SlideShare ist ein Scribd-Unternehmen logo

Cyber Security # Lec 2

Als PPTX, PDF herunterladen
Kabul Education University
Kabul Education University

A Series of cybersecurity lecture notes............................ (Types of Cyber Attacks)Methods, consequences and Impact)

Technologie
1 von 33
Lec-2: Cyber Security Mr. Islahuddin Jalal MS (Cyber Security) – UKM Malaysia Research Title – 3C-CSIRT Model for Afghanistan BAKHTAR UNIVERSITY ‫باخترپوهنتون‬ ‫د‬
Types of Cyberattacks • Cyberattacks compromise • Confidentiality by stealing money • Integrity by modifying data • Availability by denying access to data, services and systems • Some attacks may combine two or more of these types in a single attack but these three are the building block for most malicious cyberactivities.
Types of Cyber Attack • Phishing/spearphing • Drive-By / Watering Hole / Malvertising • Code Injection / Webshell • Keyloggig / Session hijacking • Pass-the-Hash and Pass-the- ticket • Credential harvesting • Gate-crashing • Malware /Botnet • DDoS • Identity Theft • Industrial Espionage • Pickpocket • Bank Heist • Ransomeware
Phishing / Spearphishing • Phishing and spearphishing are some of the most effective ways of getting into an enterprise’s network. • Attackers send e-mail to the victims (targeted e-mail to a specific person if it’s spearphishing), and the e-mail takes control of the victim’s computer.
Phishing / Spearphishing • Impact: • Gain control of a personal computer inside the enterprise’s network • Spearphishing, this control includes a computer belonging to a specific person, such as an executive or systems administrator. • Methods and Consequences: • There are three techniques commonly used for phishing and spearphishing attacks. • Email message containing malicious attachment • Email to contain a link to a web page • Email to contain a link to a web page that asks for the victim to type his / her logon credentials • Potential Defense • Training to help users recognize when they are being phished • Educating executives and systems administrators on the threats • Protecting email and web gateways • Hardening endpoint computers
Drive-By / Watering Hole / Malvertising • A drive-by or watering hole attack involves compromising a victim’s web site and then configuring that website to deliver malware to people who visit the site. • When unsuspecting users visit the site, their computers are infected with malware and the attackers are able to move their attack forward. • A malvertising attack has the same effect, but rather than directly compromising the site, attackers deliver malware through advertising feeds displayed on the web page alongside the victim’s content.
Drive-by / Watering Hole / Malvertising • Impact: • Victim enterprise is an intermediary in an attack while targeting the people who visit the website • Victim will get collateral damage • Victim Enterprise’s reputation will be damaged when the story comes out • Methods and Consequences: There are two techniques commonly used for such kinds of attacks. • Web sites with vulnerabilities are exploited to get control of the site directly from the internet • Compromise the victim enterprise to get access to the computers and accounts with administrative control over the site • Potential Defense • Web site operators need to have strong configuration control over public-facing web sites • Advertising networks should strongly filter their content and prevent unexpected and unacceptable behavior • Surfing the web carefully using non-administrative credentials • Fully patched endpoint computers • Hardening endpoint computers
Code Injection / Webshell • Servers are potentially just as vulnerable as endpoint computers, and they can be compromised using some of the same techniques. • Two attacks unique to servers are • Code injection • Webshells. • Code injection compromises a vulnerable web site by modifying requests to the site so they contain either scripting code or SQL code that is executed by the server without checking it. • If the server executes this code using administrative privileges, then the attackers can use the attack to take control of the server. • Once the attackers get control of the server, they can place a webshell into the server’s web site. • Webshell is a back door that allows attackers to come back to the server’s web site and execute commands directly on the server.
Code Injection / Webshells • Impact: • Gain the administrative control over an internet facing server • Provide backdoor into the enterprise that is always open and operational for the attacker • Data and information can be compromised • Methods and Consequences: • Commonly used techniques for code injection and Webshells is as follow: • Attacker toolkits is used which contain exploits designed to test internet facing web sites for vulnerabilities • Periodically re-scan the sites to catch vulnerabilities (due to bad patch or coding mistakes) • Once the vulnerability is found then starting exploitation of that vulnerability and compromise the server and then install backdoor • Potential Defense • Strict configuration control of internet-facing servers is the best defense • Periodically scan the web sites for the vulnerabilities
Keylogging / Session Hijacking • Keylogging: can be used to capture usernames and passwords of accounts with single-factor authentication, • Session hijacking: can be used to exploit accounts protected by multi- factor authentication. • Once attackers gain control of a victim’s endpoint computer, they can use a variety of methods to gain use of the victim’s online accounts.
