Category: Basics

Hello, aspiring ethical hackers. In this blogpost you will learn about IoT security or Internet of Things (IoT) security. But before you understand IOT security, you need to understand what Information of Things (IOT) is.

What is Information of Things (IoT)?

A few years back, getting an internet connection to our home was a bit rare and costly. I remember most of my friends had a computer at home but nobody had internet. Nowadays, even device (that once existed without the need of internet) can be connected to the internet.

These devices include lightbulbs, security cameras, fans, Refrigerator, Washing machine and almost all the devices of a smart home. They are connected to internet to add comfort to humans. All these devices are together known as Internet of Things (IOT).

Unlike your computer, laptop or mobile, these devices don’t need any human interaction to connect to internet.

What is IoT security?

As you should have figured out by now, IoT security is ensuring the security of these devices to protect your network.

What are various threats to IoT security?

Every device that is connected to internet is vulnerable to hacking. MIRAI botnet proved it. Internet of Things (IoT) devices are built with usability and human comfort in mind. The most common threats to IOT devices are.

1. Firmware vulnerabilities:

Every digital device has a firmware which is similar to a operating system on a computer. However, it cannot by easily updated as a operating system. So, once a vulnerability is detected in the firmware and exploited in an IOT device, it is difficult to upgrade or patch it.

2. Credential attacks:

Although IoT devices come with credentials, these are default credentials that hat are insecure and easy to guess. In most IoT devices, these credentials cannot even be reset or changed. So, any attacker can easily guess the credentials, take control of the devices.

3. Man-in-the-Middle attacks:

Man in the middle (MiTM) attacks are just not limited to computers and servers. It is also possible to perform packet sniffing and password sniffing between the IOT device and the server it is connecting to. If the transmission is taking place in clear text, hackers can sniff on it.

4. Physical access attacks:

Most IoT devices are placed in easily accessible locations. If hackers can get hold of this device, they can take control of the device.

Hello, aspiring ethical hackers. In this blogpost, you will learn about cloud security. Before you learn about cloud security, you need to have a basic idea about what is cloud computing or cloud. Let me give you an example. Have you ever used Gmail or any other email service? What do you do to check your email? You open a browser or email client and go to the URL of the email service, enter your credentials and finally read your mails or start composing an email. Have you ever thought where all the mails are stored? Definitely not on your own system. They are stored elsewhere. Well, this is exactly how cloud computing works.

What is cloud computing?

Cloud computing is providing of computer system resources like data storage, computing power, networking, servers and software etc over the internet on demand.

Types of Cloud computing

Services in cloud can be provided as per anyone’s need with customization. However, there are three models of cloud computing that are generally preferred.

1. Infrastructure as a Service (IaaS):

In this model of cloud service, customers rent the building blocks of computing like servers (physical or virtual), storage and networking. It is usually rented by those organizations which want to have complete control over their cloud. The needed software and applications are installed by the organization.

2. Platform as a Service (PaaS):

What if organization or users don’t have the technical know how about installing everything on their rented hardware on cloud. The PaaS model comes to their rescue. This model comes with the installation of required tools and software along with basic computing resources provided in IaaS. For example, imagine you want to rent a WAMP server on cloud. Along with the basic computing resources, it comes with a Windows 10 machine with WAMP server installed on it. You still have to create the websites to be hosted on the WAMP server.

3. Software as a service (SaaS):

The most popular cloud model, it provides just all the resources and software you need. For example, let’s just say you rented a WordPress website on cloud for you. All you have to do is login into the WordPress website on your browser and upload blogposts. Rest all the cloud provider takes care for you.

What is Cloud Security?

Cloud security is the concept of providing security to the cloud-based systems from all the usual threats and dangers of cyber security. Cloud security is the responsibility of both the cloud service provider and the end user.

What are some cloud security threats?

Systems in cloud are vulnerable to all threats usual networks do like zero-day-vulnerabilities, DoS, phishing and malware etc.

