http://www.technewsworld.com/story/83023.html

I found this article very interesting because new technology cellphones will be able to contain unbreakable encryption or will include the ability to be unlocked by their manufactures or OS provided according to Jim Cooper, California State Assemblyman.

The bill would help to fight human traffickers, who use smartphones as tools and for other security and technical reasons.

Thank you,

Roberto Nogueda.

Reading Summary:

The MSF Console is the most popular interface to the Metasploit Framework (MSF). The console provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF.  The console allows one to look thru plenty of payload options, exploits, and auxiliary scanners. Scanners can act as port scanners, vulnerability scanners, and more. The Metasploit Framework must a rapidly evolve as new exploits arise with all the new technologies evolving.  Metasploit extended usage includes various capabilities, such as PHP metepreter, Autopwn, Karmetasploit, backdooring exe files, and targeting Mac OS X that provide tools for pen testerts.

In the News:

DDoS Attack Slams HSBC
http://www.databreachtoday.com/ddos-attack-slams-hsbc-a-8835?rf=2016-02-01-edbt&mkt_tok=3RkMMJWWfF9wsRonuarNcO%2FhmjTEU5z16e8pXa%2B%2FlMI%2F0ER3fOvrPUfGjI4ATsJrN6%2BTFAwTG5toziV8R7DALc16wtwQWRLl

Reading: MSF Post Exploitation, Meterpreter Scripting, Maintaining Access  This week’s reading covered a broad array of penetration testing techniques, tools, and capabilities available within the Metasploit Framework that can be directly used and extended to support identifying opportunities and implementing advanced persistent threats within individual computers and IT networks. The readings covered post exploitation techniques for escalating user privileges, maintaining access, and hiding a breach and exploitation related activities.

Question for Class: Can you explain what more is going on beyond the “screengrab” command in Metasploit Unleashed’s section on “Screen Capture in Metasploit”?

In The News: “Oil and Gas Industry Increasingly Hit by Cyber-Security Attacks: Report”, The Tripwire 2016 Energy Survey: Oil and Gas study compiled questionnaire responses from 150 IT professionals in the energy, utilities, and oil and gas industries.  69% of respondents were not confident in their organizations cyber-attack detection abilities. 82% of oil and gas industry respondents identified “an increase in successful cyber-attacks over the past 12 months. 53% indicated that cyber-attack rates have increased 50-100% over the past month (the study was conducted in November 2015.) 72% of respondents indicated that a single executive was responsible for securing both the IT and SCADA/ICS environments of their organizations.

http://www.tripwire.com/company/research/tripwire-2016-energy-survey-oil-and-gas/

http://www.securityweek.com/oil-and-gas-industry-increasingly-hit-cyber-attacks-report

Reading Summary:

The reading focused on the functionality of the msf console. The console allows one to look thru plenty of payload options, exploits, and auxiliary scanners. Scanners can act as port scanners, vulnerability scanners, and more. Programs like mimikatz or the updated kiwi can dump passwords in clear text on Windows machines. The hashdump or run hashdump command can dump LM:NT hashes from memory from Windows machines. One can perform pass the hash attacks through a variety of exploits available. Programs such as karametapsloit is Karma within the metasploit framework which allows attackers to create fake access points, capture passwords, collect data, and perform browser attacks. Also within msf console, one can pivot to other machines that the first compromised machine has access to. Activating the database allows Metasploit to record all information that is collected about target machines in the recon phase of the pen test.

In the News:

Cloud, cyber policy documents trickle out of DoD
http://www.armytimes.com/story/military-tech/cyber/2016/01/29/cloud-cyber-policy-documents-trickle-out-dod/79518898/

Readings: MSF Extended Usage and Metasploit GUIs

In addition to general features of Metasploitable environment, MSF extended allows to go beyond of standard and include powerful tools such as Karmetasploit, Mimikatz and others that can be customized as well. Moreover, GUI versions such as Armitage or Community edition of Metasploitable allow to simply execute codes by clicking mouse buttons.

Questions to the Class: 

Since MAC OS X is based on Unix core, how deep can it be exploited with Metasploitable tools?

In the News:

Danske bank fixes several vulnerabilities that could allow hackers to get into bank accounts – See more at: http://www.ehackingnews.com/2015/10/danske-bank-fixes-several.html#sthash.eGxqbDJG.dpuf