Professional Documents
Culture Documents
Basically, Email security refers to the steps where we protect the email messages and
the information that they contain from unauthorized access, and damage. It involves
ensuring the confidentiality, integrity, and availability of email messages, as well as
safeguarding against phishing attacks, spam, viruses, and another form of malware. It
can be achieved through a combination of technical and non-technical measures.
Response Code :
HTTP response status codes are three-digit codes issued by a server in response to a
browser-side request from a client. These status codes serve as a means of quick and
concise communication on how the server worked on and responded to the client’s
request.
1XX – Informational code: This category indicates that the request was
received and understood. It is issued on a provisional basis while request
processing continues. It alerts the client to wait for a final response
2XX – Success code: This category indicates the action requested by the
client was received, understood, and accepted. This essentially means
that the request that the client made was a good request, and that the
server completed what it was supposed to do completely and
successfully.
3XX – Redirection code: This category indicates that the client may take
additional action to complete the request. Usually that additional action
is to redirect the user to another URL. Many of the status codes in this
category are used in URL redirection.
4XX – Client error code: This category indicates that request cannot be
fulfilled because there is an error coming from the client. The request
might contain bad syntax or lack of authorization, etc. The server should
include an entity containing an explanation of the error situation (except
when responding to a HEAD request), and whether it is a temporary or
permanent condition.
5XX – Server error code:This category indicates that the server has
encountered an error or is incapable of performing a valid request. The
server should include an entity containing an explanation of the error
situation (Except when responding to a HEAD request), and indicate
whether it is a temporary or permanent condition.
This could also be seen as a way of how TCP connection is established. Before getting
into the details, let us look at some basics. TCP stands for Transmission Control
Protocol which indicates that it does something to control the transmission of the data in a
reliable way.
The process of communication between devices over the internet happens according to
the current TCP/IP suite model(stripped out version of OSI reference model). The
Application layer is a top pile of a stack of TCP/IP models from where network
referenced applications like web browsers on the client-side establish a connection with
the server. From the application layer, the information is transferred to the transport layer
where our topic comes into the picture. The two important protocols of this layer are –
TCP, UDP(User Datagram Protocol) out of which TCP is prevalent(since it provides
reliability for the connection established). However, you can find an application of UDP
in querying the DNS server to get the binary equivalent of the Domain Name used for the
website.
Step 1 (SYN): In the first step, the client wants to establish a connection with
a server, so it sends a segment with SYN(Synchronize Sequence Number)
which informs the server that the client is likely to start communication and
with what sequence number it starts segments with
Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK
signal bits set. Acknowledgement(ACK) signifies the response of the segment
it received and SYN signifies with what sequence number it is likely to start
the segments with
Step 3 (ACK): In the final part client acknowledges the response of the
server and they both establish a reliable connection with which they will start
the actual data transfer
Secure Socket Layer (SSL) provides security to the data that is transferred between
web browser and server. SSL encrypts the link between a web server and a browser
which ensures that all data passed between them remain private and free from attack.
Handshake Protocol:
Handshake Protocol is used to establish sessions. This protocol allows the client and
server to authenticate each other by sending a series of messages to each other.
Handshake protocol uses four phases to complete its cycle.
Change-cipher Protocol:
This protocol uses the SSL record protocol. Unless Handshake Protocol is completed,
the SSL record Output will be in a pending state. After the handshake protocol, the
Pending state is converted into the current state.
Change-cipher protocol consists of a single message which is 1 byte in length and can
have only one value. This protocol’s purpose is to cause the pending state to be copied
into the current state.
Alert Protocol:
This protocol is used to convey SSL-related alerts to the peer entity. Each message in
this protocol contains 2 bytes.
Database security defines the collective measures used to protect and secure a database
or database management software from unauthorized use and malicious cyber threats and
attacks. Database security is a layer of information security. It is generally concerned with
physical protection of data, encryption of data in storage and data remanence problem.
Data security is generally defined as the confidentiality, availability and integrity of data. In
another terms, it is all of the practices and processes that are in place to provide data is not being
used or accessed by permitted individuals or parties. Data security provides that the data is
accurate and reliable and is accessible when those with authorized access require it.
An acceptable data security plan should target on collecting only the required data information,
maintaining it safe and destroying some data that is no longer needed. A plan that places priority
on these three components will support some business meet the legal obligations of possessing
sensitive information.
Database security process are aimed at securing not just the data inside the database, but the
database management system and all the applications that access it from intrusion, misuse of
information, and damage.
An Information Technology (IT) Security Policy recognizes the rules and procedures for some
individuals accessing and using an organization's IT assets and resources. Effective IT Security
Policy is a model of the organization’s culture, in which rules and processes are driven from its
employees approach to their data and work.