Hello, aspiring ethical hackers. In our previous blogpost, you learnt what is cybersecurity. In this blogpost, you will learn about network security which is one of the branches of cybersecurity.

What is Network Security?

Network security is the practice of protecting a computer network from cyber attacks like unauthorized access, insider threats, malware and other advanced threats. Network security includes various technologies, processes, tools and policies etc.

Different security technologies that are used in an organization to protect the network against cyber-attacks. Various devices and software come into play while protecting the organization from a variety of threats. Let’s learn about each of them.

1. Firewall:

A firewall is the most common defensive measure that is used in organizations against cyber attacks. It can be considered the first layer of defense against hackers. Just as its name implies, it works as a wall between two networks thus preventing malicious traffic from entering the network of the organization. Learn more about firewalls here.

2. Anti-Malware:

In one of our previous articles, you learnt about virus and malware. Anti virus protects the computers and other devices in the network from this malicious software. Learn more about Antivirus.

3. Intrusion Detection System (IDS):

An Intrusion Detection System (IDS) monitors the entire traffic of the network and as soon as it sees any traffic that it considers malicious, it raises an alert. Learn more about IDS.

4. Intrusion Prevention System (IPS):

An Intrusion Prevention System (IPS) is one step above IDS. It performs the functions just like an IDS, but whenever it detects malicious traffic, it tries to prevent the connection by dropping the packets. Learn more about Intrusion Prevention System (IPS).

5. Endpoint Detection & Response (EDR):

Endpoint Detection and Response is used to monitor end user devices on the network for malware and acts against them if needed.

6. Honeypot:

Sometimes, organizations need to understand what hackers would be interested in once they are in their network. A honeypot serves this purpose. A honeypot acts as a juicy target and attracts towards thus preventing them from hacking anything in the original network. A honeypot designed with a lot of vulnerabilities that can keep the hackers constantly interested. Learn more about honeypots.

7. Demilitarized Zone (DMZ):

A demilitarized zone is a network used to add an external layer of security to the organization’s network. Usually placed at the perimeter, it has access to the external network. It usually contains an external facing service.

8. Data-Loss Prevention (DLP):

Data Loss Prevention (DLP) ensures that no confidential data is being sent out of the organization’s network. Confidential data refers to data that once exposed to the internet can harm the security of the network.

9. Security Incident & Event manager (SIEM):

A security Incident & Event Manager raises an alert if it detects any malicious activity. That’s all about the various security technologies.

Hello aspiring Ethical Hackers. In this blogpost, you will learn about steganography. Before you learn what is it, you need to learn why are we learning about it. In Feb 2023, Red Eyes Hacking Group (APT37) used a jpg image as attachment in one of their spear phishing email. When victims clicked on this image, it triggered an exploit that ran shellcode on the victim’s computer to download and execute a malicious payload that is stored within the jpg file mentioned above. But how was the malicious payload was hidden inside the jpg image?

What is Steganography?

It is an art or technique of hiding secret or any precious information inside something that looks common & ordinary. This information is hidden in such a manner that its presence is not evident to the human inspection. The word stegano graphy came from Greek word steganographic, that is combination of words steganos (meaning hidden or concealed) and graphia (writing).

In ancient and medieval times, kings used steganography to forward messages secretly. Greeks were the fist to use it. Coming to modern times, hackers are using it to hide malicious code in images, text, files, audio, video film and any other medium that looks benign.

Types of Steganography

There are five types of stegano graphy. They are,

1. Text stegano graphy
2. Image stegano graphy
3. Video stegano graphy
4. Audio stegano graphy
5. Network Stegano graphy

1. Text Steganography::

In text steganography, the secret information is hidden in a piece of text. For example, let’s say a text contains “Indians love Unity”. This may look like an ordinary or normal text. But just take the first letter of these three words. That becomes “ILU” a shortcut for I Love You message used by youngsters.

2. Image Stegano graphy:

As you might have already expected, when the secret information is hidden in an image (digital image) it is known as Image steganography.

