ETHICAL HACKING NET-185-001N Week 13
HP's new security controller (https://www.anandtech.com/show/14225/hps-security-push-sure-sense-endpoint-security-controller) sounds interesting, but it definitely needs to be sufficiently hardened to make it worthwhile. The idea is to use AI to detect malware based on behavior, to protect against zero-day exploits and such.
A disturbing development that I just read about is the 'Land Lordz' scam using other domains to get people to make cash deposits for listings on AirBNB that are not legitimate. (‘Land Lordz’ Service Powers Airbnb Scams)
One of the stranger recent security occurrences was that a poorly documented security feature in Microsoft Edge breaks another security feature (marking a file as from the web) that causes a certain type of file, the MHT file, to be opened without a sandbox using Internet Explorer, since it is the default to open that type of file. (https://arstechnica.com/information-technology/2019/04/unexpected-security-feature-in-microsoft-edge-could-allow-for-file-theft/)
I was already familiar with the concept of session hijacking, but this week I learned more about it.
I was also already familiar with the concept to a man-in-the-middle attack, when an attacker is located between the two devices communicating with each other. As I've stated previously, encryption and authentication is the best defense against this type of attack. However, if someone strips off the encryption and the end user does not notice this, it makes it trivial to steal data. I believe that this is part of why browsers are doing more to emphasize that a non-HTTPS website is 'not secure'. Not because it contains malware, but because all communications with it are in plaintext, which it should be obvious is not suitable for transmitting confidential information.
I was also already familiar with DNS hijacking, which has happened again on a large scale recently, as was discussed in this recent Ars Technica article, which I previously wrote about. https://arstechnica.com/information-technology/2019/04/ongoing-dns-hijackings-target-unpatched-consumer-routers/
A disturbing development that I just read about is the 'Land Lordz' scam using other domains to get people to make cash deposits for listings on AirBNB that are not legitimate. (‘Land Lordz’ Service Powers Airbnb Scams)
One of the stranger recent security occurrences was that a poorly documented security feature in Microsoft Edge breaks another security feature (marking a file as from the web) that causes a certain type of file, the MHT file, to be opened without a sandbox using Internet Explorer, since it is the default to open that type of file. (https://arstechnica.com/information-technology/2019/04/unexpected-security-feature-in-microsoft-edge-could-allow-for-file-theft/)
I was already familiar with the concept of session hijacking, but this week I learned more about it.
I was also already familiar with the concept to a man-in-the-middle attack, when an attacker is located between the two devices communicating with each other. As I've stated previously, encryption and authentication is the best defense against this type of attack. However, if someone strips off the encryption and the end user does not notice this, it makes it trivial to steal data. I believe that this is part of why browsers are doing more to emphasize that a non-HTTPS website is 'not secure'. Not because it contains malware, but because all communications with it are in plaintext, which it should be obvious is not suitable for transmitting confidential information.
I was also already familiar with DNS hijacking, which has happened again on a large scale recently, as was discussed in this recent Ars Technica article, which I previously wrote about. https://arstechnica.com/information-technology/2019/04/ongoing-dns-hijackings-target-unpatched-consumer-routers/
Comments
Post a Comment