Unsupervised Machine Learning – The Future of Cybersecurity

Cybersecurity is like Tom and Jerry! While Tom always tries new ways to catch Jerry, he manages to escape in some way or another. Most of the Cybersecurity teams find themselves in the unenviable position of Tom, where they can try whatever methods they like, Jerry always escapes and tries to get the cheese in even more creative ways next time! Today’s cyber-criminals have become even more dangerous because of the variety of tools available online like proxy servers, botnets, and automated scripts. They don’t have just one method of launching a cyber-attack, and they can hide their identities by mimicking real user activity, using spoofing devices, etc. In such a high stakes game where cybercrime costs companies around $2 Trillion each year, Cybersecurity definitely needs to up its performance with Unsupervised Machine Learning.

And that’s definitely happening these days with a surge in the popularity of Unsupervised Machine Learning. According to a study by O’Reilly, the usage of Unsupervised Machine Learning has gone up by 172% in 2019. This will definitely reflect in the domain of Cybersecurity as well with more and more companies adopting this technology.

Cybersecurity in any company mainly focuses on two different facets, namely:

◉ How to counter attacks that have already occurred on the system or those that are a familiar type of cyber-attacks. How to respond against them and implement preventative measures?

◉ How to counter attacks that are totally new and never seen before. How to identify such attacks and what are the solutions to dispel them.

While companies can tackle the first facet using traditional Cybersecurity methods, there are no solutions that can handle the second scenario. And the second scenario is becoming more and more important while cyber-attacks evolve and become more unpredictable. That’s where Unsupervised Machine Learning comes in.

So let’s understand Machine Learning and how different types like Supervised, Unsupervised, and Semi-Supervised are used in the context of cybersecurity.

Types of Machine Learning in the Context of Cybersecurity

1. Supervised Machine Learning

Supervised Machine Learning is the most common method in Machine Learning. To understand this type, imagine a student that needs to be taught everything explicitly by the teacher. This student would be excellent in repeating and using the information the teacher has already taught him but wouldn’t be able to learn anything on his own. Unfortunately, that student will only be good in certain situations (like an exam!) but in general, would be quite a poor student. That’s the same case with a Supervised Machine Learning Algorithm. Here, the algorithm learns from a training dataset where the data is labeled and makes predictions about new data based on that dataset.

Now, this method would generally be fine but that is not true for a dynamic and ever-changing field like cybersecurity where Supervised Machine Learning cannot keep up. After all, hackers don’t just stick to the topics that the algorithm has learned! What this means is that a Supervised Machine Learning Algorithm would be able to identify cyber-attacks that it was trained to identify. However, if there are any attacks that are new, then the algorithm will totally fail. It will not be able to cope if the exam is out of the syllabus! In that case, machine learning engineers will have to retrain the algorithm with the data labels based on the new attacks, and by the time it has learned those, there may be even more new attacks created. Clearly, the Supervised Machine Learning Algorithm would be outclassed in this respect. That’s where Unsupervised algorithms enter the fray.

2. Unsupervised Machine Learning

If a Supervised Machine Learning Algorithm is the student that is spoon-fed all the information by the teacher, then the Unsupervised Machine Learning Algorithm is the genius student that does not need much instruction and can learn information by himself. This student is not restricted by being taught only a specific thing, but he learns from whatever comes his way by exploring and understanding the information. So this student is good in many types of situations as he can tackle problems when they arise. This is also the situation with an Unsupervised Machine Learning Algorithm. Here, the algorithm is left unsupervised to find the underlying structure in the data in order to learn more and more about the new situation.

This algorithm is much more suited to Cybersecurity. It can handle many kinds of cyber-attacks no matter if it has seen them before or not because it does not try to identify a cyber-attack based on what it has already learned. Rather, it identifies the abnormalities in the system that occur with a cyber-attack. So this means that an Unsupervised Machine Learning Algorithm will create a baseline for your system where everything is working normally. Then if any suspicious behavior occurs in the system, such as a sudden increase of data transfer in the network or transfer of some file that does not usually occur, this type of behavior will be flagged as abnormal and a sign of a cyber-attack.  

For example, Unsupervised Machine Learning is the best option for identifying IoT based zero-day cyber-attacks. There are many IoT devices connected to the cloud these days which can be used for myriad purposes including zero-day cyber-attacks. These attacks exploit any vulnerability that exists in the system, and so they don’t have any set pattern or context. That’s why Supervised Machine Learning algorithms fail to identify these attacks and Unsupervised Machine Learning can prove to be invaluable.

3. Semi-Supervised Machine Learning

As is obvious from the name itself, Semi-Supervised Machine Learning Algorithm is the student that learns both from his teacher and by himself. This type of Machine Learning represents the best of both worlds where it is a combination of Supervised and Unsupervised Machine Learning. This algorithm uses a little amount of labeled data like Supervised Machine Learning and a larger amount of unlabeled data like Unsupervised Machine Learning to train the algorithms. The labeled data can be used to partially train the Machine Learning Algorithm, and this partially trained algorithm also finds insights organically.

A Semi-Supervised Machine Learning Algorithm may well be the perfect combination for Cybersecurity. This algorithm could use Unsupervised Learning to identify any abnormalities in the system that occur with a specific cyber-attack and then label that cyber-attack as a threat that it can identify using Supervised Machine Learning if it occurs again in the future. In this way, a Semi-Supervised Machine Learning Algorithm embodies the advantages of both types in that it can constantly be on the lookout for any disturbances and deviations from the norm in the system and simultaneously have a provision for quickly identifying cyber-attacks that have already occurred before and eliminating them.

Adoption of Unsupervised Machine Learning in Cybersecurity

There is still some hesitation in the adoption of Unsupervised Machine Learning in the Cybersecurity industry and with valid reasons. This type of Machine Learning is totally based on reactionary performance. Since the data is not labeled beforehand, the Unsupervised Machine Learning Algorithm can only react when the attack occurs and cannot implement any proactive methods. Also, it is impossible to measure its effectiveness against an attack which understandably makes industries hesitant to invest their money in this technology.

However, there is still a lot of hype about Unsupervised Machine Learning in Cybersecurity because this technology is a step in the right direction. Investment in developing this will undoubtedly yield results because Unsupervised Machine Learning is indeed the future of Cybersecurity. While cyber-attacks are becoming more and more creative with different tools and technologies at their disposal, the cyber defense also has to up its game. And in this, Unsupervised Machine Learning can prove to be invaluable as it can identify abnormalities in the system to signal multiple types of cyber-attacks no matter how advanced they become.

Source: geeksforgeeks.org

Continue reading

Machine Learning – Types of Artificial Intelligence

The word Artificial Intelligence comprises two words “Artificial” and “Intelligence”. Artificial refers to something which is made by human or non-natural thing and Intelligence means the ability to understand or think. AI is not a system but it is implemented in the system.

There can be so many definitions of AI, one definition can be “It is the study of how to train the computers so that computers can do things which at present human can do better.” Therefore It is an intelligence where we want to add all the capabilities to machines that humans contain. Artificial Intelligence can be classified into two types:

1. Based on the Capabilities of AI. 

◉ Artificial narrow Intelligence.

◉ Artificial General Intelligence.

