• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Week 1: Course Introduction
      • Week 2: Meterpreter, Avoiding Detection, Client Side Attacks, and Auxiliary Modules
      • Week 3: Social Engineering Toolkit, SQL Injection, Karmetasploit, Building Modules in Metasploit, and Creating Exploits
      • Week 4: Porting Exploits, Scripting, and Simulating Penetration Testing
      • Week 5: Independent Study – Perform Metasploit Attack and Create Presentation
      • Week 6: Ettercap
      • Week 7: Introduction to OWASP’s WebGoat application
    • Second Half of the Semester
      • Week 8: Independent Study
      • Week 9: Introduction to Wireless Security
      • Week 10: Wireless Recon, WEP, and WPA2
      • Week 11: WPA2 Enterprise, Wireless beyond WiFi
      • Week 12: Jack the Ripper, Cain and Able, Delivery of Sample Operating Systems
      • Week 13: Independent Study – Analyze provided Operating System Samples and Create Assessment Report
      • Week 14: Deliver Assessment to Operating System Class either in person or via teleconferenc
  • Assignments
    • Analysis Reports
    • Group Project Report and Presentation
  • Webex
  • Harvard Coursepack
  • Gradebook

MIS 5212-Advanced Penetration Testing

MIS 5212 - Section 001 - Wade Mackey

Fox School of Business

Ahmed A. Alkaysi

OS Analysis PPT and Executive Summary – Alkaysi

April 24, 2017 by Ahmed A. Alkaysi Leave a Comment

Hi, below is the ppt and executive summary for the OS analysis assignment.

PPT OS Analysis – Alkaysi

OS Analysis Executive Summary – Alkaysi

Thousands of Hacked Routers Used for WordPress Attacks

April 16, 2017 by Ahmed A. Alkaysi Leave a Comment

The company, WordFence, reported that tens of thousands of routers, associated with the state-owned telecom company Telecom Algeria, have been hacked and used to launch attacks on wordpress sites. The researchers from the firm also identified up to 27 ISPs from various countries to have their routers involved in this hacking. The vulnerability was the result of ISPs listening on port 7547, used to manage customer’s devices, were running a vulnerable web server, AllegroSoft RomPager. WordFence has reported to have seen more than 90k unique IP address from a total of 28 ISPs to have become compromised.

http://www.securityweek.com/thousands-hacked-routers-used-wordpress-attacks

Cyberspies Target Middle East With Windows, Android Malware

April 9, 2017 by Ahmed A. Alkaysi 1 Comment

A cyber group has been targeting Middle Eastern organization using Windows and Android malware. The group, discovered by Chinese security firm and researchers from Palo Alto Networks, have been targeting educational and military organizations from Palestine to Egypt. The main method of delivering the malware was through fake news websites and phishing emails containing bit.ly shortened links. The malware enables hackers to steal passwords, take screenshots, and log keystrokes. The exact count of victims haven’t been determined, but researchers from Palo Alto have come to a conclusion that these attacks were mostly done by a group of attackers, instead of a lone wolf.

http://www.securityweek.com/cyberspies-target-middle-east-windows-android-malware

Senators reintroduce a bill to improve cybersecurity in cars

March 26, 2017 by Ahmed A. Alkaysi 1 Comment

The Security and Privacy of Your Car (SPY Car) bill has been reintroduced by Senators from Massachusetts and Connecticut. This bill introduces a number of security measures that would beef up the cybersecurity of cars. Some of these initiatives includes: critical systems to be isolated from non-critical systems, breach detection with reporting capabilities, and a “cyber dashboard” that displays a scorecard of how secure the car is. Another piece of this bill is the requirement for manufactures to explain what type of driving data is being collected and how it is being used.

Personally, I am behind this bill. As cars become more connected to the network, even if they are not “electric cars,” cybersecurity should be the focus by all manufacturers. The one thing I like about this bill, the protection of the driver’s privacy is included (with the data collection disclosure requirement), and not the just the cybersecurity of the car itself.

https://techcrunch.com/2017/03/23/senators-reintroduce-a-bill-to-improve-cybersecurity-in-cars/

Healthcare firms plan to increase security spending

February 26, 2017 by Ahmed A. Alkaysi Leave a Comment

81% of healthcare companies are looking to increase their investing in cyber security, an increase from 60% last year. As most of us have probably heard, there has been a wave of recent ransomware and cyber security attacks against the health care industry. Although seeing breaches of healthcare companies in the news might make it seem like the companies are enduring waves of attacks, only “18% of global healthcare companies said they had a breach in the past 12 months,” much less than the “43% of companies in the retail sector.”

In addition to the increase spending, there has been increased regulations and audits around the security of the healthcare companies’ information systems. Recently, the Children’s Medical Center of Dallas was penalized $3.2 million for not adhering to the recommendation of encrypting patient records. In another example, Memorial Healthcare System had to pay $5 million dollars for data breaches.

