• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Sys & Infrast Lifecycle Mngt 1

Information Technology Audit and Cybersecurity, Temple University

Sys & Infrast Lifecycle Mngt 1

MIS 5203.001 ■ Spring 2020 ■ Wade Mackey
  • Home
  • Syllabus
    • Gradebook
  • Announcements
  • Course Work
    • 1 – Intro/SDLC
    • Planning
      • 2 – Prjct Mngmt & Governance
      • 3 – Business Case & Feasibility
    • Analysis
      • 4 – Requirements Determination
      • 5 – Process Modeling
      • 6 – Data Modeling
      • 7 -Test One
    • Design
      • 10 – HCI (UI)
      • 8 – Database
      • 9 – Software
      • 11 – Test Two
    • Implementation
      • 12 – Architecture
      • 13 – Development & Testing
      • 14 – Migration & Deployment
      • Test 3: Implementation
  • Projects
    • Project 1: Business Case Development
    • Project 2: SDLC
    • Project 3: Systems Design
    • Project 4: Process Re-engineering
    • Project 5: Controls

Instructor

Samba Buffer Overflow Code Execution

February 25, 2022 Leave a Comment

Zero Day Initiative — CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin

Samba provides print and file-sharing services for Linux and Unix. It was discovered that it is possible to cause a buffer overflow and gain access to higher commands because of misconfigured portions of the application. Combined, this allows the possibility of remote code execution through a buffer overflow. At this time, the application has been updated to prevent this issue from occurring in the future, and users are recommended to update their software.

Kenneth Saltisky

SQL Injection Vulnerability WordPress

February 25, 2022 Leave a Comment

https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection

This article describes a vulnerability found in WordPress through an SQL injection that results in a database exposing information. I picked this because it involves WordPress which many people use to create and host websites and it involves security concepts like SQL injections which are interesting to see.

Kenneth Saltisky

“Hackers slip into Microsoft Teams chats to distribute malware”

February 22, 2022 Leave a Comment

Microsoft teams has issued a warning that hackers may have access to individuals accounts while they are in use.  Security research team at Avanan determined that hackers inserted a malicious chat executable file called “User Centric” to get into Teams chats which allows them to install malware and trick users into downloading content and take over user’s computers.  This also gives hackers information about the user’s operating system, its security settings, and patches that were installed.  To prevent this type of attack, Avanan recommends applying protection on files in a sandbox and inspect malicious content, install strong security that protects business communications, and contact IT professionals should you happen to across an unfamiliar file.

Hackers slip into Microsoft Teams chats to distribute malware (bleepingcomputer.com)

Christopher Clayton

In the news

February 17, 2022 Leave a Comment

Google drive accounts for 50 percent of malicious document downloads

In 2021 about 50 percent of malicious office documents were delivered using google drive. Netskope reported that office 365, google docs and pdf’s make up 37 percent of malware that is downloaded.

Google drive took over in 2021 as the leader in malicious document downloads from Microsoft one drive which lead up to that point with 34 percent.

How cybercriminals are operating?  Cybercriminals will sign up for free accounts from these hosting services. They will upload malicious files and will share them with unsuspecting users who open those files.

Legitimate platforms are easy tools for cyber criminals to use to attack unsuspecting people, keep an eye out and don’t click on emails or links from people you don’t know.

Google Drive Now Accounts for 50% of Malicious Document Downloads | Cyware Alerts – Hacker News

Corey Arana

Don’t Use Public Wi-Fi Without DNS Filtering

February 15, 2022 Leave a Comment

With public Wi-Fi becoming more and more standard in today’s society, providing public Wi-Fi is a premium service for your customers. According to recent statistics, there are about 410,000 public Wi-Fi hotspots in the United States alone, located in public places such as parks, libraries, public transportation, train stations, etc. Public Wi-Fi has become an integral part of modern life.

While public Wi-Fi has to offer many benefits, when users use public Wi-Fi, it means that users may be vulnerable to many cyber threats, such as malware, viruses, hacking, and other forms of intrusion. It also provides opportunities for cybercriminals to commit virtual crimes and harm internet users. However, having a solid DNS filtering service can stop cyber threats like malware, ransomware, phishing, and botnets before they reach network devices. Also, DNS can filter out unwanted content such as pornographic material, violence, and drug-related content.

