Wenatchee Valley College - CTS Discussion Board

You are not logged in. Would you like to login or register?



11/26/2018 2:03 pm  #1


Security Class Article #6 - Due Monday December 3rd

To start us off I'm posting a link to a video.  We will watch the video in class, or if you want to get a head start check it out.  Basically, someone found what appears to be a rogue access point made from a Raspberry Pi.  Possibly used as man in the middle attack.  Apparently found more than one of them in the college library.  Looks interesting.

https://www.youtube.com/watch?v=UeAKTjx_eKA
 

Last edited by Admin (11/29/2018 11:22 am)

 

11/27/2018 10:49 am  #2


Re: Security Class Article #6 - Due Monday December 3rd

Rosa:

The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The attacker could have pulled off email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users and mailing campaign data from as many as 60 million USPS customer accounts. The Postal Service ignored the report for a year until recently. The Postal Service is further investigating.

https://thehackernews.com/2018/11/usps-data-breach.html

 

11/29/2018 9:24 am  #3


Re: Security Class Article #6 - Due Monday December 3rd

https://www.futurity.org/honeybot-hackers-factories-security-1718472-2/
This article talks about using robots as honeypots in manufacturing facilities in order to reduce the chances of an attacker to hacking into the robots the facility uses and causing issues. The honeypot robots are programmed to do harmless actions when the attacker gains control of them while sending false information to the attacker so they believe they are actually doing what they want. It also allows security personnel to identify how the attackers operate in order to help stop them.

 

11/29/2018 11:38 am  #4


Re: Security Class Article #6 - Due Monday December 3rd

https://www.zdnet.com/article/dell-announces-security-breach/ Charles Barrett
Dell has detected an intruder at the start of this month  but as of right now no sensitive information has been taken, but as these kind of things go, the more they look into it, the more they find out that it wasn't just a little information they've taken.

 

11/30/2018 10:57 am  #5


Re: Security Class Article #6 - Due Monday December 3rd

2 Iranian hackers were charged for farming in 6 million in ransomware attacks against various businesses and institutions. Based out of Iran the have not been arrested, but have developed their own ransomware software called "samsam". Both are now on the FBI's watchlist.
https://thehackernews.com/2018/11/samsam-ransomware-iranian-hackers.html
-Daniel dagg

 

11/30/2018 11:30 am  #6


Re: Security Class Article #6 - Due Monday December 3rd

Microsoft warned users that two apps made by the headphone manufacturer Sennheiser exposed digital certificates.  Since the certificate and private key were the same for anyone who installed these apps, the private key could be decrypted and could be used for phishing, spoofing, or man-in-the-middle attacks.
https://threatpost.com/microsoft-warns-of-two-apps-that-expose-private-keys/139457/
-RolandS

 

12/01/2018 5:25 pm  #7


Re: Security Class Article #6 - Due Monday December 3rd

Over 6,000 sites were deleted off of the dark web, by unknown hackers. The sites were hosted through a server called Daniels Hosting's. The server's root account was deleted as well as 6,500 web services being hosted on the platform. Daniel Winzen, the host admin says he is not sure who was behind the attack or how they got in.

Due to questionable content being held on the server, it is likely a group like Anonymous was behind the attack trying purge the dark web of content they viewed as immoral.  

https://nakedsecurity.sophos.com/2018/11/21/hacker-erases-6500-sites-from-the-dark-web/

 

12/03/2018 9:07 am  #8


Re: Security Class Article #6 - Due Monday December 3rd

Marriott learned on September 10th or before that there was someone with unauthorized access to their guest records. Around 500 million peoples records were stolen with over 327 million people had their names, phone numbers, addresses, email address, passport number, and gender revealed. They discovered the data breach has been happening ever since 2014 or so.  Here is the article below.
https://techcrunch.com/2018/11/30/starwood-hotels-says-500-million-guest-records-stolen-in-massive-data-breach/

 

12/03/2018 9:27 am  #9


Re: Security Class Article #6 - Due Monday December 3rd

FBI created a fake FedEx website in order to obtain the IP address of a criminal with the intent of impersonating a customer/employee of FedEx and steal funds. 
 
https://motherboard.vice.com/en_us/article/d3b3xk/the-fbi-created-a-fake-fedex-website-to-unmask-a-cybercriminal


~Seth Sampson

 

12/03/2018 10:41 am  #10


Re: Security Class Article #6 - Due Monday December 3rd

https://www.nbcnews.com/tech/security/printer-prank-pushes-pewdiepie-campaign-points-out-security-issue-n942381 Someone hacked into 49,000 printers to promote a youtuber but also used the stunt to show people that even their printers are vulnerable to attacks
 

 

Board footera

 

Powered by Boardhost. Create a Free Forum