sdiate the haukes ottaks tha

Ten frotriCn
CyBER SEUESTy
ínte-Conneded
-’ Tchnige protedng
pte, `orve,
mobile
Deke Com
attact.
naiioub
TYpES:

tn ormotion (or)Data
* Mobile

Tmportance 9 Culer
Since dayico Secuity'
Con netod
to the Trend, t 's Very. imp to
Protct data, from
(onathorize
’This
actors
in
to
giv
Iniltrato
intud eNS 4 th reat
then
nany
bawe ybor stcwnity Strotegy
to Protet. rom
<ybr attaks.
Secunity Goat: proteton,
Cybor data
CA triad
ano
Conyi dent alty. rtegrity
Availaily.
D,.tDs
Unauthorized
conidantialty: that woids

Eq Enc*yptm.
Lteqrity Saugumded tron
accuracy
Data
unaucthorized by thret
actors
for athorizod
Avoulolility' Owalae
cyber att ack.
’Not biodse by
CyBER THREATS:
TypES
MecwARE:
(or) hacter to doma
GyborCrinhl
Used bH. Systom.
legtma usrs

ROSomwe
* Trojan

* Botn ts

ÞHSHIN
tó Come
-’ Sender
genurie
Vi' emaid , phone, mag.
he Tedirect get
 .Aiote tte

M9N-1NTHE HDDtE ATTÐ (C!

Conversation (a)
’ I t intorecpts two indi vidols
dota
DDoS:
Sorvey3,
disupt tongked
trae
to wh he awg

toveoad Bovos sl down etc.

ATTACkS:
CyBER
’ EKpleitation Computor system
bctoar kS
bes alicious ode.
’Tt
Two tpe (o) wcb aphatio
based on wcbate
) wels Comfulei(or)a
) ysten iotén de o to
injetion ottack.
Son doda to weo ap po
ing
Dota iiouced into inCor
SerVOr to give P addr.
name Servor
Cache that
Hijacking
be gsjon ttaek by stcalig
(USer )
* phishing
’ s t l Bensiti ve
wawailabe
server (or nw retovco
T.7iror method.
SyTE H ESED ATH CKS

Wor
* Trojanhore
t Backdoor
*BotS

(man
)N:Cma i the muddls
HJAC K
Control a Comunitat
A+take* tatkes
Ituute mg otransmit bysubsttui
4heo
e own
puli key
ttat oup peas
progro to
to be Server
ike cAunt to Servo
HjCk|NG:
CoNTROL
Take over
tget trachve Cwes Serve
opplo Control ow
TypES:
* Bo}fer over low attats.
integer
Strng Volneraloil;ies
RAM, RoM e extra
pae memory
whe Xeutio Stat
stat eloriß.
 bauko ottaks -the
the
tmmediatey
at a

(RSUT5 fuL

pae bdoe
tnemory
Soln eputy pogram.
TYPES:
)STHk BsED:

tack mimo iy
location t -that
and 'data
Stot veltolog bacte.
cah Le

) HEbp
BSED. storts ovouiy
ertire
when
be bated easiy
Can
 RAM s full

ovellos
PRIENt lON!
) AddeSS
Ron
Sace RondolZotion (AsLa)
H shoul adds acc
kow tocality exec.cod tandomi 2ng
i) Datoa er ecutin preventi rnakeg
4lags utain áuas bon-exeadodh iposie.
li) strvdd Etccptt n Hadles
OVerawite >rotétton (SE HOp)
-’ HelpS to Stop nalicout
Ayom
.. nanagg
SE H bult

[NTEG1ER OVERF low AtTACkS

tn olp exesds the rarg.

1

oola:
PREVENTIoN!
chan the
no
1)Avai one
’ Allocat Vaviaas wth dT that ane
to Strvas

-Tstig
iipropoagati o
in Sebed into Progiam.
value in cotng
 TRN1

haukos ottarg the

Immediotdy

Soln -’ Speuy memory

TypES.
)STACk BsED
-

-’ whn location ctak temoy

end data at bot
V hacted.
Da ) HEbp BsED:
starts ovoloui
Can be hauted easy
 VULNERA BLIT)BS7
foRMAT spowal
Chanatrs callld gtrig
o<e co Stardand 1rirg
son ’> seBy has
Aormat
hon actos. CoNTRol HSAcKING

Some prog ron modiied

roguam Htakthe
erro alcoiigA
progran Ho adtakx
 LE AST PRIVILE GE!
PRINCI PLE o
’ PoLP a Co pt Com puton
accesS
th at lunito
Seunity strictly
to toony do th en jobs.
(o)

