Module 15

Module 15

In this module, we learn about cryptography and public key infrastructure (PKI). Cryptography is a way of protecting the transfer of information in computer systems. Cryptography can help secure files from disclosure and also can ensure file data integrity. The PKI is the framework of encryption that protects communication between the servers and the users. It works by using two keys: public and private.  

Interesting article about the tool which can help recover from ransomware attacks. 

https://www.zerto.com/protect/responding-to-the-ransomware-epidemic/

Module 14

Module 14

In this module, we learn about cloud and IoT technologies and their security issues.  Cloud Computing allows the use of hardware and software as a service over the Internet. With the cloud, users can access files and use applications from any device that can access the Internet network. An example of a Cloud Computing provider is Google's Gmail and Amazon Web services. The IoT is simply the network of interconnected devices that are embedded with sensors, software, network connectivity, and necessary electronics that enables them to collect and exchange data making them responsive. AN example of IoT devices is Nest/Ring cameras or sensors.

Interesting article about several IoT hacks.
https://www.finance-monthly.com/2019/09/the-worst-and-weirdest-iot-hacks-of-all-times/

Module 13

Module 13

In this module, we learn about wireless, Bluetooth, and mobile networks. The chapter discusses various types of WiFi networks and how secure they are. The WiFi networks use broadcasts to pass their traffic. Broadcasting makes the WiFi networks very vulnerable to sniffing and Man in the middle attacks. Bluetooth is a very old standard that allows convenient connection between mobile devices. Unfortunately, this communication protocol is very vulnerable to several types of attacks. A common type of attacks include bluejacking, bluesnarfing and blue bugging. 

Interesting article about the latest Bluetooth hacks. The described in article Bluetooth flaw enables an "attacking device" to interfere with the connection encryption process, essentially stealing the encryption key and accessing the data traffic between target devices.

https://www.forbes.com/sites/zakdoffman/2019/08/15/critical-new-bluetooth-security-issue-leaves-your-devices-and-data-open-to-attack/#42aba7ad4ec8 

Module 12

Module 11

In Module 11 we learn about Web servers and Web application hacking techniques and tools. We reveal in detail web server attacks and countermeasures. The author describes the best practices in securing the webserver and application environments. Lastly, we review the SQL injections types and countermeasures.

Since we discuss WEB server vulnerabilities I found this interesting article about the WordPress vulnerabilities. After carrying out an analysis of 84,508 WordPress plugins, Spanish security researchers Jacinto Sergio Castillo Solana and Manuel Garcia Cardenas discovered more than 5,000 vulnerabilities, including 4,500 SQL injection (SQLi) flaws.  The SQL injection is one of the most popular hacks but also one of the oldest. If  still use WordPress  maybe you should use a different platform.

https://portswigger.net/daily-swig/wordpress-terror-researchers-discover-a-massive-5-000-security-flaws-in-buggy-plugins 

Module 11

Module 11

In Module 11 we learn about the IDS intrusion detection system and IPS intrusion prevention systems. The systems are designed to help defend the network from know as well as unknown threats. The signature-based systems will search for the signature pattern which if discovered will fire alert in IDS and if IPS is enabled then the connection will be drooped or quarantined. More sophisticated IDS/IPS is built on network or user behavior, this system uses IA to learn the network/user patterns it will alert on any anomalies. These systems will be much more useful than regular IDS/IPS since using machine learning can spot a needle in a haystack. However if not properly tuned can produce a lot of false/positive.

I found an interesting article about ZOOM user names and passwords sell on the dark web. After many zoom bombing attacks, companies have risen some of the security settings attackers are now posting and selling videoconferencing credentials online. 

https://www.darkreading.com/threat-intelligence/criminals-selling-videoconferencing-credentials-on-dark-web/d/d-id/1337539?&web_view=true

Module 10

Module 10

In module 10 we learn about sniffing, session hijacking, DDOS and DNS spoofing. Sniffing is a way of monitoring the data flowing over the network by using a tool called "network sniffer" .IP Spoofing is when a malicious actor trying to impersonate the known IP by doing a redirection on the DNS level.

This week I would like to share about a very hard to spot and defend a DDOS attack called R.U.D.Y or "R U Dead Yet". This attack is hard to detect since its submitting the data at a very slow pace similar to regular request which coming from legitimate users. To protect from this type of attack you need to have a reverse proxy between customers and your website and monitor all of the traffic for slow attack traffic like RUDY which is almost impossible if you have thousands of hits per minute on your website. The best way to protect is to use a third party such as Cloudflare which automate the detection and prevention process without the interruption on legitimate traffic.

https://www.cloudflare.com/learning/ddos/ddos-attack-tools/r-u-dead-yet-rudy/

Module 09

Module 09

In module 9 we learn about different types of malware. In detail, we covered the features and differences among viruses, worms, Trojans and rootkits. The malicious code is designed to damage or disrupt host, software or networks. The damage from malware can vary from staling PII information, destroying the data or compromising the systems.

The computer malware and viruses are constantly evolving here is the list of the most dangerous viruses in 2020. The list as usual lately starts with sophisticated Ransomware

https://www.safetydetectives.com/blog/most-dangerous-new-malware-and-security-threats/

Module 08

Module 08

In this module, we learn some system hacking techniques. The chapter explains in detail how to use key loggers and how to crack the passwords. Lastly, we also review the system hacking countermeasures and how to configure the password policies.

Malicious actors can use key-loggers or rainbow tables to crack user passwords. However, there is also another method often used by pen-testers. The method is to gather the user password from the pwned password database. This technique is very successful since a lot of people use the same password for multiple accounts.

For anybody who wants to check if the online account has been breached check your credentials on this website   https://haveibeenpwned.com/ .

Module 07

Module 07

This week we learn about the vulnerability assessment process.  The chapter goes into detail on how to develop a vulnerability management program and which tools to use. The vulnerability scanning its a critical part of any security program since it will reveal any system weaknesses and will allow us to properly asses the security risk.  

This week I found interesting an article about corona virus spam campaigns. Corona virus is also spreading through phishing scams, please take a look at the following article showing some samples of corona virus scams.

https://www.infosecinstitute.com/blog/top-7-coronavirus-phishing-scams-making-the-rounds/?utm_source=pardot&utm_medium=email%20blast&utm_campaign=infosec%20aware&utm_content=2020-03-04

Module 06

Module 6

In this module, we review the enumeration techniques and tools. The enumeration is the process of gathering the user and system information such as username, passwords, OS versions. The gathered information is used to find the vulnerabilities and weak points of the system. For example, Some outdated systems like Microsoft Server 2000 - 2003 allow the password hash extraction which then can be cracked, this can be a golden-mine for hackers or pen testers. With tools like Nessus, you can easily find default or weak passwords. A lot of administrators forget about built-in default accounts and passwords and if they are not disabled or changed this can be an easy gate to get in.

For this week article I chose the news about new ransomware type whihc avoids detection by using the safe mode to skip the endpoint protection. https://cyware.com/news/new-snatch-ransomware-variant-avoids-detection-using-safe-mode-08a512f7

Module 05

Module 5 

This week we learn about the types of scanning and how to gather information about the targets. It is very difficult to protect the organization against scanning attempts. From my own experience, I learn that there are a few ways that help with scanning. One of the good strategies is GEO Fencing. By blocking some of the bad countries like Rusia and China you can minimize the scans from thousands to several. The other simple technique is to use IDS/IPS systems, create specific rules which will stop excessive ping and DNS requests. If the scan is performed internally, the enterprise Antivirus software will usually spot and stop the scan. However, if the scan is performed very slowly there is almost no way to find that the network is being scanned.

