Cyber security

CompTIA – Understanding Techniques, Threats, And Cybersecurity Defenses

Explore the essential concepts, techniques, and security challenges covered in the CompTIA Security+ certification

1.1 – Compare And Contrast Different Types Of Social Engineering Techniques

  • Typosquatting – URL Hijacking eg: google.com vs g00gle.com
  • Pretexting – Lying to get your info; actor and a story
  • Pharming – Poisoned DNS server, redirects a legit website to a bogus site
  • Vishing – Voice phishing, often spoofed numbers
  • Smishing – SMS phishing, spoofing here too (text messages)
  • Spear Phishing – Targeted phishing
  • Whaling – Spear phishing the CEO or other “large catch” (C level)
  • Eliciting Information – Extracting information from the victim, often used with vishing
  • Computer Hoaxes – A threat that doesn’t exist
  • Watering Hole Attack – It targets groups of users by infecting websites that they commonly visit
  • Defense in Depth – Layered defense
  • Spam – Unsolicited messages
  • Spim – Spam over instant messaging
  • Mail Gateway – On-site or cloud-based filter for unsolicited email
  • Tarpitting – Slow down the server conversation intentionally
  • Credential Harvesting – Attacker collects usernames and passwords

Social Engineering principles: Authority, Intimidation, Social proof/Consensus, Scarcity, Urgency, Familiarity/Liking, Trust

1.2 – Given a scenario, analyze potential indicators to determine the type of attack

  • Malware – Malicious software, gathers information ie: keystrokes, controlled over a botnet, show advertisements, viruses or worms with malware, your computer must run a program, use links or pop-ups
  • Virus – Malware that reproduces itself, needs a user to start the process, reproduces through file systems or the network, and may or may not cause problems.
  • Virus types:
    • program viruses (part of an application)
    • boot sector viruses (starts in the boot sector of OS)
    • script viruses (operating system and browser-based)
    • macro viruses (common in Microsoft Office, similar to script virus)
    • fileless virus – a stealth attack, doesn’t install or save on the system, good for avoiding anti-virus detection, operates in the memory could be in the registry
  • Worms – Malware that self-replicates, doesn’t need you to do anything, uses network as transmission medium, spreads quickly, signatures can be stopped at the IDS/IPS or Firewall
  • Wannacry worm – 2017, installed crypto-malware, smbV1 used to infect vulnerable systems and installed double pulsar to encrypt user data
  • Crypto-malware – A new generation of ransomware, malware encrypts the data files
  • Protect against ransomware – Always have a backup, offline and not on the same system
  • Trojan Horse – Software that pretends to be something else, doesn’t replicate, circumvents anti-virus
  • PUP – Potentially Unwanted Program, undesired program often installed along with other software, can hijack your browser
  • RAT – Remote Administration Tool or Remote Access Trojan, controls the device (ie: DarkComet RAT)
  • Rootkit – Originally a Unix technique, modifies core system files in part of the kernel, invisible to antivirus software
  • Zeus/Zbot malware – Kernel driver famous for cleaning out bank accounts, combined with Necurs rootkit, Necurs ensures Zbot can’t be deleted and denies any termination process
  • Secure boot with UEFI – Protects against rootkits in the BIOS
  • Adware – Pop-up ads everywhere, cause performance issues
  • Spyware – Malware that spies on you; advertising, identity theft, and affiliate fraud; often a trojan, can capture browser surfing habits, keylogger
  • Logic Bomb – Often used by someone with a grudge; time bombs, user event, difficult to identify, many logic bombs delete themselves
  • Spraying Attack – Common passwords, used only a few times to prevent lockout before moving to the next account; hidden from alarms and detection
  • Brute Force – Every possible password combination until the hash is matched, can take some time, a strong hash algorithm slows things down, most accounts will lockout, more common for an attacker to check for the hash offline
  • Dictionary attack – Using common words, password crackers can substitute letters
  • Rainbow tables – Pre-built set of hashes, contains pre-calculated hash chains, speed increased over previous password attacks, rainbow tables are application or OS-specific
  • Salt – Random data added to a password before hashing takes place
  • Birthday attack – 23 students have 50% of 2 students having the same birthday, for 30 there’s a 70% chance, hash collisions happen when different input gives an output that uses the same hash.
  • MD5 hash – Has hashing collisions.
  • Downgrade Attack – Force the system to use a weaker encryption method

1.3 – Given a scenario, analyze potential indicators associated with application attacks

  • XSS (cross-site scripting) – Originally called cross-site because of browser security flaws, info from one site could be shared with another, very common; malware that uses javascript
  • Non-persistent (reflected) XSS – Website allows javascript to run in user input fields,
  • Persistent (stored) XSS – Stored permanently on the website via a post, no specific targets
  • Code injection attack – Code added into a data stream, enabled because of bad programming;
  • SQL injection – Uses SQL to access, add, or remove info from a DataBase
  • XML injection – Modify XML requests
  • LDAP attack – Manipulates LDAP databases
  • DLL injection – Injects code into applications and uses the app to run the DLL inside a new process
  • Buffer overflows – Overwriting a buffer of memory; developers should perform bounds checking, not easy to exploit
  • Pass the Hash – A replay attack that lets the attacker intercept a hash and replay it back to the server to authenticate, use SSL/TLS to encrypt the hash and stop this attack

1.4 – Given a scenario, analyze potential indicators associated with network attacks

  • Bluejacking – Sending unsolicited messages over Bluetooth
  • Bluesnarfing – Access data on a mobile device over Bluetooth

For more information click here.

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

4 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

4 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago