• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Week 1: Course Introduction
      • Week 2: Meterpreter, Avoiding Detection, Client Side Attacks, and Auxiliary Modules
      • Week 3: Social Engineering Toolkit, SQL Injection, Karmetasploit, Building Modules in Metasploit, and Creating Exploits
      • Week 4: Porting Exploits, Scripting, and Simulating Penetration Testing
      • Week 5: Independent Study – Perform Metasploit Attack and Create Presentation
      • Week 6: Ettercap
      • Week 7: Introduction to OWASP’s WebGoat application
    • Second Half of the Semester
      • Week 8: Independent Study
      • Week 9: Introduction to Wireless Security
      • Week 10: Wireless Recon, WEP, and WPA2
      • Week 11: WPA2 Enterprise, Wireless beyond WiFi
      • Week 12: Jack the Ripper, Cain and Able, Delivery of Sample Operating Systems
      • Week 13: Independent Study – Analyze provided Operating System Samples and Create Assessment Report
      • Week 14: Deliver Assessment to Operating System Class either in person or via teleconferenc
  • Assignments
    • Analysis Reports
    • Group Project Report and Presentation
  • Webex
  • Harvard Coursepack
  • Gradebook

MIS 5212-Advanced Penetration Testing

MIS 5212 - Section 001 - Wade Mackey

Fox School of Business

Week 06

Police Shut Down World’s Biggest ‘DDoS-for-Hire’ Service–Admins Arrested

May 4, 2018 by Younes Khantouri Leave a Comment

In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators.

An operation led by the UK’s National Crime Agency (NCA) and the Dutch Police, dubbed “Power Off,” with the support of Europol and a dozen other law enforcement agencies, resulted in the arrest of 6 members of the group behind the “webstresser.org” website in Scotland, Croatia, Canada and Serbia on Tuesday.

https://thehackernews.com/2018/04/ddos-for-hire-hacker.html

News Article – Week 6

March 23, 2018 by Christie L Vazquez Leave a Comment

https://thehackernews.com/2018/03/window-remote-assistance.html

A new vulnerability affecting WIN2012, 2016 and 2008, WIN 10, 8 and 7 allows remote attackers to steal sensitive. Not only do you need to be suspicious of giving access to your computer and a of the person’s machine whom is connecting to you.

Alphabet’s Outline lets you run your own self-hosted VPN for free

March 21, 2018 by Joseph Nguyen Leave a Comment

Always nice to use VPN for more security…

https://thenextweb.com/apps/2018/03/21/alphabets-outline-lets-you-roll-your-own-self-hosted-vpn-for-free/

Fresno State data breach, 15,000 affected!!

March 19, 2018 by Shi Yu Dong Leave a Comment

Fresno State data breach, 15,000 affected!!

This article relates to the data breach of the California State University, Fresno. According to the article, “the personal information of more than 15,000 people” have been compromised. The information includes, “names, addresses, phone numbers, dates of birth, full or last four digits of Social Security numbers, credit-card numbers, driver’s license numbers, passport numbers, user names and passwords, health-insurance numbers, and personal health information.” The cause of the data beach is due to the stolen external hard drive. The university believes that the hard drive was stolen during the winter break.
Further, another article suggested, ‘School officials began contacting affected individuals on Tuesday. Free credit monitoring for one year will be offered to people whose Social Security number, financial account information or driver’s license number was exposed.”

https://www.scmagazine.com/fresno-state-data-breach-15000-affected/article/749459/
http://sanfrancisco.cbslocal.com/2018/03/06/fresno-state-university-data-breach-stolen-hard-drive/

Only 13 percent of government employees take personal responsibility for cybersecurity, survey finds

March 17, 2018 by Jonathan Duani Leave a Comment

The article talks about how Goverment employee believe that they are not responsible for the secutty of their work equipment and information. This is a scary statistc casue even though they might not directly effect national secrutiy they are goverment works and any information that could leak out could make a connection to someting else somehow. If for example their laptop gets stolen that is an easy in into a goverment system. It is very important to keep the information safe at all times and to have a mind set that will allow this.

 

https://www.cnbc.com/2018/03/16/only-13-percent-of-government-employees-take-personal-responsibility-for-cybersecurity-survey-finds.html

Ransomware for robots is the next big security nightmare

March 12, 2018 by Kevin Blankenship 2 Comments

http://www.zdnet.com/article/ransomware-for-robots-is-the-next-big-security-nightmare/#ftag=RSSbaffb68

 

The article title is a bit sensationalist, however the story is amusing.

Researchers were able to create ransomware that infects humanoid robots produced by Softbank robotics. When infected, the robot ceased normal functionality and would proceed to taunt the audience and demand bitcoin as a random. While mainly a POC to demonstrate the risk and exposure present in robotics, the amusing demo should be taken as a warning. Like much of the IoTs, Robots will soon be connected online and handle varying levels of personal data. With a growing focus on the weakeness in internet connected devices, robotics should not be left out of the conversation.

