Vraj Patel

Reconnaisance

September 20, 2020 by Vraj Patel Leave a Comment

Reconnaissance is the first step of the penetration testing. There are two ways to perform reconnaissance: Passive and Active.

Passive reconnaissance is finding out information about the target within engaging with their network and finding available information about the target from that are available online or to public (Rouse, 2012). Active reconnaissance is finding out information about the target by engaging with its network.

Passive reconnaissance can be perform to find out information such as their email address, their system information using whois or Arin or any other different tools. Google hacking technique can be also used to find out information about the company. Active reconnaissance ca be performed using Nmap. Nmap can be used to find out about the open ports within their network.

References:

Rouse, M. 2012. Passive reconnaissance. Retrieved from: https://whatis.techtarget.com/definition/passive-reconnaissance#:~:text=Passive%20reconnaissance%20is%20an%20attempt,determine%20find%20any%20open%20ports.

Mitigating DDOS Attack on IOT Devices

September 20, 2020 by Vraj Patel 1 Comment

Internet service providers can only detect the traffic of the network and they can only find out about Denial-of-service attack (DDOS ) attack once the attack has been executed (Dickson, 2020). Internet of Things (IoT) devices such smart cameras, lightbulb, fridge, and baby monitoring systems has a weak security and can be easily used to execute DDOS attack.

It is harder for the internet service provider (ISP) to find out about the vulnerable devices since they are behind the network address translation (NAT). The IoT devices also shares a common public address which makes it more complicated or the ISP to find out about any vulnerable IoT device within any home network.

To discover any vulnerable device within the network an detector can be placed between the router and the Optical Network Terminal (Dickson, 2020). The detector can be installed as an Raspberry Pi which will detect the traffic from the router and verify if there are any vulnerable IoT device within the network by comparing the CVE and NVD list of known vulnerability for home IoT devices. Once the vulnerable device is found then the detector can send an patch for the vulnerability and ISP can inform the user regarding the detecting and patching of their IoT device.

References:

Dickson, B. 2020. Artificial intelligence can stop IoT-based DDoS attacks in their tracks – research. Retrieved from: https://portswigger.net/daily-swig/artificial-intelligence-can-stop-iot-based-ddos-attacks-in-their-tracks-research

Northwestern Memorial HealthCare Data Breach

September 6, 2020 by Vraj Patel 1 Comment

Northwestern Memorial HealthCare had notified around 56,000 donors and patients that their personal recorders were being comprised earlier this year (Jimenez, 2020). One of the hospital vendor Blackbaud, had an successful attack on their system earlier this year and as a result unauthorized person was able to access the hospital systems. The hospital has also notified the U.S. Department of Health and Human Services along with the patients those data was being breach. After the investigation, the hospital has confirmed that the data that was being access was only the donor’s or patient’s personal information and not their health information. Hospital has also confirmed that the attack was not on their health care system which those system includes the electronic medical records. Blackbaud believes that the data that was being compromised that no reason to get misused or made publicly available. They have also said that the intention for the attack was to only disturb the business by encrypting their systems which they company was successful to prevent from happening. Blackbuad has also hired an third-party team to monitor the black web to monitor for any of the data that are being compromised.

References:

Jimenez, A. 2020. Northwestern Memorial HealthCare warns 56,000 donors and patients about data breach. Retrieved from: https://www.chicagotribune.com/business/ct-biz-northwestern-medicine-data-breach-56000-individuals-20200904-bvizgdmwcrcuvou7fv3rx4b2au-story.html

T-Mobile Data Breach

August 28, 2020 by Vraj Patel 1 Comment

One of the recent data breach of the T-Mobile has resulted on compromising personal information of more than 1 million customers (Coldewey, 2019). T-Mobile has confirmed that the data that was being compromised is the name, billing address, phone numbers, account numbers, and rate plans of the customers. Customers financial and password data was not being compromised.

T-Mobile has explained that the attacker had gained an unauthorized access to their email vendor which allowed them access to the T-Mobile network (Wagner, 2020). For the customer which data was being compromised, T-Mobile had sent an text message to their phone to inform the user regarding the incident. Data of the customers that were affected, T-Mobile has offred them an credit monitoring for an limited time.

References:

Coldewey, D. 2019. More than 1 million T-Mobile customers exposed by breach. Retrieved from: https://techcrunch.com/2019/11/22/more-than-1-million-t-mobile-customers-exposed-by-breach/#:~:text=T%2DMobile%20has%20confirmed%20a,exposed%20to%20a%20malicious%20actor.

Wager, A. 2020. T-Mobile reveals data breach, customer account info accessed. Retrieved from: https://www.tmonews.com/2020/03/t-mobile-reveals-data-breach-customer-account-info-accessed/