◉ Artificial Super Intelligence.

2. Based on Functionality of AI.  

◉ Reactive machines.

◉ Limited memory.

◉ Theory of mind.

◉ Self-awareness.

Let’s discuss all of them one by one. 

Based on the Capabilities of AI

1. Artificial Narrow Intelligence: ANI also called “Weak” AI is that the AI that exists in our world today. Narrow AI is AI that programmed to perform one task whether it’s checking the weather, having the ability to play chess, or analyzing data to write down the journalistic report. It can attend a task in real-time, but they pull information from a selected perform outside of the only task that they’re designed to perform.ANI system can attend to a task in the period however they pull info from a specific data set. These systems don’t perform outside of the sole task that they’re designed to perform. 

2. Artificial General Intelligence: AGN also called strong AI it refers to machines that exhibit human intelligence. we will say that AGI can successfully perform any intellectual; a task that a person’s being can. this is often the type of AI that we see in movies like “Her” or other sci-fi movies during which humans interact with machines and OS that are conscious, sentiment, and driven by emotional and self-awareness. It is expected to be ready to reason, solve problems, make judgments under uncertainty in decision-making and artistic, imaginative.but for machines to realize true human-like intelligence. 

3. Artificial Super Intelligence: ASI will be human intelligence in all aspects from creativity, to general wisdom, to problem-solving. Machines are going to be capable of exhibiting intelligence that we have a tendency to haven’t seen within the brightest amongst. This is the kind of AI that a lot of individuals square measure upset concerning, and also the form of AI that individuals like Elon musk assume can cause the extinction of the human race.

Based on Functionality of AI

1. Reactive Machines: Reactive machines created by IBM in the mid-1980s.These machines are the foremost basic sort of AI system. this suggests that they can’t form memories or use past experiences to influence present -made a choice, they will only react to currently existing situations hence “Reactive”. An existing sort of a reactive machine is deep blue, chess playing by the supercomputer. 

2. Limited Memory: It is comprised of machine learning models that device derives knowledge from previously-learned information, stored data, or events. Unlike reactive machines, limited memory learns from the past by observing actions or data fed to them to create experiential knowledge. 

3. Theory of Mind: In this sort of AI decision-making ability adequate to the extent of the human mind, but by machines. while some machines currently exhibit humanlike capabilities like voice assistants, as an example, none are fully capable of holding conversations relative to human standards. One component of human conversation has the emotional capacity or sounding and behaving sort of a person would in standard conversations of conversation. 

4. Self-Awareness: This AI involves machines that have human-level consciousness. this type of AI isn’t currently alive but would be considered the foremost advanced sort of AI known to man.

Source: geeksforgeeks.org

Continue reading

Top 6 Cybersecurity Projects Ideas for Beginners

We live in an era where everything is connected to the internet, from devices to watches and even home appliances. This has increased the number of attack vectors to mostly all the devices and the interest in cybersecurity. The number of cybersecurity enthusiasts grew to a large extent in recent times, with the growth attributed to the lockdown amidst the pandemic. The number of bug bounties has also grown up with companies funding more ethical hackers than ever before.

Cybersecurity is intimidating in the beginning as it requires years of in-depth knowledge, hands-on experience, practical implementation along with the theory part, being up to date with recent advancements and new types of vulnerabilities and threats, and a lot more. To keep up the pace, you need to be highly dedicated and should have some good projects to showcase your skills. Also, projects are a good way to demonstrate your experience with technology and the subject. Even if you do not have a cybersecurity internship before applying for cybersecurity roles, building cool projects is a great way to get started.

Today we will discuss top cybersecurity project ideas for beginners who want to enter this field to help get you started!

1. Text Encryption Using Various Algorithms

There are hundreds of algorithms that are used to either encrypt or decrypt text. As a beginner, you can start your cybersecurity journey by building a web application that incorporates the use of different algorithms to encrypt textual input that the user has supplied. This project is easy to make and will help you understand different algorithms in detail from scratch. Competing in this project will not only teach you how to think while designing an algorithm but also boost up your self-confidence, so you can move to higher-level projects. Some of the algorithms that you can use are Caesar Cipher, Vigenere Cipher, Railfence Cipher, Playfair Cipher, Beaufort Cipher, Autokey Cipher, etc.

2. Keylogger Software

Another great project to get started is by building a keylogger. A keylogger is software that is used to record every single keystroke made by the user on a system using his or her keyboard device. It helps to know which keys were pressed and are actively used today to actively monitor the user activity. You can build one of your own to get a good idea about the software. The project can be extended to virtual keyboards, clipping loggers (which are used to retrieve data copied to clipboard), screen loggers (used to take random or timed screenshots of the screen at intervals), and activity trackers. This will help you build a strong profile as a cybersecurity enthusiast as you will get practical experience of how keyloggers work.

3. Image Encryption

Encryption cannot only be used on text, but also on images. There are numerous algorithms that you can use to encrypt the image. Some examples include AES (Advanced Encryption Standard), DES (Data Encryption Standard), RSA (Rivest-Shamir-Adleman) which can be used to encrypt the image to protect it from a hacker. Even if the hacker gets access to the image over the internet, to decrypt it, the hacker first needs access to keys and then convert the image into the required format. In any case, the project gives a solid understanding and exhibits that you have a knack for cryptography. Also, the project is not too advanced and can be made if you’re beginning to dive into cybersecurity.

4. Network Traffic Analyzer

Also called “Packet Sniffing”, network traffic analysis and monitoring is a process used to keep an eye on all incoming and outgoing traffic, network activity, and availability. It is used to detect anomalies, identifying operational issues, comparing real-time networks with historical data to identify potential threats and issues. For a project, you can analyze the data packets that are sent across the network. After analyzing these packets you can work on a report to give your insights, and if required, countermeasures if there is an anomaly. This could be a good project to showcase your networking skills and would really impress an interviewer. As an extension, you could also devise software that could identify if there is a traffic analyzer in the network by an external agent.

5. Password Analyzer

Today every site you visit requires login via email and password. Passwords are a means to authenticate the user and therefore should be carefully created while being easy to remember and unbreakable at the same time. Therefore, as a project, you can build a password analyzer that can suggest to the user that the password is strong enough to be used or not. Also, if the project seems basic, you can go ahead and create another feature of auto-suggestion in case the password selected by the user is not strong enough. This project is suitable for beginners and can be coded in probably any programming language.

6. Graphical Password Authentication

Passwords are ubiquitous today on any platform, on possibly any website. But to remember so difficult passwords and that too on numerous websites seems daunting and therefore you can devise a project illustrating graphical password strategy. In this method, the user is required to select some images (let’s say different chocolates) in a specific pattern (for example dairy milk is followed by 5 stars which is in turn followed by KitKat and so on). Next time the user tries to log in, the images would have been shuffled, but the user will be required to follow the same pattern which was used initially. Every time the user will have to use the same sequence while the images are placed in different ways. This type of authentication is difficult to break since neither brute force nor dictionary attacks could breach it. 

We have looked at the top 6 beginner-friendly projects in cybersecurity that will help you understand some key concepts like passwords, authentication algorithms, encryption, decryption, networking, and a lot more. These projects can also be extended into fully functioning web applications and software and would enhance the resume to a great extent.