Germany Says Hackers Infiltrated Main Government Network

March 11, 2018 by Elizabeth V Calise Leave a Comment

Recently, hackers used software to penetrate the German government’s main data network. This system is used by the chancellor’s office, ministries and the Parliament. News sources are claiming a Russian hacking group supported by the Russian government is behind it. The hacking group is called Snake or also known as APT28 or Fancy Bear. However, nothing has been confirmed by the German government. The German government was a specific target and the attackers were seeking specific information.

This attack came two years after German security officials determined that the Fancy Bear hackers were able to breach the German Parliament’s data network. This led to increased security on the country’s most sensitive systems. This same group has been accused of breaching computer servers of the Democratic National Committee in the United States,

Investigators with Palo Alto Networks stated that the ones associated with Fancy Bear used “malicious emails targeting foreign affair agencies and ministries in North America and Europe.”

In the 2015 attack on the German Parliament, hackers succeeded in breaching the system and stealing 16 gigabytes of sensitive information. Patrick Sensburg, a lawmaker with the governing Conservative Party, stated that the most recent attack appeared to have a clearer target.

Click here for link. (Source: The New York Times)

Spain arrests Ukrainian cybercriminal ‘mastermind’ (Update)

March 11, 2018 by Donald Hoxhaj Leave a Comment

https://phys.org/news/2018-03-spain-captures-alleged-mastermind-12b.html

Spain arrested a person reportedly involved in hundreds of cyber-attacks in which billions of euros were stolen. The man is considered to be the mastermind of these attacks. He used malware like cobalt and carbanak to loot the people. Since 2013, the gang of this person attacked banks, e-payment systems and financial institutions of more than 40 countries. Now the mastermind has been apprehended.  The cobalt malware use led to stealing of EUR 10 million per heist. So there was the major monetary attack on the financial institutions.

Criminal used to send phishing emails to employees of banks with some attachment. Once the attachment got downloaded, criminals could access the infected computer from remote and could access the servers related to ATMs. The person is identified as Denis K. public-private partnership is necessary to take the menace of cybercrime. The recent attack on Atlanta shows that public networks are also vulnerable to cybercrimes. Arresting mastermind is an effort to be lauded but the network of cybercrime is very big. It needs to be pulled out from the roots. All the organizations are vulnerable to cyber-attacks and IP are at risk. There is need to pay attention.

Response to cybercrime a major challenge for businesses: IBM study

March 11, 2018 by Donald Hoxhaj Leave a Comment

 

https://yourstory.com/2018/03/response-cybercrime-major-challenge-businesses-ibm-study/

According to the new IBM study, cybercrime is on the rise but the response to these attacks is not adequate. Ponemon Institute, a leading IT firm conducted a study in association with IBM and it has been come to known that 3/4th of business organizations do not know how to take the threat of cybercrime.  Moreover, 69% of the business organizations said they do not have any measure in their firm to tackle cyber-attack. Indian firms are equally vulnerable to these attacks.

Though almost all of them admitted that cybercrimes are getting severe day by day, nearly half of them have only informal or ad-hoc plan to tackle the issue.

Many companies consider investment in artificial intelligence a barrier so they do not invest in IT network prevention much.  The high attrition rate of IT professionals and lack of annual budgets is another factor business organizations do not go for securing their data from the criminal breach. Another study was done on Indian firms which report that Indian firms recorded 12.3% more data breach in 2017. No one is spared; all the countries and business organizations are vulnerable to cybercrime which is increasing with the passing years.

Cyber crime on the rise?

March 11, 2018 by Donald Hoxhaj Leave a Comment

http://btob.co.nz/tech-talk/cyber-crime-rise/

According to the new survey, cybercrimes are continuously increasing. Norton SMB cybersecurity conducted a survey of more than 500 businesses. It is found that frequency of cyber-attacks has increased from 18% in 2016. The actual monetary loss has been decreased in 2017 but the number of crime is continuously increasing. These attacks have the major effect on small and medium businesses. SMBs have become more aware of the potential of these attacks so they are taking proactive steps to protect their IP from cybersecurity.

New Zealand is on the verge of introducing the privacy bill. Hopefully, after the bill, the SMBS will understand the gravity of the matter and will take cybercrime as a serious threat to their organization.

Here are the steps that businessman can take to prevent themselves

  • Do not wait for cybercrime to happen. Use proactive methods
  • Businesses need to invest in security and backup to reduce the incidences of cybercrime
  • There should always be up to date software.
  • Consider employees as part of the project. Effective participation will prevent future attacks.
  • Do not use easy passwords as they can easily be guessed by attackers.
  • Page 1
  • Page 2
  • Go to Next Page »

Primary Sidebar

Weekly Discussions

  • Uncategorized (10)
  • Week 01 (18)
  • Week 02 (9)
  • Week 03 (13)
  • Week 04 (17)
  • Week 05 (12)
  • Week 06 (16)
  • Week 07 (2)
  • Week 08 (8)
  • Week 09 (5)
  • Week 10 (10)
  • Week 11 (5)
  • Week 12 (5)
  • Week 13 (2)
  • Week 14 (7)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in