• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.001 ■ Fall 2019 ■ Wade Mackey
  • Home
  • About
  • Syllabus
  • Gradebook

Main Content

“OceanLotus” targets BMW and Hyundai networks

December 10, 2019 By Jaimin Pandya Leave a Comment

APT hacker group “OceanLotus” apparently compromised network systems of automaker BMW and Hyundai by installing some hacking tool which would control and spy their systems. What they did was nothing new but it was sophisticated.

According to the article

“Created Fake Websites

To get access to other computers, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand, as they can monitor networks and find out which folders and files that users logged in.

Hackers Observed for Months

The security team at BMW allowed hackers to stay active with an intention to know more details like, who they were, how many systems they managed to compromise, and what kind of data they were after.

Based on sources, no sensitive information was accessed by hackers during the incident and no primary computers were compromised.

BMW declined to provide additional information on the attack.

“We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,” BMW said in a statement.”

Source Article: https://www.cisomag.com/apt-hacker-group-targets-bmw-and-hyundai-networks/

 

Week 14 Presentation and Video

December 9, 2019 By Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-14

https://capture.fox.temple.edu/Mediasite/Play/63abf86c86f943eb85d5d510d1fc81231d

Week 13 Presentation and Video

December 9, 2019 By Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-13

https://community.mis.temple.edu/mis5211sec001fall2019/

Wawa says data breach exposed credit card information at potentially all locations

December 19, 2019 by Rami Saba Leave a Comment

I just read this article and thought I’d share since it’s relative to us in the PA area.  Wawa just announced it found malware on its payment processing servers and that it had affected customer payment information since March 4th.  The malware is believed to have been present on most of the 850 store locations by April 22nd.  It exposed credit and debit card numbers, expiration dates, and cardholder names on payment cards used in-store and at gas pumps.  They discovered the malware on December 10th and had it contained by the 12th.  An external forensics firm was hired and is currently investigating to support their review.

Here’s what to do if affected:
“Wawa customers can call 1-844-386-9559 to ask questions and get free credit monitoring and identity-theft protection if their personal information was affected. Consumers should also review payment card account statements for any unauthorized charges.”

https://www.inquirer.com/business/wawa-data-breach-credit-debit-card-numbers-exposed-20191219.html

Filed Under: Uncategorized Tagged With:

“OceanLotus” targets BMW and Hyundai networks

December 10, 2019 by Jaimin Pandya Leave a Comment

APT hacker group “OceanLotus” apparently compromised network systems of automaker BMW and Hyundai by installing some hacking tool which would control and spy their systems. What they did was nothing new but it was sophisticated.

According to the article

“Created Fake Websites

To get access to other computers, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand, as they can monitor networks and find out which folders and files that users logged in.

Hackers Observed for Months

The security team at BMW allowed hackers to stay active with an intention to know more details like, who they were, how many systems they managed to compromise, and what kind of data they were after.

Based on sources, no sensitive information was accessed by hackers during the incident and no primary computers were compromised.

BMW declined to provide additional information on the attack.

“We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,” BMW said in a statement.”

Source Article: https://www.cisomag.com/apt-hacker-group-targets-bmw-and-hyundai-networks/

 

Filed Under: Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

Week 14 Presentation and Video

December 9, 2019 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-14

https://capture.fox.temple.edu/Mediasite/Play/63abf86c86f943eb85d5d510d1fc81231d

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

Week 13 Presentation and Video

December 9, 2019 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-13

https://community.mis.temple.edu/mis5211sec001fall2019/

Filed Under: Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

December 6, 2019 by Numneung Koedkietpong Leave a Comment

The article states IT vulnerabilities related to Linux and Unix operating system which allow attackers to remote and spy with encrypted VPN connections. This is called CVE-2019-14899. The attackers also use virtual network private protocols like OpenVPN, WireGuard, and IKEv2/IPSec. With this attack, hackers are able to

  • determine the virtual IP address of a victim assigned by the VPN server,
  • determine if there is an active connection to a given website,
  • determine the exact seq and ack numbers by counting encrypted packets and/or examining their size, and
  • inject data into the TCP stream and hijack connections.

Source: https://thehackernews.com/2019/12/linux-vpn-hacking.html

Filed Under: Uncategorized, Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

Evil Corp: US charges Russians over hacking attacks

December 5, 2019 by Percy Jacob Rwandarugali Leave a Comment

US authorities have filed charges against two Russian nationals alleged to be running a global cyber crime organisation named Evil Corp.

