• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Week 1: Course Introduction
      • Week 2: Meterpreter, Avoiding Detection, Client Side Attacks, and Auxiliary Modules
      • Week 3: Social Engineering Toolkit, SQL Injection, Karmetasploit, Building Modules in Metasploit, and Creating Exploits
      • Week 4: Porting Exploits, Scripting, and Simulating Penetration Testing
      • Week 5: Independent Study – Perform Metasploit Attack and Create Presentation
      • Week 6: Ettercap
      • Week 7: Introduction to OWASP’s WebGoat application
    • Second Half of the Semester
      • Week 8: Independent Study
      • Week 9: Introduction to Wireless Security
      • Week 10: Wireless Recon, WEP, and WPA2
      • Week 11: WPA2 Enterprise, Wireless beyond WiFi
      • Week 12: Jack the Ripper, Cain and Able, Delivery of Sample Operating Systems
      • Week 13: Independent Study – Analyze provided Operating System Samples and Create Assessment Report
      • Week 14: Deliver Assessment to Operating System Class either in person or via teleconferenc
  • Assignments
    • Analysis Reports
    • Group Project Report and Presentation
  • Webex
  • Harvard Coursepack
  • Gradebook

MIS 5212-Advanced Penetration Testing

MIS 5212 - Section 001 - Wade Mackey

Fox School of Business

Week 01

When data isn’t correct and the aftermath

February 8, 2018 by Neil Y. Rushi Leave a Comment

In my forensics class, the professor talked about how a forensics expert solved cases to put the murderers away but later found he was incorrect. So the people sent to jail were freed. This can damage the reputation and trust of anyone in the field and relates to cyber security because we want to make sure our facts and data line up before we give a solution or data to accuse someone of an activity that either cause a system failure or intrusion.

http://www.forensicsciencetechnician.net/25-wrongly-convicted-felons-exonerated-by-new-forensic-evidence/

South Koreans paid as much as $2.5 million in ransomware payments over the last two years

February 5, 2018 by Donald Hoxhaj Leave a Comment

South Koreans paid as much as $2.5 million in ransomware payments over the last two years

http://www.firstpost.com/tech/news-analysis/south-koreans-paid-as-much-as-2-5-million-in-ransomware-payments-over-the-last-two-years-4404523.html

South Korea has been hit by ransomware disproportionally. In the last 2 years, the country has paid about $2.5 million was paid towards ransomware. Ransomware has become quite a common form of attacks these days especially in large corporation and government settings. They encrypt and hold certain files in the storage and demand payment in exchange of unblocking the systems. The article says that ‘Ransomware operators used a Russian bitcoin exchange, BTC-E, to convert bitcoin to fiat currencies’

Bitcoin Ransomware Attack Halts Major American City’s Government and Police

February 5, 2018 by Donald Hoxhaj Leave a Comment

Bitcoin Ransomware Attack Halts Major American City’s Government and Police

https://news.bitcoin.com/bitcoin-ransomware-attack-halts-major-american-citys-government-and-police/

In a major shock to many government services in Atlanta, Georgia, one of the largest metropolitan US City, a ransomware attacked computers of municipal corporations, urging $51,000 worth of bitcoin money. The entire operations were hampered the whole week because of this. All police departments and courts were impacted with the cyber threat. Looks like the city employees first received an official email about a critical issue, asking them to shut the computers down. At the same, time, the employees also saw increase in the demand for bitcoins. In order to get back into the computers, they would have to pay for it. These attacks have been quite common in Florida, Alabama, and New Mexico where such attacks have demanded money to power back.

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

February 5, 2018 by Donald Hoxhaj Leave a Comment

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

http://community.mis.temple.edu/mis5212sec001sec701sp2018/2018/02/10/unpatched-dos-flaw-could-help-anyone-take-down-wordpress-websites/

The article here talks about how a single application level DoS (Denial of Service) has been found in WordPress sites that could potentially allow anyone to take down the website with just a single machine, something which was only possible in network level DDoS. The company has yet to patch the systems and most probably all the WordPress releases in the last 9 years are subjected to this attack. As per the article, the vulnerability was ‘Discovered by Israeli security researcher Barak Tawily, the vulnerability resides in the way “load-scripts.php,” a built-in script in WordPress CMS, processes user-defined requests.’ It is surprising because the load-scripts.php file essentially is used by system administrators to improve performance of the systems.

