Ethical Hacking — Week 9
Target Exploitation
In today’s session, I learned about EternalBlue. EternalBlue is a cyberattack exploit developed by the US National Security Agency otherwise known as the NSA. It was leaked by the Shadow Brokers hacker group on April 14, 2017.
EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block protocol. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of Microsoft Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer.
In May 2019, the city of Baltimore struggled with a cyberattack by digital extortionists using EternalBlue. The attack froze thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.
I also reviewed about the topics I learned previously. I learned about social engineering attacks. Social Engineering attacks are considered deadly as it is very easy to execute. It is a low-risk and high-reward type of attack. It is very easy to fool people in these kinds of attacks as it depends on their trust and exploits it. I also reviewed about SET again which is Social Engineering Toolkit which is used to create famous websites and trick victims into giving out their personal details.
Tags: Ethical Hacking
This entry was posted on Friday, May 8th, 2020 at 3:44 pm and is filed under Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.