Week 08: Social Engineering, Encoding and Encryption

https://medium.freecodecamp.org/lets-enhance-how-we-found-rogerkver-s-1000-wallet-obfuscated-private-key-8514e74a5433

This article is a demonstration of why you should always be very careful when sharing any information publicly. The authors of this article detailed a process of image correction and QR code “hacking” to figure out information on Roger Ver’s bitcoin wallet that was displayed during an interview he gave on a French TV show. Through the use of some very clever thinking and software work, they were able to figure out Roger’s private key. The victim, Roger Ver, actually put this information up knowingly and offered the wallet to anyone who could figure it out. Even so, it is a difficult process, as the authors detail the steps:

1. Information gathering
2. Let’s enhance! Image Analysis
3. QR code standard part 1
4. QR code reconstruction
5. QR code standard part 2
6. QR code decoding
7. Error Correction Code
8. Python & Brute force

 

Check it out!

https://research.checkpoint.com/new-iot-botnet-storm-coming/

Researchers at Check Point Research are warning that they have found a new Botnet, IoTroop. It users IoT devices similar to the Mirai botnet from last year that shut down the internet mostly for the eastern US, but it is moving at a faster pace and has a larger potential damage. The article goes into detail about the vulnerabilities that IoTroop is exploiting and where it is being seen.

This is a short article, but I found it pretty interesting. I haven’t read many articles involving cyber attacks in Canada. This article sums up why, which I find interesting that many attacks have not been leaked to the public. Very different here in the US since I think about all the articles I have read or stories on the news. The Canadian government is concerned about cyber-attacks that have targeted critical infrastructure. Due to this, it has helped organizations improve their security without revealing hacks to the public. Canada has seen a comparable level of hacking in the country as the US. The country does not report hacking activity to the public, but instead reaches out to the targeted organization in a quietly manner. The article mentioned that 60 nations currently can conduct offensive cyber warfare operations. Five years ago, only five nations had this ability.

http://www.reuters.com/article/us-cyber-summit-canada-infrastructure/canada-worried-about-infrastructure-hacks-intelligence-official-idUSKBN1CS2EZ

 

According to the security researcher, it describes that hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange to perform malicious code execution on the targeted device without requiring Macros enable or memory corruption. Dynamic Data Exchange is one of the several methods that Microsoft uses to allow two running applications to share the same data which including MS Excel, MS Word, Quattro Pro and other applications. The Dynamic Data Exchange technique displays no “security” warnings to victims and victims can lose their personal information due to lack of security.

 

https://thehackernews.com/2017/10/ms-office-dde-malware-exploit.html

https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html?_r=1

 

The Kaspersky Lab’s issue has grown in complexity and layers. It’s now known Israeli Intelligence was watching Russian Intelligence monitoring American Intelligence programs. Initially it was discovered that the Russian FSB had intercepted American NSA malware and data from security contractors using Kaspersky antivirus. Then it came out that American intelligence was given the heads up by Israeli forces who has infiltrated the Russians and Kaspersky, and were watching the data gathered by FSB. This story continues to grow, and is an interesting reminder of the reach of security intelligence across the globe.

http://smallbusiness.co.uk/businesses-fail-hacking-test-2538562/

Middle market businesses fail ethical hacking test

This article talks about the following: Upskilling the employees on Cyber Threats and Data Prevention has been a huge challenge for organizations. It is said that more than 40% organizations are subject to Cyber Threats. The hacking experiment conducted by RSM on middle market companies in revealed shocking results. The company sent out 200 spam emails to employees and within minutes, 16% of the employees in those organizations clicked on those emails, a figure that rose to 35% in a short time. Ignorance and carelessness to such outside emails has resulted in this and employees are becoming increasingly vulnerable to cyber-attacks by hackers. These companies have been encouraged to protect themselves against common Cyber-attacks such as Phishing, Whaling, Ransomware, etc.

It will be interesting to see how things unfold in the future. What measures has RSM implemented to ensure employees adhere to common Cyber threats? Will these due-diligence steps be rigorously followed by these employees? Do organizations have the necessary systems and processes in place to change their existing Cyber systems? The answer to these questions will only reveal the efficiency of implementation of Cyber Security Measures.

http://www.scotsman.com/business/management/cyber-attacks-a-threat-to-scottish-businesses-1-4566474

Cyber attacks a threat to Scottish businesses

This article talks about the following: Statistics says that over 200, 000 organizations were impacted because of WannaCry attacks in May and this impact has also been felt in many organizations such as Maersk that suffered damages worth £240 million. The reality seems to be that hackers and cyber criminals have been targeting the SMEs, instead of the larger organizations because of the ease of attacks. This is because of lack of understanding and sufficient resources at disposal for small businesses. The first step towards prevention is to modernize the existing systems and train people so that they are aware of the hidden attacks.
Because of the number of SME businesses in Scotland, the threat is real and the government is ensuring proper training and retaining of skill sets too.

It will be interesting to see how things unfold in the future. How will the government support training and development of 348, 045 small businesses in Scotland? How much time will be required to upskill the existing labour force and retrain them to new Cyber Security Skills. It would be a challenging situation considering the growing number of SMEs in Scotland.

https://tech.economictimes.indiatimes.com/news/internet/remarkable-increase-in-uptake-of-cybersecurity-coursespluralsight/61024286

Remarkable increase in uptake of cybersecurity courses: Pluralsight

This article talks about the following: Cyber Security has become a necessity in today’s world where data is growing at an exponential rate and where the threat to critical data is increasing with new attack routes and malware being release without the knowledge of the user. Considering this, there has been a whopping increase in students undertaking Cyber Security courses. Pluralsight, one of the largest online education sites, has recently launched the Cyber Security course comprising of several topics including Cyber Offense Strategies, Penetration Testing, Ethical Hacking, etc. In fact, many fortune companies have also started taking up these courses.

It will be interesting to see how things unfold in the future. Cyber Security thought has been a growing sector for skill development, but its relative growth compared with careers in Consulting and IT has been poor. It would therefore be interesting to see how many of these students pursue their career in Cyber Security and Ethical Hacking? Will there be rise in demand of such skills, enabling more students to take up online courses?

http://www.zdnet.com/article/leaked-audio-facebook-security-boss-says-network-is-like-a-college-campus/

Alex Stamos is Facebook’s Chief Security Officer and he essentially says that the organization isn’t where he’d like it to be from a network security perspective. He goes on to say that Facebook’s threat profile should be more akin to a defense contractor (Raytheon, Lockheed Martin, etc.) but currently their posture is closer to that of a college campus.

I deleted my Facebook profile about a year ago. Personally,  I don’t get enough value out of the services.

A new IoT Botnet, compared to Mirai. Called “IoT_reaper” was first reported in September.

https://thehackernews.com/2017/10/iot-botnet-malware-attack.html