1. Malware
The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an
advanced, modular banking Trojan that primarily functions as a downloader or dropper
of other banking Trojans. Emotet continues to be among the most costly and destructive
malware.”
3. Denial of Service
A denial of service (DoS) is a type of cyber attack that floods a computer or network so
it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the
attack originates from a computer network. Cyber attackers often use a flood attack to
disrupt the “handshake” process and carry out a DoS. Several other techniques may be
used, and some cyber attackers use the time that a network is disabled to launch other
attacks. A botnet is a type of DDoS in which millions of systems can be infected with
malware and controlled by a hacker, according to Jeff Melnick of Netwrix, an information
technology security software company. Botnets, sometimes called zombie systems,
target and overwhelm a target’s processing capabilities. Botnets are in different
geographic locations and hard to trace.
A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-
party transaction. After interrupting the traffic, they can filter and steal data, according to
Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network.
Attackers insert themselves between the visitor and the network, and then use malware
to install software and use data maliciously.
5. Phishing
Phishing attacks use fake communication, such as an email, to trick the receiver into
opening it and carrying out the instructions inside, such as providing a credit card
number. “The goal is to steal sensitive data like credit card and login information or to
install malware on the victim’s machine,” Cisco reports.
6. SQL Injection
A Structured Query Language (SQL) injection is a type of cyber attack that results from
inserting malicious code into a server that uses SQL. When infected, the server
releases information. Submitting the malicious code can be as simple as entering it into
a vulnerable website search box.
7. Password Attacks
With the right password, a cyber attacker has access to a wealth of information. Social
engineering is a type of password attack that Data Insider defines as “a strategy cyber
attackers use that relies heavily on human interaction and often involves tricking people
into breaking standard security practices.” Other types of password attacks include
accessing a password database or outright guessing.
Packet Filters –
It works in the network layer of the OSI Model. It applies a set of rules (based
on the contents of IP and transport header fields) on each packet and based on
the outcome, decides to either forward or discard the packet.
Packet filter firewall controls access to packets on the basis of packet source
and destination address or specific transport protocol type. It is done at the
OSI (Open Systems Interconnection) data link, network, and transport layers.
Packet filter firewall works on the network layer of the OSI model.
Packet filters consider only the most basic attributes of each packet, and they
don’t need to remember anything about the traffic since each packet is
examined in isolation. For this reason, they can decide packet flow very
quickly.
Example: Filter can be set to block all UDP segments and all Telnet
connections. This type of configuration prevents outsiders from logging onto
internal hosts using Telnet and insider from logging onto external hosts using
Telnet connections.
¶
What is cybercrime?
In plain English, cybercrime is crime committed on the Internet, on local
networks, or even against isolated computers. It can affect any of your digital
devices (including PCs, notebooks, smart TVs, tablets, smartphones, home
electronic systems, etc). Cybercrime also refers to any activity where crime is
committed using any computer system.
Cyber criminals are publicly known as hackers, although the term is technically
inaccurate, the correct term is "cracker".
This is a critical requirement for any computer system and application. Always
keep your OS system, services and applications updated to have the latest bugs
and vulnerabilities patched.
Never use the same password on more than one website, and always make sure
it combines letters, special characters and numbers.
The best way to sort this out is to use a password manager like 1Password,
LastPass or Keepass, which will help you generate strong passwords for each
website, and at the same time store them in an encrypted database.
This is an excellent measure for both desktop and corporate users. Keeping
antivirus and anti-malware software up to date and running scans over local
storage data is always recommended. While free antivirus/antimalware solutions
can be helpful they are often merely trial software, and don't offer full protection
against most common virus/malware and other network threats.
There are numerous options for Windows, and one of the best is the Windows
Malware Removal Tool. Linux and Unix systems also offer excellent choices
such as the all-mighty ClamAV, LMD, Chkrootkit, Rootkit Hunter, and others.
A lot of computer hacking takes place whenever you open an unsolicited email
containing suspicious links or attachments. First things first: enable the anti-spam
feature of your email client; and second (and most important): never open links or
attachments from unsolicited recipients. This will keep you safe from phishing
attacks and unwanted infections.
¶ Use a VPN
VPN services are becoming more popular every year, and it's completely natural
to use one if you plan on keeping third party companies (especially your ISP)
from spying on your online activities. Another reason to use a VPN may be to log
into your secure network from a remote place, including when you use
untrustworthy internet connections on the road while travelling, or when you are
merely away from home.
