Week 06: Sniffers

A few days ago, it was revealed that a popular commenting system used by many websites called Disqus was breached in 2012, compromising the information of over 17.5 million users. Apparently, it went unnoticed for 5 years until this past Thursday when the incident was discovered by an independent security researcher. It is likely that the information obtained (including SHA-1 hashed passwords) could be used in social engineering attacks on certain users. Disqus has made several security upgrades in the years since, including switching to a more secure password hashing algorithm, but this story is still developing as their investigation into the incident continues.

https://thehackernews.com/2017/10/disqus-comment-system-hacked.html

Recently, a Hong Kong-based VPN provider named PureVPN assisted the FBI in the arrest of a cyberstalker by releasing logs of his activity while using their service. The arrest is obviously good news, but the interesting thing is that while PureVPN explicitly states that they “do not monitor activity or keep logs,” this is clearly not the case. Most VPN providers make similar claims, but this is hard to verify from the outside. This should make VPN users take a closer look at the service they use, and be mindful that they may not be as secure as they claim.

https://thehackernews.com/2017/10/no-logs-vpn-service-security_8.html

Sara Guo was interviewed at the Cyber Security Summit in Boston this morning.  She works for a venture capitalist firm investing in technology companies.  She mentioned the companies involvement with two security companies and shocking results from audits of several clients’ information systems.

She said, “There wasn’t a single [company] where we didn’t find bad behavior already… while examining the databases of some of its clients, was able to find a shocking amount of bad behavior that the companies were completely unaware of — including corporate espionage and insider threats.”

Yikes…

https://www.cnbc.com/2017/10/09/greylocks-sarah-guo-us-doest-take-data-security-seriously-enough.html

https://thehackernews.com/2017/10/formbook-password-stealer.html

Malware as a service is becoming more popular, a keystroke capturing and password stealing program is available for purchase.

There is more to technology than end-user experience. Aside from user experience, there are other considerations like maintenance, operations and 24/7 support. Even though some of these considerations are less visible, they are just as important. When one has a technology that is ubiquitous, it starts to fade and not be well noticed. People tend to notice when there are issues. Something to compare this to is when you only notice your plumbing system when there is a leak. Other than that you do not think twice about. There are technologies that are very important to the business environment and keep the organization running smoothly, yet the awareness for the technology falls under the radar. Since these technologies operate below the radar, it is a high possibility they are not being examined from a risk perspective. Some examples of this are TLS, SSH, SAML and Kerberos.

Using TLS to take the example further, there are several issues that may not come to mind instantly. Legacy protocol version are known to be susceptible to attack and usage related issues like HTTPS Interception.

 

https://www.technewsworld.com/story/84852.html

http://nautil.us/blog/the-science-behind-blade-runners-voight_kampff-test

Lighter read in the spirit of Blade Runner 2049 being released.

Intro-to-Ethical-Hacking-Week-6

https://www.tutorialspoint.com/batch_script/