(ot) emas ions hee o o to pelorn

jab uncti s.
Can be applid to oppicotims,
Syst ems Co) conh ected deuies.
’ Sranted permissions to ead,weite
les
only do -thei rebonces
hecessay to fobs.
Called acce5S Contior
pruóuple (o) prbepu q
priviage O+gasizoction
to an ket managens
SaftDua
-Met

Seft. Davalep es pay roil data

Not Neeoleod

PRIvLE G7E CkEE :

the tendenig add
Soltwaie olw olopcrs tobeyono
graoually
cohot they
more
ned
 Who are Promotd
Sti) nud *ghts to
Syotem job
So, mnore rights added,
exitting pheihgsPRIVNEGE CbLP)
OF LEAST
PAINCIPlE
PaLp) whrch mastaris thot a usenlo)
htiy sfould nly hawe accsS
oata
Fun d etal pllan Zero truSt
acc ess (2TNA) 2 ·0

2TNA 20, PoLP Provide

allity -to Ceunactaly
acerossidertily
applr
Po oto Protols
the ned ay adnis
Lt
PoLP.

Renoel
(Festit frivioge
tmpoye
Aceess
ppl

(Micsosa t Active diredoy)

Eg:: Toos (Micsoso
manages privilged
Ly ohith aaccosS
wber dota
critical digital
 How to lmplannt Least privilge
Qudit :
Cem duct an
auolits by
’ Condu cti 9
all privgenswe
eriatng
and
acuount to priviy
Hashe t
(pswd, ss Ke, PasBwdYd
Craep accouts Leost priveo)
iD tont
acourt with
Stat all and
babed pa[t
postior,àole
privige babed on Occeas teqwc
privileges prilegd
add
prvieges
sperctea ccesS: for
Mautais
o d tondand
bw hisher wel privile
acourds gostinguishnwe acounto
om tb bghes privilkge:
accesS
pyovidng hgh-wet
higher-level priviage acouts
QccesS to Complte tos kCost intin)
iodi vidyal actioS:
V kecp tack aci cns
Indi vioual
traung Creoertals
vì) Contin uouy psivig:
’condutung vegudan audit
e-corticat
To woid
Canpagns PaSs.the -hae,
otoe all ad mi pwd ator each use
to invalidte crederstiols cop tored
 data what
>PoLP
has who tack
catio: cdos Dota Cn
has 'Concupto PoLP
inplneted. Con
by
Comliance Prove
o audot, -an Went the In
comfpiance: dimonstrate-
less eiutyt paoda bigh
accos cquiad *Tmpov-es
produckvity USer by
olamage authorized iiitgun
osed bg otea!
sftons.
by proteds
ct, atCyber
chancs
t. dns Ca)
mawepeivige Sytims.
Cainot Cttacks inposng By ’
PoLP
maloane Spreadq te Poweo
tb
ns: BENEF
adnintagin
phic Cata Radis Blaot
 How to Implonent Least priviger
Qudit :
Cenduct an
au olits by
pivlge
eristng procOss , pYograms
and awut to enswe no privik
Pswd,
(pswd, ss»
ss Keys, PasswsYd Hashey etc.
Crecp (
-accounts Least priuleg
Stot
acout lwith st
babed poSitio , oe and
privi g bobed aceess requa
add privileges privaqd
Mourtaut sperct ptvilegs for
ond standand accebS:
higher wel pivikg
wwer ewee acout
accouds
accoss tb bighes privilages:
providung highe -lwel priviage acounts
intim)
QccesS to Complte taskCivst
V kecp tack indi vidal actiDs:
Iodviou aci ons
Canducd traun
oeview
cseohetals
vi) Contin uouy
>con dutn
cortication
psivihgs:
Teguln audit ond
To woid Campags,pass.the -has )

otote allad min pwd ator each use

to invoidte credertols
cof' tered
|y koylog9ers
4DBoxlNG

S
waild Co) other
diectag
no p e r r , (o)
eute C1)
osite (2)

tead 4 exoate (5)

sead 40xite (6)
()
SETUID: allo
ile
sttrg
Co) progran
to
PesmiGSjon the
wIth -the
term)al.
id
wbich
|uebis sudo
Set Setoid.
To
chmd
To Set atgd
chm gts <{iename
Sticaybit!
chrd +t.
chrod T55
wseNs
Chmd 155 ’for
cheod 155 ar 9raups
chwd 155 -’siy bits
 SANDRex\NG which
yber seundy pratice
obeerve anolyzed
be Cu d, ioladod
It hspet s untested Coruntrwstod
Psogras
Provides {or en al - qateay.
becaube it prirny vectar
intern
be anti - Viw
anti pa tc
prote t s oT ganiz ati by dteotrg
thre ats. ike a oh ich
dotect5
DofS WoRk !
Ho w
t babed
Syste pratig
to
by Gotwaa
test
SCipts.
to to Gt
prgrons.
ttach et RLs dc
 VERGIGNS.
SondboX Progas
It
gives lads -made Sand bor

