Sunday, March 15, 2020

Blog 8

This chapter was about system hacking.

System Hacking

  • A rainbow attack is a password hash cracking technique that uses pre-computed word lists and their hashes in tables.
  • Password salting is adding random bits of data to a password before it is stored as a hash to make password cracking more difficult.
  • Pass the hash allows an attacker to get into a workstation, and then continue using hashes to get into other workstations, until they reach an administrator account.
  • One of the most popular password cracking programs is John the Ripper.
  • Cain and Abel is also very popular to use dictionary attacks and brute force attacks.
  • Configuring password policies is very important. It can help prevent or mitigate risks with weak passwords.
Privilege Escalation

  • Kerberoasting:  An offline brute force attack to crack a Kerberos ticket to reveal the service account password in plain text.
  • DLL hijacking: Loading a malicious DLL into the application directory 
  • Security Account Manager (SAM): Database that authenticates local and remote users. LM hash or NTLM hash.
  • Booting from a CD or USB allows you to easily remove passwords from user accounts.
 Maintain Access

  • Path Interception: When a malicious file name is added to a service path without quotation marks and includes spaces in the code.
  • Crackers: Software programs that crack code and passwords to gain unauthorized access to a system. 
Cover Your Tracks

  • Rootkit: A program attackers use to establish root level permissions.
  • Steganography:  Embedding data into files to hide it from everyone but the receiver
Article

The article I found was about a possible data breach at Princess Cruises. Could be names, social security numbers, address, government identification number, and data about health. They are fixing up their security to try to prevent this in the future. They did not find who was responsible.

 https://www.pymnts.com/safety-and-security/2020/princess-cruises-discloses-possible-data-breach/
Posted by at No comments:

Friday, March 6, 2020

Blog 7

This chapter was about analyzing vulnerabilities.

  • An active assessment is obtained by actively testing the network for weaknesses.
  • A passive assessment is obtained by looking for weakness through observation without directly interacting with the network. 
  • An external assessment is obtained by testing external systems and testing from outside the network.
  • An internal assessment is obtained by testing and analyzing processes and systems inside the network.
  • An active scan transmits packets to the nodes within a network to find exposed ports and can repair security flaws.
  • In vulnerability research, there are several areas to research. First is misconfigurations, commonly caused by human error. Second is default configurations, such as default SSID's and passwords. Third is buffer overflows, when a user tries to store more data than a program was written for. Next are unpatched servers. Then there are design flaws, operating system flaws, and application flaws. Last are open services, such as ones run by certain ports. 
Vulnerability Management Life Cycle

  • Creating a baseline is first. This includes defining effectiveness of current policies and procedures. It also includes setting up for the assessment.
  • Vulnerability assessment is testing the network for vulnerabilities.
  • Risk assessment is evaluating the found vulnerabilities for threat level.
  • Remediation is patching, hardening, and correcting weaknesses.
  • Verification is retesting the system to verify patching and hardening was effective.
  • Monitoring is where continuous monitoring of systems is implemented.  
  • Three basic steps in penetration testing:
    • Locate the live nodes on the network. You must know where each live host is.
    • Itemize each open port and service in the network.
    • Test each open port for known vulnerabilities.
Vulnerability Scoring Systems

  • Common Vulnerability Scoring System (CVSS): Categorizes vulnerabilities by threat level.
  • CVSS calculator: Determines risk level of vulnerabilities based on base, temporal, and environmental metrics.
  • Cybersecurity and Infrastructure Security Agency (CISA) : Provides many resources for cyber security.
  • National Vulnerability Database (NVD) : Detailed database of known vulnerabilities.
  • Full disclosure: Forum for discussing vulnerabilities and threats. Has tools, papers, news, and events related to vulnerabilities. 
  • A good site that is for CISA is us-cert.gov.
  • seclists.org/fulldisclosure
 Vulnerability Assessment Tools

  • Qualys Vulnerability Management
  • Nessus Professional
  • Open Source Tools
    • OpenVAS 
    • Nikto
  •  Mobile Tools
    • Retina CS, it's for smartphones, mobile devices, and tablets. It can scan, prioritize, and fix vulnerabilities.
    • SecurityMetrics Mobile
    • Nessus
    • Net Scan
    • Network Scanner

Article

T-Mobile suffered a security breach, says customers' financial data was accessed. Their email vendor was the target of the attack, which exposed some employees emails that contained customer information. They set up two different support pages, one for less information stolen, and one for more sensitive information stolen. They said they quickly identified and shut down the attack. They have begun an investigation with cybersecurity forensic experts. They have not found the hacker yet.

https://www.phonedog.com/2020/03/04/t-mobile-security-breach-customers-financial-details































Posted by at No comments:
Subscribe to: Posts (Atom)