ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Week 12: Web Services

Cisco to offer more Security Services with their SD-WAN Offering

by Leave a Comment

Cisco, the worlds most famous networking company has decided to build in some of their other security services into their SD-WAN offering.  Software-defined wide area network (SD-WAN) is a new alternative and cheaper way of connecting networks.  Building security into is is a huge deal.  Some of security features they are going to add include application aware firewalling, IPS (intrusion prevention systems) and URL filtering.

If you wanted a one stop shop for a service this could be it!

https://www.zdnet.com/article/cisco-updates-sd-wan-portfolio-with-new-security-features/

DHS to Spend 1.3 Million on Cyber Research to help Industry

by 1 Comment

DHS is working with teams at the University of California, San Diego, and University of Illinois, Chicago to help build tools and research the best approach for cyber security defense.  This effort comes from a program called Cyber Risk Economics, an effort by the DHS to help people invest in cyber security defenses that will have the biggest bang for the buck.  If they understand the best approach to cyber defense, then they can make smarter investment decisions for cyber security.

 

https://www.defenseone.com/technology/2018/11/dhs-funded-tech-could-help-calculate-costs-cyberattacks/152729/

Microsoft wants to continue working with Trump on Cyber Security

by 1 Comment

What I find very interesting about this article is how cyber security is one of the thing we deal with in our lives that is not pro democrat or pro republican, but is something that either party can make a priority regardless of who’s the president.  Now it’s time to work with Trump on initiatives to safe guard our country our citizens and even the rest of the world from bad actors and malicious intent.

https://www.cnbc.com/2018/11/07/microsoft-wants-to-work-with-trump-and-congress-on-cybersecurity.html

Banking Trojans on Android from Google Play (cross posting to all my classes)

by Leave a Comment

With a heightened awareness of news and a more pragmatic search for ~homework~ source material, this set off ~”that sounds like what we’re studying…” ~ alarms all over.

A bit of social engineering (free speed boost? sounds good to me!), pretense of trustworthiness from the distribution platform, a little something for everyone. All a terrifyingly direct mapping to the  cyber-kill chain/steps in a cyber attack (https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html)

There is even a javascript snip to fingerprint android emulations…and how to better spoof a real device from your emulation…er, if you wanted to do that sort of thing.

https://www.welivesecurity.com/2018/10/24/banking-trojans-continue-surface-google-play/

Exploiting the Ruby programming language

by Leave a Comment

 

Serialization – breaking down what you see into movable storable chunks – happens to everything we send or serve up. Always of concern is whether it has been *tampered with* (I heard something about data at rest an in transit somewhere). The vulnerability to ~de-serialization~ ranks eighth in the OWASP 2017 Top Ten 

Ruby is behind many web services…and some fun “administrative tools”…and we are studying it.

The deep end of the article gets fairly technical (not as much as encryption theory but ~code centered~).

The short short version is that ~auto load~ behaviors of frameworks (like those in Ruby) can allow a payload to be slipped into the serialized output of or exfiltrated from the service it supports.

Don’t copy/paste anything you couldn’t have written yourself.

https://www.elttam.com.au/blog/ruby-deserialization/