-
Wade Mackey wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 9 months ago
With the TU Portal being down until Sunday afternoon, the quiz will be setup for Monday and Tuesday.
Wade
-
Wade Mackey wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 10 months ago
intro-to-ethical-hacking-week-4
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
The way I’ve seen this handled is by creating a “finding” or “issue” in whatever system the organization uses to track open deficiencies and keeping it open until the issue is resolved. They rapidly become the oldest issues on the management report which gets them the needed attention.
Wade
-
Wade Mackey commented on the post, "Uber, Dropbox, Other Tech Leaders Team Up To Boost Vendor Security", on the site 7 years, 10 months ago
This is something that many companies are encouraging so as to have shared assessments they can reference instead have having their auditors or security staff asses third parties. If the third party can demonstrate a solid program that is independently assessed they can save a lot of time and money by not having all the companies they do business…[Read more]
-
Wade Mackey commented on the post, DDoS Sees Triple-Digit Growth in One Year, on the site 7 years, 10 months ago
One thing the article didn’t discuss is that DDoS protections are getting much better. So yes, there is a lot of growth in DDoS, but it is getting less and less effective as companies adopt DDoS protection systems. Akamai is one of the major suppliers of this service.
Wade
-
Wade Mackey commented on the post, Energy Sector IT Professionals Overconfident in Cyber Security Capabilities as Attacks Increase, on the site 7 years, 10 months ago
I will not say much on this as I spent 20 years in the energy industry, some of it working in IT security. One of the things I can say is that utilities have very tight budgets for security, so some things that one would assume they would be doing are just not in the budget.
Wade
-
Wade Mackey commented on the post, Malware disguised as Pokemon Go Help in Android App, on the site 7 years, 10 months ago
We do not cover it in this class, but there is a whole discipline of reverse engineering malware. We will talk very briefly about some anti-forensics techniques in the second semester, but it is a technical subject that requires a lot time and study. It also helps to have experience as an assembly language developer.
Wade
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
I don’t disagree with the point Imperva is making, but it is worth remembering that Imperva makes it’s living selling solutions for this space. From discussions I’ve had with Security and IT management, they as concerned about insert who just make a mistake as much or more then the malicious ones.
Wade
-
Wade Mackey commented on the post, Cyber-Security regulations issues by Newyork state department of financial services, on the site 7 years, 10 months ago
Have to agree with other commenters. Seems like to little, to late.
Wade
-
Wade Mackey commented on the post, How did FBI hack terrorist's iPhone? News groups sue to find out, on the site 7 years, 10 months ago
We talked about this in last years class for quite a while. It is my recollection that the FBI paid for a service, and was claiming that they did not have the technique themselves. It is a little slight of hand, but probably gives them enough of an excuse to not disclose what they do not “know”.
Wade
-
Wade Mackey commented on the post, Volkswagen launches new cybersecurity firm to tackle car security, on the site 7 years, 10 months ago
As far as I know, each car manufacturer uses proprietary coding in their systems. We know this from the hot rodeos that have put together reprogrammers for various cars. They have indicated that each manufacturer has to be reverse engineered separately. Some hardware is shared, but not all. So… I’m thinking there will be limited opportunity…[Read more]
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
One thing to keep in mind is that the US government already has this power. Don’t recall the official name, but the process is called “blind subpoena”. Effectively, the feds get a copy of the data and a copy of the vendor keys and the vender is under a gag order forbidding them from notifying the target person or company. This is one of the…[Read more]
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
All I can really say about ransomware is that no one who is “doing it right” should ever have to pay. If you take a few basin steps you shouldn’t have a problem.
1. Keep your patching up to date
2. Don’t let your users login as an admin or superuser
3. Backup to another system, preferably one with a different operating system.Wade
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
A couple things to keep in mind.
1. Don’t do anything with the information you find. This is “Ethical” hacking. Remeber!
2. You can generally hide from these scanners by putting you equipment behind a router or firewall and not allowing ICMP (Remember that from week 2). If you suppress responding too ping, the scanner thinks no one is…[Read more]
-
Wade Mackey commented on the post, Hacker making up money by revealing client vulnerability through stock market, on the site 7 years, 10 months ago
I gotta think the SEC is going to have something to say about this sooner rather then later. Strip away the tech babble and this looks like insider trading to me. Also, seems unethical. When I have been involved in pen testing a third party application, the results were always share with the company that sells the software.
Wade
-
Wade Mackey commented on the post, Google Launches Android Hacking Contest, on the site 7 years, 10 months ago
If this is something that interests anyone, there is a free emulator for android that allows you to exercise a phone in a software environment. There was a nice presentation at Shmoocon a few years ago. Pretty sure it was recorded and put on youtube.
Wade
-
Wade Mackey wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years, 10 months ago
Getting a head start. intro-to-ethical-hacking-week-3
-
Wade Mackey commented on the post, Weekly Question #7: Complete by March 27, 2017, on the site 7 years, 10 months ago
You may want to take a glance at Imperva’s product line. They essential have a behavioral tool for Web, Database, and Cloud. Probably not as sophisticated as what the article describes, but they do compete in this space.
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
This can be a lot of work, but is a good way to establish your credentials. Just don’t expect the top payoff. That is reserved for very significant finds.
Wade
-
Wade Mackey posted a new activity comment 7 years, 10 months ago
Couple of things here. One, with VOIP, you don’t need to compromise smartphones. You could just spin up virtual circuits. Also, you might want to look up “Swatting”. Hackers have been spoofing 911 calls for some time to get SWAT teams to respond to the homes of innocent people. Sometimes it may be someone they have grudge against, other time…[Read more]
- Load More