Source: geeksforgeeks.org

Continue reading

5 Best Cybersecurity Certifications For 2021

The need for cybersecurity professionals has gone drastically up during the pandemic. We have seen almost every professional domain shift online, be it online teaching in schools and colleges, online grocery shopping, medicines, finding vaccination centers, having online events like virtual conferences and hackathons, and even online study circles. With the advent of this huge amount of dependence on the Internet, there also comes a great responsibility of securing data of users, preventing servers from being taken down, fending vandalism of websites, securing users of the application against various attacks and what not! Since people were not allowed to go out during the lockdown unless it was an emergency, almost everyone had to shop online. This eventually means, millions of financial transactions happening worldwide, and therefore, a huge responsibility on security professionals to secure these payments and prevent any data leak.

Due to all these factors mentioned above, there has been significant growth in the job openings for cybersecurity experts. To find the best professionals, organizations usually filter the candidates on the basis of the official industry level certifications as it proves that the candidate has the required working knowledge to carry out the required tasks. If you are planning a career in cybersecurity and hold an interest in security-related domains, you have come to the right place! We will be discussing the top cybersecurity certifications that you can go for to prove your skills and eventually landing the job of your dreams.

1. EH-Council Certified Ethical Hacker

CEH is one of the most demanded security certifications in the cybersecurity industry and can only be cracked with a great deal of effort. The latest CEHv11 is mapped to the NICE2.0 framework, has a greater focus on cloud and IoT, has thousands of hacking tools, tricks, and techniques, and provides modern case studies and recent events. If you clear CEH, you can apply to dozens of jobs like Network Engineer, Cyber Defense Analyst, Warning Analyst, IT Security Administrator, Solution Architect, Cybersecurity Consultant, Information Security Manager, and a lot more! The course outline contains 20 modules with domains that include SQL injection, Cryptography, IoT hacking, Cloud computing, Session hijacking, Sniffing, Malware threats, hacking web servers, Social engineering, Denial-of-Service, etc.

◉ Cost of the Exam: Varies between $1,050 to $1,119. Training is excluded.

◉ Exam Pattern: MCQ based

◉ Number of Questions: 125

◉ Time Limit: 4 hours

◉ Pass Percentage: 65% — 85% depending on the difficulty.

2. CompTIA Security+

Security+ is a globally recognized cybersecurity certificate that measures and assesses the candidate’s ability to carry out core security operations to be able to pursue an IT security career. The structure of this exam is designed as such so that it aligns with the latest trends and techniques and proves that the professional has required hands-on skills and is prepared to solve a wider variety of complex issues. Skills that can be learned through the Security+ Exam are attacks, threats, and vulnerabilities on embedded devices, newer variants of DDoS attacks, access management, cryptography, threat detection, risk mitigation techniques, governance, risk, and compliance.

◉ Cost of the Exam: $370

◉ Exam Pattern: MCQ and PBQ based

◉ Number of Questions: 90

◉ Time Limit: 90 minutes

◉ Passing Marks: 750 (On a scale of 100-900)

3. CompTIA PenTest+

PenTest+ assesses necessary penetration testing, vulnerability detection, and mitigation management skills required to find how resilient the network is against attacks. Skills that are learned via this exam are planning and scoping of compliance-based assessments, information gathering or reconnaissance to prepare for the exploit and then performing vulnerability scans and analyzing results, RF-based vulnerabilities, post-exploitation techniques, using various penetration testing tools, reporting and communicating the best mitigation strategies from the discovered vulnerabilities. Some jobs that use PenTest+ are Penetration tester, Vulnerability tester, Security analyst (II), Vulnerability Assessment Analyst, Network Security Operations, and Application Security Vulnerability. 

◉ Cost of the Exam: $370

◉ Exam Pattern: MCQ and PBQ based

◉ Number of Questions: 85

◉ Time Limit: 165 minutes

◉ Passing Marks: 750 (On a scale of 100-900)

4. Offensive Security Certified Professional

The OSCP PEN-200 exam is designed uniquely to test and prepare individuals to be successful penetration testers. The course is intended for Infosec professionals transitioning into penetration testing, pentesters seeking an industry-leading certification, security professionals, network administrators, and other technology professionals. The course also requires to have some prerequisites. These include a concrete understanding of TCP/IP network, knowledge of Python and Bash scripting along with Windows and Linux Administrator experience. The exam covers topics such as command line, practical tools, active and passive information gathering, vulnerability scanning, buffer overflows, client-side attacks, web application attacks, locating and fixing exploits, privilege escalation, password attacks, Metasploit, and tunneling. Overall, it is guaranteed to make you an expert penetration professional.

◉ Cost of the Exam: Varies between $999 to $2148

◉ Exam Pattern: Practical Based

◉ Number of Machines to Hack: 5

◉ Time Limit: 24 hours

◉ Passing Marks: 70 (out of 100)

5. Certified Information Systems Security Professional

CISSP by (ISC)² is said to be one of the most renowned professional and advanced level cybersecurity certifications. This is a highly reputable credential and is the 2nd most requested IT certificate worldwide with having the highest job openings in cybersecurity asking for a CISSP. It evaluates the expertise of the professional in eight different domains which include Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security. 

You need to know that the CISSP exam uses Computerized Adaptive Testing (CAT) for all English exams. And for all other languages, CISSP exams are administered as linear, fixed-form exams. Let’s check the exam details for both modes:

CISSP CAT Exam – 

◉ Cost of the Exam: Varies between $749 to $800

◉ Exam Pattern: MCQ and Advanced Innovative Items

◉ Number of Questions: 100-150

◉ Exam Language: English

◉ Time Limit: 3 hours

◉ Passing Marks: 700 (out of 1000)

CISSP Linear Exam –

◉ Cost of the Exam: Varies between $749 to $800

◉ Exam Pattern: MCQ and Advanced Innovative Items

◉ Number of Questions: 250

◉ Exam Language: French, German, Brazilian Portuguese, Spanish-Modern, Japanese, Simplified Chinese, Korean

◉ Time Limit: 6 hours

◉ Passing Marks: 700 (out of 1000)

These were the top cybersecurity certifications that you can go for if you are looking to work in security-related fields. These certificates will not only ensure that you have good theoretical skills but will also validate your practical skills and that you can respond quickly in an Incidence of Response. These will sharpen your skills, make you think like a hacker, and cover a lot of domains thereby opening a huge pool of opportunities in the network, infrastructure, and security-related domains.

Source: geeksforgeeks.org

Continue reading

Top 10 Cybersecurity Tools That You Should Know

This is the age of the internet! And at this age, it is very important to secure your data on the internet. After all, you wouldn’t want to give a hacker access to all your credit information on your Email? That is possible using phishing attempts. You also wouldn’t want anybody to be able to hack your social media accounts and post your pictures for all the world to see! This is also true for companies. They have even more important data to protect than just social media photos! Companies have their internal networks and confidential data that needs to be highly protected so that no hacker is able to access it. That’s where cybersecurity tools come in!

