ITACS 5211: Introduction to Ethical Hacking
Wade Mackey
https://www.technewsworld.com/story/85663.html
This article lists few key things that we can do to protect our personal devices
2. Strengthen and Protect Your Login Credentials
3. Check the WiFi You’re Using
4. Watch Your Browser
5. Use a Private Search Engine
6. Install a VPN
7. Watch Out for Phishing
8. Encrypt Your Communications
9. Watch What You Share on Social Media
10. Update Early and Often
4 Things You Should Include In Your Data Breach Response Plan
– By JAKE OLCOTT
Data breach response pages can be tens to hundreds of pages long depending on the size of your organization and the criticality of your data. Following a set data breach response template isn’t advisable because different organization have different infrastructure and their unique scenario.
The following are four must have points for a data breach response plan:
1. The type of data that constitutes a data incident.
• Incidents or breaches that involve legally protected information such as PII or PHI which requires immediate notification to affected users.
• Incidents or breaches that represent a small material loss to the company which may not require notification to stakeholders.
2. The parties responsible during a data breach.
• IT/IT Security Department
• Legal Department
• Communications Department
• HR Department
• Executives
3. The internal escalation processes:
When a data incident occurs on your network, you need a rock-solid internal escalation process established for escalating the incident up through your organization.
4. The external escalation process:
Aside from escalating a data incident inside your organization, you also need to include the external escalation process in your data breach response plan.
Reference:
1) JAKE OLCOTT, “4 Things You Should Include In Your Data Breach Response Plan,” February 16, 2017 , https://www.bitsighttech.com/blog/data-breach-response-plan-4-things-include
The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra.
Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations, aerospace, financial and critical infrastructure sectors across the world.
The group had also reportedly been associated with the WannaCry ransomware menace that last year shut down hospitals and big businesses worldwide, the SWIFT Banking attack in 2016, as well as the Sony Pictures hack in 2014.
https://thehackernews.com/2018/10/bank-atm-hacking.html?m=1
When you log into any social media platform, you are issued a unique app token, which is usually a hashed string. This allows us to avoid logging in everytime we want to access Facebook, LinkedIn, etc. Hashing this string is supposed to make it impossible for a hacker to brute force figure out. Yet, somehow, hackers have found a zero-day vulnerability in Facebook’s software, which has given them access to 50 million users’ tokens. With this, they presumably could access a user’s account and all of their account data. Also, when users do things on Facebook, such as make a post or like a picture, Facebook first checks their token to make sure they’re someone who is authorized to do these things. Hence, another risk, aside from data and information theft, is that hackers with these access tokens used them to do things on Facebook, like post advertisements or inflammatory posts, under someone else’s name.
https://thehackernews.com/2018/09/facebook-account-hack.html
A North Korean hacking agency has devised a new way to trick ATMs into releasing large quantities of cash. The scheme is targets switch application servers. The switch application server is used to communicate with the bank to validate a user’s account details for a requested transaction, such as a withdrawal.
The hackers first infected these servers with malware. Next, they attempt to make a withdrawal. The malware infected server sends back a fake affirmative response which then makes the ATM think the request has been accepted. The bank never gets notified.
https://thehackernews.com/2018/10/bank-atm-hacking.html
https://www.wired.com/story/facebook-security-breach-third-party-sites/
FACEBOOK revealed that it had suffered a security breach that impacted at least 50 million of its users, and possibly as many as 90 million. What it failed to mention initially, but revealed in a followup call Friday afternoon, is that the flaw affects more than just Facebook. If your account was impacted it means that a hacker could have accessed any account that you log into using Facebook.
“The access token enables someone to use the account as if they were the account holder themselves. This does mean they could access other third-party apps using Facebook login,” Guy Rosen, Facebook’s vice president of product, said in a call with reporters Friday. “Developers who used Facebook login will be able to detect those access tokens have been reset.”
https://latesthackingnews.com/2018/10/01/complicated-ios-12-passcode-bypass-exposes-iphone-data-to-hackers/
A vulnerability has been found in iOS 12. Jose Rodriguez an avid bug uncovered found that with siri lock screen access he can bypass the passcode screen to gain access to addressbook, photos, notes and make calls. The author off the article describes the bug as complicated but from the video demonstrations it appears to be performed effortlessly. I could see performing from or writing the instructions a bear but it was performed in no time at all. Check the link to see the bug performed.
Facebook was attacked by hackers. Nearly 50 million user accounts were affected in this incident. Hackers let people see their profile which looks like their friends’ profile. Hackers exploited a weakness in the tool to gain access to digital keys that let people access Facebook from a personal device without having to re-enter a password. The keys can be used by hackers to tack over the accounts. After the incident, there are three thins we need to do. First is to audit your devices. If you see you account login on a unfamiliar device or location, click “Remove” to remove the devices out of the account. Second is to change your password. Hackers may gain the passwords to access the accounts, so changing password is needed. Last is to turn on the two-factor authentication Using the codes sent by text message to logon the accounts. That makes others hard to logon your account even though they have the password.
https://www.techvows.com/facebook-was-hacked-3-things-you-should-do-after-the-breach/