3. Audio Steganography:

If the information we want to hide is hidden in an audio, it is known as audio steganography. Humans can hear sound that only contains certain frequencies. So, by altering the properties of audio like frequency, amplitude etc. secret messages can be hidden. However, to be able to receive and understand this secret information, the receiver needs to have smart listening devices to decipher the hidden information.

4. Video Steganography:

If the secret information is hidden in a video, it is called video steganography. A video is simply a representation of a sequence of consecutive images. So, we can say that this is an advanced version of Image steganography.

5. Network Steganography:

Considered to be more advanced and practically useful to Black Hat Hackers, in Network steganography information is hidden in network traffic. For example, it can be hidden in the TCP/IP headers etc.

Examples of Steganography attacks in hacking

1. In September 2022, researchers at ESET discovered a previously unknown Threat actor they named Worok hiding malicious payload in PNG files.
2. In 2019, researchers at Symantec observed a Russian cybersecurity group waterbug (also known as just the malicious) delivering a publicly known backdoor by hiding it in a WAV file.
3. In the same year, security researchers at Cylance observed a hacking campaign that was delivering XMRIG Monero CPU miner by hiding them in WAV files.
4. PLATINUM hacker group, that usually targets Governments of South Asia and South East Asia, embedded their malware commands in the HTML code of a website. They achieved this by encoding malware commands in a specific sequence of “TAB” and “SPACE” bar.

In future steganography is going to increase in cyber security.

Hello aspiring Ethical Hackers. In this blogpost, you will learn in detail about computer virus. In our previous article on malware, you have read that virus is one type of malicious software.

What is a VIRUS?

Virus stands for Vital Information Resources Under Seize (VIRUS). Once a computer virus infects any system it tries to seize is resources. Like it’s pathological name sake, a virus attaches itself to an executable or program to propagate or infect computers. VIRUS always requires human action or interaction to infect systems. Let’s now study about different types of Virus and what resources they affect.

Types of Computer VIRUS

1. Browser Hijacker:

Have you ever opened your browser and noticed that all of its settings have changed? These settings include but not restricted to the URL of the home page, favorites and even the default search engine. Well, this is the case of a Browser Hijacker. It is called so because it simply hijacks your browser to alter its settings and also redirect to a phishing site or to display advance.

Browser hijackers are used by hackers to earn some good amount of money. For example, a browser hijacker named CoolWebSearch infected victim’s browsers and redirected the homepage and search results to the links the hackers wanted. Every time a victim clicked on these links, the hacker was paid money.

2. Web scripting virus:

A web scripting is a virus that exploits vulnerabilities in browser to infect web pages or websites and inject malicious code. This virus is useful to send spam or for stealing cookies.

3. File Infector virus:

One of the most common viruses, file infector virus infects files and copies itself into other executable programs such as .COM and EXE files. Some file infecting viruses infect critical system files too thus affecting the operating system.

4. Macro virus:

Macro virus is a virus that is written in the language of Microsoft Office macros or Excel Macros. They are embedded into a Word document on Excel file

5. Direct Action virus:

Also known as Non-resident virus, this type of virus directly connects itself to executables like EXE and COM file. This virus is also known as Non-resident Virus as it doesn’t install itself on the target system. Direct Action Virus becomes active only when the victim executes the file.

6. Resident virus:

Resident virus install itself in the memory to the system and then from there, infects other files while they are opened by the users.

7. Boot Sector virus:

This type of virus infects the Master Boot Sector of the hard disk or a USB drive. Master Boots Record (MBR) is the boot sector that is located at the very beginning of partition table. It contains information about operating system’s location and how it can be booted. Once this section is infected, the infected system will face bootup problems etc.

8. Multipartite virus:

A virus that uses multiple methods to infect the target system is known as multipartite virus.

9. Polymorphic virus:

A polymorphic virus or metamorphic virus is a virus that constantly changes its appearance or signature files to avoid detection.