• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.701 ■ Fall 2022 ■ William Bailey
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit #1: Understanding an Organization’s Risk Environment
      • Unit #2: Case Study 1 – Snowfall and stolen laptop
      • Unit #2: Data Classification Process and Models
      • Unit #3: Risk Evaluation
      • Unit #4 Case #2: Autopsy of a Data Breach: The Target Case
      • Unit #5: Creating a Security Aware Organization
      • Unit #6: Physical and Environmental Security
    • Second Half of the Semester
      • Unit #8 Case Study 3 – A Hospital Catches the “Millennium Bug”
      • Unit #9: Business Continuity and Disaster Recovery Planning
      • Unit #10: Network Security
      • Unit #11: Cryptography, Public Key Encryption and Digital Signatures
      • Unit #12: Identity Management and Access Control
      • Unit #13: Computer Application Security
  • Deliverables
    • Weekly Deliverables
      • “In the News” Articles
      • Answers to Reading Discussion Questions
      • Comments on Reading Discussion Question and Other Students’ Answers
    • Case Studies
    • Team Project
  • Class Capture Videos

Unit #6 – In The News

September 21, 2022 by William Bailey 11 Comments

Filed Under: Unit 06: Physical and Environmental Security Tagged With:

Reader Interactions

Comments

  1. Nicholas Foster says

    September 25, 2022 at 4:21 pm

    https://www.csoonline.com/article/3674791/seo-poisoning-campaign-directs-search-engine-visitors-from-multiple-industries-to-javascript-malwar.html#tk.rss_all?&web_view=true – SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

    The article I have chosen to highlight this week is leveraging search engine optimization to prioritize specific links based on search results related to specific industries highly searched forms/topics of interest. For example, one of the forms was a transition service agreement. When the employee searched for it, the blog website was a top search results and thus persuaded the user to click it. The blog had a link to a zip archive that contained a file called “Accounting for transition service agreement” with a .js extension (java script). There were almost 200 blog posts ranging from government, real-estate, education, medical and legal all catering to different topics/forms based on those industries. The only way to access these blogs were via relevant key-word/phrase google searches. The place these blogs were hosted is believed to be legitimate and the threat actors were just leveraging the blog platform.

    Log in to Reply
    • Abayomi Aiyedebinu says

      September 25, 2022 at 11:59 pm

      Hi Nicholas,

      I find this article interesting because i came across similar article how cyber criminals are using click wars like using google forms, to gain unauthorized access .

      Log in to Reply
  2. Jill Brummer says

    September 25, 2022 at 5:46 pm

    https://www.bbc.com/news/technology-62937678

    The article is about hackers from Vietnam that attacked the Holiday Inn owner Intercontinental Hotel Group (IHG) database and deleted data. They were able to access the database by guessing the password, which was one of the most common passwords, to the password vault. The hackers were a couple from Vietnam that justified performing cyber-attacks for ransomware due to the low wages of $300/month in Vietnam.

    Once the hackers accessed the database and tried to demand ransomware, the company was able to quickly isolate servers before the hackers could deploy it, so they did a wiper attack instead and destroy data and files.

    They tricked an employee into downloading a malicious piece of software through an email attachment. Additionally, they bypassed additional security prompt message sent to the worker’s device as part as an MFA.

    Once again, we see an attack was due to an employee unintentionally doing something that could have been prevented by practicing common security best practices, in this case the employee should not have open an email attachment from someone they did not know.

    Log in to Reply
    • Abayomi Aiyedebinu says

      September 25, 2022 at 11:56 pm

      Hi Jill ,

      It is true that sometimes non malicious intention can put a company at risk. Hence Security Education Training Awareness is a must for everyone .

      Log in to Reply
  3. Abayomi Aiyedebinu says

    September 25, 2022 at 11:52 pm

    My news for this week is about a data breach that occurred in Optus, an Australian telecommunication giant. The hackers gained access to 9.5 million customers PII information and asked for a ransom of 1million dollars. It is noteworthy that the hackers gave the company a week ultimatum to transfer the ransom through an untraceable decentralized crypto currency Monero. However, what comes to mind is the damage has been done already will the payment of these 1 million stop the hackers from still selling this information in the dark web or will the payment be a continuous trend of asking for more money as a threat not to expose 9.5 million Australian citizens PII. The dynamics of cyber warfare is becoming sophisticated hence the need for companies to invest in CERT so that they can be informed targets.

    https://www.news.com.au/finance/business/optus-data-breach-hacker-demands-15-million-ransom-customer-info-leaked-on-dark-web/news-story/d9877fe037a04970225af2eafec6d686

    Log in to Reply
    • David Vanaman says

      September 28, 2022 at 5:44 pm

      Quality customer service is a surprising hallmark of successful ransomware groups. If a group asks for a ransom and the victim is not reassured that payment will result in their data being released, what incentive is there to pay? So the big name ransomware groups take the time to ensure that when paid, they release the data and there have been reports even of those groups providing assistance to the victim after payment to get the word out that they can be trusted.