Lack of authentication in the home page has caused the load-scripts.php to be executed by anyone. All one needs to do is to call the php file to load all the JavaScript files by passing them into the URL

Sacramento Bee Databases Hit with Ransomware Attack

February 5, 2018 by Donald Hoxhaj Leave a Comment

Sacramento Bee Databases Hit with Ransomware Attack

https://www.darkreading.com/attacks-breaches/sacramento-bee-databases-hit-with-ransomware-attack/d/d-id/1331023

In one of the recent ransomware attacks, Sacramento Bee, a newspaper that is published in Sacramento, reported that 2 of its databases were hit in 2017. The tip on the attack came from a reporter to an internal employee working with the company. While both the databases are located in 3rd party servers, one of the database contains information on California voter registration from the California Secretary of State. The other database usually consisted of subscriber information on the people who had subscribed to the digital accounts. It seemed that the databased consisted of 53000 records of current and former Bee subscribers. The ransomware extracted the name, email address, and contact information of some of the customers. The company immediately notified the customers whose details were compromised. The good news however is that none of the database consisted of critical information such as Social Security Number, Bank account details, and Credit card information.

Tracking Bitcoin Wallets as IOCs for Ransomware

February 5, 2018 by Donald Hoxhaj Leave a Comment

Tracking Bitcoin Wallets as IOCs for Ransomware

https://www.darkreading.com/threat-intelligence/tracking-bitcoin-wallets-as-iocs-for-ransomware-/a/d-id/1331016

Bitcoins have become quite popular as a safe payment method for many over the last 2-3 years. However, not many know that this cryptocurrency has been in the dark for some time and is used mostly for ransomware and cyber extortion by people acting anonymously in the system. Most cyber criminals use Bitcoin primarily because it provides anonymity when making payments, acts as a global currency, and is an easy way of receiving and transferring.  It has also been seen that careful tracking of bitcoin transactions can actually reveal correlations between various attacks.

 

That is why tracking bitcoin wallets as Indicators of Compromise (IOC) ads a lot of value. Tracking bitcoin wallet addresses as IOC has enabled to connect the dots between ransomware, shared infrastructure, TTPs (tactics, techniques, and procedures), wallet addresses, and attribution

Moreover, tracking bitcoin wallets as IOCs also helps in knowing whether the bitcoins in a transaction are going to a specific wallet address. This helps in narrowing down the wallet address. Thought using this approach may not give the exact reasons for an online ransomware, but tracking bitcoin wallets as IOCs can help in knowing the connections between ransomware.

Risky Business Podcast

February 4, 2018 by Andres Galarza 4 Comments

Another course that I’m taking this semester has us listening to information security related podcasts, and I thought I’d share one that I found.

Published weekly, the Risky Business podcast features news and in-depth commentary from security industry luminaries. Hosted by award-winning journalist Patrick Gray, Risky Business has become a must-listen digest for information security professionals.

Risk Business Podcast

This week’s episode highlights the below.

  • Strava heatmap
  • Dutch infiltration of Cozy Bear
  • Possible nationalization of the US 5G network on security grounds
  • Microsoft disabling Intel Spectre patches
  • Google’s Chronicle announcement
  • US$400m Cryptocurrency ownage

The Strava heatmap topic was personally interesting to me, since I was able to find the base I was stationed at in Afghanistan without any issues. It wasn’t a special or secret base, but it wasn’t one of the huge ones either, so it was interesting.

Welcome to MIS 5212 Spring 2018

January 31, 2018 by Wade Mackey 2 Comments

Welcome to MIS 5212.  Class will start February 3rd at 9 AM in Alter 607.  We will meet the following Saturday and then every other Saturday for a total of 7 days.  Class will run from 9 to no later then 3.

  • « Go to Previous Page
  • Page 1
  • Page 2

Primary Sidebar

Weekly Discussions

  • Uncategorized (10)
  • Week 01 (18)
  • Week 02 (9)
  • Week 03 (13)
  • Week 04 (17)
  • Week 05 (12)
  • Week 06 (16)
  • Week 07 (2)
  • Week 08 (8)
  • Week 09 (5)
  • Week 10 (10)
  • Week 11 (5)
  • Week 12 (5)
  • Week 13 (2)
  • Week 14 (7)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in