CYBR650-T302
Week 4

Wi-Fi flaws discovered, IPhone, Nexus, and Other Smartphones

Google Project Zero researcher Gal Beniamini has discovered vulnerabilities in Broadcom’s system-on-chip (SoC) allowing a hacker the ability the hijack cell phone’s without any interaction from the user. Broadcom Wi-Fi chips are used in many cell phone brands to include Google’s Nexus 5, 6 & 6P, IPhone 4’s and above, and most Samsung Android smartphones.

According to Gal Beniamini “An attacker who is in Wi-Fi range can exploit the security holes found by the Google researcher to take complete control of a vulnerable device without any user interaction.” (Kovacs, 2017) Broadcom was very responsive in fixing the issues and supplying the patches the affected companies.

Apple has scheduled an emergency security update for the remote code execution vulnerability. Samsung has also released a maintenance update with a Google patch and security fix for the Wi-Fi vulnerability.

References

Kovacs, E. (2017, April 5). Wi-Fi Flaws Expose iPhone, Nexus Phones to Attacks. Retrieved from Security Week: http://www.securityweek.com/wi-fi-flaws-expose-iphone-nexus-phones-attacks

CYBR650-T302
Week 3

New Mirai Variant of Infamous IoT Botnet Unleashes 54-Hour DDoS Attack

A variant of the Mirai botnet was discovered as the culprit for a 54 hour Disrupted Denial of Service (DDoS) attack against a U.S. college. Last October the Mirai botnet was one of the most talked about DoS attack in history. The Mirai botnet is a type of malware that automatically finds vulnerable Internet of Things (IoT) devices and makes them into a group of computing devices that can be centrally controlled. Once enough groups of the IoT’s have been assembled they can be used to launch a DDoS attack releasing large amounts of traffic on a targets servers.

Since the Mirai botnet source code was leaked several new variants have surfaced. One version attacked 2400 TalTalk Telcom home routers in the UK, a new windows variant has been found that would spread the Linux Trojan to other IoT devices. More than 900,000 Deutsche Telekom customers in Germany internet service was disrupted. Researchers have recently found that 80 models of Sony cameras are vulnerable to a Mirai takeover. 

According to Security Week magazine “On Feb. 28, the new Mirai threat was used to launch a DDoS attack against a US college, and researchers say that the assault continued for 54 hours straight. The average traffic was of over 30,000 requests per second (RPS) and peaked at around 37,000 RPS, the highest of any Mirai botnet (the attack generated a total of over 2.8 billion requests).” (Arghire, 2017)

References

Arghire, I. (2017, March 29). New Mirai Variant Unleashes 54-Hour DDoS Attack. Retrieved from Security Week: http://www.securityweek.com/new-mirai-variant-unleashes-54-hour-ddos-attack

Newman, L. (2016, December 09). The Botnet That Broke the Internet Isn’t Going Away. Retrieved from Wired: https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/

Be Wary Of Cyber Security Threat Sites.

While there are many websites to find information on current threats, vulnerabilities, updates, and security news. We all need to be cautious of conflicting information. Below are some credible sites to verify information found on the internet. I have included a small excerpt from their sites.

MSDN - The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. (MSDN, 2017)

Symantec - Symantec sees more threats, and protects more customers from the next generation of attacks. (Symantec, 2017)

US-CERT (United States Computer Emergency Readiness Team) - The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT. (US-CERT, 2017) US-CERT is a division of the Department of Homeland Security

Security Week Magazine - SecurityWeek provides authoritative news and columns from information security expert and is a trusted source of information and insight to senior level information security executives, researchers and service providers. SecurityWeek content and resources focus on security strategies, techniques, research and statistics. Other coverage includes online privacy and compliance, cybercrime, and other security trends. (Security Week, 2017)

References

MSDN. (2017). Security Threats . Retrieved from Developer network: https://msdn.microsoft.com/en-us/library/cc723507.aspx#XSLTsection122121120120

Security Week. (2017). Virus & Threats. Retrieved from Security Week: http://www.securityweek.com/virus-threats

Symantec. (2017). About Symantec. Retrieved from Symantec: https://www.symantec.com/about

US-CERT. (2017). Current Activity . Retrieved from US-CERT: https://www.us-cert.gov/ncas/current-activity

CYBR650 Current Trends in Cybersecurity

CYBR650 Current Trends in Cybersecurity

This course presents an in-depth study of current trends in Cybersecurity threats. Discussion includes the identification and management of threats and vulnerabilities within an effective enterprise security program. Prior Cybersecurity education is synthesized through projects and assignments.

This will be my 11th class towards a Master's in Cyber Security (one more to go!!!).

During this semester I will post articles that I hope will be of interest. I normally look for new technologies or exploits that have not made a big splash on the news but people need to know about.

The president urged the FCC to adopt strict rules to preserve the open Internet.

In a big win for advocates of so-called net neutrality, President Barack Obama on Monday called on the Federal Communications Commission to reclassify the Internet as a public good, much like water or electricity, and impose stricter regulations on Internet service providers like Verizon and Comcast. Obama urged the FCC to adopt rules that would prevent ISPs from blocking users from websites, slowing data speeds or acting as Internet gatekeepers through paid prioritization, commonly known as Internet “fast lanes.”

“The FCC was chartered to promote competition, innovation, and investment in our networks,” Obama said. “In service of that mission, there is no higher calling than protecting an open, accessible, and free Internet.”

Mike Masnick at Techdirt called Obama’s push “a big step forward.” Many have been frustrated with the president’s apparent wishy-washiness – and outright silence – on the subject, he noted, and Obama's statement is good news for net neutrality advocates who needed “political cover” from on high. The president’s support doesn’t necessarily ensure a free and open Internet, but Masnick said it’s necessary to moving the conversation forward. “It could have and should have come much earlier,” he wrote, “but better late than never.” (Brody, 2014)

Brody, R. (2014, November 10). The president urged the FCC to adopt strict rules to preserve the open Internet. Retrieved from U.S. News and Word Report: http://www.usnews.com/opinion/articles/2014/11/10/obama-calls-on-the-fcc-to-back-internet-net-neutrality-rules-pundits-react

Best IT Certifications for 2014 & Beyond

Getting certified is a surefire way to advance your career in the IT industry. Whether you work for an enterprise, a small business, government, healthcare or any other place that employs IT professionals, your best bet for career advancement is to validate your skills and knowledge through a carefully chosen combination of certifications.

But certifications can get expensive. Factor in study materials, training and classes, exam fees, and the time that you devote to the whole experience; it all adds up. If you consider certifications as an investment in your career and your future, then wouldn't you want to work to obtain those that will benefit you the most?

Top 5 InfoSec Certs

1. CompTIA Security+
2. CEH: Certified Ethical Hacker
3. GIAC Security Essentials
4. CISSP: Certified Information Systems Security Professional
5. CISM: Certified Information Security Manager

http://www.tomsitpro.com/articles/best-it-certifications,1-1352.html