Best Hacking Tools Of 2017: Nessus Vulnerability Scanner

Nessus Vulnerability Scanner

Developed by Tenable Network Security, this tool is one of the most popular vulnerability scanners on he market. Tenable provides different versions, depending on your needs: Nessus Home, Nessus Professional, Nessus Manager, and Nessus Cloud.

You can use Nessus to scan multiple types of vulnerabilities that include remote access flaw detection, misconfiguration alert, denial of services against TCP/IP stack, preparation of PCI DSS audits, malware detection, sensitive data searches, etc. Nessus can also call a popular external tools.

Nessus is supported by a variety of platforms including Windows, Mac OS, and popular Linux distributions like Debian, Ubuntu, Kali Linux, etc.

You can get more information and download the Nessus Home (free) tool here. The commercial version is available here.

Ransomware: WannaCry Malware Review

WannaCry Malware

The WannaCry ransomware was first noticed on May 12, 2017 and it spread very quickly through many large organizations, infecting systems worldwide. Unlike other ransomware, this sample used the SMBv1 “ETERNALBLUE” exploit to spread. “ETERNALBLUE” became public about a month prior when it was published as part of the Shadowbroker archive of NSA hacking tools.

Prior to the release of the hacking tool, Microsoft had patched the vulnerability as part of the March 2017 Patch Tuesday release. The patch was released for only supported versions of Windows. In response to the rapid spread of WannaCry, Microsoft eventually released a patch for later versions of Windows as part of MS17-010, going back to include the still popular Windows XP and Windows Server 2003.

One way to detect the spread of the malware was the significant increase in activity on port 445. The increase was caused by infected systems scanning for more victims. It is still not clear how the infection started. There are some reports of e-mails that included the malware as an attachment, but at this point no actual samples have been made public. It is also possible that the worm entered a corporate network via vulnerable hosts that had port 445 exposed to the internet. The WannaCry malware itself doesn’t have an e-mail component.

At startup, the malware was first checking if it can reach a specific website at http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com, but it can no longer be assumed that newer versions will still demonstrate this behavior. This was a simple “kill-switch”, since if it found the site it would stop operations.

Eventually, the malware would create an encryption key and encrypt all the user files on the infected PC to prevent normal user access to those files. The idea is to force the user to pay a fee to recover the files they no longer could access.

Encrypted files use the extension: wncry. To decrypt the files, the user is asked to pay $300, which increased to $600 after a few days. The ransomware threatened to delete all user files after a week waiting period.

In addition to encrypting files, the malware also installed a “DOUBLEPULSAR” back door. The backdoor could be used to compromise the system further. The malware will also install Tor to facilitate communication with the ransomware author.

New variants have already been reported with slight changes to the kill switch domain and other settings. There is also a decryption key that can be used on many systems, but prevention is always better than sarching for recovery options.

If your version of Windows was supported and you installed all available patches from Microsoft, your system would not have been infected. Microsoft also announced that the new “Windows 10 S” would help prevent ransomware infection as it will only run software purchased from the Microsoft Store.

Best Hacking Tools Of 2017: Nmap

Nmap, a simple Network Mapper, is a powerful port scanner tool. This free and open source hacking tool is the most popular port scanning tool around that allows you to easily perform network discovery and security auditing. Used for a wide range of services, Nmap uses raw IP packets to determine the hosts available on a network, their services along with details, operating systems used by hosts, the type of firewall used, and other information.

Nmap is available for all major platforms including Windows, Linux, and OS X.

We have written about how you can use this simple tool to find SQL Server instances on your network.

Cover Your Laptop’s Webcam

USB Hacks - @SeniorDBA

You may have seen several people covering their laptop webcams, including government officials and a prominent high-profile CEO or two. This may have you asking why they would choose to cover their webcam, and if you should be doing the same thing.

Webcam - SeniorDBA

Hackers want to access any high-profile system, and video taken from a webcam can easily be used for blackmail. Imagine the type of data you might be able to capture from a high-profile CEO, showing him or her working or conversations recorded without them knowing. Hackers can easily generate the most profit if they can capture video or audio to use as blackmail.

While it is unlikely they they would attack your laptop, you could still be a target it you have access to sensitive data or if your recorded activity can be used to gain access to other systems or devices.

Currently, the only way for a hacker to access your webcam is for them to gain access to your computer, which makes the attack similar to any other type of remote attack. You might receive an email with an attachment that secretly installs a Remote Administration Tool, or you might respond to a social engineering attack that convinces you to surrender control via a fake IT support call. Your laptop could be compromised and you wouldn’t even know they have taken control of your webcam, because they can disable the webcam activity LED.

Best Practice Recommendations

  • Keep the webcam lens (usually located at the top center of the laptop screen) covered, with a piece of opaque sticky tape except when actively being used.
  • Keep your laptop closed when it isn’t actively being used.
  • Always your software up to date, especially your web browsers and all associated plug-ins.
  • Enable your firewall at all times.
  • Always run anti-virus and routinely check for malware.
  • Avoid clicking links in emails, even when you know the sender.
  • If you get an email telling you your email account has been compromised or someone needs to verify your security setting, don’t click the link in the email. Contact the site directly.
  • If you get a call from IT asking for access to your computer. Refuse them access and call your internal help desk directly. Ask questions and verify their identity before you allow any remote access.

Hashcat Now Cracks 55-Character Passwords

Hashcat - SeniorDBA

Hashcat is a freely available password cracker. It can be used by security auditors to stress-test company passwords and by criminals to crack lists of stolen passwords. One of the biggest issues with this utility has been an inability to handle passwords in excess of 15 characters. The latest version can now handle passwords and phrases typically up to 55 characters in length.

The latest version of hashcat, released last month, is a significant update to the program. Jens Steube, lead developer, says the update is “the result of over 6 months of work, having modified 618,473 total lines of source code.”

What the new version of hashcat should show you is that size is no longer as important as it used to be – it’s what the user does with the characters that matters. Length is still important but more important is using a mix of characters, like numbers, special characters,  and punctuation symbols to make the process of password discovery too slow even for a determined hacker.

You can learn more and download the free program here.

Best Hacking Tools Of 2017: Metasploit

Metasploit - SeniorDBA

So people might know Metasploit as collection of exploit tools, but it is really an infrastructure that you can use to build your own custom tools. This very popular free cybersecurity tool will help you locate vulnerabilities on multiple platforms. With more than 200,000 users and contributors, Metasploit will help you to get insights and information about the weaknesses on your systems.

You can get more information and download the tool here.

Kaspersky OS Announced

Kaspersky OS - SeniorDBA

It has now been officially announced: Kaspersky Labs has their own Operating System. In the announcement Nota Bene says they have been working on this OS for a while, and it is currently used on their prototype security device.

Kaspersky OS - SeniorDBA

First, it’s based on microkernel architecture, which allows to assemble ‘from blocks’ different modifications of the operating system depending on a customer’s specific requirements.

Second, there’s its built-in security system, which controls the behavior of applications and the OS’s modules. In order to hack this platform a cyber-baddie would need to break the digital signature, which – any time before the introduction of quantum computers – would be exorbitantly expensive.

Third, everything has been built from scratch. Anticipating your questions: not even the slightest smell of Linux. All the popular operating systems aren’t designed with security in mind, so it’s simpler and safer to start from the ground up and do everything correctly. Which is just what we did.

You can read the entire article here.