Month: October 2014

Como saber y hacer diagrama de la red para hackear

Posted on

Acuerdo con el curso de hacking en México, de hecho, antes de entrar en una red, los buenos hackers, por lo menos pasan un poco de tiempo (ya veces algo más que un poco) para conocer la red destino, la cartografía etc. Cuanta más información se puede recabar como información sobre la red, mejor que sepan cómo romperlo y si o no realmente quieren intentar . Nmap es una de las herramientas principales que explican durante curso de seguridad en redes y utilizadas para barridos de ping y escaneo de puertos, así como para la identificación del sistema operativo según maestro de curso seguridad informatica.

En curso de hacking en México explican capacidades (entre muchos otros) utilizados por los intrusos potenciales para recopilar información sobre, o huella digital, objetivos contra de un ataque cibernético. Además, explican dónde se utilizan herramientas complementarias para lograr la máxima cantidad posible de información de la red.

Durante el curso seguridad informática vamos a empezar con una descripción del entorno de destino. Tenga en cuenta que, al empezar a investigar una red, un intruso probablemente no conocen esta información; la identificación de esta información es la meta.

En el curso de seguridad en redes la red que se examina en este caso pertenece a una corporación de tamaño mediano y sigue un diseño de red típica apoyo a una red Ethernet 10/100 MB. Hay un router de Internet, proporcionando conectividad a Internet, seguido por un cortafuegos. Una zona desmilitarizada (DMZ) que hay detrás del servidor de seguridad, junto con el interruptor de la columna vertebral de la empresa. La red de área local (LAN) se conecta a este switch.

 curso de seguridad en redes

Toma de huellas dactilares de red intenta capitalizar la fuga de información de la red para dibujar un mapa de la topología de red similar. Personas que toman curso de hacking en México menudo eligen para comenzar su recolección de información mediante el examen de la zona de distensión, como fue el caso aquí ,

porque la DMZ generalmente aloja el servidor web público de cara, y por lo tanto es el primer lugar para conectarse a o interactuar con la red del objetivo según maestro de curso seguridad informatica. La DMZ a menudo puede proporcionar muchos bits de información útil relevantes a la red general. En primer lugar, que está seguro de tener hosts con acceso al Internet con puertos abierto y es, anfitriones que se puede llegar a través del servidor de seguridad de Internet.

Además de los servidores web, DMZ a menudo incluyen los servidores de nombres de dominio (DNS) y servidores de correo. Para saber como entrar y aprender seguridad pueden tomar curso de seguridad en redes de IICS.

Advertisements

Malicious ads on YouTube: ransomware

Posted on

seguridad de celularesResearchers at Trend Micro have shed light on a recent campaign, where poisoned YouTube ads led visitors to the Sweet Orange exploit kit.

In the campaign, users running vulnerable versions of Internet Explorer were targeted, Joseph Chen, a fraud researcher at the firm, said in a Tuesday blog post. Chen explained the redirection method used by attackers, as YouTube visitors weren’t sent directly to malicious sites.

“Instead, the traffic passes through two advertising sites, suggesting that cybercriminals behind this campaign bought their traffic from legitimate ad providers,” Chen wrote. “In order to make their activity look legitimate, the attackers used the modified DNS information of a Polish government site.” Instead of compromising the site, miscreants altered DNS information by “adding subdomains that lead to their own servers,” he added.

Ultimately, the attacks led to malware, called “Kovter,” which is used to carry out ransomware scams.

 

Source:http://www.scmdagazine.com/internet-explorer-users-at-risk-in-malicious-ad-campaign/article/377496/

POODLE Attack:Vulnerability Breaks SSLv3 Secure Browsing

Posted on

The POODLE Attack
To work with legacy servers, many TLS clients implement a downgrade dance: in a first
handshake attempt, offer the highest protocol version supported by the client; if this
handshake fails, retry (possibly repeatedly) with earlier protocol versions. Unlike proper
protocol version negotiation (if the client offers TLS 1.2, the server may respond with, say,
TLS 1.0), this downgrade can also be triggered by network glitches, or by active attackers.
So if an attacker that controls the network between the client and the server interferes with
any attempted handshake offering TLS 1.0 or later, such clients will readily confinethemselves to SSL 3.0.
Encryption in SSL 3.0 uses either the RC4 stream cipher, or a block cipher in CBC mode.
RC4 is well known to have biases [RC4­biases], meaning that if the same secret (such as
a password or HTTP cookie) is sent over many connections and thus encrypted with many
RC4 streams, more and more information about it will leak. We show here how to put
together an effective attack against CBC encryption as used by SSL 3.0, again assuming
that the attacker can modify network transmissions between the client and the server.
Unlike with the BEAST [BEAST] and Lucky 13 [Lucky­13] attacks, there is no reasonable
workaround. This leaves us with no secure SSL 3.0 cipher suites at all: to achieve secure
encryption, SSL 3.0 must be avoided entirely.