These Cybersecurity tools are becoming increasingly popular as they manage the security aspects of a company. They can find out if there are any vulnerabilities in the network like default passwords or if there are any suspicious files or folders that may contain viruses. They also check for phishing attempts in the Email and scan all the protocols in the network like IP, TCP, UDP, etc. Along with finding the vulnerabilities, cybersecurity tools also provide suggestions on how to remove these vulnerabilities. In this way, these cybersecurity tools can ensure that your data is secure on the internet and nobody is able to hack your companies network.

So let’s check out 10 of the most popular cybersecurity tools in 2021. Some of these tools are open source and free while others are provided at a monthly subscription fee by companies. You can see them and then decide on the one that is best for you or your company. Let’s get started!

1. Metasploit

Metasploit is a penetration testing framework build in conjugation with the open-source community and Rapid7, a security and DevOps company. This framework can be used by cybersecurity engineers to understand total security assessments, find vulnerabilities in the network, and improve the overall security. Metasploit is available in two versions, an open-source community Metasploit and Commercially supported Metasploit Pro with a monthly subscription. But even if you opt for the open-source version, there are a lot of detailed documents and videos to get you familiar with the framework.

2. Nikto

Nikto is an open-source vulnerability scanner that scans web servers to check that there aren’t any dangerous items like viruses and corrupted files or folders. It also checks if there are any outdated server components or any cookies received and handles them appropriately. Nikto is a very fast scanner but it doesn’t try to be discreet so it is visible in log files. One additional advantage is that you can save all the final reports generated by Nikto in any format that is convenient such as plain text, HTML, XML, CSV, etc.

3. Burp Suite

Burp Suite is a web vulnerability scanner that can check for different vulnerabilities across your network such as OS command injection, SQL injection, cleartext submission of password, etc. Burp Suite also contains a web application crawler that can analyze the applications and report on their volatile content. All the vulnerabilities found by Burp Scanner also contain a recommendation on how to resolve them so that the network is secure. Burp Suite is available as a community addition for free along with Enterprise and Professional paid versions.

4. Wireshark

Wireshark is a very famous network protocol analysis tool that allows you to understand what is going on in your network down to the last details. Wireshark can be used to inspect hundreds of different network protocols and provide a status report. It is also a packet browser and be used offline as well. Wireshark can read data from many technologies like Ethernet, Bluetooth, PPP/HDLC, IEEE 802.11, ATM, USB, etc. It can be used on different operating systems like Windows, macOS, Linux, Solaris, NetBSD, FreeBSD, etc. and that’s why it’s so popular.

5. John the Ripper

John the ripper is a password security analysis as well as a password recovery tool for many websites. It can manage different hash functions and ciphers including the ones used for operating systems like Windows, Unix, macOS, etc. John the Ripper is the most popular tool for testing passwords and checking them as it provides functionality formant of the password types. It can also be used against web applications such as WordPress, encryption keys such as SSH, database servers like SQL, etc.

6. Nessus

Nessus is a vulnerability assessment tool created by Tenable Inc. that can search out various vulnerabilities in a network such as the denial of service vulnerabilities. It helps in finding vulnerabilities that might allow access to unauthorized users or the loss of sensitive information. Nessus can also find out weak passwords including default values, blank passwords, etc. One additional advantage is that you can save all the final reports generated by Nessus in any format that is convenient such as plain text, HTML, XML, LaTeX, etc. This tool is available as a community addition for free along with two other paid versions.

7. Nmap

Nmap or the Network Mapper is a free and open-source tool that can be used to analyze the network to obtain insights. It is capable of mapping the network despite various obstacles such as routers, firewalls, IP filters, TCP and UDP protocols, etc. Since Nmap is free it does not have a warranty or official support, but there is a wide community that can help you if you encounter any issues. There is also detailed documentation including tutorials, whitepapers, and a book. Nmap is available on various operating systems like Windows, macOS, Linux, Solaris, NetBSD, FreeBSD, etc.

8. Snort

Snort is an open-source network protection software that can detect any intruders and prevent damage to the network. It is capable of performing network analysis in real-time and analyzing protocols such as IP, TCP, UDP, etc. Snort can also handle attacks on the network such as unauthorized port scans, URL attacks, TCP/IP fingerprinting attempts, etc. Snort can be programmed in 3 different modes namely the Sniffer Mode, Packet Logger Mode, and Network Intrusion Detection System Mode. And the best thing is that this software is Free!

9. Mimecast

Mimecast is a company that provides cloud security services for companies Email, web, and data services. It can prevent phishing and impersonation attacks in Email, protect against malicious attacks on the web, increases data resiliency, and also provides training to employees to reduce security risks. You can get a quote for the costs from the Mimecast team if you are interested in accessing this service. Mimecast is an extremely popular company for overall solutions in cybersecurity. It has more than 12 offices globally with around 1800 employees!

10. Intruder

Intruder is a vulnerability scanner that can scan your infrastructure and find any vulnerabilities before hackers can use them. It can search your software for missing security patches, weak encryption and default passwords, or any bugs such as a SQL injection or cross-site scripting. It can also scan your content management system like WordPress, Joomla, Drupal, etc. and find if there are any security issues. It is the commercial software that has three distinct paid versions, namely Essential, Pro, and Verified.

Source: geeksforgeeks.org

Continue reading

10 Cybersecurity Tips For Entrepreneur

Being an entrepreneur, one has to make sure that almost everything works perfectly. There are many aspects of running a business and an entrepreneur is expected to do good on all the parameters of all the aspects by either doing things himself or by managing the people who do it. In the modern world, a business needs to have an online presence even if its product/service has nothing to do with the internet. This presence on the internet brings a problem of maintaining the security of the things that are online.

Here are the 10 most important things that an entrepreneur should do to keep the online systems up, secure and running:

1. Improving physical security to prevent unauthorized access to the confidential data by an attacker getting physical access to a device:

Ensuring security from attacks requiring physical access to the devices will lower the risk of getting hacked to a great extent because of the fact that these kind of attacks are most probable among all and are easy to carry out, as these do not require really good technical knowledge. Improving physical security involves:

◉ Keeping external computers(like the one used on the reception) on a separate network than that of the internal computers.

◉ Keeping routers, switches and other connected devices well encased and locked.

◉ Using strong passwords on the systems and logging out of the accounts whenever leaving the system unattended.

2. Encrypting important data:

Data stored on internal hard drives/SSDs as well as removable media should be encrypted to prevent access to its data due to theft or loss of the media or the device containing the internal hard drive/SSD. Backup files should also be encrypted to prevent an attacker from stealing it and restoring it somewhere else.

3. Securing the production network against external attacks:

If your internal network faces the internet, it is crucial to protect it from the malicious traffic that may come from the internet by some attacker. Firewalls can be used to protect your internal network. There are multiple vendors providing many types of firewalls.

Firewalls mainly fall into two categories i.e. stateful and stateless. The correct type can be chosen by properly analyzing the type of traffic the network will carry and expected malicious traffic.

4. Using up to date software:

Software components that are used in the development and deployment of products are as potentially vulnerable to various attacks as end-user software. Using outdated versions with known security problems can turn out to be a big problem and cost a lot to the company in terms of money and reputation.

Although there are measures to prevent attackers from identifying the version of software components being used. But there are ways to circumvent these and new ways are being discovered by attackers every day. These updates are usually free and easy to install. A better way is to create a policy on update availability checking and implementation frequency.