or wndo ws
Sawea, Corm mand is
to mgrake to
Salor gttn
Muwtiple band box Cas be
gimut aneousy.
i) Sond bor
with tbe belp o layors lev ols
it
indudes San b.
oays
i)Sand boy or pug-ins:
It co Jawa applots
downloaded
cli ent browg0r.
inter not

WHY'
>To b naliio ks
Stay day
prwntig breact 0s
Av
salo guando
Conict
 DY oback (3
only
tos Consumg
BRow SeR |olATIO N

Seity that
(olate thoia
allowS
browsg bioser
todiv dual
Separatod rsm

ativt09 within dpssae

iSolatio, wtb
iSolation Surg e ote
torn S
How DuFS WoRk!

Uer's behavir
Tak A
eovitOn Ment

Atomotic allyH doet the browSe

each Seior

when Wber to saye

virtual browse Presente
maware pictwe
Drone pilot P Fighter pi lo
 ADV!

’Downb ad dangero Ws
exploit Prohibitod
day
fostead whol
Probbite, d.
TYpt S
i) REMoTE BRowSER:
J4 bads
Code unked th them on doua
Jowablpt
prmp
)On
thod n anage d
’
nterpr be

’ Run wobpags User's dovice,

Vatwali zes (or) Sand box ,
website coda rsm et the

dice.
script, HTML, (ss are bed to
Jaw a
|Cr ote web ages.
Sine e mot

JawabCsipt

han mu
 baso
chotonlo nda (owrload)
D ìVe
verti's) (advertina)
A Mol (Pron
otikeRckung
Somtty
Divorted o tackor Oo trod

1SoLATION.
DAT
nw 4 operotionad
physical,
Gepanotion dota
not Support
yìrtuL
Provides

-It
to
evìrGnmet

dis on ne ts
It Compltoy trantbt oli
Syetom or haig
boo t e d by
ta ch tochrige mst Suspoit
gap kethnolog
RTORPo
 Eg Bakup tapesisolatibo
daata
hyical
æslated il it nee de
HaDiSAdv
m9re

a chievo d wth
-’ Agrpped or both dota
backup
be dhone

clou
DATA
iTY patented
COH ES done wth
eolatio
btibwte 4ile Syst on mtobt
ba chwp
teeps
Snapshots. ,4 be thangid
wite onc0, Vead - nary

CwoRM)
proid eb Onother
laya
rotetion Rabo mwarR.

Immdae cplc a
bl rod.
n p o hots
FAyLT 1SolATIÓN:
dotermunng the
Cause probr, t may be
to
hand waue (on) oltw
method Cbolae tho
Com ponrt ,, deviee (or) Sftwaye modue
-the
iSoloti ori
aftigane
Why Becaue out
Haroue. basod Foult

Cbolatim
adde5. spaces.
Spnate
via R PC.
to kerne mode
Switch
angunento.
Copg regoto.g
Save)Restore
adohess Spaces
mode
* Rotueh to
Bith
Context

SFT.

Victol addros s Sogments:

nique
Segment
caled
Segment identilin
bit
Dibtruate
wtit bit:
 match
Sugment
isand bo xing
mocu y the
4echniga Þrwent
(aa v
Store
Certai atSSOS.
addrob> SOS
choked Cor)

without cheku
st mod icatin
sandboxihg..
cheking
eegment
FAULT

segment. egment

stGNENT MATCH)NG:
ERIFlcAT/ONar ocdes i

Campile
VNSFE NsT RUCTIO J U t ó res
CasnTt be, totisc ally
 idtil'e. Segment
anounb hit Segment ’
code
dress ad ’
Somer
Regunes
hold to
Segment. Some
toget motch, -i
dress ad
9deed in
ted gener
lo -reg=ecratch math
shil Af:ter
shi}t- tnget
)Lorrog=5 addhess
Segmet
but lol,Sagment
Toitially Io0.
Nstruction UN5ao
locatad
Corrot adduS
Tt
or
's ruti inst
ingtruion:
checkng ’Inset
Code
re
ING MATCH SEMENT