Using open source research and identify one (1) threat campaign within the last 3-5 years targeting a specific application (e.g. Internet Explorer, Adobe Flash, etc.) that resulted in the public exposure of a critical vulnerability (CVE).
In your analysis, please provide the name of the affected application & associated CVE number, the name of the threat campaign, the date of observed activity, the targeted industry/vertical, any associated indicators of compromise (IOCs), and any other information you feel is pertinent
part 2
If you are not using a password manager with unique and complex passwords for each website, application, or terminal, you are likely reusing passwords, at least on some of the dozens of logins that the average person must manage in this day and age. Unfortunately, with spate of high profile breaches in the past years of some of the web’s most used websites and applications, relying solely on password is no longer a safe practice to protect your personal and private information.
To combat the inherent weakness of a passwords, the use of multifactor authentication schemes has come into the mainstream. Where passwords authenticate you with a basic ‘something you know’ factor, multi-factor authentication combines ‘something you know’ with ‘something you have’ (tokens, smartcards, and out of band SMS messages) and ‘something you are’ (fingerprints, voice recognition, retina/iris scanners). The most prevalent form of consumer grade multi-factor authentication for many web services is combining username/password access with a code generated by an independent smartphone application or SMS text message.
Many of the internet’s largest services offer multi-factor authentication, such as Twitter, Google, Facebook, Steam, PayPal, Microsoft, and Dropbox. Despite the availability of this technology, the adoption rate is still low.
Discussion Questions:
Do you use multi-factor authentication for any of your accounts? What are some of the challenges you have faced, if any, in using them?
What do you attribute to the slow adoption rate of multi-factor authentication? How can the adoption rate be improved?
Do you believe multi-factor authentication should continue to be optional? … or should it be mandatory?
What would you expect the fallout to be if it was mandatory?
Part 3
Modern automobiles possess one or more computers including the Onboard Data (OBD) Recorder most often referred to as an OBD-II as well as an Event Data Recorder (EDR) / Crash Data Recorder (CDR). These can be a single computer or separate computers depending on the manufacturer.
General Motors used proprietary onboard diagnostic components for Electronic Fuel Injection (EFI) and Engine Control Modules (ECMs) / Transmission Control Modules (TCMs) in the late 1970s / early 1980s.
OBD-I was the first standard (California only, not Federal) to show up in 1991. It was used emission controls.
OBD-II was the first American standard for the On-Board Data Recorder and specified the diagnostic connector type and pinouts. Auto mechanics use this OBD-II connector to read the codes from your car aka the meaning of your check engine light as well as performance monitoring and fault localization (PMFL) of many other systems on your car.
Standardized access to this data opens up a huge amount of privacy and legal issues.
Question / Issue #1 – You are involved in a traffic accident. Do you know the law? Do you know your rights? As it turns out, it depends what state you are in. See [1] below. Did you know RI does not have a law yet? See [2] below. In RI, 2016-H7711 was introduced in February 2016 but currently sits in committee and has not yet come up for vote. Discuss the technical aspects and your legal / privacy opinions.
Question / Issue #2 – Are you aware that insurance companies will insure someone with a prior bad driving record on condition that they plug in a monitor to track their driving habits? As well, some insurance companies well offer a good driver discount for someone willing to use the plug in monitor. Are you aware of this new product called “Hmm by Verizon”, which can be used to monitor your loved ones (aka your children’s driving habits and their whereabouts). Discuss the technical aspects and your legal / privacy opinions.
Question / Issue #3 – In 1996, OnStar was introduced. Most if not all GM (Chevrolet, Buick, Cadillac and GMC) vehicles offer OnStar. Ford has a similar product called Sync. Other major manufactures offer similar products. OnStar includes such features as hands-free calling, turn-by-turn navigation, in-vehicle security and remote diagnostics. It is a subscription service. Suppose you decline to enroll in this service. Did you know that the OnStar system is still active? Did you know your car is phoning home? How do you think GM knows when to send you a reminder for service? Your car is sending this data back to GM. How do you feel about this? Most people are not aware. Discuss the technical aspects as well as your legal /
Part 4
Most of the time, the C-level suite believe that digital forensics and incident response are one in the same. Unfortunately, this misunderstanding can lead to an unqualified team to respond to many cyber security breach incidents.
Digital forensics is the “scientific examination, analysis and/or evaluation of digital/multimedia evidence in matters of possible legal consequence,” according to the Scientific Working Group on Digital Evidence. According to US CERT, a computer security incident can be “Any real or suspected adverse event in relation to the security of computer systems or computer networks.” And according to NIST, an incident is a “violation or threat of violation of computer security policies, acceptable use policies, or standard security practices.” The biggest difference is that digital forensics must always operate within a legal constraint (always assume the case will be adjudicated in a legal setting, such as court), whereas incident response almost never sees the light of day of a courtroom because the adversaries causing the incident are almostoutside the jurisdiction of any legal authority of the United States.
The almost is when things get tricky, and where we can begin our discussion questions.
1) Do incident identification, response and remediation plans operate faster if the team ignores good digital forensic practices of preservation of evidence?
2) What happens if while ignoring digital forensic practices the team identifies an adversary that is within legal jurisdiction, such as a hacker in the United States? Can that person be prosecuted if the evidence was not properly preserved prior to incident response?
3) How does an incident response team deal with trying to approach an incident with good digital forensic practices of preservation while trying to triage and identify the compromised system among 10,000 hosts?
4) What do you think the organization’s legal team perspective will be, knowing that there is a tradeoff between speed of incident response and handling versus preserving evidence for prosecution? Does legal even care about incarcerating those responsible for the breach or are they more worried about the financial and ethical responsibilities of the organization?
Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.