5. Getting Security Audits done regularly:

Assessing the security of your product gives you an insight into what you can do to strengthen its security. A security audit done by experts helps a lot in identifying weak areas and exposed attack surfaces. This can either be outsourced to the firms that provide security services or a group of experts can be hired and classified into a “red team” and a “blue team“.

The job of the blue team is preventive maintenance and secure product development. The red team, on the other hand, comes into the picture after the product is ready. The red team performs what is called a “penetration test“, where the red teamers try to hack the product in the same way an attacker might do. This helps to patch the vulnerabilities before hackers can find and exploit them.

6. Ensuring proper and secure backup of sensitive and useful data:

Even after all the precautions being taken properly, cyber attacks may be successful against your organization. Frequent backups should be performed to prevent data loss. Backup files should be password protected and/or encrypted. In the case of cloud backup, the files should be protected with a strong password.

7. Starting a crowdsourced security testing program or a bug bounty program:

A bug bounty program is a program that lets the freelancer white hat hackers try and find security vulnerabilities in your online assets connected to the internet. Much like the internal red team. The main benefit is that the assets are tested by hackers from a variety of backgrounds and skillset and there is no payment for testing. A payment or reward is provided only when a potential security issue is discovered. This makes the process of bug bounty highly result oriented and efficient for companies as well as researchers.

The reason that bug bounty programs being result driven is good for researchers is that it helps them stand out of the crowd based on their skills.

8. Employee training:

An employee is the weakest link in the security of your system, why? because you may have the world-class security to your online assets but if one of your employees can be socially engineered into sharing something confidential then all of it will prove to be of no use. This is why training employees to make them aware of potential security problems related to their work and how to avoid them is important.

A crucial part of this training should be to teach employees, how to spot social engineering attempts and do not share confidential information over the phone and other insecure channels.

9. Securing the WiFi:

Securing the WiFi is important considering the fact that a host connected to your network can sniff all the traffic originating from or destined to any other host on the network. There are few things which should be done to make sure that wireless LANs are secure enough.

◉ Use WPA2+(WPA2, WPA3) encryption while configuring your wifi AP. Though these are not very secure after the discovery of vulnerabilities like Krack and Dragonblood, these are still much better than other older standards.

◉ Do not leave any AP as unencrypted(open) and instruct the employees to not connect to any open or untrusted WiFi network.

◉ Disable SSID broadcast and enable MAC filtering to further harden the security fence of the AP.

10. Implying other best Security Practices:

Apart from the things mentioned earlier, there are many more things apart from these that can be implemented to provide enhanced security. These are relatively new techniques that have emerged recently. Some of them are:

◉ 2FA(2 Factor Authentication)

◉ Location Based login.

◉ Strict password complexity policy.

◉ Implementing rate limiting on login forms to prevent brute-force attacks.

◉ Using Captcha to prevent scripts/bots from creating rogue requests.

Source: geeksforgeeks.org

Continue reading

Top 7 Cybersecurity Predictions for 2021

Cybersecurity is currently one of the most demanded skills and this demand has grown exponentially during the Covid-19 times. This sudden spike is attributed to the fact that everything has shifted online, from classes to business meetings and conferences. The employees of most of the companies are working from home and are at a greater risk of being attacked by a new cyber threat, vulnerability, or a hacker.

IBM X-Force Exchange (threat intelligence sharing platform) has seen a significant increase of close 4300% in coronavirus-themed spam worldwide during the lockdown. More than 7 out of 10 Indian companies being attacked with phishing, malware, and ransomware with a soaring 260%. A recent study conducted by the Data Security Council of India in collaboration with PwC states that the cybersecurity market in India is predicted to grow from USD 1.97 billion in 2019 to a whopping USD 3.05 billion by the year 2022. 

With organizations shifting completely online and observing the increase in malicious attacks, here is a list of 7 cybersecurity predictions for the year 2021.

1. Technological Advancements in Cybersecurity Methods

Cyber attacks will greatly improve due to more work from home nature and will take advantage of architecture vulnerabilities and unpatched systems. There will be a dramatic increase in IoT (Internet of Things) hacks because it deals with interconnecting and exchanging data. Different ransomware will get worse like stealing important data even before its encryption and with the onset of 5G technology, new threats and vulnerabilities will arise. The use of the Dark Web will grow and will be used primarily to buy and sell sensitive corporate data. Mobile devices will see an unprecedented increase in unauthorized access by applications installed through malicious websites and even app stores.

2. Rise in Investments in Cybersecurity

Organizations and corporates will understand the need for a skilled security workforce due to the increase in breaches by hackers. Skilled cybersecurity professionals will help in identifying weak points and vulnerabilities of the software and other devices that are prone to be attacked and securing sensitive content wherever it arises. According to a study, funding to cybersecurity-focused companies will increase by 20% which do not have their headquarters in the US. Not only more people will be employed and trained in this sector, but organizations will observe their tech stack, replace present devices with more secure ones and more acquisitions will take place.

3. Deprecation of Passwords Based Authentication

Passwords play a significant role in authorizing people to log in to a website or application in today’s scenario. But sometimes it is extremely difficult to remember different and complex passwords for different websites that you visit and saving them or noting them down makes it less secure. Passwords make the security less usable and therefore there was a need for something which could be used with ease. Many companies like Microsoft, Google, etc. are now switching to passwordless authorization like multi-factor authentication, security keys, User Analytics, PINs, and biometrics. These authorization mechanisms will make the process less time consuming and simpler.

4. Financial, Health, and Educational Institutions Will be the Main Target

The biggest cyber threat posing on financial institutions will be ransomware which in turn will lead to huge monetary losses. Reports suggest that healthcare institutions can be the primary target of hackers in 2021, therefore, many of these institutes will have to actively monitor their network and will have to deploy mechanisms to protect patient’s sensitive data. Due to the Covid-19 pandemic, all the educational institutions are closed and will remain shut for a while thereby promoting online classes as there are no other means to provide education to students. If these institutions do not scale up their security, hackers might break in and cause huge financial and reputational losses.

5. Increase in Cyber Terrorism

Cyber terrorism is unethical computer-based attacks carried over the Internet on specific websites and information stored by distributed DoS attacks or vandalizing and defacing these websites in order to create panic, achieve political motives, spoil reputation, or in some cases even blackmail and threaten which can cause loss of life. Cyber terrorism incidents are on the rise and are carried out on a huge scale by seasoned hackers. These cases are expected to increase in the coming year causing disbalance in governments and the power they hold.

6. Wide use of AI and ML in Security

Artificial Intelligence and Machine Learning will get started to get widely used in threat intelligence and security orchestration, automation, detection, and response tools which will, in turn, reduce the workload on the security operation centers. These technologies will assist to predict different threat levels, generating open tickets on their own, and raising an alert when something of advanced level intrudes and requires human intervention. Some other examples can be examining attachments for malicious files or executables and automatically sandboxing and quarantining them.

7. Demand for Cloud Security will Expand

More and more organizations are switching to working remotely with their data stored in the cloud, with others offering their services through the cloud, security in the cloud has become an area of major concern. Almost all organizations are expected to increase their spending and expenditure on improving their cloud security and analyzing and researching what can be upgraded to protect against data breaches by outside attackers.