Keylogging / Session Hijacking • Impact: • Gain control over the victim’s online account • This control include • Victim’s address book • E-mail • Financial account and money • Methods and Consequences: • Commonly used techniques for keylogging and session hijacking is as follow: • Finding methods to install keylogger in victim’s system • If successful, then the attacker will know each and every button pressed by the victim • Attacker will wait, until the credentials found • Once these logons occurred, attackers can impersonate the user and make use of the accounts • Potential Defense • Secure endpoint to never be infected in the first place • Use unprivileged accounts • Protect end system by Anti-virus, anti-malware, intrusion prevention etc • Use multi-factor authentication systems
Pass-the-Hash and Pass-the-Ticket • Pass-the-hash and pass-the-ticket are attack techniques that enable attackers to exploit credentials on an enterprise network. • These credentials are stored in computer memory and on hard drives. • These attacks effectively bypass the authentication mechanism of certain enterprise applications.
Pass-the-Hash and Pass-the-ticket • Impact: • Attacker move laterally within enterprise IT environments from computer to computer • Methods and Consequences: • Commonly used techniques for Pass-the-Hash and Pass-the-ticket is as follow: • Try to gain administrative control of the victim’s computer • Scan the memory and hard drives for hashes and tickets belongs to user • Once hashes and tickets found, then use them to connect to other computers on the enterprise network and move laterally. • Potential Defense • Reduce vulnerabilities • Try to avoid storing hashes and tickets on hard drives • Try to store hashes and tickets over a network which is more difficult
Credential Harvesting • Credential harvesting is a technique whereby attackers compromise systems that a large number of users visit. • They then harvest user credentials from those systems. • In this way, attackers can get the user credentials for a large portion of the enterprise, all in a single step.
Credentials Harvesting • Impact: • Large number of user credentials compromising in a single step. • Afford them to access administrator credentials • Methods and Consequences: • Two common approaches for conducting credential harvesting attack • First, to target public-facing systems with large numbers of users (such as: e-mail, web portal, virtual desktop systems) • Exploit vulnerability to gain control, and then start capturing user credentials • Second, to get inside the enterprise and target vulnerabilities in authentication systems • Once authentication system is compromised, can get access to credential hashes, ticket, and usernames and passwords • Potential Defense • Understanding the enterprise IT systems collect large numbers of user logons. • Protect those systems • Successful compromise should be detected and responded to in a timely fashion • Use multi-factor tokens for authentication
Gate-Crashing • Gate-crashing attacks involve attackers positioning themselves so they can exploit a vulnerability or a defender mistake to get past a particular security defense. • Due to the realities of security technology maintenance and human errors, almost every preventive defense gets disabled sometime, either intentionally or by accident. The gate-crashers make sure they are there to take advantage when it occurs.
Gate-crashing • Impact: • To slip past defenses when the opportunity arises • The attacker waits multiple times for just the right vulnerability or mistake to occur • Methods and Consequences: • Two common approaches for conducting Gate-crashing attack • Manually: must have active command-and-control connections to systems inside the victim’s network • Automatically: intelligent malware watches the victim network for openings and then exploits those opening when occurs • Potential Defense • Defense layering • Active monitoring • Security administrator must be educated on gate-crashing
Malware / Botnet • Malware is a generic term for malicious software, and it can include viruses, worms, Trojans, and others. • There is an extensive malware industry with commodity and custom toolkits that can be integrated together to perform remote control, session hijacking, credential harvesting, maintain persistence, and other functions. • It’s also important to consider remote control functions built into most modern operating systems as well since, with the right administrator credentials, those functions can be used for malicious purposes as well. • Once computers are infected with malware, they may be tied into a botnet so they can be accounted for and access to them can be sold to the highest bidder. Botnets can contain hundreds, thousands, or even millions of compromised machines that can then be used for any attacker purpose.
Malware / Botnet • Impact: • Monitor all activity on the victim computer • Record any credentials and accounts used by the victim • Allow the attacker to use the computer, either on its own or in conjunction with other machines in a botnet • Methods and Consequences: • Install the malware by exploiting the vulnerability or by the user of the computer willingly from malicious web site, email attachment or web link. • Malware may be custom-built or morphed so it is not recognized by signature-based anti-virus • Once compromised and joined to a botnet, the computer and its data become available to the botnet operator • Potential Defense • Hardening OS • Anti-virus • Anti-Malware • User privilege limitation and application