Sometimes local network breaches don't come from your computer, but from
your children's tablets, phones or notebooks. Educate your children to prevent
them from falling victim to cyber criminals, by using the same tips we've shared
with you. While we're pretty sure most teenagers and children will not use PGP
encryption, the rest of the tips can be easily applied to any of your kids.
WHAT IS PHISHING?
Phishing is a cyber crime that leverages deceptive emails, websites, and text
messages to steal confidential personal and corporate information.
Victims are tricked into giving up personal information such as their credit card
data, phone number, mailing address, company information, etc. Criminals then
use this information to steal the victim's identity and commit further crimes using
this stolen identity.
Email
This is the most common phishing tactic. An email is sent to multiple recipients
urging them to update personal information, verify account details, or change
passwords.
Typically, the email is worded to promote a sense of urgency, sometimes
highlighting the recipient's need to protect themselves or their organization. The
email is designed to appear to come from a legitimate source, such as customer
service for PayPal, Apple, Microsoft, a bank, or other known companies.
Content Injection
A familiar-looking webpage, like an email account login page or online banking
page, is injected with malicious content. The content can include a link, form, or
pop-up that directs people to a secondary website where they are urged to confirm
personal information, update credit card details, change passwords, etc.
Link Manipulation
A carefully worded email arrives with a malicious link to a familiar website such
as Amazon or another popular website. When you click on the link, it takes you to
a fake website designed to look exactly like the known website, where you are then
prompted to update your account information or verify account details.
Fake Websites
Hackers create fake websites that look just like highly frequented websites. This
fake website has a slightly different domain, for example, outlook.you.live.com
instead of outlook.live.com. People believe they're on the right website and
accidentally open themselves to identity theft.
Mobile Phishing
Mobile phishing can involve fraudulent SMS, social media, voice mail, or other in-
app messages informing the recipient that their account has been closed,
compromised, or is expiring. The message includes a link, video, or message to
steal personal information or install malware on the mobile device.
Trojans are malware, and like most forms of malware, Trojans are
designed to damage files, redirect internet traffic, monitor the user’s
activity, steal sensitive data or set up backdoor access points to the
system. Trojans may delete, block, modify, leak or copy data, which
can then be sold back to the user for ransom or on the dark web.
Backdoors allow the attackers to quietly get into the system by deceiving the
security protocols and gain administrative access. It is similar to the real-life
robbery in which burglars take advantage of the loopholes in a house and get a
'backdoor' entry for conducting the theft.
After gaining high-level administrative privilege, the cyber attackers could perform
various horrendous tasks like injecting spyware, gaining remote access, hack the
device, steal sensitive information, encrypt the system through ransomware, and
many more.
Backdoors are originally meant for helping software developers and testers, so they
are not always bad.
Reconnaissance
Information Gathering and getting to know the target systems is the first process in ethical
hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning &
Enumeration) used to covertly discover and collect information about a target system.
During reconnaissance, an ethical hacker attempts to gather as much information about a target
system as possible, following the seven steps listed below −
Active Reconnaissance
In this process, you will directly interact with the computer system to gain information. This
information can be relevant and accurate. But there is a risk of getting detected if you are
planning active reconnaissance without permission. If you are detected, then system admin can
take severe action against you and trail your subsequent activities.
Passive Reconnaissance
In this process, you will not be directly connected to a computer system. This process is used to
gather essential information without ever interacting with the target systems.
Active Attacks: Active attacks are the type of attacks in which, The attacker efforts
to change or modify the content of messages. Active Attack is dangerous to Integrity as
well as availability. Due to active attack system is always damaged and System resources
can be changed. The most important thing is that, In an active attack, Victim gets
informed about the attack.
Passive Attacks: Passive Attacks are the type of attacks in which, The attacker
observes the content of messages or copies the content of messages. Passive Attack is a
danger to Confidentiality. Due to passive attack, there is no harm to the system. The
most important thing is that In a passive attack, Victim does not get informed about the
attack.
prevention. detection.
Due to active attacks, the execution While due to passive attack, there is no harm to
system is always damaged. the system.
In an active attack, Victim gets While in a passive attack, Victim does not get
informed about the attack. informed about the attack.
In an active attack, System resources While in passive attack, System resources are
can be changed. not changing.
What is cyberbullying?
Cyberbullying is a type of bullying in which one or more individuals use digital
technologies to intentionally and repeatedly cause harm to another person.
Cyberbullies use mobile phones, computers or other electronic devices to
send texts, emails or instant messages; post comments on social media or in chat
rooms; or in other ways use private or public forums to attack their victims.
Goal Its main goal is to offer secure Its main goal is to provide
communication. data protection.