These were the top 7 predictions which are said to take place in the year 2021 after being analyzed by some leading firms. So hold tight and keep an eye out for these since 2021 will see an uprise in security incidents.

Source: geeksforgeeks.org

Continue reading

Top 10 Cybersecurity Challenges in 2021

Cybersecurity is something that can help organizations grow their businesses competitively. There is an enormous potential in cybersecurity through which the small and medium businesses i.e. SMBs can confidently maintain their reputation plus prevent themselves from viruses and other malicious cyberattacks. And they need not ignore this!! The reason is that the information security market will grow to 170.4 billion dollars in 2022 (according to Gartner’s research). Such an upward projection is sufficient to make the organizations, consisting of small and mid-sized workforces, forcefully think about the solutions and the vulnerable challenges which are lying in the realms of cybersecurity. Not only them but the customers including us which are connected with their services are also affected by those critical challenges. If we and those businesses fail to identify the real-time solutions to cyber-world challenges, then we all will be in the trap of those 95% cybersecurity breaches (as per Cybint) generally caused by the error of human beings. Undoubtedly, there are some challenges that may emerge at times those businesses are offering services to the customers through security established by cyber networks. Such challenges are still not known, and it could be possible that they may heighten the difficulties of the renowned decision-makers. Let’s take a look at the top 10 biggest cybersecurity challenges which if dealt with appropriate solutions, can possibly help those small or bigger organizations overcome the board-level data breaches in the pandemic era.

1. Third Parties Can Unlawfully Misuse the Potential of 5G Network

5G network is something that is making the youth more curious. This is because it will let the current generation use their beloved gadgets more efficiently. But here arises a problem – the generation will be the victim of either the emotional or physical attacks. Such attacks will be from the side of cyber assaulters who will unlawfully enter the 5G wireless networks comprising complex architectures via various endpoints and misuse the data collected or stored by the smart plus speedy gadgets. Primarily, those attackers would be the third parties who have choked the necks of telecommunications departments with their revolutionary marketing steps. Till 2027, the 5G infrastructure market may reach 47.775 Million US Dollars with the rising demand for M2M connections. Thus, this is essential to identify the identities of third-party assaulters who are in a constant journey of taking unauthorized access to the users’ data and then, violating the privacy and trust towards the reliable and customer-centric organizations they are engaged with.

2. An Increasing Rate of Mobile Malware

Mobile malware is harmful software that can intentionally target the operating systems of mobiles and then, disturb their performances. The prime reason for its occurrence – non-secure usage of URLs over Wi-Fi or other internet networks. As per the 2021 Mobile Security Report, threats related to mobile malware are faced by 97% of organizations from different vendors claiming to offer next-level security to the existing cellular networks. And we can’t ignore such vendors because they will be inheriting Trojan activities, cyber-risks, and some vulnerabilities associated with them. Moreover, such an increasing rate of malware attacks over the existing mobile phones has become the pandemic theme of the COVID-19 times. Various packages naming tousanticovid.apk, covid.apk, covidMappia_v1.0.3.apk, covidMapv8.1.7.apk, and coviddetect.apk are hidden in various applications of banking. And when those applications are dropped on malicious websites and the associated hyperlinks, they have started coating the mobile users with spam and other cybersecurity attacks. Undoubtedly, the number will increase in the coming times because the masses are moving towards the remote working era and here, cybercriminals will be running their malware attack campaigns as this is and will be their assured resorts.  

3. Artificial Intelligence: AI is Somewhere Controlling Cybersecurity Systems

Nowadays, healthcare industries and supply chain departments are adopting tools that support Artificial Intelligence. Also, those tools have some glimpses of Machine Learning and NLP with which they are helpful in controlling the datasets primarily involved with patients’ info or orders in which retailers/distributors are interested. As per the McKinsey report, more than 25 percent of healthcare organizations are investing in AI tools in this COVID-age. Even the banking sector has an impact of more than 30 percent of the analytics derived via AI/ML tools. 

Source: https://www.mckinsey.com/featured-insights/artificial-intelligence/notes-from-the-ai-frontier-applications-and-value-of-deep-learning#

The main loophole in using those Artificial Intelligent tools is that passwords and biometric logins are modified frequently by the patients, distributors, and other participants of the supply chain. With that, hackers can feasibly pick the pain points thereby controlling the monitoring of details like address, bank details, etc. Since AI tools perform at minimal human input in real-times, healthcare and supply chain industries are sensing attacks of malware, ransomware strongly destroying their incentivize growth. No doubt, cybercriminals will be involved with data violence so that they can continuously gain access to that sensitive data for targeting more patients or supply chain participants.

4. The Growing Popularity of IoT Devices

The usage of Internet-of-Things devices is trending nowadays because of their robust reaction-time and the lesser cost they invite in processing the merits of the cloud technology. Furthermore, the solutions those devices push through their communication channels are incredible and considered by organizations comprising a varying number of workforces. However, with such growing popularity, cybercrimes are increasing continuously. This is because cybercriminals can expose the profitable assets whose data is accessed from some industrial cloud network. In 2021, the IoT market has reached the potential of 418 billion US dollars, and we may expect it to grow to around 1.567 trillion USD by 2025.

Source: https://www.statista.com/statistics/976313/global-iot-market-size/

All this is known to professional attackers primarily involved with selling the stolen data or acquiring control over the expanding operations of the businesses. With no hesitations, hackers are outwardly weaponizing the growing IoT popularity by destroying the channel nodes inviting prosperity plus the legitimate sales traffic for the organizations. In this process, the protocols of cybersecurity maintaining and protecting the valuable data of customers have now become prominent to vulnerability.

5. Ransomware Attacks are Targeting the Critical Business Aspects

Ransomware attacks are directly or indirectly becoming unpredictable predictions for small or medium businesses. With no hesitations, those attacks are also impacting the larger organizations having proper knowledge of data violence and other compliance standards. As per the Check Point Research, the percentage of ransomware attacks has gone up to 102 in 2021 across the globe and our country has got impacted the most by 213 attacks weekly. You may think about what happens in those attacks! In them, cybercriminals send malware or other viruses to your phones or the cellular networks you use currently. This infects the devices like mobiles, laptops you are connected with and then, all your personal info is accessed by such assaulters. Now, no one can stop those online criminals from asking you ransom (amount asked for releasing the captive) and they will be harassing you for that! Over 1000 organizations are impacted weekly due to those ransomware attacks and the number will go up if organizations aren’t skillful enough in strengthening their cybersecurity models or preventing their business aspects from being targeted by those online criminals.  

6. No Control Over Phishing and Spear-Phishing Attacks

Spear-phishing attacks will easily be understood once we understand what phishing attacks are basically? So, phishing is somewhere related to social media and the cybercriminals prefer those phishing attacks because this helps them gather your card details (credit/debit), current location, or other sensitive info. Such attackers use deceptive emails or websites and show them in such a manner they look legitimate. Spear-phishing, on the other hand, is a sub-part of phishing and is its more sophisticated version. Here, online fraudulent send malicious emails, and they are sent to well-researched victims (such victims are analyzed well by the cyberattackers on the grounds of mental and emotional strengths). According to the 2021 investigation report of Verizon, 29,207 real-time security incidents were analyzed and 5,285 were confirmed data breaches. Out of these, 36 percent of breaches involve phishing which is increased by 11 percent from the previous year. And if we talk about spear-phishing attacks, the number is actually not mentioned, but there is a discussion about credential stuffing. Approximately 95 percent of organizations suffered such stuffing which is a spear-phishing attack. And the percentage of related breaches is 61.