Distributed Denial of Service (DDoS) • DDoS involves flooding the victim’s computers with so much web traffic—generated from a distributed network—that the victim is unable to continuing delivering services over the Internet.
DDoS • Impact: • Targeted web site is often rendered unusable • Web sites become unavailable to its own user, customer or partners • Methods and Consequences: • Compromise the computers and also thousands of compromised computers available on the internet to hire. • Point the hired compromised network towards the target • Potential Defense • There are two approaches to defend against DDoS: • The first approach is to utilize content distribution networks that are hard to target and have the distributed capacity to resist all but the largest DDoS attacks. • The second approach is to respond quickly to block DDoS traffic at the network layer, thus mitigating its impact and allowing services to stay operational.
Identity Theft • Identity theft is one of the most common professional cyberattacks since stolen identities—particularly • social security numbers, • credit card numbers, and medical records • can be easily sold on the black market for cash. • Such attacks tend to focus on • Centralized IT systems • Databases • Hacking into point-of-sale (PoS) • Other critical systems to obtain identity information.
Identity Theft • Impact: • Severe for victim enterprises • Data disclosure • Compensation to victims • Possibly penalties • Methods and Consequences: • Gain access to victim networks and get privileged access to victim data. • Potential Defense • Protect data using different security mechanisms • Should thing through the life cycle of the data from capture to disposal • Monitor the traffic • Take regular backup • Look your data from the adversary’s perspective
Industrial Espionage • Industrial espionage is a common attack performed by professional and nation-state attackers to gain advantages in international business. • In the international marketplace, such advantages can be big business,indeed, with billions of dollars and entire market segments at stake.
Industrial Espionage • Impact: • Difficult to measure since it is often difficult to differentiate • Competitors reading each other’s playbooks • Economic impact of players who gain the advantage of knowing their competitors every move. • Data is stolen (meeting schedules, enterprise processes etc) can be just as useful in defeating competitors in the international marketplace • Methods and Consequences: • Target victim networks to achieve an initial entry • Then exploit the entry to move laterally and gain privilege within the victim networks. • Once, administrative control is taken then stealing business information • Potential Defense • Detective and preventive measure is needed
Pickpocket • A “pickpocket” attack involves hacking victim systems to steal relatively small amounts of money across a large number of transactions. • Some common examples of this attack include redirecting direct deposit accounts, payroll, or accounts payable accounts to send money to the attackers’ accounts instead.
Pickpocket • Impact: • The attackers quickly get away with a large amount of money when the many transactions involved are added up. • When this money is transferred via wire transfer or direct deposit, it can be difficult or even impossible to trace and recover. • Methods and Consequences: • Trying to intercept and redirect the financial transactions (payroll , accounts payable system etc.) • By the time the victim enterprise catches the redirection, the money is often gone. • Potential Defense • Rapid alerting and auditing system is need to catch unauthorized changes before money is moved • Acquire help from financial institution by imposing time delays between when account information is changed and the change become effective.
Bank Heist • While a pickpocket attack involves changing financial destinations and intercepting the victim’s money, a bank heist involves simply getting direct access to the victim’s bank accounts and stealing it.
Bank Heist • Impact: • Victim losing money from their accounts partially or completely. • Poor safeguards afforded to consumer’s accounts by financial institutions • Methods and Consequences: • Compromise victim systems with privileges to access business financial accounts • Once successful, transfer large sums of money out via hard-to-trace methods such as wire transfer • Potential Defense • Closely guarding the computers and credentials • Securely manage corporate financial accounts or allowing financial personnel to manage these accounts from their personal computers used to surf the web.
Ransomware • Ransomware compromises victim computers • Encrypts the data • Charges a ransom to get the keys to decrypt the data. • It can be expensive for individuals. • It can be devastating at an enterprise level.
Ransomware • Impact: • Large amount of corporate data are accessible by large numbers of employees. • Employee having write access and compromised ending up encrypting it for everyone • Methods and Consequences: • Common type of malware that is out on the internet, constantly used to get into victim computers and enterprises. • Potential Defense • Hardening end points • Training users to not get infected • Having good segmentation and access controls • Good backup for recovery
CONCLUSION • Be flexible and adaptable to changing threats! • Don’t ignore Information Security principles! • Mature your Threat and Vulnerability Mgmt process! • Conduct frequent incident response exercises! • Invest in people & training! • Delay the adversary!
Thank You For Your Patience

