Skip to main content

Tell me how did this happen? AND win a 32 GB persistent boo-table KALI LINUX OS.


How did this happen? Frame a plot/solution via a story (A video/Write-up). The winner would win a 32 GB persistent bootable KALI LINUX OS.
Submit the You-tube video link/ Write-up @ hackin2minutes@gmail.com

Winner will be announced LIVE on my you-tube channel CYBER WIZARD                                                     
Subscribe my Youtube channelCYBER WIZARD

                                                            Story
Professional, coordinated attackers with a plan, breached a server maintained by Anonym University and walked off with nearly 800,000 records, and have used the information to commit at least 30 acts of identity theft.
Anonym officials reported on 19/06/2018, that between June and December of this year, a server containing records on some 3,500 employees was breached. Notification using all campus email was initiated, and the staffers were told to watch for unusual patterns on their credit card statements.
The investigation is ongoing, with both an external expert consultant and a cyber-crime investigators from Cyber team.
“The integrity of the Anonym’s system has been restored and there is no indication of any additional instances of compromise of personal information,” said Dr. Praveen, university president.
The lack of further incident is good news to be certain, Dr. Praveen’s memo to the university staff on the incident is both disturbing and eye opening from an Information Security perspective. If anything, it can serve as a nightmare scenario for organizations on data protection.
According to the investigation details till now, between June and December of this year, the attackers targeted a single folder on the main Anonym’s server. The folder housed several files on it with personal information, but no single file had a complete set of information.
“However, by working between files, the hacker(s) have been able to piece together enough information to be able to engage in the theft of identity of at least 100 employees...by working between files, data regarding Name, Adhar number,Pan number, Date of Birth, and Deposit Account numbers were accessed. Additional directory information such as address, phone numbers, college email address, etc. was also likely compromised.”
In addition, the stolen data has been used to apply for SBI credit cards under the employee’s name.  
“The access pathway used to invade our main server has been sealed. We hope to know, by the end of this week precisely who had their information compromised,” Dr. Praveen added.

Story by SAWAN BHAN
Subscribe CYBER WIZARD

Last Date of Submission : 29/06/2018

Comments

Popular posts from this blog

Security and Privacy

“Security and Privacy Are Not As Different As People Think”                       How we're dramatizing a distinction that serves no purpose,                            And introducing unneeded complexity in the process. S.B There’s a common belief in InfoSec community that Security and Privacy are related, but that they’re different enough to constantly mention the distinction. I don’t think the difference should matter much to defenders, and in fact, if you look close enough the distinction nearly vanishes. They are simply different aspects of the unified goal of protecting information. Security and Privacy are both about preventing unwanted outcomes related to data. As a society and as consumers we care about controlling who has our information, and we try to make sure those trusted vendors do the right thing with it. That’s privacy in a consumer or public context. But as a security professional—or as a security organization within a company—you are alread

BLACK-FLAG 2018 CTF(Hacka-thon) by Sawan Bhan

Description : A realistic Boot2Root. Gain access to the system and read the /root/flag.txt Note : Only works in VMware Network : NAT/DHCP Questions :  @bhansawan File : OVF Difficulty to get entry : easy/intermediate Difficulty to get root : intermediate/hard The SCIIT's Server has just been attacked, the IT staff have taken down their windows server and are now setting up a Linux server running Debian. Could there a few weak points in the new unfinished server? Hints: Remember to look for hidden info/files** DOWNLOAD LINK :