IT 460

An emergency directive from the Department of Homeland Security is ordering administrators of most federal agencies to protect their Internet domains against a plethora of attacks that have hit executive branch websites and email servers in the last few weeks. These attacks are directly targeting web, email traffic and possibly other network services using certain techniques that I have personally learned about recently in my IT 460 class. Some on the techniques being; - The attacker begins by compromising user credentials, or obtaining them through alternate means, of an account that can make changes to DNS records. - Next, the attacker alters DNS records, like Address, Mail Exchanger, or Name Server records, replacing the legitimate address of a service with an address the attacker controls. This enables them to direct user traffic to their own infrastructure for manipulation or inspection before passing it on to the legitimate service, should they choose. This creates a ris...

I think it is safe to say that between the Google Play Store on Android and the App Store on iOS, that Google's app market seems to be the most susceptible to malware attacks. The main reason being that Android is Open Source software, meaning that the software that runs on these phones are free for the public to see and use for themselves. While this is a way to be fully transparent with your companies software, it does put you at risk for more attacks. Hackers can study the code and find certain flaws that they can exploit and do malicious things. Getting an app on the Google Play store is an easy process, you have to create some accounts and enter in content information, etc. Then your app will be posted online for everyone to download. Some app developers with bad intentions seem to be hiding malicious content inside what looks like harmless game apps. Everything looks and functions properly, but in the background malware files are being loaded onto your phone. You go on about ...

In today’s day in age we use our phones for a variety of reasons. Our phones have become an essential tool to most of and that means we end up having lots of critical/sensitive information within our phones. Be it either on the actual phone itself or the information the phone can transfer across the network, our phones do contain valuable data. If you own an Apple iPhone you might have heard of a term “Jailbreak” or “Jailbreaking” your phone. iOS jailbreaking is privilege escalation for the purpose of removing software restrictions imposed by Apple on iOS. This allows user data to be manipulated and allows users to access/edit system information on the device itself. While most people perform jailbreaking on their device to access certain “extra features” others can use it for bad intentions; Like intercepting messages, monitoring GPS locations, etc. As of late many companies and government agencies are announcing their willingness to pay for (single-click and no-click) exploits. Singl...

Have you ever created an account online? If so, were you asked to make a username and password? Maybe it asked you for some personal information like your full name, and home address? The answer to those questions for all of us is a resounding yes. For example, when I made my first bank account I had to provide all sorts of personal information to the bank manager in order to verify my identity and create an account with them. This data is usually entered in digitally into a computer and then stored somewhere onto a hard drive or uploaded to a central repository somewhere else. These repositories or "honey pots" are prime targets for hackers to go for because they contain an abundance of customer account information, which is considered very valuable for obvious reasons. Blockchain on the other hand may soon have a solution to end the open exchange of personal information. "Blockchain distributed ledger technology (DLT) – in combination with digital identity verificati...