Empfohlen

Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Kabul Education University
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3 Kabul Education University
 
Network security # Lecture 2
Network security # Lecture 2Network security # Lecture 2
Network security # Lecture 2Kabul Education University
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Kabul Education University
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security GoalsKabul Education University
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 

Empfohlen

Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Kabul Education University
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3 Kabul Education University
 
Network security # Lecture 2
Network security # Lecture 2Network security # Lecture 2
Network security # Lecture 2Kabul Education University
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Kabul Education University
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security GoalsKabul Education University
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)Zara Nawaz
 
Unit4 next
Unit4 nextUnit4 next
Unit4 nextIntegral university, India
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of ComputerFaizan Janjua
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5Kabul Education University
 
Data security
Data securityData security
Data securitySoumen Mondal
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 introKhawar Nehal khawar.nehal@atrc.net.pk
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Software Security
Software SecuritySoftware Security
Software SecurityAkNirojan
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4 Kabul Education University
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
System security
System securitySystem security
System securitysommerville-videos
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Security
Security Security
Security chian417
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...Zara Nawaz
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack newbie2019
 
Windows Server 2016 Webinar
Windows Server 2016 WebinarWindows Server 2016 Webinar
Windows Server 2016 WebinarMen and Mice
 
Tcp udp
Tcp udpTcp udp
Tcp udpProgrammer
 

Weitere ähnliche Inhalte

Was ist angesagt?

5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)Zara Nawaz
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of ComputerFaizan Janjua
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Software Security
Software SecuritySoftware Security
Software SecurityAkNirojan
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...Zara Nawaz
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack newbie2019
 

Was ist angesagt? (20)

5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
 
Unit4 next
Unit4 nextUnit4 next
Unit4 next
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of Computer
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5
 
Data security
Data securityData security
Data security
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
Data Security
Data SecurityData Security
Data Security
 
Software Security
Software SecuritySoftware Security
Software Security
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
System security
System securitySystem security
System security
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Security
Security Security
Security
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
 

Andere mochten auch

Windows Server 2016 Webinar
Windows Server 2016 WebinarWindows Server 2016 Webinar
Windows Server 2016 WebinarMen and Mice
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Canada
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securityAvani Patel
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishingecarrow
 
Role of DNS in Botnet Command and Control
Role of DNS in Botnet Command and ControlRole of DNS in Botnet Command and Control
Role of DNS in Botnet Command and ControlOpenDNS
 
Scripting and automation with the Men & Mice Suite
Scripting and automation with the Men & Mice SuiteScripting and automation with the Men & Mice Suite
Scripting and automation with the Men & Mice SuiteMen and Mice
 
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...CiNPA Security SIG
 
Umbrella Webcast: Redefining Security for the Nomadic Worker
Umbrella Webcast: Redefining Security for the Nomadic WorkerUmbrella Webcast: Redefining Security for the Nomadic Worker
Umbrella Webcast: Redefining Security for the Nomadic WorkerOpenDNS
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22CheapSSLsecurity
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
DNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsDNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsMen and Mice
 
DerbyCon 7.0 Legacy: Regular Expressions (Regex) Overview
DerbyCon 7.0 Legacy: Regular Expressions (Regex) OverviewDerbyCon 7.0 Legacy: Regular Expressions (Regex) Overview
DerbyCon 7.0 Legacy: Regular Expressions (Regex) OverviewCiNPA Security SIG
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityCheapSSLsecurity
 
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Canada
 
How to send DNS over anything encrypted
How to send DNS over anything encryptedHow to send DNS over anything encrypted
How to send DNS over anything encryptedMen and Mice
 
Dns Hardening Linux Os
Dns Hardening Linux OsDns Hardening Linux Os
Dns Hardening Linux Osecarrow
 
OISF: Regular Expressions (Regex) Overview
OISF: Regular Expressions (Regex) OverviewOISF: Regular Expressions (Regex) Overview
OISF: Regular Expressions (Regex) OverviewCiNPA Security SIG
 
Microsoft Cyber Security IT-Camp
Microsoft Cyber Security IT-CampMicrosoft Cyber Security IT-Camp
Microsoft Cyber Security IT-CampAlexander Benoit
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 

Andere mochten auch (20)

Windows Server 2016 Webinar
Windows Server 2016 WebinarWindows Server 2016 Webinar
Windows Server 2016 Webinar
 
Tcp udp
Tcp udpTcp udp
Tcp udp
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attack
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishing
 
Role of DNS in Botnet Command and Control
Role of DNS in Botnet Command and ControlRole of DNS in Botnet Command and Control
Role of DNS in Botnet Command and Control
 
Scripting and automation with the Men & Mice Suite
Scripting and automation with the Men & Mice SuiteScripting and automation with the Men & Mice Suite
Scripting and automation with the Men & Mice Suite
 
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
 
Umbrella Webcast: Redefining Security for the Nomadic Worker
Umbrella Webcast: Redefining Security for the Nomadic WorkerUmbrella Webcast: Redefining Security for the Nomadic Worker
Umbrella Webcast: Redefining Security for the Nomadic Worker
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
DNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsDNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing Solutions
 