download (8)

read more here:https://www.openssl.org/~bodo/ssl-poodle.pdf

hacking etico

El propósito de asegurar su DMZ

Posted on

El propósito de curso seguridad informatica online es generalmente para permitir a los desarrolladores web para implementar seguridad en desarrollo de contenido Web desde sus PC hasta al servidor Web de producción. Un experto de pentesting explica que cuando existen estas conexiones, que son efectivamente las puertas traseras que permiten a los hackers informáticos acceder a los recursos de la red casi en su totalidad sin ser detectado-no detectados en la medida en que no están utilizando la ruta establecida por el router y en el firewall. Estas conexiones pueden ser descubiertos mediante el examen de las tablas de enrutamiento en los hosts dentro de la zona de dmz con ayuda de servicios de Hacking Ético.

Además, cuando estas conexiones se dejan en el lugar durante largos períodos de tiempo o de forma permanente, pueden ser identificados a través de barridos de ping y las trazas de ruta de la zona de distensión o un examen de la tabla ARP (AddressResolutionProtocol) es eso explican durante el curso seguridad informatica online.

curso seguridad informatica online

En un caso de pentesting, la empresa, tenía una DMZ relativamente simple y directo, porque no había infraestructura Web a gran escala. Cuanto más complicada sea la infraestructura de la Web se convierte-que consiste en, por ejemplo, numerosos servidores Web que alojan una gran colección de aplicaciones basadas en la Web, cada uno se comunica con múltiples bases de datos-mayor será la probabilidad de identificar información útil sobre la red de destino o de encontrar una vulnerabilidad directa con ayuda de servicios de Hacking Ético.

Por lo tanto, debido a los intrusos a menudo pasan tiempo fuera de la carcasa DMZ antes de lanzar ataques contra otros recursos de la red, es esencial que los administradores de seguridad siguen un proceso similar para evaluar la instalación de DMZ de la empresa con el fin de determinar su postura de seguridad o tomar curso seguridad informatica online.

Durante el curso van a a prender sobre escaneo de puertos y como hacer pentesting. Durante escaneo de puertos el intruso se inica el reconocimiento con un

simple escaneo. La primera exploración es siempre sencillo, para no crear demasiado de una ruido, lo que podría desencadenar monitoreo de red y herramientas de detección de intrusos. Y, en cualquier caso, el primer paso es averiguar qué hosts están escuchando y pueden ser atacados en absoluto con ayuda de servicios de Hacking Ético y implementar seguridad en su red de la empresa.

Dropbox hacked :7 million usernames and passwords have been hacked

Posted on

Nearly 7 million Dropbox usernames and passwords have been hacked, apparently via third-party services that hackers were able to strip the login information from.

The Next Web  was the first to notice the leak on a site called Pastebin, where hackers have already leaked about 400 accounts. The hackers promise to release more accounts in return for Bitcoin donations. The hackers claim to have over 6.9 million email addresses and passwords belonging to Dropbox users.

In a statement, Dropbox denied it was hacked:

Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well.

That means Dropbox has already expired the 400 logins that have been leaked so far. But it’s unclear if the logins of the nearly 7 million other Dropbox users the hackers claim to have are still safe. A Dropbox spokesperson told Business Insider that Dropbox consistently expires passwords for accounts that are being attacked, but could not provide a number of accounts expired recently. That means it’s possible that there are nearly 7 million other Dropbox accounts still vulnerable.

It’s a similar response to the one Snapchat had when hackers were able to obtain about 100,000 photos from the service through a third-party app. Snapchat claimed its servers weren’t hacked, but the servers of a third-party app designed to save Snapchat photos were.