An indictment named Maksim Yakubets and Igor Turashev – who remain at large – as figures in a group which used malware to steal millions of dollars in more than 40 countries.

Those affected by the hacks include schools and religious organisations.

It is also alleged that Mr Yakubets worked for Russian intelligence.

Speaking at a news conference, Assistant Attorney General Brian Benczkowski said the attacks were among “the worst computer hacking and bank fraud schemes of the past decade”.

Mr Yakubets is accused of leading Moscow-based Evil Corp, while Mr Turashev allegedly acted as an administrator. The pair are thought to be in Russia.

https://www.bbc.com/news/world-us-canada-50677512

Filed Under: Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

Chinese residents worry about rise of facial recognition

December 5, 2019 by Percy Jacob Rwandarugali Leave a Comment

A survey by a Beijing research institute indicates growing pushback against facial recognition in China.

Some 74% of respondents said they wanted the option to be able to use traditional ID methods over the tech to verify their identity.

Worries about the biometric data being hacked or otherwise leaked was the main concern cited by the 6,152 respondents.

Facial recognitions systems are being rolled out in stations, schools, and shopping centres across the country.

The survey, first reported in the West by The Financial Times, was released on Thursday by the Nandu Personal Information Protection Research Centre.

It has been described as being one of the first major studies of its kind into public opinion on the subject in mainland China.

Some 80% of respondents said they were concerned that facial recognition system operators had lax security measures.

 

https://www.bbc.com/news/technology-50674909

 

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

OnePlus Suffers New Data Breach Impacting Its Online Store Customers

December 5, 2019 by Penghui Ai Leave a Comment

As a smartphone maker, one plus is one of my favorite smartphones because of its high quality and reasonable price. In addition, they are really listening to users’ opinions on their community. The company discovered that some of our users’ order information was accessed by an unauthorized party last week while monitoring our systems. The company assured that not all customers were affected and that the attackers were not able to access any payment information, passwords, and associated accounts. The most serious influence would be phishing emails are sending out to the users. As a result of this breach, the company has also finally decided to launch an official bug bounty program by the end of December 2019. 

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

Kali Linux version 2019.4 now offers a Windows theme for the discreet hacker in all of us.

December 3, 2019 by Andrew P. Sardaro Leave a Comment

Offensive Security, creators of Kali Linux, released a new version of that can change your standard Xfce desktop environment into a Windows environment.

The theme is named ‘Kali Undercover,’ and was created for work in public places where discretion is required. I imagine that penetration testers, security researchers or hackers would find this theme beneficial.

Other updates included in this release version:

  • PowerShell Support —Execute PowerShell scripts directly on Kali.
  • Kali NetHunter KeX –Android device connectivity (HDMI and Bluetooth) for Kali desktop support on your smartphone.

https://thehackernews.com/2019/11/kali-linux-undercover-mode.html

 

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

HUMBLE BOOK BUNDLE: CYBERSECURITY 2019 BY PACKT – 6 Days left

December 3, 2019 by Michael Kalai Leave a Comment

HUMBLE BOOK BUNDLE: CYBERSECURITY 2019 BY PACKT

20 Cyber Security Books for $15 through humble bundle. Only 6 days left.

https://www.humblebundle.com/books/cybersecurity-2019-packt-books?hmb_source=humble_home&hmb_medium=product_tile&hmb_campaign=mosaic_section_2_layout_index_3_layout_type_threes_tile_index_1_c_cybersecurity2019packt_bookbundle

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 18
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (55)
  • Week 01: Overview (6)
  • Week 02: TCP/IP and Network Architecture (2)
  • Week 03: Reconnaisance (7)
  • Week 04: Network Mapping and Vulnerability Scanning (4)
  • Week 05: Metasploit (9)
  • Week 06: More Metasploit (8)
  • Week 07: Social Engineering (11)
  • Week 08: Malware (19)
  • Week 09: Web Application Hacking (14)
  • Week 10: SecuritySheperd (12)
  • Week 11: Intro to Dark Web and Intro to Cloud (10)
  • Week 12: Introduction to Wireless Security with WEP and WPA2 PSK (6)
  • Week 13: WPA2 Enterprise and Beyond WiFi (11)
  • Week 14: Jack the Ripper, Cain and Able, and Ettercap (9)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in