• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.702 ■ Fall 2020 ■ Wade Mackey
  • Home
  • About
  • Syllabus
  • Gradebook

Main Content

Spear-phishing Attack on Companies Involved in Covid-19 Vaccine Distribution

December 7, 2020 By Vraj Patel Leave a Comment

Hackers are targeting companies that are involved in distributing an Covid-19 Vaccines. Accordingly to a new research the attackers are performing an spear-phishing attack the organizations that are distributing Covid-19 vaccines since September 2020. IBM Security X-Force researchers said that the attacks are being aimed at vaccine cold chain. The companies are responsible for storing and delivering vaccines at a safe temperatures.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert informing an organizations that are involved in storing and delivering Covid-19 vaccines to review the indicator of compromise and increase their defenses.  It has been unclear if there were any of the phishing attacks were successful.  IBM has said that the attackers are trying to steal an credential for the companies to get access of their network and get unauthorized access to the sensitive information regarding to the Covid-19 vaccines.

 

References:

Lakshmanan, R. 2020. Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution. Retrieved from: https://thehackernews.com/2020/12/hackers-targeting-companies-involved-in.html

New Week 14 Presentation

December 7, 2020 By Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-14 new

Week 14: In the News

December 6, 2020 By Kyuande Johnson Leave a Comment

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.
The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

Ritz London suspects data breach, fraudsters pose as staff in credit card data scam

December 1, 2020 by Chidiebele Okosi Leave a Comment

What will be interesting is to actually discover how the scammers got access to the information of Ritz guest,  the article does not disclose yet as investigations are still ongoing but it is quite interesting to know the outcome and how such personal information was obtained.

Scammers phoned guests to “confirm” their credit card details for reservations.

In a series of messages posted to Twitter dated August 15, the luxury hotel chain said that on August 12, the company was made aware of a “potential data breach within our food and beverage reservation system.”

The scammers phoned Ritz restaurant reservation holders with the “exact” details of their bookings, while requesting the confirmation of their payment card details.

The fraudsters, pretending to be Ritz employees, used call ID spoofing to appear to be from the hotel.

“We immediately launched an investigation to identify the cause of the breach, which is ongoing, to find out what happened, how and to prevent this from happening again,” the hotel chain says.

The UK’s Information Commissioner’s Office (ICO) has been informed of the security incident.

https://www.zdnet.com/article/ritz-london-struck-by-data-breach-fraudsters-pose-as-staff-in-credit-card-data-scam/

Filed Under: Week 02: TCP/IP and Network Architecture Tagged With:

AUTOMATED TOOLS FOR WIFI CRACKING

December 1, 2020 by Chidiebele Okosi Leave a Comment

https://hackaday.com/tag/wireless-security/

I found this interesting sequel to our discussion in class the myriad of tools that can be used, to capture data, and use it to hack in the process. This article is about one such product and process and like that was mentioned in the class by Prof. the first step to cracking a WiFi is to record the handshake that gets exchanged between the client and access point. This article reiterates this.

Knowing how WiFi networks can be attacked is a big part of properly securing them, and the best way to learn about it is to (legally) run some attacks. The first step in cracking a WiFi network is to record the handshake that gets exchanged when a client connects to an access point. This has been made very simple thanks to Pwnagotchi, which turns a Raspberry Pi into an automated handshake collection tool and Pwnagothi Tools helps to automate the steps that follow…………………………………………………………………..

As wireless networks and IoT devices become more pervasive, it’s important to know the dangers, and how to protect against them. WiFi and Bluetooth security is probably the easiest to learn about, but other networks are just as vulnerable when an RTL-SDR is used. Another option Flipper Zero (https://flipperzero.one/) , a hacking gadget for Sub-1 GHz networks inspired by Pwnagotchi, which recently hit $4.8 million in its Kickstarter campaign

Filed Under: Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

Link for Virtual Machines for week 14

November 30, 2020 by Wade Mackey Leave a Comment

Here is a link to the virtual machine we will look at in week 14.

https://www.parrotsec.org/download/

Grab the one labeled:

Parrot Security MATE ISO (default)

Filed Under: Week 14: Jack the Ripper, Cain and Able, and Ettercap Tagged With:

Week 13 Presentations

November 30, 2020 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-13 Intro-to-Ethical-Hacking-Week-14

Filed Under: Week 13: WPA2 Enterprise and Beyond WiFi Tagged With:

In the news

November 30, 2020 by Akshay Shendarkar Leave a Comment

Capture of sensitive information by Baidu Apps detected by Palo Alto Networks’ Researchers

Two popular Android apps from Chinese tech giant Baidu were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details.
The two apps in question—Baidu Maps and Baidu Search Box—were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users’ knowledge, thus making them potentially trackable online.
The discovery was made by network security firm Palo Alto Networks, who notified both Baidu and Google of their findings, after which the search company pulled the apps on October 28, citing “unspecified violations.”
According to Palo Alto researchers, the full list of data collected by the apps include:
• Phone model
• Screen resolution
• Phone MAC address
• Carrier (Telecom Provider)
• Network (Wi-Fi, 2G, 3G, 4G, 5G)
• Android ID
• IMSI number
• International Mobile Equipment Identity (IMEI) number

Reference: https://thehackernews.com/2020/11/baidus-android-apps-caught-collecting.html

Filed Under: Uncategorized Tagged With:

Zoom Credentials

November 17, 2020 by Vraj Patel Leave a Comment

Researcher at Cyble cyber security firm were able to find more that 500,000 credentials for zoom account on the dark web (Hamilton, 2020).  Cyble stated that there were many account credentials that they were able to purchase it for less then a penny and other were just available publicly.