DerbyCon 7.0 Legacy: Regular Expressions (Regex) Overview
DerbyCon 7.0 Legacy: Regular Expressions (Regex) OverviewDerbyCon 7.0 Legacy: Regular Expressions (Regex) Overview
DerbyCon 7.0 Legacy: Regular Expressions (Regex) Overview
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
 
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
 
How to send DNS over anything encrypted
How to send DNS over anything encryptedHow to send DNS over anything encrypted
How to send DNS over anything encrypted
 
Dns Hardening Linux Os
Dns Hardening Linux OsDns Hardening Linux Os
Dns Hardening Linux Os
 
OISF: Regular Expressions (Regex) Overview
OISF: Regular Expressions (Regex) OverviewOISF: Regular Expressions (Regex) Overview
OISF: Regular Expressions (Regex) Overview
 
Microsoft Cyber Security IT-Camp
Microsoft Cyber Security IT-CampMicrosoft Cyber Security IT-Camp
Microsoft Cyber Security IT-Camp
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 

Ähnlich wie Cyber Security # Lec 2

Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...GIRISHKUMARBC1
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksJames Cash
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Cyber security slideshare_oct_2020
Cyber security slideshare_oct_2020Cyber security slideshare_oct_2020
Cyber security slideshare_oct_2020Arun Velayudhan
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxvamshimatangi
 
Engineering Software Products: 7. security and privacy
Engineering Software Products: 7. security and privacyEngineering Software Products: 7. security and privacy
Engineering Software Products: 7. security and privacysoftware-engineering-book
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineSumanPramanik7
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxAadityaRauniyar1
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfnanangAris1
 

Ähnlich wie Cyber Security # Lec 2 (20)

Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber Attacks
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Cyber security slideshare_oct_2020
Cyber security slideshare_oct_2020Cyber security slideshare_oct_2020
Cyber security slideshare_oct_2020
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Engineering Software Products: 7. security and privacy
Engineering Software Products: 7. security and privacyEngineering Software Products: 7. security and privacy
Engineering Software Products: 7. security and privacy
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
cyber security and threats.pptx
cyber security and threats.pptxcyber security and threats.pptx
cyber security and threats.pptx
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Computer security
Computer securityComputer security
Computer security
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. online
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptx
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdf
 

Mehr von Kabul Education University

Searching and seizing Computer according to Afghanistan law
Searching and seizing Computer according to Afghanistan lawSearching and seizing Computer according to Afghanistan law
Searching and seizing Computer according to Afghanistan lawKabul Education University
 

Mehr von Kabul Education University (20)

Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8
 
ITIL # Lecture 9
ITIL # Lecture 9ITIL # Lecture 9
ITIL # Lecture 9
 
Cryptography and Network security # Lecture 7
Cryptography and Network security # Lecture 7Cryptography and Network security # Lecture 7
Cryptography and Network security # Lecture 7
 
ITIL # Lecture 8
ITIL # Lecture 8ITIL # Lecture 8
ITIL # Lecture 8
 
Cryptography and Network security # Lecture 6
Cryptography and Network security # Lecture 6Cryptography and Network security # Lecture 6
Cryptography and Network security # Lecture 6
 
ITIL # Lecture 7
ITIL # Lecture 7ITIL # Lecture 7
ITIL # Lecture 7
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
 
ITIL # Lecture 6
ITIL # Lecture 6ITIL # Lecture 6
ITIL # Lecture 6
 
ITIL # Lecture 5
ITIL # Lecture 5ITIL # Lecture 5
ITIL # Lecture 5
 
ITIL # Lecture 4
ITIL # Lecture 4ITIL # Lecture 4
ITIL # Lecture 4
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
 
ITIL # Lecture 3
ITIL # Lecture 3ITIL # Lecture 3
ITIL # Lecture 3
 
ITIL # Lecture 2
ITIL # Lecture 2ITIL # Lecture 2
ITIL # Lecture 2
 
ITIL # Lecture 1
ITIL # Lecture 1ITIL # Lecture 1
ITIL # Lecture 1
 
Network security # Lecture 1
Network security # Lecture 1Network security # Lecture 1
Network security # Lecture 1
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
 
Searching and seizing Computer according to Afghanistan law
Searching and seizing Computer according to Afghanistan lawSearching and seizing Computer according to Afghanistan law
Searching and seizing Computer according to Afghanistan law
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensics
 
Csc342 lec 7 network security des
Csc342 lec 7 network security desCsc342 lec 7 network security des
Csc342 lec 7 network security des
 
