. One addition you might add is what the upper ports that are open are associated with. Looks like VOIP and Video Conferences, but you might want to explain that.
-
-
Shain R. Amzovski commented on the post, Backdoor Government Decryption Hurts My Business and Yours, on the site 8 years, 1 month ago
The Carbonite CEO makes many good points in this article. ” I fear the Burr-Feinstein proposal could have just the opposite effect. The broad-reaching approach has the potential to make life easier for cybercriminals and to undermine the very economic prosperity the legislators seek to maintain.” I agree with Jason. There are no safe…[Read more]
-
Shain R. Amzovski commented on the post, Cybersecurity: Two-thirds of CIOs say threats increasing, cite growth of ransomware, on the site 8 years, 1 month ago
Mauchel,
Great article! Ransomeware has definitely been more relevant over the last few years, especially with untraceable payment methods such as bitcoin. It makes it possible for hackers to encrypt a company’s data and essentially get paid to give up the decryption key. Most companies will pay the ransom just to restore operations as quickly…[Read more] -
Shain R. Amzovski commented on the post, Cyber-Security regulations issues by Newyork state department of financial services, on the site 8 years, 1 month ago
Vaibhav,
This is a very interesting article and also very eye-opening. It is almost disturbing that the DFS is now proposing new regulations on cyber security requirements for banks, insurance companies, and other financial service institutions. These practices are almost standard in the technology industry. Without these recommended…[Read more] -
Shain R. Amzovski commented on the post, Volkswagen launches new cybersecurity firm to tackle car security, on the site 8 years, 1 month ago
Ahmed,
This is a very interesting article. With cars becoming “smarter” and addressing all of the needs of consumers, such as Bluetooth, GPS, Wi-Fi, compatibility with smart devices, automobiles are very susceptible to cyber attacks. I believe we will begin to see more companies such as this popping up in the future, and automotive companies…[Read more] - Load More
