• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Week 14: Review of all topics

ISACA Event Write-up

December 17, 2018 by Satwika Balakrishnan Leave a Comment

It was my first time attending a networking event, and I found the ISACA networking event to be really interesting. I was glad to meet several senior IT auditors and know their perspective about auditing. I got a chance to understand some everyday audit situations and also critical skills that employers look for in an auditor. I also got a chance to interact with Prof Thu, outside class. Although I did not talk a lot about cyber security topics, I had some interesting general conversations.

Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

December 16, 2018 by Raaghav Sharma Leave a Comment

Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers.
Dubbed as ‘Magellan‘ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications.

Since Chromium-based web browsers—including Google Chrome, Opera, Vivaldi, and Brave—also support SQLite through the deprecated Web SQL database API, a remote attacker can easily target users of affected browsers just by convincing them into visiting a specially crafted web-page.

Since SQLite is used by everybody including Adobe, Apple, Dropbox, Firefox, Android, Chrome, Microsoft and a bunch of other software, the Magellan vulnerability is a noteworthy issue, even if it’s not yet been exploited in the wild.

Users and administrators are highly recommended to update their systems and affected software versions to the latest release as soon as they become available.

https://thehackernews.com/2018/12/sqlite-vulnerability.html

 

US Postal Service Left 60 Million Users Data Exposed For Over a Year

December 16, 2018 by Nishit Darade Leave a Comment

US Postal Service Left 60 Million Users Data Exposed For Over a Year
– Swati Khandelwal

News just came out that United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website.

The vulnerability was tied to an authentication weakness in an application programming interface(API). According to the cybersecurity researcher, who has not disclosed his identity, the API was programmed to accept any number of “wildcard” search parameters, enabling anyone logged in to usps.com to query the system for account details belonging to any other user.

The vulnerability was reported almost a year ago and it took outside intervention to address this serious vulnerability. As of now there is no evidence to support that this vulnerability was taken advantage of.

Reference: https://thehackernews.com/2018/11/usps-data-breach.html

Sextortion gang found to be behind email bomb threat spree

December 15, 2018 by Connor Fairman Leave a Comment

A bunch of malicious actors who have been sending email bomb threats are believed to be the same actors who engaged in a sextortion campaign. In the bomb threat campaign, schools, government offices, and private organizations were told to send bitcoins to prevent an explosion from going off. However, this was not a financially successful endeavor for the perpetrators. In relation to our course content, this is a classic example of social engineering, not sophisticated hacking. However, as we’ve learned, social engineering attacks make up the brunt of most hacks and are extremely effective. People need to be aware of these kinds of attacks in the future so that they don’t fall for them.

 

https://www.scmagazine.com/home/security-news/sextortion-gang-found-to-be-behind-email-bomb-threat-spree/

SECURITY NEWS THIS WEEK: DID QUORA GET HACKED? TOP ANSWER: YES

December 15, 2018 by Connor Fairman Leave a Comment

Quora recently acknowledged that they were hacked by a malicious third party. In a classic tale, user data was stolen through a breach. Quora has alerted the authorities. The breach has implications for around 100 million users:

  • Account information, e.g. name, email address, encrypted password (hashed using bcrypt with a salt that varies for each user), data imported from linked networks when authorized by users
  • Public content and actions, e.g. questions, answers, comments, upvotes
  • Non-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)

One interesting find here in my opinion is that Quora uses bcrypt to encrypt passwords. That’s a pretty standard way that people do it when they build apps. That’s how I encrypted user passwords this summer at my internship. I guess I expected Quora to have maybe a proprietary way of encrypting passwords. Maybe bcrypt is just that good. I don’t know.

https://blog.quora.com/Quora-Security-Update

U.S. Ballistic Missile Defense Systems Fail Cybersecurity Audit

December 15, 2018 by Connor Fairman 1 Comment

One day one of us may be the ones auditing US Ballistic Missile Defense Systems. As the title suggests, they failed a cyber security audit recently. Numerous vulnerabilities were found. Users were instructed to only use single-factor authentication for 15 days after account creation. However, there was no mechanism for enforcing this, and people used single-factor authentication for a long time after 15 days. Once identified, multiple vulnerabilities were not patched at at numerous stations. Data that was stored on removable devices was not being encrypted. These vulnerabilities, among many others, contributed to the systems’ failure to pass the cybersecurity audit. These are all relatively fixable things. It seems like the employees or whoever is responsible for cyber security is simply being lazy.

https://www.bleepingcomputer.com/news/security/us-ballistic-missile-defense-systems-fail-cybersecurity-audit/

Chinese Hackers Breach U.S. Navy Contractors

December 15, 2018 by Connor Fairman Leave a Comment

Chinese hackers have gained access to American military technology and other sensitive information by hacking US Navy contractors. Contractors are civilians that are hired by government agencies and the military on a contract basis. Especially over the past year, the Navy and Air Force have suffered breaches. These two branches of the military are prime targets because they utilize the latest technologies accessible to the military. Contractors frequently are more vulnerable to attacks.

https://www.wsj.com/articles/u-s-navy-is-struggling-to-fend-off-chinese-hackers-officials-say-11544783401?ns=prod/accounts-wsj

Hackers Steal Over $800,000 By Dropping a Malware On Cod Community College Computer Systems

December 13, 2018 by Brock Donnelly Leave a Comment

Hackers Steal Over $800,000 By Dropping a Malware On Cod Community College Computer Systems

Has anyone noticed the large scale phishing attempt offer the last few months? Here is a story on a successful one. Attackers have tricked Cape Cod Community College via malware ingested through phishing. The malware quickly spread to the systems in the administration building. The malware targeted the college’s financial transactions. It appears as though it overwrote the URL address for the college’s bank, TD Bank, creating a fake site that looked and functioned like the financial institution. The cyber criminals managed to trick employees to approve 12 transactions totaling $807,130 however TD bank did stop three on suspicion. The college is looking into installing next-generation endpoint protection software across the campus.

New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs

December 13, 2018 by Brock Donnelly Leave a Comment

https://thehackernews.com/2018/12/china-ransomware-wechat.html

This new ransomware has managed to infect 100,000 machines in 4 days and only asked for $14 US. This is an odd ransomware. it doesn’t ask for bitcoin but rather payment via a popular Chinese texting app. It also steals login and password information for such apps on the infected computers. It is an interesting newer take on ransomware. The attacker used a supply chain attack adding his malicious code to legitimate software.
The infection speed did not matter as is seem the author didn’t do a very good job hiding his tracks. He was arrested after 24 hours. Check out the article to see how he lead the authorities right to him.

ISACA event writeup

December 12, 2018 by Frederic D Rohrer Leave a Comment

The ISACA event was a lot of fun for me. I talked to some previous ITACS graduates that have found positions in IT auditing or cyber security immediately after graduating here. I spoke with Fraser who recently started working in a SOC. Then I talked to Michael from GeoBlue, a health insurance company for people on business travel or exchange students. Michael mentioned that his company does yearly audits and that every year the quality of the audit differs, even though they use the same company. He says that due to the “gut feeling” nature of penetration tests and audits, different holes are found. Sometimes one auditor is also more or less thorough. I found this interesting as it indicates a niche in the market for penetration testing, that is to structure the testing so that it does not depend on the tester.

  • Page 1
  • Page 2
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in