Lect 5 computer forensics
Lect 5 computer forensicsLect 5 computer forensics
Lect 5 computer forensics
 

Kürzlich hochgeladen

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Kürzlich hochgeladen (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Cyber Security # Lec 2

  • 1. Lec-2: Cyber Security Mr. Islahuddin Jalal MS (Cyber Security) – UKM Malaysia Research Title – 3C-CSIRT Model for Afghanistan BAKHTAR UNIVERSITY ‫باخترپوهنتون‬ ‫د‬
  • 2. Types of Cyberattacks • Cyberattacks compromise • Confidentiality by stealing money • Integrity by modifying data • Availability by denying access to data, services and systems • Some attacks may combine two or more of these types in a single attack but these three are the building block for most malicious cyberactivities.
  • 3. Types of Cyber Attack • Phishing/spearphing • Drive-By / Watering Hole / Malvertising • Code Injection / Webshell • Keyloggig / Session hijacking • Pass-the-Hash and Pass-the- ticket • Credential harvesting • Gate-crashing • Malware /Botnet • DDoS • Identity Theft • Industrial Espionage • Pickpocket • Bank Heist • Ransomeware
  • 4. Phishing / Spearphishing • Phishing and spearphishing are some of the most effective ways of getting into an enterprise’s network. • Attackers send e-mail to the victims (targeted e-mail to a specific person if it’s spearphishing), and the e-mail takes control of the victim’s computer.
  • 5. Phishing / Spearphishing • Impact: • Gain control of a personal computer inside the enterprise’s network • Spearphishing, this control includes a computer belonging to a specific person, such as an executive or systems administrator. • Methods and Consequences: • There are three techniques commonly used for phishing and spearphishing attacks. • Email message containing malicious attachment • Email to contain a link to a web page • Email to contain a link to a web page that asks for the victim to type his / her logon credentials • Potential Defense • Training to help users recognize when they are being phished • Educating executives and systems administrators on the threats • Protecting email and web gateways • Hardening endpoint computers
  • 6. Drive-By / Watering Hole / Malvertising • A drive-by or watering hole attack involves compromising a victim’s web site and then configuring that website to deliver malware to people who visit the site. • When unsuspecting users visit the site, their computers are infected with malware and the attackers are able to move their attack forward. • A malvertising attack has the same effect, but rather than directly compromising the site, attackers deliver malware through advertising feeds displayed on the web page alongside the victim’s content.
  • 7. Drive-by / Watering Hole / Malvertising • Impact: • Victim enterprise is an intermediary in an attack while targeting the people who visit the website • Victim will get collateral damage • Victim Enterprise’s reputation will be damaged when the story comes out • Methods and Consequences: There are two techniques commonly used for such kinds of attacks. • Web sites with vulnerabilities are exploited to get control of the site directly from the internet • Compromise the victim enterprise to get access to the computers and accounts with administrative control over the site • Potential Defense • Web site operators need to have strong configuration control over public-facing web sites • Advertising networks should strongly filter their content and prevent unexpected and unacceptable behavior • Surfing the web carefully using non-administrative credentials • Fully patched endpoint computers • Hardening endpoint computers
  • 8. Code Injection / Webshell • Servers are potentially just as vulnerable as endpoint computers, and they can be compromised using some of the same techniques. • Two attacks unique to servers are • Code injection • Webshells. • Code injection compromises a vulnerable web site by modifying requests to the site so they contain either scripting code or SQL code that is executed by the server without checking it. • If the server executes this code using administrative privileges, then the attackers can use the attack to take control of the server. • Once the attackers get control of the server, they can place a webshell into the server’s web site. • Webshell is a back door that allows attackers to come back to the server’s web site and execute commands directly on the server.
  • 9. Code Injection / Webshells • Impact: • Gain the administrative control over an internet facing server • Provide backdoor into the enterprise that is always open and operational for the attacker • Data and information can be compromised • Methods and Consequences: • Commonly used techniques for code injection and Webshells is as follow: • Attacker toolkits is used which contain exploits designed to test internet facing web sites for vulnerabilities • Periodically re-scan the sites to catch vulnerabilities (due to bad patch or coding mistakes) • Once the vulnerability is found then starting exploitation of that vulnerability and compromise the server and then install backdoor • Potential Defense • Strict configuration control of internet-facing servers is the best defense • Periodically scan the web sites for the vulnerabilities
  • 10. Keylogging / Session Hijacking • Keylogging: can be used to capture usernames and passwords of accounts with single-factor authentication, • Session hijacking: can be used to exploit accounts protected by multi- factor authentication. • Once attackers gain control of a victim’s endpoint computer, they can use a variety of methods to gain use of the victim’s online accounts.
