MIS 5212-Advanced Penetration Testing
MIS 5212 - Section 001 - Wade Mackey
https://thehackernews.com/2018/05/windows-docker-containers.html
Microsoft released an out of band emergency patch last week for a vulnerability in its Windows Host Compute Service. The vulnerability allows an attacker to remotely execute code on the victim’s host machine.
Konrads Voits of Ypsilanti, Michigan, has been sentenced to seven years and three months in prison for attempting to hack the Washtenaw County Jail computer system and modifying prison records to get his friend released early
Besides spending 87 months in prison, Voits has also been ordered to pay $235,488 in fine to Washtenaw County for the cost accrued in investigating and cleaning up the infiltration that resulted in the compromise of personal information of around 1,600 employees, the US Justice Department announced last week.
Between January 24th, 2017 and March 10th, 2017, Voits successfully tricked IT staff at Washtenaw County Jail into visiting a phony website at “ewashtenavv.org,” which mimics the official URL, “ewashtenaw.org.”
https://thehackernews.com/2018/04/jail-network-hacking.html
Boeing recently stated that it was hit by a cyber attack that was identified as the same WannaCry computer virus that hit thousands of computer systems in more than 70 countries last year. There is concern that the attack could spread to Boeing production systems and airline software. WannaCry is known as a ransomware malware that locks up victims; computers and data with encryption, until the attackers’ extortion demands are met.
Click here for article.
https://www.silicon.co.uk/e-regulation/governance/britain-terrorists-cyber-attack-231337
For whatever reason the link does not work and keep redirecting the article. Just paste this in and remove the question mark: https://www.silicon.co.uk/e-regulation/gover?nance/britain-terrorists-cyber-attack-231337
The British intelligence agency GCHQ recently admitted they have been conducting cyber attacks against ISIL/ISIS. Most of the efforts to disrupt co-ordination and propaganda. The director of GCHQ said some of this work included destruction of networks and equipment, however he did not go into details as it was “too sensitive to talk about”.
This method of attack is another element in the growing importance of cyber security when it comes to national security, war, espionage, and retaliation.
https://www.hackread.com/atmjackpot-malware-stealing-cash-from-atms/
Netskope Threat Research Labs has identified a new malware which can steal money from the ATM’s (Automated Teller Machine), they also said that it is unclear or unknown that how this malware works as just got developed in March 28, 2018 as it’s batch time states. The Malware’s GUI is too basic to find more details and it only displays the hostname and information about the service providers.
AtmJackpotting, in simple words it is installing a piece of code into ATM’s system which will provide the attacker the information about how much money is dispensing at a particular ATM at any given time. Security professionals stated that, consumers are not affected by this malware because as of now there is no proof that it is accessing any private information about the consumer. It is known that a notorious Carbanak group is involved in stealing an amount of $1.2 million from ATM’s and the suspected head of the group is arrested this previous month.
Malware attack on Delta Airlines and Sears Holding Corp. were list in this week’s security breach A software vendor, naming [24]7 which provides the two companies with online chat and services, was holding a malware in its system. Fortune reported that, the companies disclosed data breaches affecting payment information of their customers.
In this case, the company [24]7’s security was compromised and so it’s customers. There were several cyber-attacks which were made on companies that focused less on security. The data breach was known to be happened somewhere in between September 26 and October 12 in the year of 2017, and said that all the customer’s credit card information was comprised used in that time frame. This is not the first time that Tech vendors let the company’s to data breach, there were reports saying that a few companies have tasted this bit of bitterness by not taking the vendor’s security level. It can only be controlled by focusing on Cybersecurity practices.
The website bsf.gov.in is not active and it has been under security audit from a month now, a BSF spokesperson told to the national news. It is discovered that the official website was hosting some malware infected files which are capable of sending fake emails claiming to be from Mumbai’s United Services Club. But the other official websites are functionally normal the other day. The Border Security Force is the primary border guarding force of India. It is one of the five Central Armed Police Forces of the Union of India.
This issue became public after MalwareHunterTeam, a team of security professionals tweeted about it after diagnosing the infected malware files on Friday. This is not the first time this group actively served but also when WannaCry Ransom ware hit the world previous year. Bryan Cambell, a UK-based security researcher also stated that the site bsf.gov.in had “numerous malware” and “multiple vulnerabilities.” Although the site is down for a while, it is available from the Google Cache results on Saturday.
It was recently discovered that new Android Trojan variants, dubbed as “Naver Defender,” were being distributed as a fake anti-virus application. Uncovered by security researchers at Cisco Talos, them malware named as KevDroid is a ” remote administration tool (RAT) designed to steal sensitive information from compromised Android devices, as well as capable of recording phone calls.”
It was initially discovered by a South Korean cyber security firm two weeks ago. It was reported by the South Korean media to be linked to a North Korea state-sponsored hacking group.
The malware was found to be using an open source library from GitHub as well as exploiting Android flaw CVE-2015-3636 to gain root access of a compromised device.
https://nvd.nist.gov/vuln/detail/CVE-2015-3636
https://thehackernews.com/2018/04/android-spying-trojan.html
The lawmakers also asked Linux to measure “how sustainable and stable” the open-source ecosystem is, and what steps could be taken to make it more resilient….
http://thehill.com/policy/cybersecurity/381329-lawmakers-press-linux-on-security-of-open-source-software