Source: https://www.verizon.com/business/resources/reports/dbir/

The frequency of percentage will vary industry-by-industry but the thing which will be common is sending malicious emails and attempting to access personal data through spammed websites. Besides, there are some social media cybersecurity challenges like acquiring control over the customers’ accounts, phishing various campaigns running on social platforms like Facebook, Twitter, and misuse of data which is potentially important. All around the world, people are highly engaged with such social media channels primarily demanding internet services. This has made our privacy vulnerable to phishers or spear phishers, and they can confidently plan a series of events in hacking or destroying our personal wealth. With those events, hackers would be navigating various sections of our personal Facebook or Twitter accounts and take advantage of such demonstrated weakness. And all this has created a sound disturbance in the security of social media infrastructure. Depending upon the scope of disturbance, phishing/spear-phishing attacks offer destruction to the privacy of user’s data and the cybersecurity models of businesses too. Therefore, the issues, caused by destruction like third party social media operators supporting the tactics of cybercriminals, no close inspection of phishing emails at the users’ accounts, violation of the right to information since users aren’t aware of how their security is unknowingly compromised, are challenging the cybersecurity protocols of the organizations which need to modeled with proper control and strengthened compliance standards.  

7. Growth of Hacktivism

Hacktivism is a combination of words Hack N Activism. In general, this is done with the purpose of breaking into someone’s computer and steal that information that supports political or social agendas in the wrong way. The target of hacktivists is primarily to gain their visibility on the websites of government organizations and deface their security protocols by promoting their politically influenced cause. According to the 2021 IBM X-Force report, there was 25 percent of data thefts and leak attacks (in 2020) in which hacktivists have demonstrated their interest in seeking data of multi-national corporations and the government bodies connected with them.  No matter what the intention of the hacktivists was, but such criminal attacks are a slap to government organizations taking care of the assets of their customers. With this, a sort of motivation for challenging governments or forcing them to go against their morals is unknowingly promoted. There are many anonymous hacktivist groups working (since 2008) against disturbing the internal business processes of government or multinational organizations in the name of public welfare. They mix with the C-Level executives and continue embarrassing the government through the ideology of taking revenge with their online campaigns supporting regular flow DDoS attacks. This is a newer version of breaking into cybersecurity systems of the government so that the protests of hacktivists may spread throughout the world and launch a shuttle of defacement of the reputation immorally.  

8. Dronejacking is a New Wave Disturbing Cyber Experts

Dronejacking is a way through which cybercriminals are using a toy-like drone and easily taking control over personal information. According to the report of Intel, Drones have targeted deliveries, camera crews, and some hobbyists for knocking out the enforced security law standards. Though drones are a major tool for farmers, photographers, shippers, and some law enforcement agencies, yet they seem to be a new wave of cyber threats. With dronejacking, cybercriminals with their malicious intent can potentially offer financial destruction to the companies like Amazon and UPS who are known for supplying essentials to their customers. Via dronejack, hackers can easily determine how many packages will be delivered to how many customers? All this may be done for fun sometimes, but the aftereffects are really threatening as this is a direct attack on the security compliance of the organizations focusing on consumer’s success and their overall popularity in a positive way. Apart from all this, variable risks are there like loss of expensive drones, destruction of private property (commercial airplanes) with which the hackers can easily detect the response time and capabilities of the hardware controller driving those drones. If the commercial operators and cybersecurity teams of bigger organizations won’t stay themselves tuned about the latest security software and vigilant protection solutions, they will continue to bear the losses of drone attacks and become the easy targets of such criminals anonymously.  

9. Preventive measures of social engineering

Social engineering is concerned with a type of cyberattacks where hackers focus on tricks and non-tech strategies rather than using core tech approaches or tools to trap the users. There are some preventive measures associated, and they are setting the spam filters from low to high, instant denial or deletion of help requests, researching the sources of unsolicited emails, and many more. However, hackers are sophisticated nowadays and understand the frequency with which we are adopting such measures. They can feasibly take the legitimate access to our personal info and then, exploit us really well on the grounds of personality weaknesses. As per the report of Google, most of the SEAs or Social Engineering attacks are phishing via official emails or malicious websites which almost look authentic.

Source: https://link.springer.com/article/10.1007/s42979-020-00443-1

In this graph, there are a number of accounts up to 5000 flagged by Google, and they are trapped by the phishing attacks initiated by government-backed attackers. The number of attacks seems to fluctuate, yet it is clear that such SEAs are tracking our communications done through instant messaging or video conferencing. Furthermore, many of the knowledge-based workers, business owners, artisans (the number is near to 260 million) are remotely working in this pandemic era and this has made them vulnerable to such Social Engineering Attacks. Those cyber-attackers can smartly deploy multiple tactics for entering into their sensitive information like passwords, usernames, and banking details. All this will look legitimate as they will be using trademarks, logos of the well-known companies whose accuracy will be 99 percent or a little higher. As soon as their websites and emails are clicked, you will be tricked and then, the height of your awareness is primarily destroyed. Furthermore, the organizations are also prone to such steals as hackers are easily breaking their business software backed by systems adhering to cybersecurity protocols. So, the security of their infrastructure is inclined towards the likelihood of success of these cybercriminals well-versed with how they should be using the preventive measures of social engineering for deploying their malicious agendas?

10. Office People Having Access to Data of their Organizations

Internal politics is something that everyone is aware of and this happens in every organization. Whether you talk about a tech-giant or a well-reputed automation agency, employees are assigned with some privileges and this makes the finances vulnerable to huge losses. All this gives rise to insider threats. They have grown up by 47 percent in the past 2 years and successfully inviting cybercriminals to nourish their fraudulent activities well.

More than 34 percent of businesses are affected every year by such threats and this is giving the way to accidental breaches for breaking the trust and reputation of customers. Those insider threats are underestimated by the businesses a lot as they think it is important for them to deal with the complex market trends rather than giving such threats a look! All this disturbs the current status of a company as their employees have signed some deals with hackers for providing them the important information about the company. Later, those cyber criminals infect the security systems of organizations well which are managing the business complexities well in this second layer. If the organizations keep on underestimating them and keep on delaying in limiting the privileges, then it would be difficult for them to put a halt to the destructive and careless behavior of their employees somewhere challenging the pre-established secure protocols of cybersecurity.

Source: geeksforgeeks.org

Continue reading

How Should I Start Learning Ethical Hacking on My Own?

Ethical hacking refers to offensive testing of computer systems in order to find out security-related loopholes. These loopholes are called security vulnerabilities. It has been a very popular career choice for students of all backgrounds(non-CS students can also learn it easily and be equally good as CS students, or even better than them).