Link: https://thehackernews.com/2022/01/dont-use-public-wi-fi-without-dns.html

 

Yangyuan Lin

Aussie Tech Entrepreneur Extradited Over SMS Fraud

February 15, 2022 Leave a Comment

A Russian-born tech entrepreneur has been extradited from Australia to the United States for conspiracy to commit wire fraud, wire fraud, aggravated identity theft, and conspiracy to commit money laundering. Eugeni Tsvetnenko covertly subscribed hundreds of thousands of cell phone users to a $9.99 per month recurring text message fee that the user did not want to subscribe to victims of the scheme received text messages about horoscopes, celebrity gossip and trivia facts. The scheme’s operators defrauded victims of approximately $41,389,725 and earned approximately $20 million in profits. At the same time, he faces charges related to a multi-million-dollar SMS consumer fraud scheme.

https://www.infosecurity-magazine.com/news/tsvetnenko-extradited-sms-fraud/

 

Dan Xu

Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers

February 14, 2022 Leave a Comment

This article talks about hackers who planted fake digital evidence on devices of Indian Activists and Lawyers. The digital evidence is called an “incriminating digital evidence”. “Cybersecurity firm called Sentinel attributed the intrusions to a group it tracks as “ModifiedElephant,” an elusive threat actor that’s been operational since at least 2012, whose activity aligns sharply with Indian state interests. The hackers were able to get into the system using spear phishing with malicious documents to deliver malware such as NetWire and simple keyloggers. They did create fake accounts or simply resending their malware multiple times using new emails or lure documents.

https://thehackernews.com/2022/02/hackers-planted-fake-digital-evidence.html

 

“San Francisco 49ers attacked by BlackByte ransomware group ahead of Super Bowl”

February 14, 2022 Leave a Comment

A ransomware group by the name of BlackByte attacked the San Francisco 49ers network security before the start of the Super Bowl which encrypted files on their IT corporate network.  Law enforcement and cybersecurity firms were notified and investigating this attack.  This attack came one day before the FBI released an alert regarding this ransomware group compromising numerous US and foreign businesses.  If the 49ers would have made it to the Super Bowl, there would be more of a possibility that the ransomware issue would have grown to an even bigger issue.

San Francisco 49ers attacked by BlackByte ransomware group ahead of Super Bowl | ZDNet

Christopher Clayton

“FBI: Watch Out for LockBit 2.0 Ransomware, Here’s How to Reduce the Risk to Your Network”

February 11, 2022 Leave a Comment

“FBI: Watch Out for LockBit 2.0 Ransomware, Here’s How to Reduce the Risk to Your Network.”

As the FBI warns us about the LockBit 2.0 ransomware, they are also warning us to utilize MFA and strong passwords for all admin and high-value accounts. It is mentioned in the article, Microsoft has found that 78% of organizations using Azure Active Directory does not have MFA enabled. If this is keeping an organization safe, why aren’t they using it?
LockBit2.0 targets Windows PCs and Linux servers via bugs in VMWare’s virtual machine.
LockBit’s operators use any method available to compromise a network, as long as it is successful. For example, the operators are buying access to already compromised network from “access brokers,” exploiting unpatched software bugs, and even paying for insider access, as well as using exploits for previously unknown zero-day flaws. Lockbit 2.0 identifies and collects an infected device’s hostname, host configuration, domain information, local drive configuration, remote shares, and mounted external storage devices. It then attempts to encrypt the data saved to any local or remote device but skips flies associated with core system functions. Afterwards, it deletes itself from the disk and creates persistence at a startup. The FBI additionally recommends companies segment their networks, investigate any abnormal activity, implement time-based access for accounts set at the admin level and higher, disable command-line and scripting activities and permissions, and maintain offline backups of data.

By: Victoria Zak 

https://www.zdnet.com/article/fbi-watch-out-for-lockbit-2-0-ransomware-heres-how-to-reduce-the-risk-to-your-network/

Article on new vulnerability

January 21, 2022 Leave a Comment

https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html

This article describes a vulnerability in the RUST framework.  I picked this because it is an example of the kind of issue a project team needs to be aware of if they are using RUST.  These kinds of issues show up for many different frameworks.

  • « Go to Previous Page
  • Page 1
  • Interim pages omitted …
  • Page 3
  • Page 4
  • Page 5
  • Page 6
  • Go to Next Page »

Primary Sidebar

RECENT ANNOUNCEMENTS

“School District reports a 334% hike in cybersecurity insurance costs”

A school district in Chicago released details on its cyber-insurance, from … [More...] about “School District reports a 334% hike in cybersecurity insurance costs”

“Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

The article I read this week was from the New York Times, and it describes … [More...] about “Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

“‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

by Sean Lyngaas 3/26/22 To summarize this article, the United States … [More...] about “‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

Cisco Umbrella default SSH key allows theft of admin credentials

Cisco Umbrella default SSH key allows theft of admin credentials … [More...] about Cisco Umbrella default SSH key allows theft of admin credentials

The battle over end-to-end encryption

The BBC article, “The battle over end-to-end encryption, is news to … [More...] about The battle over end-to-end encryption

Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

This article explains the email-based social engineering of criminals to … [More...] about Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

[More Announcements...]

Copyright © 2025 · Department of Management Information Systems · Fox School of Business · Temple University