In the News: http://www.govinfosecurity.com/verizon-confirms-breach-affecting-business-customers-a-8991

Verizon Enterprise Solutions, which regularly assists clients in responding to data breaches, admits it’s suffered its own breach, reportedly affecting 1.5 million business customers. As a result of the exposure of contact information, those customers are now at greater risk of phishing attacks.

Reading Summary:

The MSF Console is the most popular interface to the Metasploit Framework (MSF). The console provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF.  The console allows one to look thru plenty of payload options, exploits, and auxiliary scanners. Scanners can act as port scanners, vulnerability scanners, and more. The Metasploit Framework must a rapidly evolve as new exploits arise with all the new technologies evolving.  Metasploit extended usage includes various capabilities, such as PHP metepreter, Autopwn, Karmetasploit, backdooring exe files, and targeting Mac OS X that provide tools for pen testerts.

In the News:

DDoS Attack Slams HSBC
http://www.databreachtoday.com/ddos-attack-slams-hsbc-a-8835?rf=2016-02-01-edbt&mkt_tok=3RkMMJWWfF9wsRonuarNcO%2FhmjTEU5z16e8pXa%2B%2FlMI%2F0ER3fOvrPUfGjI4ATsJrN6%2BTFAwTG5toziV8R7DALc16wtwQWRLl

Summary: Metasploit Framework (MSF) provides all the necessary tools to exploit a system.  The tool provides of over 900 different exploits for several operating systems.  Metasploit also checks for the susceptibility of the of the targeted system.  You can then configure the appropriate payload to be launched on the target system then choose the encoding technique which will evade intrusion  preventions systems.  Finally, you then execute the exploit to gain access to the target system.

In the News: http://www.databreachtoday.com/more-phishing-attacks-target-ukraine-energy-sector-a-8822

The Ukrainian energy sector continues to be targeted by spear-phishing emails, security experts warn. But it’s not clear if the latest phishing campaign ties to last month’s power blackout in parts of the Ukraine, which officials have blamed on a “hacker attack