      https://slate.com/technology/2022/05/ransomware-customer-service-history.html

      Log in to Reply
  4. Matthew Stasiak says

    September 26, 2022 at 5:35 pm

    https://www.bleepingcomputer.com/news/security/american-airlines-learned-it-was-breached-from-phishing-targets/

    This article is actually an extension of the one that I wrote the previous week as new information has been released regarding the hacked information from American Airlines. As previously stated, it was believed that a phishing campaign had led the charge on the attack and this did turn out to be true but we now know that it led to the hacking of an employee’s Microsoft 365 account and unauthorized access had been noticed. The attacker also access many other employees’ accounts through the same method and used those other accounts to send even more phishing emails to other targets. One of the team members’ accounts also had employee files on their cloud service. It was announced that the actor had used the IMAP protocol to access the mailboxes. The company at first refused to disclose the number of people affected by the hack but it was later announced that 1,708 American Airlines customers and employees had been affected.

    Log in to Reply
  5. David Vanaman says

    September 27, 2022 at 6:30 pm

    https://thehackernews.com/2022/09/firing-your-entire-cybersecurity-team.html

    My article is about one of the biggest heads cratchers in recent history: Patreon fired their entire Security team. Patreon isn’t releasing any public explanation, so it has left a lot of people asking “Why?”. Theories abound, but beyond the question of why, this is a great example to discuss why something like this is a terrible business idea. Offloading InfoSec to a 3rd party might save some money, but a hard break with your existing SMEs is going to destroy so much institutional knowledge that a third party partner will not easily be able to rebuild.

    Log in to Reply
  6. Kenneth Saltisky says

    September 27, 2022 at 8:47 pm

    https://www.bleepingcomputer.com/news/security/optus-hacker-apologizes-and-allegedly-deletes-all-stolen-data/

    This describes that the hacker who claimed to have hacked Optus, Australia’s second-largest mobile operator, has withdrawn their extortion demands after facing increased attention from law enforcement. The hacker has customers’ personal information: including name, address, date of birth, phone numbers, emails, driver’s licenses, and passport numbers. The hacker stated that they utilized an unsecured API endpoint to steal the data directly. Although others have utilized the data leaked to extort money from victims, the hacker has written an apology stating they deleted the information they stole from their personal device after the Australian Federal Police announced the launch of a large-scale operation to find the threat actors. Optus has now offered all impacted individuals a 12-month subscription to credit monitoring and identity protection through Equifax and any victims would receive new driver’s licenses free of charge.

    Log in to Reply
  7. Christa Giordano says

    September 27, 2022 at 10:40 pm

    https://thehackernews.com/2022/09/experts-uncover-85-apps-with-13-million.html

    This article identifies 85 total applications from Google Play and the Apple App store that have been exploited through the use of fraudulent ads. The current scheme is the third iteration of a similar scheme this time affecting more apps than previously (the first wave included only 40 applications). Investigations founds that these apps have been installed over 13 million times, reaching a significant number of people. The malicious actors spoof popular apps by coding the fraudulent apps to look like legitimate apps for advertising purposes. The victim is incentivized to purchase that app because they think they are getting a great deal as in many instances the fake app is worth more than the app would be standalone. Once the app is downloaded and installed, out of context and hidden ads appear offscreen and generate fraudulent ad clicks to make money.

    Log in to Reply
  8. Shepherd Shenjere says

    September 30, 2022 at 6:21 pm

    This week I found this article about a new zero day bugs existing in Microsoft Exchange. This is utilized by the threat actors in order to perform remote code execution on affected system. According to the article, “These attacks has be carried out by a Chinese threat group. Once they discover a compromised servers, the threat actors are deploying Chinese Chopper web shells by combining two zero-day and their goals are to gain persistence, Data theft, and move laterally to other systems.

    https://gbhackers.com/new-exchange-server-zero-day-rce-bug/

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Unit 01: Understanding an Organization's Risk Environment (5)
  • Unit 02: Case Study 1 – Snowfall and a stolen laptop (6)
  • Unit 02: Data Classification Process and Models (6)
  • Unit 03: Risk Evaluation (6)
  • Unit 04: Case Study 2 – Autopsy of a Data Breach – The Target Case (4)
  • Unit 05: Creating a Security Aware Organization (6)
  • Unit 06: Physical and Environmental Security (6)
  • Unit 08: Case Study 3 – A Hospital Catches the "Millennium Bug" (3)
  • Unit 09: Business Continuity and Disaster Recovery (6)
  • Unit 10: Network Security (6)
  • Unit 11: Cryptography, Public Key Encryption and Digital Signature (6)
  • Unit 12: Identity Management and Access Control (6)
  • Unit 13: Computer Application Security (6)
  • Welcome (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in