• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Week 10: Web Application Hacking

November 26, 2018 by Manogna Alahari Leave a Comment

A 15-year-old security researcher, Saleem Rashid has discovered a serious flaw in cryptocurrency hardware wallets made by Ledger, a company which designs products to protect the user’s private keys from malicious software that might try to gather those credentials from the user’s computer. Rashid mentions that if the attacker has the physical access to the device, who could update the devices with malicious code that would wait for a potential buyer to use it, and then route the private key and drain the user’s cryptocurrency account, when the user goes to use it. The major problem with ledger device is that it contains a secure processor chip and a non- secure microcontroller chip, where the attackers use the insecure microcontroller chip to run the malicious software.

– The authentication to the microcontroller should be strong enough so that any insecure element cannot authenticate to microcontroller.

– Ledger should include tamper protection seal which warns the customers that the device has been physically opened or modified prior to its first use by customer.

– One of the chances where attackers gain the physical access to the device is when the products frequently outrun the company’s ability to produce them and this lead the chief of the company state that their products can be purchased from the third party sellers. I feel it’s a good idea to purchase this kind of devices directly from the source.

– In Ledger device the secure processor chip and in-secure microcontroller chip still passes the information with each other, while the attacker can use the in-secure microcontroller chip and generates the displayed receive address using the code running on the machine

– The ledger wallet doesn’t implement any integrity-check/anti-tampering to its source files, meaning they can be modified by anyone.

– New ledger users would typically send all their funds to the wallet once initialized. If the machine was pre-infected, this first transaction may be compromised causing the user to lose all of his funds.

https://community.mis.temple.edu/mis5211sec001fall2018/2018/11/26/5965/

Web Apps Haunt 70 Percent of FT 500 Firms

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

https://threatpost.com/threatlist-dead-web-apps-haunt-70-percent-of-ft-500-firms/138659/

This article has very interesting statistics. Based on the study of abandoned websites owned by leading global corporations hammers home the point that old web applications need to be properly mitigated or retired. Otherwise, these resources often haunt a firm long after they have been forgotten. 

Key findings:

70% of FT 500 can find access to some of their websites being sold on Dark Web

92% of external web applications have exploitable security flaws or weaknesses

19% of the companies have external unprotected cloud storage

2% of external web applications are properly protected with a WAF

Every single company has some non-compliances with GDPR

 

VirtualBox Zero-Day Vulnerability and Exploit

November 13, 2018 by Brock Donnelly Leave a Comment

https://thehackernews.com/2018/11/virtualbox-zero-day-exploit.html

Here is an interesting story on Oracles Virtual box. It turns out researchers have found a weakness that allows attackers to gain root access from the guest OS and execute code on the host OS.

According to the researchers, the vulnerability allows an attacker or a malicious program with root or administrator rights in the guest OS to escape and execute arbitrary code in the application layer (ring 3) of the host OS, which is used for running code from most user programs with the least privileges.

Following successful exploitation, the researcher believes an attacker can also obtain kernel privileges (ring 0) on the host machine by exploiting other vulnerabilities.

SMS Phishing + Cardless ATM = Profit

November 7, 2018 by Anthony Quitugua 2 Comments

https://krebsonsecurity.com/2018/11/sms-phishing-cardless-atm-profit/

Many of you may have seen the commercials with bank customers accessing ATM’s with just their phones.  All it takes is a debit card added to a digital wallet and an NFC capable ATM.  Well, it didn’t take long for the fraudsters to exploit this new fraud channel.  This is a good article detailing one of the methods they use to accomplish this.  Let me emphasize that this is only one of many methods they can use.

 

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

November 7, 2018 by Raaghav Sharma Leave a Comment

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled.

The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre, TLBleed, and Foreshadow. The new side-channel vulnerability resides in Intel’s Hyper-Threading technology, the company’s implementation of Simultaneous MultiThreading (SMT).

The simple fix for the PortSmash vulnerability is to disable SMT/Hyper-Threading in the CPU chip’s BIOS until Intel releases security patches. OpenSSL users can upgrade to OpenSSL 1.1.1 (or >= 1.1.0i if you are looking for patches).

https://thehackernews.com/2018/11/portsmash-intel-vulnerability.html

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

November 7, 2018 by Ruby(Qianru) Yang 4 Comments

Interesting news about two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. BleedingBit, the set of two vulnerabilities could allow remote attackers to execute arbitrary code and take full control of vulnerable devices without authentication, including medical devices such as insulin pumps and pacemakers, as well as point-of-sales and IoT devices.
Armis discovered BleedingBit vulnerabilities earlier this year and responsibly reported all affected vendors in June 2018, and then also contacted and worked with affected companies to help them roll out appropriate updates to address the issues.

https://thehackernews.com/2018/11/bluetooth-chip-hacking.html

U.S. Consumers’ Security Habits Make Them Vulnerable to Fraud

November 7, 2018 by Xinteng Chen 3 Comments

U.S customers have bad habits in digital security. 51 percent admit to reusing passwords/PINs across multiple accounts such as email, computer log in, phone passcode, and bank accounts. 17 percent customers are concerned that they could fall victim to a physical security breach. 27 percent customers do not shred paper or physical documents containing sensitive information before throwing them away. There are additional information that consumers are unsure how to determine if they were victims of fraud and do not understand how to report and remediate fraud and theft. In addition, 72 percent customers believe that they can identify fraudulent emails or calls. Furthermore, consumers store paper documents containing sensitive information in risky ways. around 30 percent customers store the paper documents contain personal information in a box or desk.drawer. Finally, baby boomers have some of the safest information security habits, despite stereotypes suggesting otherwise.

 

https://www.securitymagazine.com/articles/89564-us-consumers-security-habits-make-them-vulnerable-to-fraud

Managed Threat Hunting Bridges the Talent Gap

November 7, 2018 by Haitao Huang 2 Comments

Threat hunting is the active search for “unknown unknowns,” which describes new and novel attack behaviors that aren’t detected by current automated methods of prevention and detection. It is, by nature, a “hands-on-keyboard activity,” driven by humans. Just like hunting in nature, anyone can do it, but the right experience and tools can make you much more effective.

https://securityledger.com/2018/11/managed-threat-hunting-bridges-the-talent-gap/

 

User Risk Report: 44% of Workers Don’t Password-Protect Home WiFi

November 7, 2018 by Haitao Huang 4 Comments

The organization surveyed 6,000 technology users across six countries — the US, UK, France, Germany, Italy, and Australia — to determine how their personal actions could introduce cybersecurity vulnerabilities within the organizations they work for.

The results show that users’ WiFi and virtual private network (VPN) use remain suspect. Of particular concern is the fact that home WiFi networks are often left fully unprotected, opening the door for remote workers to be compromised — and for their employers to be compromised in turn.

 

https://www.wombatsecurity.com/blog/user-risk-report-44-of-workers-dont-password-protect-home-wifi

Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data

November 7, 2018 by Haitao Huang 1 Comment

Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.

But in a new academic paper published today, two Radboud researchers, Carlo Meijer and Bernard van Gastel, say they’ve identified vulnerabilities in the firmware of SEDs.

The only way users would be safe was if they either changed the master password or if they ‘d configure the SED’s Master Password Capability setting to “Maximum,” which effectively disables it.

 

https://thehackernews.com/2018/11/self-encrypting-ssd-hacking.html

 

  • Page 1
  • Page 2
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in