• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.702 ■ Fall 2020 ■ Wade Mackey
  • Home
  • About
  • Syllabus
  • Gradebook

Main Content

Spear-phishing Attack on Companies Involved in Covid-19 Vaccine Distribution

December 7, 2020 By Vraj Patel Leave a Comment

Hackers are targeting companies that are involved in distributing an Covid-19 Vaccines. Accordingly to a new research the attackers are performing an spear-phishing attack the organizations that are distributing Covid-19 vaccines since September 2020. IBM Security X-Force researchers said that the attacks are being aimed at vaccine cold chain. The companies are responsible for storing and delivering vaccines at a safe temperatures.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert informing an organizations that are involved in storing and delivering Covid-19 vaccines to review the indicator of compromise and increase their defenses.  It has been unclear if there were any of the phishing attacks were successful.  IBM has said that the attackers are trying to steal an credential for the companies to get access of their network and get unauthorized access to the sensitive information regarding to the Covid-19 vaccines.

 

References:

Lakshmanan, R. 2020. Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution. Retrieved from: https://thehackernews.com/2020/12/hackers-targeting-companies-involved-in.html

New Week 14 Presentation

December 7, 2020 By Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-14 new

Week 14: In the News

December 6, 2020 By Kyuande Johnson Leave a Comment

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.
The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

Week #1 Reading Discussions

September 4, 2020 by Mei X Wang 1 Comment

Basics of computer networking

  • Differences between an open system and a closed system, why would anyone use a closed system if it can’t be connected to a network or communicated with. Computer networks include the devices and also things can help connect the devices such as routers and switches.

How can the MAC address help incriminate an electronic device compared to just using the IP Address?

How can you use the IP address to physically locate the electronic device?

Intro to basic networking terminology

  • To facilitate the connection between two parties, a number of protocols have to be in place so the products can communicate and share information. A number of protocols working together are called protocol suites or stacks.

Why would it be useful to have network reference models developed for products(different manufacturers)?

Why would VPNs be useful to you?

Layers of OSI

  • The physical layer would be the one responsible for the connection of devices and also for translate to 0s and 1s. It’s required that the physical layer translate and then the data link pieces the message back together.

Which layer would be most important to ensure the connection is secure? What’s the use of the dialog controller?

TCP/IP

  • The application layer of the TC/IP model performs the top three layers of OSI, Application, Presentation, and Session. TC/IP model protocols are not easily replaced and can only provide connectionless services.

What are the key differences between layers of OSI and layers of TCP/IP models?

Filed Under: Uncategorized Tagged With:

WK #3: Sophisticated Phishing Scam Targeting Lloyds Bank Customers

September 4, 2020 by Mei X Wang Leave a Comment

One of the largest banks in England and Wales, Lloyd Bank fell victim to an elaborate phishing scam. Clients were sent emails and text messages that displayed warnings that their accounts would be shut off unless they logged in to verify their credentials. The attacker then set up a realistic site that contained official words, logos, and personalized details to trick the user into believing the legitimacy. Phishing attacks are one of the most easily used social engineering attacks, many clients untrained in identifying the signs fall easily into giving up their PII. In July, HSBC Bank also faced a similar attack and prompted users to give up their credentials.

https://www.infosecurity-magazine.com/news/phishing-scam-lloyds-bank-customers/

 

Discussion Questions:

  1. What are the attacks targeted audience demographic for phishing attacks?
  2. How can companies resolve the issue internally as well? (As many employees are also susceptible to these attacks)

Filed Under: Uncategorized Tagged With:

Nessus Links

August 31, 2020 by Wade Mackey Leave a Comment

 

 

 

Filed Under: Week 02: TCP/IP and Network Architecture, Week 04: Network Mapping and Vulnerability Scanning Tagged With:

Week 2 Presentation

August 31, 2020 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-2

Filed Under: Week 02: TCP/IP and Network Architecture Tagged With:

Uber ex-security boss accused of covering up hack attack

August 31, 2020 by Brian Schneider Leave a Comment

I found a very interesting article on the former chief security officer of Uber, Joseph Sullivan. Sullivan is currently being charged with obstruction of justice for an incident that happened at Uber in 2016. At that time, the company had the details of 57 million uber drivers and passengers exposed by a hacking group. To keep this quiet, Sullivan tried to cover up the data breach by paying the hackers 100,000 dollars to delete all the data they had stolen. When the data breach was revealed to the public in 2017, Uber fired Sullivan. Now he is being charged with obstruction of justice because he took “deliberate steps” to stop the FTC from finding out about the hackings.

He disguised the payments by using bitcoin instead of actual money and called it a “bug bounty” reward which is usually given to cyber security experts for discovering vulnerabilities so that they can be fixed. On top of this, he had the hackers sign a non disclosure agreement as part of the payment that stated that they had not stolen any data from Uber. Because of his actions, Uber had to pay $148 million dollars in legal claims from all 50 States.

 

Tidy, Joe. “Uber Ex-Security Boss Accused of Covering up Hack Attack.” BBC News, BBC, 21 Aug. 2020, www.bbc.com/news/technology-53861375?intlink_from_url=www.bbc.com/news/topics/c347w30eq7xt/computer-hacking.

