As our semester wraps up, what was the idea/concept/topic that had the greatest impact, and why?
William Bailey
As our semester wraps up, what was the idea/concept/topic that had the greatest impact, and why?
For this week’s discussion, research an article describing a breach where wireless (Wifi) was the entry point for the breach.
What weaknesses in the configuration did the attackers use to enter their target’s system?
What countermeasures would you implement if you wanted to defend against this breach?
Please include the URL for the article, so that others can read the article(s).
During Week 11, what are your experiences with Security Shepherd?
Which deployment method (VMware / VirtualBox / Docker) did you choose, and why?
How many challenges did you complete?
When you encountered issues, what kind of steps did you take to resolve the issues and forge onward?
To help us understand what can be obtained via a web application that has vulnerabilities, or weaknesses, that an untrusted outsider can take advantage of. Krebsonsecurity talks about a breach caused to a web application that they had purchased from Fiserv, resulting in customers being able to to view account data for other customers, including account number, balance, phone numbers and email addresses. (https://krebsonsecurity.com/tag/fiserv/)
For this week, research a recent breach announcement that was attributed to a web application failure. How did attackers misuse the website, and what were they able to obtain? How could the breach have been averted?
Let’s continue to discuss malware during CyberSecurity Awareness Month, and we’ll refer to the video series we looked at previously at https://staysafeonline.org/resource/security-awareness-episodes/ , specifically the following Episode 5: Removable Media, if you’ve not watched it already.
Research, and describe, a news articles describing a publicly-disclosed breach that can be tied to the use of removable media as the entry.
Also, for “bonus points”, what other security errors do you see in this episode? (https://staysafeonline.org/blog/security-best-practices-for-removable-media-and-devices/)
During class, we talked about Vishing. Below is a link to a short video that shows an IT professional being duped after receiving compliments, a promise of an award, in exchange for his contact details and credit card information to pay for shipping the “reward”.
After watching your video at https://youtu.be/D_yAYhjNE-0 , What social engineering tactics did you observe in the video?
For this discussion question, research a current article related to open-source components:
Remember to include the URL of the article being referenced.
During this week, we talked about some additional scanning products used in Ethical Hacking. While many are open source, we also mentioned that there are some products that are commercial, and require a paid license.
During your trial of Kali, so far, have you found any interesting tools that you want to spend more time with?
While not disclosing your employer’s name, are you aware of tools that your employer currently uses?
For this discussion question, research a current article related to vulnerability scanning:
Remember to include the URL of the article being referenced.
For this discussion question, research an current article related to virtualization, such as:
Remember to include the URL of the article being referenced.