Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.702 ■ Fall 2020 ■ Wade Mackey

Main Content

Spear-phishing Attack on Companies Involved in Covid-19 Vaccine Distribution

By Leave a Comment

Hackers are targeting companies that are involved in distributing an Covid-19 Vaccines. Accordingly to a new research the attackers are performing an spear-phishing attack the organizations that are distributing Covid-19 vaccines since September 2020. IBM Security X-Force researchers said that the attacks are being aimed at vaccine cold chain. The companies are responsible for storing and delivering vaccines at a safe temperatures.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert informing an organizations that are involved in storing and delivering Covid-19 vaccines to review the indicator of compromise and increase their defenses.  It has been unclear if there were any of the phishing attacks were successful.  IBM has said that the attackers are trying to steal an credential for the companies to get access of their network and get unauthorized access to the sensitive information regarding to the Covid-19 vaccines.

 

References:

Lakshmanan, R. 2020. Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution. Retrieved from: https://thehackernews.com/2020/12/hackers-targeting-companies-involved-in.html

Week 14: In the News

By Leave a Comment

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.
The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

Vulnerability within WPA 2

by Leave a Comment

Cybersecurity researchers has found an high-severity hardware vulnerability in the widely-used Wi-Fi chip manufactured by Broadcom and Cypress. The vulnerability is called Kr00k an has CVE number CVE-2019-15126. It allows an attacker to remote intercept and decrypt some of the wireless network packets. The attacker doesn’t have to be connected to the same network as the victim. Attacker can communicate to the victims device through the vulnerability within the Wi-Fi chip  using WPA 2-Personal or WPA2-Enterprise protocols. Researchers at ESET has said that devices such as “Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to Kr00k”.

 

References:

Kumar, M. 2020. New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices. Retrieved from: https://thehackernews.com/2020/02/kr00k-wifi-encryption-flaw.html

Spear-phishing Attack on Companies Involved in Covid-19 Vaccine Distribution

by Leave a Comment

Hackers are targeting companies that are involved in distributing an Covid-19 Vaccines. Accordingly to a new research the attackers are performing an spear-phishing attack the organizations that are distributing Covid-19 vaccines since September 2020. IBM Security X-Force researchers said that the attacks are being aimed at vaccine cold chain. The companies are responsible for storing and delivering vaccines at a safe temperatures.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert informing an organizations that are involved in storing and delivering Covid-19 vaccines to review the indicator of compromise and increase their defenses.  It has been unclear if there were any of the phishing attacks were successful.  IBM has said that the attackers are trying to steal an credential for the companies to get access of their network and get unauthorized access to the sensitive information regarding to the Covid-19 vaccines.

 

References:

Lakshmanan, R. 2020. Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution. Retrieved from: https://thehackernews.com/2020/12/hackers-targeting-companies-involved-in.html

Week 14: In the News

by Leave a Comment

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.
The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

Week 14: Reading

by Leave a Comment

In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system in scrambled form One of the most popular password cracker tools is John the Ripper. John the Ripper (JtR) is a password cracking tool originally produced for UNIX-based systems. It was designed to test password strength, brute-force encrypted (hashed) passwords, and crack passwords via dictionary attacks.

Week 12: In the News

by Leave a Comment

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.

The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

 

 

Week 12: Reading

by Leave a Comment

This weeks reading talks about XML Services. XML Web services are the fundamental building blocks in the move to distributed computing on the Internet. Open standards and the focus on communication and collaboration among people and applications XML Web Services expose useful functionality to Web users through a standard Web protocol. In most cases, the protocol used is SOAP. XML Web services provide a way to describe their interfaces in enough detail to allow a user to build a client application to talk to them. This description is usually provided in an XML document called a Web Services Description Language (WSDL) document. XML Web services are registered so that potential users can find them easily. This is done with Universal Discovery Description and Integration (UDDI).

Week 10: In the News

by Leave a Comment

Russian Hacker jailed over botnet data scraping scheme that drained victim bank accounts.

A Russian cybercrime has been sentenced to eight years for participating in a botnet scheme that caused at least $100 Million in financial damage. Aleksandr Brovko was an active member of several elite, online forums designed to gather and exchange criminal tools and services. Brovko wrote a script that enabled botnets to parse log data. Which was used to uncover personally identifiable information(PII) and account credentials. Brovko processed and trafficked over 200,000 unauthorized access devices during the course of the conspiracy. These devices consist of PII and Financial Account Details. Resulting in over $100 Million in intended losses

Week 10: Reading

by Leave a Comment

This week reading is on Burp Suite. Burp Suite is one of the most popular penetration testing and vulnerability finder tools, and is often used for checking web application security. “Burp,” as it is commonly known, is a proxy-based tool used to evaluate the security of web-based applications and do hands-on testing. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Week 9: Reading

by Leave a Comment

Week 9’s reading contains OWASP top 10 Web Application Security Risk. The number one Web Application Vulnerability is Injection.  Injection flaws, such as SQL, NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization. A successful attack may result in the unauthorized viewing of user lists, the deletion of entire tables and, in certain cases, the attacker gaining administrative rights to a database, all of which are highly detrimental to a business.