• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

William Bailey

Ethical Hacking

MIS 5211.701 ■ Fall 2021 ■ William Bailey
  • Home
  • INSTRUCTOR
  • SYLLABUS
  • Gradebook

Week 02: In the News – Current Breach or Incident Article

August 30, 2021 by William Bailey 7 Comments

Ethical Hacking involves continuing education. This past weekend, some gathered in Chicago Illinois at BlueTeamCon to learn about hacks that others have discovered, exchange techniques, etc.  So, while we didn’t get to go to Chicago, we can still read articles, and learn from those articles.

Please reply to this post with an article of a current breach or incident. If possible, let’s try to stay focused on how Network Architecture and/or Google Hacking was involved.

Filed Under: Week 02: TCP/IP and Network Architecture Tagged With:

Reader Interactions

Comments

  1. Dhaval Patel says

    August 30, 2021 at 11:29 am

    I am sure many of us heard about the T-mobile breach. This article explains how an individual in their early 20s was able to take advantage of an exposed router and gain access to customer information.
    https://apnews.com/article/technology-business-hacking-fce56107ed5982bbbbc6b1acdefb5ebc

    Log in to Reply
  2. Antonio Cozza says

    August 30, 2021 at 4:28 pm

    https://www.imperva.com/learn/application-security/google-hacking/

    This article briefly explains how web crawlers attempt to index information and then potentially publish that information to a web server, allowing for Google Hacking to be performed. It discusses how several companies were breached, revealing PII of over 90,000 customers at SUNY Stony Brook, as well as PII stolen Jax Federal Credit Union through google hacking queries.

    Log in to Reply
  3. Patrick Jurgelewicz says

    August 30, 2021 at 4:48 pm

    https://www.theregister.com/2021/06/16/alibaba_tabao_scraped_data_leak/
    https://securityboulevard.com/2021/08/must-fix-vulnerabilities-per-application-jump-in-may-june/

    Taobao, a Chinese online shopping platform, recently suffered a data breach that compromised many usernames and phone numbers of customers. It appears that the information was lifted using a web crawler, meaning there was a vulnerability in the site’s application layer.

    Log in to Reply
  4. Andrew Nguyen says

    September 4, 2021 at 4:13 pm

    I came across this article, and found it really interesting how cybercriminals were able to trick the town of Peterborough not once, but twice into making false payments through emails.

    In summary, cybercriminals leveraged public information to impersonate
    1. A school district
    2. A local construction firm
    and emailed the town of Peterborough notifying them of missing payments. Payments were made to the cybercriminals bank accounts, and Peterborough lost $2.3m as a result.

    I am pretty impressed by the cybercriminals who were able to leverage public information to impersonate a school district and a construction firm to facilitate payments to their bank accounts, but I found it surprising that who ever was in charge of making those false payments on behalf of the town of Peterborough did not question the emails, or find anything suspicious about the contents of the emails (there is also the possibility that the cybercriminals were just that good/convincing).

    In either case, I think this goes to show that cybercriminals are still out there, and that we should be aware of all the different attack avenues that we are potentially vulnerable to (phishing, social engineering, etc.).

    Source : https://statescoop.com/new-hampshire-town-lost-2-3-million-in-email-scam/

    Log in to Reply
  5. Krish Damany says

    September 11, 2021 at 10:04 pm

    Recently, the United Nations had their network compromised by hackers. Researchers working at the firm Resecurity found that data was taken. These hackers gained access by using stolen credentials from a UN employee. This username and password combination is believed to have been purchased on the dark web. The network was accessed as early as April 5th, and intrusions continued until August 7th. While there is no evidence of tampering with the network in any way, the hackers did collect information. As this is the United Nations, they are constantly a prime target for cyber-attacks, and the current employees working there should change their passwords and enable multi factor authentication to mitigate this from occurring.

    https://www.infosecurity-magazine.com/news/hackers-steal-data-from-united/

    Log in to Reply
  6. Tal Eidenzon says

    September 12, 2021 at 11:36 pm

    The U.S. State Department was reportedly hit by a cyberattack with a potentially serious breach.
    Naturally, the nature or scope of any “alleged cybersecurity incidents” was not disclosed, but this adds another entry into the already lengthy list of breaches on the government. There looks to be more and more evidence that points to security not being taken seriously in the public sector.

    https://www.cnbc.com/2021/08/21/us-state-department-reportedly-hit-by-a-cyberattack-in-recent-weeks.html

    Log in to Reply
  7. Parmita Patel says

    September 17, 2021 at 10:55 pm

    https://www.straitstimes.com/tech/tech-news/hackers-pose-as-bank-customers-to-make-500k-in-fake-credit-card-payments-by-stealing?&web_view=true

    The hackers posed as bank customers and made $500,000 in fake credit card payments. The real bank customers said they were not the ones to make those transactions and had to take further steps in order to protect their credentials. The hackers then used the victims’ stolen credit card details to make fraudulent online card payments.

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (1)
  • Week 01: Overview (2)
  • Week 02: TCP/IP and Network Architecture (2)
  • Week 03: Reconnaisance (2)
  • Week 04: Vulnerability Scanning (1)
  • Week 05: System and User Enumeration (1)
  • Week 06: Metasploit (1)
  • Week 08: Malware (1)
  • Week 09: Web Application Security (1)
  • Week 10: Web Application Hacking (1)
  • Week 11: Cloud Computing & Virtualization (2)
  • Week 12: Wireless (2)
  • Week 14: Review of all topics (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in