ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Week 04: Vulnerability Scanning

Apple Mojave Zero-Day Flaw

by 1 Comment

https://www.zdnet.com/article/macos-mojave-zero-day-privacy-bypass-bug-revealed-on-the-day-of-download/

Talk about a zero day. Apple released their new operating system Mojave (10.14) and someone already found a way to access private data. The person who discovered this vulnerability was unable to get through to Apple’s security team. The best news is that this vulnerability does not affect the whole system but the details of what it does leave vulnerable is left to the imagination. In the video example from the link you can watch from Terminal the access and copying of the users Address Book. Apple doesn’t get caught with their pants down too often. Kudos to the discoverer.

Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year

by Leave a Comment

A flaw in Twitter’s API was sending user’s messages to businesses to the wrong place. There are tools available for businesses to build special applications that interact with Twitter. This is used for things like customer service and Q/A. To build these applications, the company has a developer with a developer key registered with Twitter. When a user uses the app created by the developer, their data/whatever they are sending gets sent to the account associated with that developer’s developer key. What happened here is that user data somehow was sent to the wrong developer account. Having built APIs before, I can testify that they sometimes do funky things that you don’t expect. Thankfully, in this situation, it seems as though a very small group of people was affected.

 

https://thehackernews.com/2018/09/twitter-direct-message-api.html

Understanding Cybersecurity and Its Relationship with Physical Security To Reduce Risk

by Leave a Comment

In the article “Understanding Cyber Security and its Relationship with Physical Security to Reduce Risk”, the author introduces about how to build relationship between cyber security and physical security. There are four perspectives for understanding the relationship:

  • Physical and cyber security are co-dependent
  • The disconnect between physical and IT security can be easily reduced
  • Physical Security Directors should contribute more to breach-readiness
  • Questions to ask yourself in assessing risk management

Physical security is usually the first step to defend attackers. For example, security guard should protect the entrances for a building to protect all the devices. Therefore, that is one of the most important method for security.

 

https://www.securitymagazine.com/articles/89426-understanding-cybersecurity-and-its-relationship-with-physical-security-to-reduce-risk

The Many Faces of Social Engineering

by 3 Comments

I’ve heard this phrase used a few times in class and was curious what a social engineering attack actually entails. It seems that it can come in many forms such as:

  • Phishing
  • Ransomware

These are the two most common forms of social engineering attacks, according to the article below.

In phishing attacks, a victim is commonly lured into opening an email attachment, which downloads some form of malware onto the machine. For example, an employee at a company or government agency could receive an email from someone claiming to be from IT requesting that the employee view an attachment.

In ransomware attacks, a user is tricked into downloading a payload that corrupts or encrypts a user’s hard drive. The perpetrators remedy the problem after the victim pays them, usually in bitcoin.

As we’ve discussed in class, the best way to prevent these kinds of attacks in a company are through employee training. The more aware people are of the strategies criminals employ, the better.

https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack

Cyber Security News Sources

by 2 Comments

Hello,

I’d like to discuss where everyone Cyber Security news from and find some interesting sources. Feel free to share yours even if in another language. Here are my personal top sources:

https://www.reddit.com/r/netsec/

https://krebsonsecurity.com/

https://www.bleepingcomputer.com/

https://blog.sucuri.net/

 

Also here is a nice graph of tools for intelligence gathering like we used for our last assignment.

https://i.redd.it/370mx0gln0k01.jpg

Thousands of WordPress sites backdoored with malicious code

by 1 Comment

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.

All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.

 

When they gain access to a site, they plant a backdoor for future access and make modifications to the site’s code.

https://www.zdnet.com/article/thousands-of-wordpress-sites-backdoored-with-malicious-code/

Adobe Addresses a Number of Critical Remote Execution Vulnerabilities

by 1 Comment

https://www.zdnet.com/article/adobe-addresses-critical-vulnerabilities-in-acrobat-reader/

Looks like Adobe is under the vulnerability scan again but no it is not Flash… it’s Acrobat. 41 vulnerabilities have been found 17 of them seem capable to take control of the effected system. These vulnerabilities created a trend micro zero-day notice

The vulnerabilities impact the Windows and Mac operating systems. Acrobat DC (continuous) versions 2018.009.20050 and earlier, Acrobat 2017 versions 2017.011.30070 and earlier, Acrobat Reader 2017 versions 2017.011.30070 and earlier, and Acrobat DC (Classic Track) versions 2015.006.30394 and earlier are all affected.

It is important to update and patch as it is believed the Flash exploit is being used in the wild by North Korean cyberattackers to compromise systems. It would be fair going forward to assume that malicious attackers would also add this vulnerability regardless of their world location or government.