  • 11. Keylogging / Session Hijacking • Impact: • Gain control over the victim’s online account • This control include • Victim’s address book • E-mail • Financial account and money • Methods and Consequences: • Commonly used techniques for keylogging and session hijacking is as follow: • Finding methods to install keylogger in victim’s system • If successful, then the attacker will know each and every button pressed by the victim • Attacker will wait, until the credentials found • Once these logons occurred, attackers can impersonate the user and make use of the accounts • Potential Defense • Secure endpoint to never be infected in the first place • Use unprivileged accounts • Protect end system by Anti-virus, anti-malware, intrusion prevention etc • Use multi-factor authentication systems
  • 12. Pass-the-Hash and Pass-the-Ticket • Pass-the-hash and pass-the-ticket are attack techniques that enable attackers to exploit credentials on an enterprise network. • These credentials are stored in computer memory and on hard drives. • These attacks effectively bypass the authentication mechanism of certain enterprise applications.
  • 13. Pass-the-Hash and Pass-the-ticket • Impact: • Attacker move laterally within enterprise IT environments from computer to computer • Methods and Consequences: • Commonly used techniques for Pass-the-Hash and Pass-the-ticket is as follow: • Try to gain administrative control of the victim’s computer • Scan the memory and hard drives for hashes and tickets belongs to user • Once hashes and tickets found, then use them to connect to other computers on the enterprise network and move laterally. • Potential Defense • Reduce vulnerabilities • Try to avoid storing hashes and tickets on hard drives • Try to store hashes and tickets over a network which is more difficult
  • 14. Credential Harvesting • Credential harvesting is a technique whereby attackers compromise systems that a large number of users visit. • They then harvest user credentials from those systems. • In this way, attackers can get the user credentials for a large portion of the enterprise, all in a single step.
  • 15. Credentials Harvesting • Impact: • Large number of user credentials compromising in a single step. • Afford them to access administrator credentials • Methods and Consequences: • Two common approaches for conducting credential harvesting attack • First, to target public-facing systems with large numbers of users (such as: e-mail, web portal, virtual desktop systems) • Exploit vulnerability to gain control, and then start capturing user credentials • Second, to get inside the enterprise and target vulnerabilities in authentication systems • Once authentication system is compromised, can get access to credential hashes, ticket, and usernames and passwords • Potential Defense • Understanding the enterprise IT systems collect large numbers of user logons. • Protect those systems • Successful compromise should be detected and responded to in a timely fashion • Use multi-factor tokens for authentication
  • 16. Gate-Crashing • Gate-crashing attacks involve attackers positioning themselves so they can exploit a vulnerability or a defender mistake to get past a particular security defense. • Due to the realities of security technology maintenance and human errors, almost every preventive defense gets disabled sometime, either intentionally or by accident. The gate-crashers make sure they are there to take advantage when it occurs.
  • 17. Gate-crashing • Impact: • To slip past defenses when the opportunity arises • The attacker waits multiple times for just the right vulnerability or mistake to occur • Methods and Consequences: • Two common approaches for conducting Gate-crashing attack • Manually: must have active command-and-control connections to systems inside the victim’s network • Automatically: intelligent malware watches the victim network for openings and then exploits those opening when occurs • Potential Defense • Defense layering • Active monitoring • Security administrator must be educated on gate-crashing
  • 18. Malware / Botnet • Malware is a generic term for malicious software, and it can include viruses, worms, Trojans, and others. • There is an extensive malware industry with commodity and custom toolkits that can be integrated together to perform remote control, session hijacking, credential harvesting, maintain persistence, and other functions. • It’s also important to consider remote control functions built into most modern operating systems as well since, with the right administrator credentials, those functions can be used for malicious purposes as well. • Once computers are infected with malware, they may be tied into a botnet so they can be accounted for and access to them can be sold to the highest bidder. Botnets can contain hundreds, thousands, or even millions of compromised machines that can then be used for any attacker purpose.
  • 19. Malware / Botnet • Impact: • Monitor all activity on the victim computer • Record any credentials and accounts used by the victim • Allow the attacker to use the computer, either on its own or in conjunction with other machines in a botnet • Methods and Consequences: • Install the malware by exploiting the vulnerability or by the user of the computer willingly from malicious web site, email attachment or web link. • Malware may be custom-built or morphed so it is not recognized by signature-based anti-virus • Once compromised and joined to a botnet, the computer and its data become available to the botnet operator • Potential Defense • Hardening OS • Anti-virus • Anti-Malware • User privilege limitation and application
