Offline
To start us off I'm posting a link to a video. We will watch the video in class, or if you want to get a head start check it out. Basically, someone found what appears to be a rogue access point made from a Raspberry Pi. Possibly used as man in the middle attack. Apparently found more than one of them in the college library. Looks interesting.
Last edited by Admin (11/29/2018 11:22 am)
Offline
Rosa:
The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The attacker could have pulled off email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users and mailing campaign data from as many as 60 million USPS customer accounts. The Postal Service ignored the report for a year until recently. The Postal Service is further investigating.
Offline
This article talks about using robots as honeypots in manufacturing facilities in order to reduce the chances of an attacker to hacking into the robots the facility uses and causing issues. The honeypot robots are programmed to do harmless actions when the attacker gains control of them while sending false information to the attacker so they believe they are actually doing what they want. It also allows security personnel to identify how the attackers operate in order to help stop them.
Offline
Offline
2 Iranian hackers were charged for farming in 6 million in ransomware attacks against various businesses and institutions. Based out of Iran the have not been arrested, but have developed their own ransomware software called "samsam". Both are now on the FBI's watchlist.
-Daniel dagg
Offline
Microsoft warned users that two apps made by the headphone manufacturer Sennheiser exposed digital certificates. Since the certificate and private key were the same for anyone who installed these apps, the private key could be decrypted and could be used for phishing, spoofing, or man-in-the-middle attacks.
-RolandS
Offline
Over 6,000 sites were deleted off of the dark web, by unknown hackers. The sites were hosted through a server called Daniels Hosting's. The server's root account was deleted as well as 6,500 web services being hosted on the platform. Daniel Winzen, the host admin says he is not sure who was behind the attack or how they got in.
Due to questionable content being held on the server, it is likely a group like Anonymous was behind the attack trying purge the dark web of content they viewed as immoral.
Offline
Marriott learned on September 10th or before that there was someone with unauthorized access to their guest records. Around 500 million peoples records were stolen with over 327 million people had their names, phone numbers, addresses, email address, passport number, and gender revealed. They discovered the data breach has been happening ever since 2014 or so. Here is the article below.
Offline
FBI created a fake FedEx website in order to obtain the IP address of a criminal with the intent of impersonating a customer/employee of FedEx and steal funds.
~Seth Sampson
Offline