• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

William Bailey

Ethical Hacking

MIS 5211.701 ■ Fall 2020 ■ William Bailey
  • Home
  • INSTRUCTOR
  • SYLLABUS
  • Gradebook

Week 01: Overview

Week 1 Presentation Handout

A Pen Tester’s Nightmare

August 30, 2020 by Bryan Garrahan Leave a Comment

https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/

I recall following this story about two Pen tester’s who were arrested during an authorized penetration testing engagement in Dallas County Iowa. The engagement took place at a county courthouse and the scope of the engagement tasked the two pen testers to physically gain access to the courthouses facilities. After tripping an alarm during the assessment the two pen testers found themselves under arrest even after providing proof of contract as well as contact information of individuals who authorized the assessment.

As part of our discussion this week we spoke about what are the attributes of a “good” pen tester. One of those attributes was that a qualified pen tester must be methodical in developing a game plan in order to execute a successful pen test. This is where the breakdown was in my opinion as it turns out that the courthouse was actually owned by Dallas county and not the state of Iowa (who actually requested the assessment). While I think the authorities handling of the situation was a bit extreme, it doesn’t appear that a quality or methodical game plan was deployed during the assessment – hence, the two pen testers found themselves in trouble. What do you think?

Filed Under: Week 01: Overview Tagged With:

Week 1: In the News

August 28, 2020 by William Bailey 19 Comments

During the week, research an article that describes a recent breach (hack) of an organization.  Of special interest this week, does the article discuss whether the organization had conducted some sort of vulnerability scans, penetration tests, and/or red or blue team exercises?

When citing the article, include the URL, so that others can read the rest of the article.

Filed Under: Week 01: Overview Tagged With:

Hackers for Hire

August 25, 2020 by Kelly Sharadin Leave a Comment

In our first lecture, we discussed insider threats and the value of business information and the subsequent damage it causes organizations if stolen. Capitalizing on the market of cyber espionage, a cybercriminal group, known as DeathStalker, is targeting smaller financial organizations. Security researchers report that DeathStalker is “offering hacker-for-hire services,” and are acting as “information brokers” by stealing and selling business secrets. The group attacks victims using phishing emails and a malicious PowerShell executable.

https://www.darkreading.com/attacks-breaches/deathstalker-apt-targets-smbs-with-cyber-espionage-/d/d-id/1338737

Filed Under: Week 01: Overview Tagged With:

Welcome to MIS5211 Fall 2020 – Ethical Hacking

August 23, 2020 by William Bailey 7 Comments

Welcome to the online section of MIS5211!  Although this class is online, over the next semester we will be interacting with each other and working on group projects.

As we prepare for the first Webex on Thursday, I’ve set this post for each of us to introduce ourselves:

  1. What is your preferred name?  Are you a Robert that wants to be called Bob, or vice-versa?  Let us know!
  2. Where are you based?  Tell us about your City or Town.
  3. What is your current experience in ethical hacking?
  4. What do you hope to leave this class with?
  5. Are you currently employed in IT or IT Security?  You don’t have to divulge your employer, and may be restricted from telling outsiders, but what industry segment do you work in?
  6. What “fun fact” do people not know about you?

Please join in, and post a reply with a bit about yourself.

Filed Under: Week 01: Overview Tagged With:

Canadian University Scammer

August 23, 2020 by William Bailey 6 Comments

Just to kick things off.  Here’s an article describing scammers using phishing techniques netted 11 million Canadian (9 Million US).

https://motherboard.vice.com/en_us/article/yww4xy/a-canadian-university-gave-dollar11-million-to-a-scammer

The article says this is not technically hacking.  I don’t agree, but what do you think?

For those with an audit background, it also points out that anti-fraud controls were either not in place, or not effective.

Filed Under: Week 01: Overview Tagged With:

Primary Sidebar

Weekly Discussions

  • Uncategorized (1)
  • Week 01: Overview (5)
  • Week 02: TCP/IP and Network Architecture (3)
  • Week 03: Virtualization (2)
  • Week 04: Vulnerability Scanning (2)
  • Week 05: System and User Enumeration (2)
  • Week 06: Metasploit (1)
  • Week 07: Social Engineering (2)
  • Week 08: Malware (2)
  • Week 09: Web Application Security (1)
  • Week 12: Wireless (2)
  • Week 14: Review of all topics (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in