Week 4: Reading, Question and In The News…

Reading: MSF Post Exploitation, Meterpreter Scripting, Maintaining Access  This week’s reading covered a broad array of penetration testing techniques, tools, and capabilities available within the Metasploit Framework that can be directly used and extended to support identifying opportunities and implementing advanced persistent threats within individual computers and IT networks. The readings covered post exploitation techniques for escalating user privileges, maintaining access, and hiding a breach and exploitation related activities.

Question for Class: Can you explain what more is going on beyond the “screengrab” command in Metasploit Unleashed’s section on “Screen Capture in Metasploit”?

In The News: “Oil and Gas Industry Increasingly Hit by Cyber-Security Attacks: Report”, The Tripwire 2016 Energy Survey: Oil and Gas study compiled questionnaire responses from 150 IT professionals in the energy, utilities, and oil and gas industries.  69% of respondents were not confident in their organizations cyber-attack detection abilities. 82% of oil and gas industry respondents identified “an increase in successful cyber-attacks over the past 12 months. 53% indicated that cyber-attack rates have increased 50-100% over the past month (the study was conducted in November 2015.) 72% of respondents indicated that a single executive was responsible for securing both the IT and SCADA/ICS environments of their organizations.

http://www.tripwire.com/company/research/tripwire-2016-energy-survey-oil-and-gas/

http://www.securityweek.com/oil-and-gas-industry-increasingly-hit-cyber-attacks-report