MIS 5212-Advanced Penetration Testing

MIS 5212 - Section 001 - Wade Mackey

Fox School of Business

Donald Hoxhaj

BUGGED OUT ‘Worryingly easy’ TalkTalk security flaw put millions of customers’ login info at risk

by Leave a Comment

https://www.thesun.co.uk/tech/5928383/talktalk-security-flaw-customer-login-information-risk/

A hacker identified only as B told sky news of a bug that let him take data of lakhs of users of TalkTalk. There were very sensitive information like bank account and other personal information. TalkTalk said it knew of the vulnerability but did not remove it as it though it is hard to be worried. After a report of sky news, TalkTalk has removed the vulnerability but many of the data has already been stolen.

It was very easy for the hacker. He just used to spread phishing email. As soon as the user used to click on the link, he or she used to directed on a site reportedly same to TalkTalk. Then users continued to use that site for quite a long period of time and filled all their password and personal information. This led to major data breaches. It put the millions of users of TalkTalk at risk.  Even in 2015, hackers stole the data of 157000 users of TalkTalk. The company was also slapped with the big amount of fine in 2016 for major security breaches. That time it lost 1 lakh customers in the wake of the security breach.

Cyber hacks driving ‘bug bounty’ jobs and programs in corporate America

by Leave a Comment

https://www.foxbusiness.com/features/cyber-hacks-driving-bug-bounty-jobs-and-programs-in-corporate-america

According to Gartner, cyber-attacks will cost around 8 trillion $ to the corporate world, therefore to prevent itself from these attacks companies are ready to hire persons who will prevent the criminal data breaching. But there is a shortage of talent. There is the heavy demand for persons who will prevent cyber-attacks.  Many companies are turning to another kind of hackers- the white cap. The companies are afraid of blackmail and another sort of criminal activities by cyber attackers. Many big Bug bounty programs will be run by the companies to prevent the mishappenings from any cyber-attack.

These jobs are going to increase in future because of more number of such incidents. There will be the need for protection and new technology. There will be need of real-time monitoring station to prevent these attacks. According to Gartner, criminal data breaches will cost $ 120 billion by 2021. So there is urgent need to have some protection from outright. There needs to be 24/7 monitoring throughout the year. Facebook recently started its Bug Bounty Program. Many more companies are in the race and will soon develop their own protection mechanism. Even the public entities are not saved from these attacks so they also need to pay attention.

Spain arrests Ukrainian cybercriminal ‘mastermind’ (Update)

by Leave a Comment

https://phys.org/news/2018-03-spain-captures-alleged-mastermind-12b.html

Spain arrested a person reportedly involved in hundreds of cyber-attacks in which billions of euros were stolen. The man is considered to be the mastermind of these attacks. He used malware like cobalt and carbanak to loot the people. Since 2013, the gang of this person attacked banks, e-payment systems and financial institutions of more than 40 countries. Now the mastermind has been apprehended.  The cobalt malware use led to stealing of EUR 10 million per heist. So there was the major monetary attack on the financial institutions.

Criminal used to send phishing emails to employees of banks with some attachment. Once the attachment got downloaded, criminals could access the infected computer from remote and could access the servers related to ATMs. The person is identified as Denis K. public-private partnership is necessary to take the menace of cybercrime. The recent attack on Atlanta shows that public networks are also vulnerable to cybercrimes. Arresting mastermind is an effort to be lauded but the network of cybercrime is very big. It needs to be pulled out from the roots. All the organizations are vulnerable to cyber-attacks and IP are at risk. There is need to pay attention.

Response to cybercrime a major challenge for businesses: IBM study

by Leave a Comment

 

https://yourstory.com/2018/03/response-cybercrime-major-challenge-businesses-ibm-study/

According to the new IBM study, cybercrime is on the rise but the response to these attacks is not adequate. Ponemon Institute, a leading IT firm conducted a study in association with IBM and it has been come to known that 3/4th of business organizations do not know how to take the threat of cybercrime.  Moreover, 69% of the business organizations said they do not have any measure in their firm to tackle cyber-attack. Indian firms are equally vulnerable to these attacks.

Though almost all of them admitted that cybercrimes are getting severe day by day, nearly half of them have only informal or ad-hoc plan to tackle the issue.

Many companies consider investment in artificial intelligence a barrier so they do not invest in IT network prevention much.  The high attrition rate of IT professionals and lack of annual budgets is another factor business organizations do not go for securing their data from the criminal breach. Another study was done on Indian firms which report that Indian firms recorded 12.3% more data breach in 2017. No one is spared; all the countries and business organizations are vulnerable to cybercrime which is increasing with the passing years.

Cyber crime on the rise?

by Leave a Comment

http://btob.co.nz/tech-talk/cyber-crime-rise/

According to the new survey, cybercrimes are continuously increasing. Norton SMB cybersecurity conducted a survey of more than 500 businesses. It is found that frequency of cyber-attacks has increased from 18% in 2016. The actual monetary loss has been decreased in 2017 but the number of crime is continuously increasing. These attacks have the major effect on small and medium businesses. SMBs have become more aware of the potential of these attacks so they are taking proactive steps to protect their IP from cybersecurity.