Filed Under: Uncategorized Tagged With:

Reading questions with key points

August 31, 2020 by Brian Schneider 1 Comment

Basics of computer networking

            Network topology can have a network arranged in many different layouts that include: star, mesh, point to point, daisy chain, tree, hybrid, ring.

What is the difference between well known ports, registered ports, and ephemeral ports?

Intro to basic networking terminology

            The most widely used network reference model, which were developed to allow products from different manufacturers to interoperate on a network, is the TCP/IP model (which was developed by the Department of Defense)

Why would the DOD need to create a network reference model when there was already one widely used?

Layers of OSI

The open system interconnection (OSI) model is a 7 layer architecture that works to transmit data from one device to another device across the globe.

Was the OSI model to complicated to use? Is that why they created the TCP?IP model?

TCP/IP

            The transmission control protocol/internet protocol is a 4 layer architecture model and was created by the DOD and is a concise version of the OSI model.

How does the OSI model compare to the TCP/IP model (architecture wise)?

Filed Under: Uncategorized Tagged With:

U.S. Health and Human Services Department Suffers Cyberattack

August 30, 2020 by Chidiebele Okosi 2 Comments

Amid this period of the COVID-19 pandemic, there has been an increase on attacks to the health sector industry, amid the articles that I have come across, the article on the US Health and Human Services Department suffering a cyber attack i.e. a distributed denial of service ( DDoS ). it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours. The DDoS was service impacting and several hours can be the difference between a “Life or Death situation.

I wondered if there had been:

1) Preliminary survey: It is not known for certain if or how the attackers performed reconnaissance on the network prior to the attack, but it probably would not have required much more than internet searches.

  1. Why this timing of the attack and motive behind it: Why target the U.S. Health and Human Services Department?

According to the Bloomberg article, in quotes
https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
“The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, part of what people familiar with the incident called a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic and may have been the work of a foreign actor”.

“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”

 

Filed Under: Uncategorized Tagged With:

SANS compromised from phishing attack

August 29, 2020 by Anthony Messina Leave a Comment

On August 11th the SANS institute suffered a data breach due to a phishing email. The attack caused 513 emails to be forwarded to the attackers. The emails contained 28,000 records of PII (personally identifiable information). SANS has since released the IOCs (indicators of compromise) for the phishing attack. The phishing email pretended to be a file shared by a SANS SharePoint service. The malicious file was an Excel file called “CopyofJulyBonus24JUL2020.xls. The email prompted the user to click on the ‘Open’ button to access the file. Once the user clicked ‘Open’ it redirected them to a malicious website that was spoofed to look like an Office 365 login page. Once the user entered their O365 credentials and addon named ‘Enable4Excel’ was installed. This addon would then create a forwarding rule in the users Outlook named ‘Anti Spam Rule.’ This rule monitored for specific keywords in emails. Once a match was found in an email, it would be forwarded to an external address where the attackers could retrieve the emails. The words that were being monitored were:

agreement | Bank | bic | capital call | cash | Contribution | dividend | fund | iban | Payment | purchase | shares | swift | transfer | Wire | wiring info

This phishing campaign was conducted July 24th, 2020. According to the article, SANS was not the only company targeted. 2 other companies uploaded similar emails to VirusTotal.

https://www.bleepingcomputer.com/news/security/sans-shares-details-on-attack-that-led-to-their-data-breach/

Filed Under: Uncategorized Tagged With:

Readings

August 29, 2020 by Anthony Messina Leave a Comment

The readings this week introduced us to the fundamentals of how a network operates.  They presented us with a basic understanding of the hardware involved in networking and how the information is transmitted and received.  The articles also explained how two popular networking models, OSI and TCP/IP, function.  From an ethical hacking standpoint, understanding these 2 models, and how information traverses the network is paramount.  A big takeaway from the readings was understanding how ports work in networking.  As ethical hackers we will be scanning for open ports and it will be essential to know what services run on which ports so they may be further exploited.

 

My question to the class:

What ports/services do you think will be common exploitation entry points as ethical hackers?

Filed Under: Uncategorized Tagged With:

Question to discuss with classmates

August 29, 2020 by Akshay Shendarkar 3 Comments

What popular devices or techniques can you suggest IT Auditors/security professionals to check the hardening of or to audit network devices?

Filed Under: Uncategorized Tagged With:

  • « Go to Previous Page
  • Page 1
  • Interim pages omitted …
  • Page 10
  • Page 11
  • Page 12
  • Page 13
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (46)
  • Week 01: Overview (3)
  • Week 02: TCP/IP and Network Architecture (6)
  • Week 03: Reconnaisance (5)
  • Week 04: Network Mapping and Vulnerability Scanning (11)
  • Week 05: Metasploit (10)
  • Week 06: More Metasploit (4)
  • Week 07: Social Engineering (7)
  • Week 08: Malware (6)
  • Week 09: Web Application Hacking (7)
  • Week 10: SecuritySheperd (6)
  • Week 11: Intro to Dark Web and Intro to Cloud (4)
  • Week 12: Introduction to Wireless Security with WEP and WPA2 PSK (7)
  • Week 13: WPA2 Enterprise and Beyond WiFi (3)
  • Week 14: Jack the Ripper, Cain and Able, and Ettercap (4)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in