Wenatchee Valley College - CTS Discussion Board

You are not logged in. Would you like to login or register?



10/11/2018 10:03 am  #1


Security Discussion Topic #2 Due Monday the 15th

Post your security articles here in the reply section.  Make sure to include your real first name....

 

10/11/2018 5:35 pm  #2


Re: Security Discussion Topic #2 Due Monday the 15th

Magecart Hacking Group used a digital credit card skimmer to capture payment info on the NEWEGG website between August 14 and September 18, 2018. They inserted just 16 lines of Javascript code in the checkout page. No news as to how many customers were affected yet. https://thehackernews.com/2018/09/newegg-credit-card-hack.html

 

10/12/2018 10:15 am  #3


Re: Security Discussion Topic #2 Due Monday the 15th

 

10/12/2018 10:17 am  #4


Re: Security Discussion Topic #2 Due Monday the 15th

Google says a bug in an API for its Google+ social networking service exposed personal details for about 500,000 accounts, but it believes the data wasn't misused. Google patched the bug in March but chose to not publicly disclose the problem, based on a recommendation made by its privacy and data protection office. Google's decision to not disclose the data leak is likely to raise eyebrows because technology companies have faced increasing pressure and regulatory scrutiny over their data handling and privacy practices.
https://www.bankinfosecurity.com/google-forced-to-reveal-exposure-private-data-a-11587

 

10/12/2018 10:46 am  #5


Re: Security Discussion Topic #2 Due Monday the 15th

An undocumented group given tracked under the name 'Gallmaker' by Symantec has been attacking oversea embassies of an unnamed Eastern European country and Middle Eastern military and defense organizations. The group has been active since at least December or 2017. Gallmaker does not use any malware in their attacks, only publicly available tools. Since they only operate within the memory, they're difficult to detect. Adding to this, they sometimes delete their tools from the machines, making it even harder to detect them.
Article: https://www.securityweek.com/cyberspy-group-gallmaker-targets-military-government-organizations
-Roland Smith

 

10/14/2018 3:41 pm  #6


Re: Security Discussion Topic #2 Due Monday the 15th

Cars are being hacked to be used as human targets for nefarious purposes. The cyberattacks disrupts the cars systems such as brakes, lights etc.
https://www.ecnmag.com/news/2018/10/detecting-anomalies-car-computer-network
Dan Dagg

Last edited by ddagg (10/15/2018 10:11 am)

 

10/14/2018 8:10 pm  #7


Re: Security Discussion Topic #2 Due Monday the 15th

Charles Barrett - there's a new malware that is disguising itself as the Google Play Store for Androids and it seems to still be in the testing stage, but you still need to be aware of this trojan virus. /amp/s/www.financialexpress.com/industry/technology/android-users-alert-fake-google-play-store-malware-may-attack-your-phone/1348956/lite/

 

10/15/2018 5:36 am  #8


Re: Security Discussion Topic #2 Due Monday the 15th

Police are being told to avoid looking at perps new IPhones too many times or risk being locked out by New Face ID feature.
https://www.engadget.com/2018/10/13/police-told-to-avoid-looking-at-iphone-x/?ncid=txtlnkusaolp00000618

Zach Buntzler

Last edited by zabu92 (10/15/2018 5:37 am)

 

10/15/2018 7:58 am  #9


Re: Security Discussion Topic #2 Due Monday the 15th

ESET, an antimalware/virus company discovered links tying NotPetya to a group called TeleBots. This group famously attacked power grids in Ukraine during 2015. NotPetya was originally just thought to be a company that created ransomware, although similarities have seemed to prove otherwise. 

https://threatpost.com/notpetya-linked-to-industroyer-attack-on-ukraine-energy-grid/138287/

-Seth Sampson

 

10/15/2018 9:24 am  #10


Re: Security Discussion Topic #2 Due Monday the 15th

GhostDNS tools create botnet of 100,000 routers, changes DNS settings to malicious DNS server. It has several modules that can target several manufacturers of routers, and works by via a script that scans the internet for accessible routers, and tries default credentials.

https://thehackernews.com/2018/10/ghostdns-botnet-router-hacking.html

Defending against threats of this kind are as simple as:
1.) Change your router's default login credentials
2.) Keep your firmware updated
3.) Only allow WAN access to your router if it's absolutely necessary

-Skyler D

 

 

Board footera

 

Powered by Boardhost. Create a Free Forum