Healthcare companies are becoming cognizant of the lack of information system controls, driving compliance to become the focus in security spending. This is an important point, as by increasing controls, healthcare companies will be taking a pro-active approach in dealing with cyber security, instead of the standard reactive one.

http://www.csoonline.com/article/3173367/metrics-budgets/healthcare-firms-plan-to-increase-security-spending.html

Metasploit Assignment – Ahmed Alkaysi

February 19, 2017 by Ahmed A. Alkaysi Leave a Comment

Hi, below is my Powerpoint and Executive summary for the Metasploit assignment.

PowerPoint – PPT Metasploit – Alkaysi

Executive Summary – Metasploit Executive Summary – Alkaysi

Insecure Android apps put connected cars at risk

February 19, 2017 by Ahmed A. Alkaysi 1 Comment

In this article, it is discussed how many of the Android apps that are used to locate and unlock their vehicles are missing many security features. Some of these features include: obfuscation, which is used to make it harder for hackers to reverse engineer the code, code integrity checks, encryption of credentials, and a check to see if the phone is running rooted. Another security flaw is a lack of check to see if there is an overlay on top of the app that displays a fake login, used to expose the login credentials.

The article states that while these types of apps might not enable theft, it could make the job easier. Some of the apps have the ability to unlock the car and disable the alarms. Also, per Kaspersky, “Accessing the car and deliberate tampering with its elements may lead to road accidents, injuries, or death.” As cars become more connected and transitioning to be an IoT, security will become paramount.

http://www.csoonline.com/article/3171671/security/insecure-android-apps-put-connected-cars-at-risk.html

Recent WordPress vulnerability used to deface 1.5 million pages

February 11, 2017 by Ahmed A. Alkaysi 1 Comment

A vulnerability in WordPress’ Rest API has been exploited by up to 20 hackers, which has impacted 1.5 million WordPress sites. Majority of these attacks occurred after WordPress disclosed the vulnerability. The vulnerability allows “unauthenticated attackers to modify the content of any post or page within a WordPress site.” Before WordPress publicly disclosed the vulnerability, they patched the issue in a Jan. 26 fix, however, a large amount of sites do not automatically install these patches, as administrators want to test the code before installing. As a result, after WordPress publicly disclosed the issue, the attackers were in a rush to impact as many vulnerable sites as possible, resulting in up to 800k sites to be violated in only 48 hrs. Although there are efforts by the web servers to block or filter the attacks, ultimately, if the a WordPress site is not updated to the latest release, it will continue being vulnerable.

http://www.csoonline.com/article/3168717/security/recent-wordpress-vulnerability-used-to-deface-1-5-million-pages.html

Hackers are seeking out company insiders on the black market

February 5, 2017 by Ahmed A. Alkaysi Leave a Comment

Security firms RedOwl and IntSights have noticed a trend of online black market dealers attempting to recruit “company employees for insider trading and cashing out stolen credit card numbers.” These dealers run forums on the dark web, which is accessible using the Tor browser. The dealers identify employees that could use for insider trading purposes, and after colluding with the employee to retrieve the insider information, they help forum members make “educated stock market bets..” Some of the members make more than $5000 a month using this tactic.

In some cases, the hackers provide the employees with cyber tools to steal data from the company they work for. Security firms have suggested that companies take insider threats more seriously, and that they should implement IT security systems that monitor employees for “unwanted behaviors without violating their privacy.”

http://www.csoonline.com/article/3164543/security/hackers-are-seeking-out-company-insiders-on-the-black-market.html

Charger Android Ransomware Infects Apps on Google Play

January 27, 2017 by Ahmed A. Alkaysi Leave a Comment

A new ransomware, called ‘Charger’ embedded in an Android app threatens to sell the victim’s private info on the black market if they don’t pay. After the user the app, EnergyRescue, the app asks for admin permissions. After receiving the permission, the device is locked and information such as social network details, bank accounts, credit cards, and info about friends and families are claimed to have been compromised. The ransom is set to about .2 BTC, equivalent to $180.

In order for the malware to stay hidden, strings are encoded into binary arrays (making it harder for inspection), code is loaded from “encrypted resources dynamically”, and “checks whether it runs in an emulator” before the routine is run. This makes it difficult for detection due to the inability for most detection engines to “penetrate and inspect dynamically-loaded code.”

http://www.securityweek.com/charger-android-ransomware-infects-apps-google-play

Primary Sidebar

Weekly Discussions

  • Uncategorized (35)
  • Week 01 (2)
  • Week 02 (14)
  • Week 03 (13)
  • Week 04 (10)
  • Week 05 (7)
  • Week 06 (29)
  • Week 07 (8)
  • Week 08 (1)
  • Week 09 (6)
  • Week 10 (12)
  • Week 11 (7)
  • Week 12 (4)
  • Week 13 (6)
  • Week 14 (18)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in