New Zealand is on the verge of introducing the privacy bill. Hopefully, after the bill, the SMBS will understand the gravity of the matter and will take cybercrime as a serious threat to their organization.

Here are the steps that businessman can take to prevent themselves

  • Do not wait for cybercrime to happen. Use proactive methods
  • Businesses need to invest in security and backup to reduce the incidences of cybercrime
  • There should always be up to date software.
  • Consider employees as part of the project. Effective participation will prevent future attacks.
  • Do not use easy passwords as they can easily be guessed by attackers.

Symantec’s “Internet Security Threat Report” Highlights Crypto’s Increased Use in Cyber Crime

by Leave a Comment

 

https://www.newsbtc.com/2018/03/27/symantecs-internet-security-threat-report-highlights-cryptos-increased-use-cyber-crime/

Symantec has released its 23rd internet security threat report which says that there have been more attacks associated with cryptocurrency. The report says that the crypto jacking was the largest trending attack of 2017 in which computer system is used to mine the cryptocurrency though the owner of the machine remains unaware of it. There are two easy benefits for the attacker. One is that great deal of anonymity is maintained and other that regular CPUs can be used to mine the coin, unlike bitcoin which needs specialized equipment.

All the cyber criminals resorted to cryptocurrency because their price shoots up in 2017. So there was a lot of profitability for the cybercriminal. In addition to that criminal need just a few lines of code to mine the currency. The report mentions ransomware as another major online attack resorted to in 2017. In this hackers make the system non-functional and then they demand money, usually in the form of cryptocurrency, to unlock the system. These kinds of incidents are increasing day by day. In 2018, already such kind of attack has been made on the city of Atlanta. These attacks are only going to increase in the year 2018.

German government hack was part of worldwide campaign: sources

by Leave a Comment

https://www.reuters.com/article/us-germany-cyber/german-government-hack-was-part-of-worldwide-campaign-sources-idUSKCN1GE2H5

According to sources, the attack on Germany was part of worldwide campaign reportedly run by Snake, a Russian hacker group. The investigations are going on according to which the attack was first reported in December but it actually began much earlier. Kremlin spokesman denied the allegations. German spokesperson said that they have averted major attack but did not reveal if the attack is still going on. According to some reports, attackers installed malicious software on 17 computers and copies some data including related to Russia.

Initially, German media reported that the attack was carried out by the Russian hacker group APT28 but now it is putting blame on Snake, another Russian hacker group. Recently wanna cry was reportedly done by Russia and target of the attack was Ukraine, ex-soviet republics, countries in South America, Baltic States and Scandinavia. These kinds of attacks are continuously increasing. Germany became the victim of the cyber-attack during 2016 presidential elections also.  The latest assault was targeted at German political institutions and individuals.

New IU program monitors cybersecurity threats at other universities

by Leave a Comment

http://fox59.com/2018/03/30/new-iu-program-monitors-cybersecurity-threats-at-other-universities/

Indiana University launched a program called OmniSoc in a bid to prevent the universities from growing cyber-attacks. It will monitor the cyber problems of universities in real time. Technicians will act like security guards, the only difference will be that they will not guard any building but a regular online network. It will be 24 by 7 services present throughout the year. It is already monitoring the network of universities which are part of Big 10.

Executive director Tom Davis said that they want to identify the attacker at the earnest and want to create warnings for all the universities as soon as possible so that they can be prevented from future attacks. Soon this service will be taken over to the whole of the country. This step has been taken with regard to increasing cyber-attacks in the country. Recently Atlanta faced ransomware in which for the significant period of time, the police department was stalled and major information was stolen. Today everyone has laptop and mobile so there is need to prevent students from these cyber-attacks. OmniSoc will act as real-time monitoring station. It will give warning to all the universities in its ambit if any attack is planned by someone.

Cyber News Rundown: Atlanta Ransomware Attack

by Leave a Comment

https://securityboulevard.com/2018/03/cyber-news-rundown-atlanta-ransomware-attack/

The city of Atlanta faced ransomware attack that led to detrimental effects on the police department. The city soon recovered from the incident but such cyber-attacks have been becoming very common.

Investigations have been going on Facebook regarding the collection of data of individuals. It has been estimated that due to lax API permissions, Facebook was able to collect the data from phone calls and SMS without user opt-ins. Recently, UK anti-doping agency has become the victim of cyber-attack. The attackers wanted to conceal the information of drug testing and medical records of athletes. Russia is alleged to be behind the attack as recently, Russian athletes were revealed to be using illegal substances to boost their performance. Fortunately, attackers were not able to conceal any data.

Due to the scandal in which misuse of data by third-party apps was revealed, Facebook is overhauling its Bounty Hunter program. The third party app found to be misusing the data from Facebook will be blocked permanently. Sanny malware has received multistep- delivery system. It has changed the delivery method of malware. Once the macro is launched, it downloads the file bypassing OS security checks.