Social-Engineer Newsletter Vol 07 – Issue 98

 

Vol 07 Issue 98
November 2017

In This Issue

  • October Had Some Large Security Incidents
  • Social-Engineer News
  • Upcoming classes

As a member of the newsletter you have the option to OPT-IN for special offers. You can click here to do that.


Check out the schedule of upcoming training on Social-Engineer.com

5-9 February, 2018 – Advanced Practical Social Engineering – Orlando, FL

If you want to ensure your spot on the list register now – Classes are filling up fast and early!


Do you like FREE Stuff?

How about the first chapter of ALL OF Chris Hadnagy’s Best Selling Books

If you do, you can register to get the first chapter completely free just go over to http://www.social-engineer.com to download now!


To contribute your ideas or writing send an email to contribute@social-engineer.org


If you want to listen to our past podcasts hit up our Podcasts Page and download the latest episodes.


Our good friends at CSI Tech just put their RAM ANALYSIS COURSE ONLINE – FINALLY.

The course is designed for Hi-Tech Crime Units and other digital investigators who want to leverage RAM to acquire evidence or intelligence which may be difficult or even impossible to acquire from disk. The course does not focus on the complex structures and technology behind how RAM works but rather how an investigator can extract what they need for an investigation quickly and simply.

Interested in this course? Enter the code SEORG and get an amazing 15% off!
http://www.csitech.co.uk/training/online-ram-analysis-for-investigators/


The team at Social-Engineer, LLC proudly uses:


A Special Thanks to:

The EFF for supporting freedom of speech

Keep Up With Us

Friend on Facebook Facebook
Follow on Twitter Twitter

October Had Some Large Cyber Security Incidents

October revealed two major global cyber security issues, which were Krack (affecting Wi-Fi) and Bad Rabbit (ransomware). Let’s break these two incidents down, and what you can do to stay safe and unaffected.

Krack

Krack (Key Reinstallation Attack) affects all modern Wi-Fi networks that are secured with the WPA2 protocol. While you’re probably reading this on a device connected to one of these networks, don’t panic just yet. In this vulnerability, the attacker has to be within range of your wireless network in order to perform any actions (this cannot be performed remotely).

In a nutshell, Krack exploits the four-way handshake used when a device joins the WPA2 network. In the third step of this handshake, the attacker is able to grab and reuse the encryption key sent by the access point. This key can then be reused to decrypt data transmitted by the device. The researchers showed that utilizing HTTPS sites adds another layer of protection, however data is still vulnerable in some cases.

The best mitigation of this threat is to make sure your devices and access points are patched. If you’re a business running Wi-Fi, perform an assessment to ensure your signal isn’t reachable in public places like the lobby or parking lot. Also make sure that employees are vigilant against tailgaters slipping in to unauthorized areas that would put them in range of your network. While the network password isn’t exposed in this attack, this serves as a good reminder to be alert to vishing and phishing attacks trying to obtain this information.

Bad Rabbit

Bad Rabbit (a Petya variant) is a ransomware virus that rapidly spread mostly through Russia and Eastern Europe recently. Several large corporations, airports, and metro systems were severely impacted in a short period of time. Users visited infected sites that prompted them to perform an update to their Flash software. Once they agreed to the update, the malware installed itself and encrypted the machine; and were then left with a screen that demanded payment to unlock the data. Early reports show this malware also contained tools that allowed it to spread through the network, potentially infecting other systems.

While no known users in the US were affected, this highlights how ransomware is growing as a popular attack vector globally. Most ransomware is spread via phishing emails prompting users to visit bad sites and/or download malware. This highlights the need to be vigilant about navigating to known good sites, not clicking on unverified links, and being wary of any pop-up asking you to update/download software.

At The End of The Day

Threats and security measures are constantly changing, and it’s important to try and keep abreast of the changes. Most new threats that appear potentially open a new pretext for a social engineering attack to occur. It could be phishing prompting you to “install a critical update”; vishing to gain system access to “fix the problem”; or someone tailgating or impersonating employees to gain access to unauthorized areas. Please remember one of your strongest defenses is to have good policies and training in place to prevent these vectors from being utilized. At the end of the day the Human Factor can be your biggest weakness, or your best offense when trained properly.

Written By: Laurie V

Sources:

As part of the newsletter group, you will be the first to receive special offers to services and products by Social-Engineer.Com.


 

 

Leave A Reply