  • 20. Distributed Denial of Service (DDoS) • DDoS involves flooding the victim’s computers with so much web traffic—generated from a distributed network—that the victim is unable to continuing delivering services over the Internet.
  • 21. DDoS • Impact: • Targeted web site is often rendered unusable • Web sites become unavailable to its own user, customer or partners • Methods and Consequences: • Compromise the computers and also thousands of compromised computers available on the internet to hire. • Point the hired compromised network towards the target • Potential Defense • There are two approaches to defend against DDoS: • The first approach is to utilize content distribution networks that are hard to target and have the distributed capacity to resist all but the largest DDoS attacks. • The second approach is to respond quickly to block DDoS traffic at the network layer, thus mitigating its impact and allowing services to stay operational.
  • 22. Identity Theft • Identity theft is one of the most common professional cyberattacks since stolen identities—particularly • social security numbers, • credit card numbers, and medical records • can be easily sold on the black market for cash. • Such attacks tend to focus on • Centralized IT systems • Databases • Hacking into point-of-sale (PoS) • Other critical systems to obtain identity information.
  • 23. Identity Theft • Impact: • Severe for victim enterprises • Data disclosure • Compensation to victims • Possibly penalties • Methods and Consequences: • Gain access to victim networks and get privileged access to victim data. • Potential Defense • Protect data using different security mechanisms • Should thing through the life cycle of the data from capture to disposal • Monitor the traffic • Take regular backup • Look your data from the adversary’s perspective
  • 24. Industrial Espionage • Industrial espionage is a common attack performed by professional and nation-state attackers to gain advantages in international business. • In the international marketplace, such advantages can be big business,indeed, with billions of dollars and entire market segments at stake.
  • 25. Industrial Espionage • Impact: • Difficult to measure since it is often difficult to differentiate • Competitors reading each other’s playbooks • Economic impact of players who gain the advantage of knowing their competitors every move. • Data is stolen (meeting schedules, enterprise processes etc) can be just as useful in defeating competitors in the international marketplace • Methods and Consequences: • Target victim networks to achieve an initial entry • Then exploit the entry to move laterally and gain privilege within the victim networks. • Once, administrative control is taken then stealing business information • Potential Defense • Detective and preventive measure is needed
  • 26. Pickpocket • A “pickpocket” attack involves hacking victim systems to steal relatively small amounts of money across a large number of transactions. • Some common examples of this attack include redirecting direct deposit accounts, payroll, or accounts payable accounts to send money to the attackers’ accounts instead.
  • 27. Pickpocket • Impact: • The attackers quickly get away with a large amount of money when the many transactions involved are added up. • When this money is transferred via wire transfer or direct deposit, it can be difficult or even impossible to trace and recover. • Methods and Consequences: • Trying to intercept and redirect the financial transactions (payroll , accounts payable system etc.) • By the time the victim enterprise catches the redirection, the money is often gone. • Potential Defense • Rapid alerting and auditing system is need to catch unauthorized changes before money is moved • Acquire help from financial institution by imposing time delays between when account information is changed and the change become effective.
  • 28. Bank Heist • While a pickpocket attack involves changing financial destinations and intercepting the victim’s money, a bank heist involves simply getting direct access to the victim’s bank accounts and stealing it.
  • 29. Bank Heist • Impact: • Victim losing money from their accounts partially or completely. • Poor safeguards afforded to consumer’s accounts by financial institutions • Methods and Consequences: • Compromise victim systems with privileges to access business financial accounts • Once successful, transfer large sums of money out via hard-to-trace methods such as wire transfer • Potential Defense • Closely guarding the computers and credentials • Securely manage corporate financial accounts or allowing financial personnel to manage these accounts from their personal computers used to surf the web.
  • 30. Ransomware • Ransomware compromises victim computers • Encrypts the data • Charges a ransom to get the keys to decrypt the data. • It can be expensive for individuals. • It can be devastating at an enterprise level.
  • 31. Ransomware • Impact: • Large amount of corporate data are accessible by large numbers of employees. • Employee having write access and compromised ending up encrypting it for everyone • Methods and Consequences: • Common type of malware that is out on the internet, constantly used to get into victim computers and enterprises. • Potential Defense • Hardening end points • Training users to not get infected • Having good segmentation and access controls • Good backup for recovery
  • 32. CONCLUSION • Be flexible and adaptable to changing threats! • Don’t ignore Information Security principles! • Mature your Threat and Vulnerability Mgmt process! • Conduct frequent incident response exercises! • Invest in people & training! • Delay the adversary!
  • 33. Thank You For Your Patience