Department Seminars

 

Cybersecurity Seminar

Wednesday, November 1, 2017 at 5:30pm to 7:00pm
7800 York Road, YR-459 Conference Room

7800 York Rd, Towson University, Towson, MD 21204, USA
Title:  Accessible Cyber Security, Understanding the Equifax Hack

Abstract: 

Equifax's failure to update a common Java library cost them and the average American dearly. The Struts 2 library, like many Java libraries, contains numerous vulnerabilities, leaving Equifax and other applications that use it open to devastating attacks.  If we are going to protect ourselves from these attacks, we need to understand how they work. This talk dives deep into the exploit that destroyed Equifax and how we can prevent attacks like it in the future.

 --

Cybersecurity Seminar

Wednesday, November 8, 2017 at 5:30pm to 7:00pm
7800 York Road, YR-459 Conference Room

7800 York Rd, Towson University, Towson, MD 21204, USA
Title:  Large-Scale Port Scanning through Tor using Parallel Nmap Scans

Speaker:  Rodney Rohrmann, Cyber Security Staff, The MITRE Corporation

Abstract: 

Performing port scans through Tor is a way to hide the source’s IP address from the target. Researchers hoping to source their own scans benefit from a means of scanning that helps them to anonymize themselves from targets that may potentially retaliate as the result of being scanned. Though effective in providing anonymization during scanning, it is not scalable to the point of scanning the entire IPv4 Address space on multiple ports, as scans take considerably longer to execute through Tor. This presentation specifically explores using a third-party data source to target specific areas of interest in the IPv4 range and then scanning those areas anonymously with parallelized scanners as an effective way to anonymously collect internet scan data.