1 - Admin
- Administrator
Offline - Registered: 3/28/2016
- Posts: 978
Security Class - Article #1 - 10/2/2019
Post your articles as a reply to this thread. Look for a good article, summarize it and make sure to post a link to the original and put your name in your post.
- Admin
- Administrator
Offline
- Registered: 3/28/2016
- Posts: 978
Re: Security Class - Article #1 - 10/2/2019
This article is on a security flaw in a networking protocol developed in the early 2000's. The protocol is called Urgent/11 or IPnet. The company that developed the protocol was purchased and stopped development. The bugs in the original software basically just continued to be used as is in many embedded devices, including devices used in hospitals. The bug has been discovered by "hackers" and the company even worked with them at DefCon to try to work out solutions. Very interesting read. Wired Magazine tries to make its articles interesting and readable by non-techie people.
Dave
- •
Thread Starter- Gloat
- Member
Offline
- From: Cashmere, WA
- Registered: 9/24/2019
- Posts: 23
Re: Security Class - Article #1 - 10/2/2019
I found this article interesting as I like to write apps in nodejs,
The author describes how he can read from Client-side information what payloads are being sent to your nodejs server, which implies that he can setup his own payloads that meet the JSON standard that the Nodejs server is use to. With that than the user could abuse uses of the server's functions, with his example he was able to buy something over higher value and inject the information for a lower value item into the payload sending to the server. Under this implication each POST http request needs to have an auth token attached that is saved in cookies and extracted by the client app on bootup.
Hello, I am Devin Baughman.
There is a discord server with links to online PDF's of course textbooks, there are general chats for each course and nerd-banter, please come in and talk computers! Invite:
- EthanODonnell
- Member
Offline
- Registered: 9/25/2018
- Posts: 16
Re: Security Class - Article #1 - 10/2/2019
I got an email that warned people that about 5 million people had their information revealed to whoever had hacked the system. I did some digging and found this article, it says to change your passwords. They also go in depth about the hashing used by DoorDash to encrypt user information and passwords.
- AlMendoza22
- Member
Offline
- From: Wenatchee
- Registered: 3/30/2016
- Posts: 12
Re: Security Class - Article #1 - 10/2/2019
Russian Hackers Attack Moses Lake School District
Earlier this year the Moses Lake School District was hacked by some Russian hackers. Encrypting their servers and backups. They traced the IP address of the virus and figured it came from Moscow, Russia. School says their anti-malware software failed when an employee clicked on an email attachment and the virus spread from there.
Last edited by AlMendoza22 (10/04/2019 10:35 am)
Alvaro Mendoza
- gsnyder24
- Member
Offline
- Registered: 1/22/2018
- Posts: 19
Re: Security Class - Article #1 - 10/2/2019
JONI LOVES CHACHI
- SAMUS
- Member
Offline
- Registered: 10/02/2019
- Posts: 11
Re: Security Class - Article #1 - 10/2/2019
My article has to do with the fact that big internet providers for example (at&t, Verizon, and Comcast etc.) have a lot of freedom to control the internet, such as Comcast who is also a tv provider could potentially slowdown Netflix website and keep their speeds up. This stirs up things because it could be used as a way of taking advantage of other smaller websites that can't afford to pay to keep high speeds or aren't as recognizable so they won't receive any support. The court though appealed towards keeping the internet a "free and open internet."
-Jorge Calderilla
Last edited by SAMUS (10/03/2019 12:11 pm)
Jorge Calderilla
- Tony Leon
- New member
Offline
- Registered: 10/02/2019
- Posts: 5
Re: Security Class - Article #1 - 10/2/2019
My article is about Microsoft getting hacked back in January and March of 2019. The hacker got into the system by compromising a customers support agents credentials. After this the hacker then started spamming emails that would request personal information to your Microsoft account. Once Microsoft got rid of the problem they advised everyone to change their passwords or other information.
- Anthony (tony) Leon
- jkilthau2856
- Member
Offline
- Registered: 7/10/2018
- Posts: 14
Re: Security Class - Article #1 - 10/2/2019
Iranians tried to hack U.S. presidential candidate in effort that targeted hundreds, Microsoft says...
The article I am posting about is quite interesting, and is also fresh in the "hacking news". Apparently attempts were made to identify, attack, and breach email addresses that belonged to an U.S. presidential candidate, several government officials, and journalists. The attackers are thought of to have current ties with the Iranian government. This situation was brought to light by Microsoft, whom observed the intrusion. More than 2700 attempts were made to identify email addresses over a 1 month period between August and September. A total of 4 accounts were actually compromised, Microsoft then notified the customers. Microsoft claims that of the 4 email accounts that were compromised, none of them ended up actually belonging to the U.S. Presidential Candidate or any government officials.
Jesse Kilthau
Reference:
- BiliousGoat
- Member
Offline
- Registered: 4/24/2019
- Posts: 18
Re: Security Class - Article #1 - 10/2/2019
Earlier this year, an unprecedented list of email credentials was found on a hacking forum. Known as "Collection 1", this list includes 773 million passwords linked to unique email accounts, and an additional 21 million unique passwords. Collection 1 includes information gathered from many different exploits compiled into one convenient list. This article also discusses potential mitigation of being hacked from an end-user standpoint I.E. using a password manager.
Derek Dewitt