Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.001 ■ Fall 2019 ■ Wade Mackey

Numneung Koedkietpong

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

by Leave a Comment

The article states IT vulnerabilities related to Linux and Unix operating system which allow attackers to remote and spy with encrypted VPN connections. This is called CVE-2019-14899. The attackers also use virtual network private protocols like OpenVPN, WireGuard, and IKEv2/IPSec. With this attack, hackers are able to

  • determine the virtual IP address of a victim assigned by the VPN server,
  • determine if there is an active connection to a given website,
  • determine the exact seq and ack numbers by counting encrypted packets and/or examining their size, and
  • inject data into the TCP stream and hijack connections.

Source: https://thehackernews.com/2019/12/linux-vpn-hacking.html

OnePlus Suffers New Data Breach Impacting Its Online Store Customers

by Leave a Comment

The vulnerability in the online website was found in OnePlus, Chinese smartphone maker. They announced this issue to customers via email and also published on the website. They discovered the weakness which unauthorized person were able to access personal information of their customers such as names, contact numbers, and emails. However, the private information like payment information and password were not compromised. As a result, the company has finally decided to launch an official bug bounty program, allowing researchers and hackers to get paid for responsibly reporting severe vulnerabilities before hackers could do any further damage.

https://thehackernews.com/2019/11/oneplus-store-data-breach.html

Qualcomm Chip Flaws Let Hackers Steal Private Data From Android Devices

by Leave a Comment

The article states serious vulnerabilities which were found in Andriod smartphones using Qualcomm chipsets. Qualcomm’s Secure Execution Environment or QSEE is a hardware-isolated secure area on the main processor that aims to protect sensitive information and provides a separate secure environment (REE) for executing Trusted Applications. According to vulnerabilities, hackers can exploit system to gain credential and private data.

Source: https://thehackernews.com/2019/11/qualcomm-android-hacking.html

Amazon’s Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

by Leave a Comment

The article states that researchers from Bitdefender have found that Amazon’s Ring Video Doorbell Pro device has IT vulnerabilities which attackers are able to exploit the system in order to hack WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. If hackers can gain unauthorized access to the system, they possibly can interact with all devices within the household network, intercept network traffic and run man-in-the-middle attacks, or access all local storage like NAS.

5 Places Where Hackers Are Stealthily Stealing Your Data In 2019

by Leave a Comment

The article states that there are top five places in 2019 where hackers can steal corporate and government data without detection. The details are as follow;

  1. Misconfigured cloud storage: “(ISC)² Cloud Security Report 2019 assets that 64% of cybersecurity professionals perceive data loss and leakage as the biggest risk associated with the cloud.” In order to mitigate this, a cloud security policy should be established and regularly updated inventory of cloud infrastructure.
  2. Darkweb: “Notorious Collection #1, revealed in 2019 by security expert Troy Hunt, is a set of email addresses and plaintext passwords totaling 2,692,818,238 rows”. To protect, set up holistic password policy and incident response plan.
  3. Abandoned and unprotected websites: “The same report revealed that 25% of e-banking applications were not even protected with a Web Application Firewall (WAF). Eventually, 85% of applications failed GDPR compliance tests, 49% did not pass the PCI DSS test.” To mitigate, the in-depth web penetration testing should be conducted.
  4. Mobile Applications’ backends: There is a vulnerability on API. To protect, conduct mobile penetration testing.
  5. Public code repositories: Some organization store high sensitive data in the open and accessible repositories like GitHub. To mitigate this, the policy related to code storage and access management should be established and then enforcing it to both internal and third-party.

How to Avoid the Top Three Causes of Data Breaches in 2019

by Leave a Comment

The article states that there are three main causes of data breaches in 2019 as following;

  1. Misconfigured cloud storage: most of companies don’t use encryption to protect data in cloud or don’t put any security access control as a standard. What’s more, they don’t concern about term and agreement.
  2. Unprotected code repositories: external software developers are the weakness because they lack of security traning awareness which allows attackers easily exploit to the systems.
  3. Vulnerable open source software: The companies still have the vulnerabilities of open source component, libraries, and frameworks. Patches are not regularly updated.

Therefore, five recommendations are provided;

  1. Maintain an up2date and holistic inventory of your digital assets
  2. Monitor your external attack surface and risk exposure
  3. Keep your software up2date, implement patch management and automated patching
  4. Prioritize your testing and remediation efforts based on risks and threats
  5. Keep an eye on Dark Web and monitor data leaks.

Source: https://thehackernews.com/2019/10/data-breach-protection.html

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

by Leave a Comment

The article states about “SimJacker” vulnerability which attackers are able to remotely attack to mobile phone. This involves a SMS containing a specific type of spyware-like code being sent to a mobile phone to exploit the presence of a particular piece of software of S@T Browser on the SIM card. This weakness has spread over 29 countries including North America, South America, Africa, Europe, and Asia.  In addition, there is android application like SnoopSnitch to detect the attack according to suspicious binary SMS and  the SIMalliance has also improved some updates to  S@T browser specifications to increase the security of the SIM toolkits.

Source: https://thehackernews.com/2019/10/simjacker-vulnerability-exploit.html

Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers’ Interaction

by Leave a Comment

The article states the vulnerabilities found in the messenger application called “Signal Private Messenger”. Natalie Silvanovich found a logical vulnerability for Andriod which allows a caller to mandate a call to be answered at the destination without requesting receivers’ interaction. “In other words, the flaw could be exploited to turn on the microphone of a targeted Signal user’s device and listen to all surrounding conversations.”
However, this issue was already solved by releasing patch management of “Signal for Android v4.47.7”.

Source: https://thehackernews.com/2019/10/signal-messenger-bug.html

Researchers Find New Hack to Read Content Of Password Protected PDF Files

by Leave a Comment

The article states that there is a new threat which hackers can unauthorized access and change to encrypted PDF without knowing password. This threat is called PDFex attacks which hackers remotely use the technique to remotely exploit PDF data. This means using this attack can automatically send the decrypted file out by using a remote-controlled server. Vulnerabilities were found in various well-known software such as Adobe Acrobat, Foxit Reader, and Nitro Reader and multiple browsers such as Chrome, Firefox, and Safari. Additionally, a team of German security researchers found 2 weaknesses of PDF encryption which are partial encryption and ciphertext malleability.

Link : https://thehackernews.com/2019/10/pdf-password-encryption-hacking.html

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

by Leave a Comment

The article states the mobile hacking campaign which the main target is Tibetan groups. The victims, especially in high management level, received a malicious link via WhatsApp application in both Iphone and Andriod platforms between November 2018 and May 2019. The Canadian researchers found that hackers (Poison Carp) use MOONSHINE spyware which allows them to gain full unauthorized access to victim devices and they are able to steal private data via applications like Gmail and Twitter.

Source: https://thehackernews.com/2019/09/iphone-android-hacking-tibet.html