Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.702 ■ Fall 2020 ■ Wade Mackey

Chidiebele Okosi

Network Mapping and Vunerability Scanning – THE IMPORTANCE OF VULNERABILITY SCANS

by Leave a Comment

https://www.allcovered.com/blog/the-importance-of-vulnerability-scans/#:~:text=The%20Importance%20of%20Vulnerability%20Scans%20Vulnerability%20scanning%20is,reporting%20of%20potential%20security%20issues%20on%20a%20network.

Proactively managing and monitoring the network is part of the protection and vulnerability scans can help the organization identify and fix vulnerabilities /issues discovered before they become exploitable. Scans of the network, servers, applications and myriad of other network components is a good start point.

It is important to form vulnerability scans as part of the network protection because for Every time a computer connects to the Internet, there is a risk of a hacker taking advantage of some new vulnerability. This needle in the cyber-haystack can wreak havoc on networks and computers. Most disconcerting, these vulnerabilities can cause more than annoying pop-ups. They can worm their way into a network and steal proprietary information and other data critical to the profitability of a business. Even the National Institute of Standards and Technology’s Computer Security Division keeps a National Vulnerability Database (NVD) in an effort to help companies prepare against potential attacks. The NVD is sponsored by the Department of Homeland Security’s National Cyber Security Division. As of April 2014, there were more than 50,000 vulnerabilities scored in the NVD.

Reconnaissance – How cybercriminals are exploiting US unemployment benefits to make money

by Leave a Comment

https://www.techrepublic.com/article/how-cybercriminals-are-exploiting-us-unemployment-benefits-to-make-money/?ftag=CMG-01-10aaa1b

Thinking of this, these scammers are leveraged the current coronavirus pandemic and have paid close attention the many means and avenues through which the governments and businesses and even individuals are trying to provide support during this period. These scammers have some part of information, taken them and used what the know to build up to find the loopholes or vulnerabilities that are exploitable. This is cybercriminals carrying out Reconnaissance.

Cybercriminals have been capitalizing on virtually every aspect of the coronavirus pandemic and the resulting lockdown. They’ve created malware designed to tap into the medical, financial, social, and even psychological repercussions of the outbreak. To help people and businesses affected financially, the government has been offering loans, stimulus packages, and increased unemployment benefits. And, of course, all of that represents another area to be manipulated by scammers.

Cybercrime forums on the Dark Web have been populated with conversations on unemployment benefits. IntSights researcher Yoav Harpaz Cohen said he found discussions around the benefits themselves, the regulations from each state, and the steps required to claim the benefits, according to the report.

One discussion thread discovered by Cohen centered around the various pandemic unemployment assistance (PUA) benefits offered, detailing the minimum and maximum payouts available from each state and offering links to file a claim. Another thread revealed conversations among people looking to work together to collect the benefits by using different drops or mules. Such mules are recruited to launder the money.

Ritz London suspects data breach, fraudsters pose as staff in credit card data scam

by Leave a Comment

What will be interesting is to actually discover how the scammers got access to the information of Ritz guest,  the article does not disclose yet as investigations are still ongoing but it is quite interesting to know the outcome and how such personal information was obtained.

Scammers phoned guests to “confirm” their credit card details for reservations.

In a series of messages posted to Twitter dated August 15, the luxury hotel chain said that on August 12, the company was made aware of a “potential data breach within our food and beverage reservation system.”

The scammers phoned Ritz restaurant reservation holders with the “exact” details of their bookings, while requesting the confirmation of their payment card details.

The fraudsters, pretending to be Ritz employees, used call ID spoofing to appear to be from the hotel.

“We immediately launched an investigation to identify the cause of the breach, which is ongoing, to find out what happened, how and to prevent this from happening again,” the hotel chain says.

The UK’s Information Commissioner’s Office (ICO) has been informed of the security incident.

https://www.zdnet.com/article/ritz-london-struck-by-data-breach-fraudsters-pose-as-staff-in-credit-card-data-scam/

AUTOMATED TOOLS FOR WIFI CRACKING

by Leave a Comment

https://hackaday.com/tag/wireless-security/

I found this interesting sequel to our discussion in class the myriad of tools that can be used, to capture data, and use it to hack in the process. This article is about one such product and process and like that was mentioned in the class by Prof. the first step to cracking a WiFi is to record the handshake that gets exchanged between the client and access point. This article reiterates this.

Knowing how WiFi networks can be attacked is a big part of properly securing them, and the best way to learn about it is to (legally) run some attacks. The first step in cracking a WiFi network is to record the handshake that gets exchanged when a client connects to an access point. This has been made very simple thanks to Pwnagotchi, which turns a Raspberry Pi into an automated handshake collection tool and Pwnagothi Tools helps to automate the steps that follow…………………………………………………………………..

As wireless networks and IoT devices become more pervasive, it’s important to know the dangers, and how to protect against them. WiFi and Bluetooth security is probably the easiest to learn about, but other networks are just as vulnerable when an RTL-SDR is used. Another option Flipper Zero (https://flipperzero.one/) , a hacking gadget for Sub-1 GHz networks inspired by Pwnagotchi, which recently hit $4.8 million in its Kickstarter campaign

Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

by Leave a Comment

https://thehackernews.com/2020/11/windows-10-ios-chrome-firefox-and.html

This article is interesting to show that these applications vulnerabilities following the outcome of a bunch of hackers at a competition and the Patches for all the demonstrated bugs demonstrated are expected to be released in the coming days.

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China.

The hacking was done against these list of platforms

  • Adobe PDF Reader
  • Apple iPhone 11 Pro running iOS 14 and Safari browser
  • ASUS RT-AX86U router
  • CentOS 8
  • Docker Community Edition
  • Google Chrome
  • Microsoft Windows 10 v2004
  • Mozilla Firefox
  • Samsung Galaxy S20 running Android 10
  • TP-Link TL-WDR7660 router
  • VMware ESXi hypervisor

U.S. Health and Human Services Department Suffers Cyberattack

by 2 Comments

Amid this period of the COVID-19 pandemic, there has been an increase on attacks to the health sector industry, amid the articles that I have come across, the article on the US Health and Human Services Department suffering a cyber attack i.e. a distributed denial of service ( DDoS ). it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours. The DDoS was service impacting and several hours can be the difference between a “Life or Death situation.

I wondered if there had been:

1) Preliminary survey: It is not known for certain if or how the attackers performed reconnaissance on the network prior to the attack, but it probably would not have required much more than internet searches.

  1. Why this timing of the attack and motive behind it: Why target the U.S. Health and Human Services Department?

According to the Bloomberg article, in quotes
https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
“The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, part of what people familiar with the incident called a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic and may have been the work of a foreign actor”.

“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”