Posts

Showing posts from February, 2017

Phishing

Image
What is Phishing? The attempt of fraud in which the attacker tries to learn sensitive information such as login details or credit card details by impersonating as a reputable entity in telecommunication like email, IM or any other media. This is an example of social engineering techniques used to deceive users and exploits weaknesses in current web security. Attackers do so by sending emails or creating web pages that exactly look like legitimate companies. Once the users trust these and enter their personal information attackers will use this information for identity theft. What phishing email looks like? What phishing website looks like? Example of attracting the victim.. By sending emails mentioning about special offers/discounts By sending google forums to fill (They will tell you fill this servery by logging into Facebook/gmail ) By sending messages/ emails mentioning expiration of account like ebay/paypal etc. Ho...

Air Gapping

Image
Also known as  air gap attack. Air gapping is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. For example, an air gapped computer is one that is physically segregated and incapable of connecting wirelessly or physically with other computers or network devices. How to secure air-gapped machines? Many users and companies rest easy, assuming their networks and servers are secure. Why? Because they pay staff to ensure that protection. But even the best IT staff can become complacent, miss a configuration option, or be completely unaware of a next-level hack such as these proof-of-concept air-gap hacks. And considering humans are fallible, it is not beyond the realm of possibility that your air-gapped machine is one USB drive from being hacked. If you're concerned about the data on your air-gapped machine, I highly recommend that you: secure that machine either offsite or in a safeguarde...