Et Cetera


The 2014 Sony Pictures Hack: Theories of the Truth

Contributed by Mikal Chavez

Many users in today’s society are precarious about the topic of information security while exploring the depths of the virtual world. Fortunately, there are pre-configured layers of security provided by default via the operating systems firewall. However, how much protection do we truly believe the manufacturers and service providers offer in the terms of safeguarding our personal information?

In the content of this report, I intend to expand the recognition of newly discovered system vulnerabilities through malware insertion. These malicious tactics include cross-site scripting (XSS), embedded cookies and email spoofing used to exploit the information of a targeted user or enterprise. In doing so, my purpose is to share knowledge of the enterprise level of attack and inform best practice of disaster response methods by examining The 2014 Sony Pictures Hack.


Government Surveillance

Contributed by Kevin McCoy

In the beginning, the National Security Agency (NSA) was founded November 8, 1952 and headquartered at Fort George G. Meade, Maryland. The agency is tasked with collecting and processing foreign intelligence to help with military operations (“FAQs”). A primary objective of the agency has always been cryptanalysis as part of its foreign intelligence operations. The agency still seeks to collect information on foreign nations in today’s world, however it now also concentrates its efforts on monitoring and collecting information regarding its very own citizens. This paper explores and analyzes government surveillance that has startled the nation.


Thick Client Application Security

Contributed by Arindam Mandal.
This paper discusses the critical vulnerabilities and corresponding risks in a two tier thick client application along with the measures to mitigate risks. Thick client is defined as an application client that processes data in addition to rendering. An example of thick client application can be a Visual Basic, JAVA or VB.NET application that communicates with a database.

The risks observed in thick client applications generally include information disclosure, unauthorized access, authentication bypass, application crash, unauthorized execution of high privilege transactions or privilege escalation. It is interesting to note that most of the Open Web Application Security Project1 (OWASP) Top 10 vulnerabilities are as applicable to Thick client applications as they are to web applications.


How to build and use a Honeypot

Contributed by Ralph Edward Sutton, Jr.

Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot and what exactly it was I became intrigued with the idea of actually getting back at these mysterious hackers. I want to build a honeypot, put it on my home network, and see what I can attract. I will build a honeypot and put it out for business. I researched what the ideal computer set up would be and built one. I will discuss the computer, how to build one, and what my results were.


Cyber Espionage

Contributed by Codey Disney

In an age where the internet has become an essential and dependent part of everyday life, information and data is constantly being added at an almost inconceivably fast rate every second. With the constant evolution and implementation of technology in society an influx of data is being converted to the internet and the use of hard-copies to computers. Conversely to this, the number of people trying illegally to acquire this information has escalated.


Subscribe to RSS - Et Cetera