Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Hacking Higher Education
Newest First  |  Oldest First  |  Threaded View
royjason123
50%
50%
royjason123,
User Rank: Apprentice
2/4/2020 | 4:34:19 AM
Career Guide
Nevertheless, questions still remain on the relation between learning strategies, motivation, and performance. The vast majority of previous research has adopted some form of grades (be it single grades or grade point average) or self-report measures as outcome variables.
RuskinF
50%
50%
RuskinF,
User Rank: Apprentice
1/9/2020 | 7:21:43 AM
re: Hacking Higher Education
Thanks for the post. Our university also arranges penetration testing competitions to find out the vulnerability of their systems. These competitions allow younger adults to test their skills as well.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
8/2/2019 | 1:33:01 PM
re: Hacking Higher Education
Advertisement not really good here and besides the service is a disaster - and I speak as a systems professional who is in Cyber security and has done support for offices, small businesses and home-office users.  I would never go to Geek Squad. 

And all the replies seem to be the same basic idea!!!   Hmmmmmmm
tdsan
50%
50%
tdsan,
User Rank: Ninja
7/19/2019 | 5:47:49 PM
Identified the problem, now what is the fix
I do agree with the most recent commenter, thank you for sharing. But now that we understand the problem, how do we resolve the issue so it does not happen again.
  • Do we purchase cameras so we see who is going in and out of the various buildings
  • Do we purchase software to help us detect devices on the network that are out of the norm
  • Do we perform audits of the network and inventory the environment so issues are caught ahead of time (is there a program in place that does it every 6 months)
  • Is there an educational program to train the students and teachers about the use of the network and approved usage

However, removing the students is somewhat harsh, I do think this is a real-world attack and their exploit can be used by the other departments, don't kill their dreams, but have them work with the Cybersecurity teams to demonstrate real-world examples. Punish them but have them teach how a hacker thinks, there is a psychological evaluation that could help the students find ways to address real-world attacks (this is a perfect example). Put them on probabation but send them to the psychological evaluation unit where they can be evaluated and studied. This helps everyone understand how the mind works so you can combat the problem, if you have never been a hacker, then how do you know what to look for in order to defend against a potential theat (there was a movie called "To understand the mind of a killer" or "How to get away with murder", well why not do the samething but do it in a classroom setting.

Just a thought.

Todd
LynnL703
50%
50%
LynnL703,
User Rank: Apprentice
2/26/2018 | 1:47:20 AM
Re: Interesting Post
 Thank you so much for sharing this article.  
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
2/17/2018 | 6:27:01 PM
Flag comments?
Does DR have a way to flag inappropriate comment posts?  If not, suggest you add one.  
PJS880
100%
0%
PJS880,
User Rank: Ninja
6/16/2013 | 3:24:00 PM
re: Hacking Higher Education
I have worked on the
IT security team where I attend school, and they have several measures set up
for intrusion detection and penetration testing. Universities must keep up to date with threats
they are facing, by hiring third party red teams to try and penetrate their
systems. Not to mention these are
younger adults and maybe think they can us what they are learning and misuse it
for they own personal gains. At the very least Universities are more aware of
the threats they face so that they can better prepare for them.

Paul Sprague

InformationWeek Contributor


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29458
PUBLISHED: 2021-04-19
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An att...
CVE-2021-31254
PUBLISHED: 2021-04-19
Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.
CVE-2021-31255
PUBLISHED: 2021-04-19
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVE-2021-31256
PUBLISHED: 2021-04-19
Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVE-2021-31257
PUBLISHED: 2021-04-19
The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.