Since ethical hacking is about compromising the systems, it assumes familiarity with how those systems actually work. During your process of hacking(ethically), you will come across networks, networking devices, networking protocols, websites, web technologies, content delivery mechanisms, and many more components of online infrastructures. Being comfortable with what these components do and how they work together is essential. Knowledge of the markup language of the web (HTML) a scripting language(JavaScript) a data transfer language(XML or JSON), components of a web-based system, knowledge of computer networks and TCP/IP suite, knowledge of basic programming in C/C++/Java/Python is good enough to get you started.

You can learn ethical hacking effectively by following this two-step process. The first step would be to learn about concepts and to understand them well. On the internet, the resources for learning are available in abundance. We recommend:

Recommended Books

1. Hacking for Dummies: The “for dummies” series of Wiley focuses on publishing beginner-friendly books on various topics. This book introduces the user to ethical hacking through concepts and tools. It is very useful for people who want to start learning ethical hacking but are not very comfortable with programming. This should however be understood that being an elite hacker is almost impossible without learning to program.

2. CEHv10 Study Guide by SYBEX: This book is aimed to aid the preparation of CEH(Certified Ethical Hacker), a popular certification course in ethical hacking. It explains the ethical hacking methodology and the phases of it. Each phase of ethical hacking is well explained with details of the concepts and practice on the tools.

3. Hacking, The Art of Exploitation: This book has been very popular in the community of white hat hackers for a long time. Probably because of the content it covers and the depth it goes into. The good thing about this book is that even if you are a novice with absolutely no knowledge about programming and networks, you can still benefit immensely. The book covers Basic Programming in C, Scripting with Bash, basics of memory management in computers, filesystems, overflow based vulnerabilities and their exploitation, basic networking, attacks on networks, writing shell-code, and cryptology.

Popular Online Courses

1. Udemy: These cybersecurity ethical hacking courses have been already taken by many people and their rating is quite good, so we are assuming these will be really useful for your self-learning.

Learn Ethical Hacking From Scratch

2. PentesterLab: PentesterLab is useful for beginners and advanced learners equally. Their beginner-friendly tutorials and labs are from highly successful ethical hackers and bug bounty hunters and they are also well known as instructors and mentors.

3. Pentester Academy: Pentester Academy is a platform of learning for beginners as well as seasoned hackers. They have courses and online labs for major vulnerabilities. Pentester Lab also has courses on programming, forensics, VoIP, DevOps Security, Red/Blue team, etc.

YouTube Channels

1. JackkTutorials: Provides hands-on introductory tutorials to almost all the important concepts, tools, and skills related to ethical hacking.

2. Thenewboston: This channel not only covers the basics of practical ethical hacking but also provides tutorials on programming, app development, graphic design, chemistry, databases, video editing, etc.

3. HackerSploit: Hackersploit is highly popular among bug bounty beginners. It has penetration testing tutorials, CTF walkthroughs, Bug bounty hunting tips, programming tutorials, malware analysis tutorials, steganography tutorials, etc.

LiveOverflow, Nahamsec, Bugcrowd, and HackerOne are also very good and worth checking out.

Websites and Blogs

These websites are useful for staying up to date with recent findings, for getting quick references, for understanding advanced concepts, and more.

1. PortSwigger’s Blog: Dafydd Stuttart is known as portswigger in the hacker community. He is a co-creator of the BurpSuite tool. His blog contains news about the Latest web application vulnerabilities, new features of BurpSuite, tips on how to use BurpSuite well, and his own findings as a bug bounty hunter.

2. TheHackerNews: A dedicated platform for the latest cybersecurity-related news. The Hacker News provides detailed information about the latest vulnerabilities, new developments in the cybersecurity domain, news related to cybercrimes, data breaches, hacktivism, etc.

3. HackerOne Hactivity(disclosed vulnerability reports): HackerOne is a bug bounty platform. Bug bounty programs may allow public disclosure of a vulnerability report after it is resolved. These reports can be used to understand how to look for vulnerabilities on a target, how to perform reconnaissance, how to approach interesting endpoints, how to exploit a vulnerability for maximum impact, and what kind of vulnerabilities are commonly found on a specific type of target.

The second step is practice: Practicing is very important because it will help you absorb the concepts you have learned. It will also help you gain confidence in your skills. Intentionally vulnerable virtual systems and CTFs are the best way to practice. bWApp, DVWA(Damn Vulnerable Web Application), Metasploitable are some of the best vulnerable VMs. The OWASP has put up an index of vulnerable virtual machines, which can be accessed here.

Source: geeksforgeeks.org

Continue reading

Forced Browsing – Ethical Hacking

A Forced browsing attack is a vulnerability in which an unauthorized user has access to the contents of an authorized user. Forced browsing is an attack when a Web application has more than one user privilege level for the same user. Thus, an attacker gets sensitive information which should otherwise not be accessible to him/her.The attacker can use a brute force approach to get common directories, files, or information of user accounts present on the website.Forced browsing is named so because we are forcefully browsing the URL which only an authorized user is supposed to browse.Also, using forceful browsing, a hacker can get access to common files that may contain important data.Forced browsing attacks can also be performed using hit and trial method where application index pages and directories are based on predictable values. Due to its severity, it’s ranked in OWASP Top 10 vulnerability list.

Concept

Users of a website have a different set of privileges.A website is not vulnerable only if users cannot access admin privileges, but if users access admin rights and commands by simple copy and paste of admin URL, he/she can do a lot of damage to the website and to the company.

How The Attack Works

Example 1

Let’s assume a user logs on to his account and the URL is- www.gfg.com/info/user1.php. Now, he copies this URL and pastes it in the incognito mode tab.If the same page opens, it means the website isn’t checking for authentication. The user can modify the URL by a hit and trial or brute force approach like this-www.gfg.com/info/user2.php and load the page. He will get information of user2 present on that website without asking for password or email ID or any sort of identity verification to access the account of user2.Similarly, if the user gets the URL of the admin somehow, he will be able to get admin privileges without any authentication.So, this vulnerability is critical.

Example 2

Let’s assume a user logged in to Amazon website has a URL- www.amazon.com/orders/123. Now, he identifies that 123 is his order ID. he changes this value to see whether he can see random users orders or not. He modified the URL to www.amazon.com/orders/122. Now if the Amazon website has a forced browsing vulnerability, the website will show it the orders of a random customer having an order ID of 122. Thus, the attacker being an authorized user gained access to unauthenticated content which he is not supposed to get.

Forceful Browsing Methods

◉ Manual prediction: As discussed in the above example, where the user manually (using hit and trial method) finds out that the website suffers from forced browsing vulnerability by simply changing some values of the URL.

◉ Automated prediction: This method includes using automated tools like dirbuster for finding out common files and directory names that might contain sensitive information.

◉ Open-source methods: The “Exploit.db” is a platform that lists out the vulnerability of most of the application software and websites.One can take the help of this website to further learn about the attacks.

How To Avoid Forced Browsing

◉ For every web page that is accessed, the developer must ensure that only the authenticated user is authorized to gain access to the content.

◉ Authenticated users shouldn’t be able to use authorized content. An authorization check is needed at every step to ensure security.

◉ Creating a white list, allowing explicit access to a set of URLs that are considered, allows part of the application to exercise its functionality as intended. Any request not in this URL space is denied by default.

Source: geeksforgeeks.org

Continue reading