Week 13: WPA2 Enterprise and Beyond WiFi

“OceanLotus” targets BMW and Hyundai networks

December 10, 2019 by Jaimin Pandya Leave a Comment

APT hacker group “OceanLotus” apparently compromised network systems of automaker BMW and Hyundai by installing some hacking tool which would control and spy their systems. What they did was nothing new but it was sophisticated.

According to the article

“Created Fake Websites

To get access to other computers, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand, as they can monitor networks and find out which folders and files that users logged in.

Hackers Observed for Months

The security team at BMW allowed hackers to stay active with an intention to know more details like, who they were, how many systems they managed to compromise, and what kind of data they were after.

Based on sources, no sensitive information was accessed by hackers during the incident and no primary computers were compromised.

BMW declined to provide additional information on the attack.

“We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,” BMW said in a statement.”

Source Article: https://www.cisomag.com/apt-hacker-group-targets-bmw-and-hyundai-networks/

Week 13 Presentation and Video

December 9, 2019 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-13

https://community.mis.temple.edu/mis5211sec001fall2019/

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

December 6, 2019 by Numneung Koedkietpong Leave a Comment

The article states IT vulnerabilities related to Linux and Unix operating system which allow attackers to remote and spy with encrypted VPN connections. This is called CVE-2019-14899. The attackers also use virtual network private protocols like OpenVPN, WireGuard, and IKEv2/IPSec. With this attack, hackers are able to

determine the virtual IP address of a victim assigned by the VPN server,
determine if there is an active connection to a given website,
determine the exact seq and ack numbers by counting encrypted packets and/or examining their size, and
inject data into the TCP stream and hijack connections.

Source: https://thehackernews.com/2019/12/linux-vpn-hacking.html

Evil Corp: US charges Russians over hacking attacks

December 5, 2019 by Percy Jacob Rwandarugali Leave a Comment

US authorities have filed charges against two Russian nationals alleged to be running a global cyber crime organisation named Evil Corp.

An indictment named Maksim Yakubets and Igor Turashev – who remain at large – as figures in a group which used malware to steal millions of dollars in more than 40 countries.

Those affected by the hacks include schools and religious organisations.

It is also alleged that Mr Yakubets worked for Russian intelligence.

Speaking at a news conference, Assistant Attorney General Brian Benczkowski said the attacks were among “the worst computer hacking and bank fraud schemes of the past decade”.

Mr Yakubets is accused of leading Moscow-based Evil Corp, while Mr Turashev allegedly acted as an administrator. The pair are thought to be in Russia.

https://www.bbc.com/news/world-us-canada-50677512

Suspect can’t be compelled to reveal “64-character” password, court rules

December 1, 2019 by Christopher James Lukens Leave a Comment

In a case of child pornography the suspect was not required to turn over his 64 character password. The lower court wanted to use the “forgone conclusion exception” to make him divulge the password. The forgone conclusion exception forced suspects to hand over paper documents and hadn’t been used in the case of a password yet. The PA supreme court ruled that it couldn’t be used because the 5th amendment protection of self-incrimination. Overall a very interesting read and has set an interesting precedent.

https://arstechnica.com/tech-policy/2019/11/police-cant-force-child-porn-suspect-to-reveal-his-password-court-rules/

OnePlus Suffers New Data Breach Impacting Its Online Store Customers

November 25, 2019 by Numneung Koedkietpong Leave a Comment

The vulnerability in the online website was found in OnePlus, Chinese smartphone maker. They announced this issue to customers via email and also published on the website. They discovered the weakness which unauthorized person were able to access personal information of their customers such as names, contact numbers, and emails. However, the private information like payment information and password were not compromised. As a result, the company has finally decided to launch an official bug bounty program, allowing researchers and hackers to get paid for responsibly reporting severe vulnerabilities before hackers could do any further damage.

https://thehackernews.com/2019/11/oneplus-store-data-breach.html

Ransomware attack in Louisiana: Public agencies hit; officials didn’t pay ransom

November 21, 2019 by Michael Kalai Leave a Comment

Ransomware attack in Louisiana: Public agencies hit; officials didn’t pay ransom

It affected many public-facing websites and services.

“The IT team noticed the irregular pattern, saw that it was the Ryuk virus, which encrypts files, and didn’t read the ransom note, said Jacques Berry, spokesman for the Division of Administration. Instead, the team found where virus was attached to the programs and shutdown computers to avoid infecting other systems, Berry said.”

The Department of Homeland Security Will Teach You Computer Hacking For Free

November 21, 2019 by Andrew P. Sardaro Leave a Comment

I Found this article on military.com, under Veteran Jobs. The Department of Homeland Security (DHS) will provide cybersecurity training to all veterans through a program called Federal Virtual Training Environment (FedVTE).

The program offers 800 plus hours, including topics such as Ethical Hacking and surveillance, Malware analysis, and Mobile Forensics. The program will prepare veterans for industry-standard certifications such as the CISSP and are free.

This is a great initiative, gets more people involved in the cybersecurity field, and helps veterans obtain a skillset to secure a position in the civilian workforce.

https://www.military.com/veteran-jobs/federal-government-will-teach-you-computer-hacking-free.html

CISA Wants Feedback on Its Vulnerability Assessments

November 21, 2019 by Penghui Ai Leave a Comment

The Homeland Security Department is searching for feedback on a program that gives infrastructure operators a chance to perceive how their cyber defenses stack facing each other.

the Cybersecurity and Infrastructure Security Agency runs The vulnerability assessment program to assists members with spotting explicit weaknesses in their digital infrastructure and create techniques to close those holes.

Through the latest solicitation, authorities are explicitly searching for remarks on the program’s viability, just as measures that may improve its assessments or make it simpler for members to utilize. The general population must submit input by Dec. 14.

https://www.nextgov.com/cybersecurity/2019/11/cisa-wants-feedback-its-vulnerability-assessments/161279/

Macy’s suffers online Magecart card-skimming attack, data breach

November 21, 2019 by Jiahao Karl Li Leave a Comment

Macy’s has announced a data breach caused by Magecart card-skimming code being implanted in the firm’s online payment portal. The code injection, believed to have been done on October 7, impacted the Macy’s checkout page and wallet page, the latter of which is accessed through the “My Account” facility. The amounts of customers may have been embroiled in the data-stealing campaign is still under water, which lasted at least a week before Macy’s knew of its compromise. However, a Macy’s spokesperson suggests that only a “small” number of customers were involved, and they would be offered consumer protection services for free.