Cyble said that they were able to purchase around 530,000 Zoom account credentials as well as the meeting URLS and the host key. There were many account that belonged to the Chase and Citibank and there were couple for the education institutions.

 

 

References:

Hamilton, I. 2020. Researchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each. Retrieved from: https://www.businessinsider.com/500000-zoom-accounts-sale-dark-web-2020-4

Filed Under: Week 10: SecuritySheperd Tagged With:

Credential Staffing Attack on The North Face

November 17, 2020 by Vraj Patel Leave a Comment

The North Face has reset all of their users passwords from their website after an attacker lunched a credential staffing attack. On Oct 9th the company has notified their customers regarding the unusual activity on their website.

Credential attack is accomplished by using a credential that were being compromised in the other data breaches and using those credentials to log in to other websites. Accordingly to the article, attacker were able to access to information saved within the account which of the account they were able to access it. The information they could have access is the billing address, shipping address, first and last name, email address, birthday, and phone number. Company does not hold any of the payment information on the portal which the customer has access to which means the attacker was not able to access the payment information such as debit/credit card number, CVV, or the expiration date.

 

References:

O’Donnell, L. 2020. Credential-Stuffing Attack Hits The North Face. Retrieved from: https://threatpost.com/credential-stuffing-attack-north-face/161190/

Filed Under: Week 11: Intro to Dark Web and Intro to Cloud Tagged With:

Wk# 12: Reading Discussions

November 17, 2020 by Mei X Wang Leave a Comment

XML Web Services Security and Web-based Application Security

  • XML web services operate over standard protocols/technologies
    • XML, HTTP, TCP/IP, SMTP
    • De Facto today is HTTP protocol
  • Web-based services: vulnerabilities within infrastructure
    • ex. web application published, the entire world is invited to send HTTP requests
    • attacks can be buried and past firewalls/filters/platform/intrusion detection
    • Defenses used can be parameter validation on
      • The data type (string, integer, real, etc) ·
      • Allowable character set
      • Minimum and maximum length
      • Whether a null is allowed or not
      • Whether the parameter is required or not
      • Whether duplicates are allowed
      • Numeric ranges · enumerated values · specific patterns
      • etc

Discussion  Questions:

  1. What web-based services do you use most commonly in your day-to-day operations?
  2. Have you encountered a situation where a web-based vulnerability were exploited?

Filed Under: Week 12: Introduction to Wireless Security with WEP and WPA2 PSK Tagged With:

In the News: Week #12

November 17, 2020 by Mei X Wang Leave a Comment

ICE Operations Arrests 113 Child Predators

The United States and Brazil have been working together to arrest 113 people suspected of producing and sharing Child Sexual Abuse Material.

US Immigration and Customs Enforcement, Homeland Security, and Brazil Ministry of Justice and Public Security made arrests through the US and South America during Operation Protected Childhood. OPC VII was a team that worked with the Cyber Crimes Center to find perpetrators in Brazil, Argentina, Paraguay, and Panama. Similarly in the US, HSI has executed 13 child exploitation search warrants and has made 9 arrests for child exploitation offenses. Many criminals were suspected of posting CSAM content on the social media app, KIK. Other apps such as Facebook Messenger and Twitter supplied information helping make these arrests. Since the launch of operation OPC, the operation has helped make 781 arrests and 1383 search warrants have been executed due to their findings. Dozens of minors were rescued a well.

 

https://www.infosecurity-magazine.com/news/ice-operation-arrests-113-child/

Filed Under: Week 12: Introduction to Wireless Security with WEP and WPA2 PSK Tagged With:

Week 12 Presentation

November 17, 2020 by Wade Mackey Leave a Comment

Intro-to-Ethical-Hacking-Week-12

Filed Under: Week 12: Introduction to Wireless Security with WEP and WPA2 PSK Tagged With:

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Interim pages omitted …
  • Page 13
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (46)
  • Week 01: Overview (3)
  • Week 02: TCP/IP and Network Architecture (6)
  • Week 03: Reconnaisance (5)
  • Week 04: Network Mapping and Vulnerability Scanning (11)
  • Week 05: Metasploit (10)
  • Week 06: More Metasploit (4)
  • Week 07: Social Engineering (7)
  • Week 08: Malware (6)
  • Week 09: Web Application Hacking (7)
  • Week 10: SecuritySheperd (6)
  • Week 11: Intro to Dark Web and Intro to Cloud (4)
  • Week 12: Introduction to Wireless Security with WEP and WPA2 PSK (7)
  • Week 13: WPA2 Enterprise and Beyond WiFi (3)
  • Week 14: Jack the Ripper, Cain and Able, and Ettercap (4)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in