Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.001 ■ Fall 2019 ■ Wade Mackey

Main Content

“OceanLotus” targets BMW and Hyundai networks

By Leave a Comment

APT hacker group “OceanLotus” apparently compromised network systems of automaker BMW and Hyundai by installing some hacking tool which would control and spy their systems. What they did was nothing new but it was sophisticated.

According to the article

Created Fake Websites

To get access to other computers, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand, as they can monitor networks and find out which folders and files that users logged in.

Hackers Observed for Months

The security team at BMW allowed hackers to stay active with an intention to know more details like, who they were, how many systems they managed to compromise, and what kind of data they were after.

Based on sources, no sensitive information was accessed by hackers during the incident and no primary computers were compromised.

BMW declined to provide additional information on the attack.

“We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,” BMW said in a statement.”

Source Article: https://www.cisomag.com/apt-hacker-group-targets-bmw-and-hyundai-networks/

 

ACLU sues FBI, DOJ over facial-recognition technology, criticizing ‘unprecedented’ surveillance and secrecy

by Leave a Comment

ACLU sues FBI, DOJ over facial-recognition technology, criticizing ‘unprecedented’ surveillance and secrecy

The reports talked about the the American Civil Liberties Union (ACLU) suing the Department of Justice, the FBI and the Drug Enforcement Administration the usage of facial-recognition software, and arguing in a detailed records that Americans’ civil rights and privacy were threaten by their use of the secretly implemented a nationwide surveillance technology.

 

The Washington Post

Facebook content moderation firm Cognizant quits

by Leave a Comment

It follows an investigation by The Verge into working conditions and the mental health of employees working at an Arizona moderation center on behalf of the social network.

Cognizant also has workers in India, Europe and Latin America.It is believed its decision will result in around 6,000 job cuts.

The firm told the BBC: “We have determined that certain content work in our digital operations practice is not in line with our strategic vision for the company and we intend to exit this work over time. This work is largely focused on determining whether certain content violates client standards – and can involve objectionable materials.

“Our other content-related work will continue. In the meantime, we will honor our existing obligations to the small number of clients affected and will transition, over time, as those commitments begin to wind down. In some cases, that may happen over 2020, but some contracts may take longer.”

In response, Facebook’s Arun Chandra said: “We respect Cognizant’s decision to exit some of its content review services for social media platforms.

https://www.bbc.com/news/technology-50247540

Georgia ‘I’ll Be Back’ Cyber Attack Terminates TV, Takes Down 15,000 Websites

by Leave a Comment

A “massive” cyber-attack against multiple targets in Georgia has taken place on October 28, as the BBC and other media reported.

Not only has this seen thousands of websites impacted but two Georgian TV broadcasters, Imedi TV and Maestro, were temporarily taken offline as well. Critical national infrastructure, however, would appear not to have been affected.

Data breach causes 10 percent of small businesses to shutter

by Leave a Comment

People are aware that the impact of data breach will be more severe for big company like Facebook and Target, but it could be more serious for small company because it could cause the bankruptcy in the end. This article shows the results of a survey of 1,008 small businesses with up to 500 employees to prove it. This survey found that 10 percent of the business went out of business, and 25 percent of them had to file for bankruptcy and 37 percent experienced a financial loss after suffering a data breach. 44 percent of these victims were from larger firms of 251-500 people, while 11 percent were companies with 10 or fewer workers. Even though these company has less probability to be the target of hackers and the scale of the organization determines the amount of losses it can suffer, the problem will become more severe for the organization itself based on poor cyber security policy.

https://www.scmagazine.com/home/security-news/data-breach-causes-10-percent-of-small-businesses-to-shutter/

Could your ERP system make you a victim of cybercrime?

by Leave a Comment

Hackers can destroy a organization though multiple ways, and one of that is get the information on enterprise resource planning (ERP) software. The information including personal information, IP and financial data. All information, if in the wrong hands, could destroy a company. This article interprets that 90% of SAP systems are reported to be vulnerable to 10KBLAZE, a public exploit discovered in April this year. Even though the ORACLE publishes patches to fix the bugs, the company still needs make sure they have cybersecurity and application maintenance policies and procedures in place. They should also make sure that included in those procedures is an audit process that truly assesses the system – identifying any vulnerabilities, and ensuring fixes and patches are implemented in a timely manner.

 

https://www.natlawreview.com/article/could-your-erp-system-make-you-victim-cybercrime

Cyber Attack on Indian Nuclear Plant

by Leave a Comment

A government-owned entity – the Nuclear Power Corporation of India was one of the victims of the most recent high profile cyber-attacks. According to a statement released by the company, the attack was discovered on September 4, and no plant control systems were affected. “The investigation revealed that the infected PC belonged to a user who was connected in the internet-connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored. The investigation also confirms that the plant systems are not affected.” According to the article by TNW, the attacks used malware to access the domain controller account that grants access and authenticates requests from other computers in the network.

Some additional information also provided in the article is the data collected by the malware was sent to a mounted drive via SMB and the drive and credential is statically encoded: net use \\\\10.38.1.35\\C$ su.controller5kk /user:KKNPP\\administrator

 

Android gets new security sandboxing features

by Leave a Comment

https://www.itpro.co.uk/google-android/34657/android-gets-new-security-sandboxing-features

This article describes a new feature in Chrome and Android that aims to help with cross-site scripting attacks and other similar attacks. The feature isolates the data in each tab of Chrome and prevents them from reaching out and communicating with each other. So, some malicious code on Tab A, wouldn’t be able to pull your session or credentials from Tab B.

Hacking victim who paid Bitcoin ransom goes on to hack the hackers

by Leave a Comment

A ransomware victim who paid the attackers to decrypt his files gets revenge by hacking them right back. The German programmer released almost 3,000 decryption keys to assist others hit by the Muhstik ransomware, alongside free decryption software. What he did wasn’t legal, but it’s cool to see this vigilante type response to being hacked. Who knows? Maybe if situations like these happened more often, we’d see a decline in ransomware related attacks. Since the FBI warns companies not to pay the ransom anyway, the possibility of getting hacked right back could further deter ransomware attacks.

 

https://thenextweb.com/hardfork/2019/10/08/ransomware-bitcoin-hacker-cryptocurrency-muhstik-rekt/