Week 06: More Metasploit
Week 6: In the news
Illinois Community College Addressing Cybersecurity Breach
Heartland Community College is working with outside consultants to address a security breach in its computer systems. As of now all of the college’s online operations including classes are shut down. The college became aware of the breach on Monday and immediately shut down all of the university online services in efforts to investigate and maintain the security breach. The College is unaware if any student or personal data have been compromised. Reports mentioned the spike of phishing emails since the pandemic. Since the shutdown the college informed students via social media that their instructors would be in touch to reschedule missed classes, tests and assignments. Heartland Community College is working to resume normal online operations as quickly as possible, but it did not provide a timeline. The college has not shared any more information on the nature of the cyberattack.
https://www.wglt.org/post/breach-disrupts-heartland-community-colleges-computer-systems#stream/0
Vulnerabilities in Apple’s web Domain
Researcher at Apple has discovered 55 vulnerabilities in Apple’s web domain (Haworth, 2020). Research spent three months at Apple to discover the vulnerabilities and during the research they have found 11 critical bugs, 29 high severity, 13 medium, and 2 low severities bugs. The most critical bug that was found was able to executed remotely. It was also capable of storing a cross-site scripting that would have compromised customer’s iCloud accounts. Researcher were able to also access Apple’s internal projects sources codes. Accordingly to the article, most of the majority bugs has been fixed by the Apple (Haworth, 2020). The research were able to compromise the Apple Distinguished Educator (ADE) program using the bug that was able to executed remotely. The ADE program assigned an default password which then was used to perform an brutal force attack on other accounts and research were able to get access to an admin account. Which allowed them an access to the Apple’s network.
References:
Haworth, J. 2020. Researchers discover scores of security bugs in Apple’s stem and core. Retrieved from: https://portswigger.net/daily-swig/researchers-discover-scores-of-security-bugs-in-apples-stem-and-core