The real problem in both cases appears to be the way popular services allow users to log in. Even though Dropbox’s own servers weren’t hacked, the service still allows third parties access. It’s also possible for hackers to hack other sites and cross reference the login information with services like Dropbox since many people use the same logins for multiples services. Those third parties have become the target for hackers to obtain personal information. Assuming the hackers do have the login information for 7 million Dropbox accounts, it’s unclear how they were able to associate that information from a third-party service and apply it to Dropbox. A Dropbox spokesperson couldn’t elaborate.

This is an alarming trend. Services like Dropbox, Snapchat, and Apple have pushed blame on users and other third parties following recent hacks when it’s clear they’re not doing enough to scrutinize the kinds of apps that have access to their platforms or guarantee users their logins won’t be “expired” of their information is compromised.

images (2)

Read more: http://www.businessinsider.com/dropbox-hacked-2014-10#ixzz3G8SNNua0

Penetration Testing (pen test) and Ethical Hacking Course

Posted on Updated on

Currently, the cyber terrorism and cyber attacks on businesses, government, and financial institutions around the world is a reality. From web pages, databases theft of financial information, theft of passwords of emails or social networks, mobile chats, photos, even identity theft are all realities of everyday life. The damage that can cause a “hack” into your network, to monetary level, could amount to millions of dollars, not counting the public embarrassment and lack of confidence that this could bring to their customers. These attacks can come from other countries, groups of cyber criminals, cyber terrorists, having motivations (large) economic or a 15 year old with a lot of knowledge and time on their hands; is also common for attacks originating within the same corporate or institutional network, often by their own employees.

The most effective way to counter cyber attacks are regularly doing vulnerability testing by undertaking Ethical Hacking Course in Mexico, where iicybersecurity certified professionals make all kinds of tests and attacks (no damage) to the network, computer equipment, voice over IP telephony and mobile devices and confidentially report customer all vulnerabilities found. This way, you can correct the flaws of existing safety and prevent future attacks and information theft. With the rise of electronic attacks, not only in frequency but also in with, every day it becomes more important to test the effectiveness of your security.

 Ethical Hacking Course in Mexico

Ethical Hacking Course from iicybersecurity will help you:

  • Identify both external and internal threats
  • Assess and prioritize the risk of each vulnerability identified
  • Review criteria and database environments plus networks
  • Find non-technical methods to access their IT assets without authorization

Usually the general characteristics of the infrastructure to be analyzed are:

1.desktop computers and laptops.

2 Servers.

3 connectivity between branches.

4 Wireless networks.

5.Firewalls, switches and routers.

6 Telephony Voice Over IP (VoIP).

7 web portal company or institution.

Vulnerability testing can be compared to find the open door in a building, and is the first step in any strategy to verify the computer security of a corporate network.

With the help of Ethical Hacking in Mexico our specialists have proven tools recognized in the industry, combined with our own techniques to examine in detail and identify vulnerabilities in their computer systems combined. Unlike other automated services that only provide a computer generated list each vulnerability existing in your network, iicybersecurity services includes the prioritization of vulnerabilities that are most relevant to their infrastructure as well as provide tips to reduce them.

Dairy queen payement system hacked,400 Dairy Queen stores affected

Posted on

Software systems were compromised at about 400 U.S. Dairy Queen shops, including 19 in Illinois and 30 in Indiana, the restaurant chain said, making it the latest retailer to confirm a data breach.

International Dairy Queen said its investigation found evidence that systems of some Dairy Queen locations and one Orange Julius shop were infected with the “Backoff” malicious software, or malware, which has been hitting a number of retailers.
A third-party vendor’s compromised credentials were used to get into the systems at the affected locations, Dairy Queen said in a statement Thursday.

The systems at some of Dairy Queen’s U.S. shops were affected at various times from early August through early October, the company said. Customer names, card numbers and card expiration dates may have been gathered. But Dairy Queen said it was not aware of other personal information, such as Social Security numbers, being compromised because of the attack. Dairy Queen said it is confident that the malware has now been contained.

 

The attack did not hit Dairy Queen locations in Chicago but did affect stores in other parts of the state, including Dixon, Quincy and Metropolis.

Several chains, including Home Depot, Jimmy John’s, Neiman Marcus and Target, have been hit by data breaches in recent months.

Dairy Queen said it was offering one year of free identity repair services from AllClear ID to customers who used a card to pay at one of the affected locations during the time of the attack.

dairy queen

Source:http://www.chicagotribune.com/business/breaking/chi-dairy-queen-hacked-20141010-story.html

 

information security training