This week I found an interesting article about a new malware spam campaign that targets multiple companies. The attack was performed by embedded malware in office file attachments. Once the malicious file is open it drops the Adwind 3.0 which is set to stole sensitive information. Please check the article at  https://cyware.com/news/adwind-30-found-in-ongoing-malspam-campaign-targeting-over-80-turkish-companies-1d8eb706

Module 04

Module 04

This week we learn about the reconnaissance and some of the techniques used in gathering the information. It is critical for any of the organizations to limit their employees what they post on social media since that information can be easily used against the organization. With tools like Maltengo and Echosec, a hacker can easily target a company and find all of the information coming from social media. These tools pull information from multiple social sites correlate the details and reveal the relationships with the company and where the posts were created. This type of intel can help to create very sophisticated phishing campaigns or target the employees through Facebook or LinkedIn. 

I was researching the hacks which come through social media websites and I found this article https://www.fastcompany.com/90372829/im-a-hacker-and-heres-how-your-social-media-posts-help-me-break-into-your-company  The author point that people do not pay attention when taking selfies in work they may reveal critical information to the outside world. From employee pictures, the hacker can learn the environment the building structure, can see the employee's badges, and how computers are setup.  

Module 03

Module 03

This chapter talks in detail about the social engineering tactics and attacks. The social engineering it’s very difficult to stop since mostly we fight against human weaknesses. There is no technical measure that can totally stop social engineering attacks. The best way to secure the system against social engineering is a combination of spam filtering as well as user education. The security team has also developed its own phishing campaigns to find the clickers and users who do not follow the best practices. For HR and financial departments, there is a need for more sophisticated training on how to handle personal information. Moreover, the financial team has to have multiple approvers to process the payments and be trained on how to properly check the identity. The approval process needs to include multiple systems and cannot only rely on email or phone since these two media are very vulnerable to social engineering attacks and spoofs. 

For this week's article, I chose the Deepfake software which allows us to fake the person's voice and video image. This type of software can be easily used for faking voice calls or even videoconferencing. Usage of deep fake software moves social engineering on a different level.

Please take a look at this link which talks about deep fake technology and the risk which comes with them.

https://www.theguardian.com/technology/2020/jan/13/what-are-deepfakes-and-how-can-you-spot-them

https://www.online-tech-tips.com/computer-tips/what-is-a-deepfake-and-how-are-they-made/

Module 02

Module 02
Net 185 - Ethical Hacking

 This section  talks about the fundamentals of pen testing procedure as well about different compliance and regulations which pen testers have to know when performing pen tests. The chapter also talks about how to prepare the risk assessment and which type of pen tests to use ( internal, external, white box and black box tests). I learn that the scope of the assessment has to be documented in detail in the SOW document (scope of work). The SOW has to include what will be tested and when and if there are any exclusions. I learn from my own experience that there will be exclusions and not all the  targets can be scanned. Even when scanning is usual non-intrusive for some production systems like mainframe scanning can produce a denial of service which can cause access and monetary loss.

This week I was researching the latest ransomware attacks and I found that one of the crystal lake high schools gets hit by ransomware attacks. A lot of these attacks are random mostly started by internal users opening malicious files from the email. It seems the Crystal Lake School District 155 High school was lucky and was able to discover the ransomware in the beginning stage which didn't spread to the whole organization. Some of the victims of these attacks have limited ways to recover which tends them to pay the ransom.

https://www.nwherald.com/2020/01/29/district-155-hasnt-communicated-with-hackers-paid-ransom-following-ransomware-attack/avdxsgz/

Module 01

Module 01

Net 185 - Ethical Hacking 

The first module its an introduction to labs and the Testout tool. The videos explain in detail how to work with a virtual lab and how to switch between environments. I think the virtual lab will help a lot in making this class close to reality. However, I will also suggest using your pen-testing tools set up with a virtual machine or Raspberry Pi.

Simple tutorial on how to install Kali Linux on Rasberry Pi

https://www.makeuseof.com/tag/install-kali-linux-raspberry-pi/

I found that EC-Council CEH v10 cert is a bit pricy, so I hope this class will prep mi well to pass this on the first attempt.