Scribd
Upload
29 views

THM - Common Attacks

Uploaded by

huwi4183
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views

THM - Common Attacks

Uploaded by

huwi4183
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Hsu Wai Lwin Hnin ʚɞ

THM - Common Attacks


Common Attacks
Social Engineering
Social Engineering Overview

Social engineering involves cyberattacks targeting humans rather than systems, often
referred to as "People Hacking." Attackers use methods such as gaining small pieces of
information from social media to escalate access step-by-step to sensitive accounts like
banks. Examples include direct interaction or tricking people with malicious USBs or devices.

Case Study: Stuxnet


The Stuxnet virus targeted Iran’s nuclear program in 2009 by exploiting offline networks.
Attackers used malicious USB drives, demonstrating how creativity can overcome
technological barriers.

Forms of Social Engineering:

Direct interaction (e.g., phone scams).


Indirect methods (e.g., malicious devices left in public).

Staying Safe

Use multi-factor authentication and secure answers to security questions.


Avoid plugging unknown media into computers.
Verify the identity of callers or messages claiming to represent companies.

Phishing
Phishing Overview

Phishing is a form of social engineering where attackers trick victims into visiting malicious
websites via emails, texts, or calls, often to steal sensitive information like login credentials or
install malware. It is categorized into three types:

1. General Phishing: Mass attacks targeting broad audiences.


2. Spearphishing: Targeted attacks on specific individuals or groups.
3. Whaling: Highly targeted attacks on high-value individuals like executives.

Example Scenario:
An attacker sends a fake email claiming to be from "Amazon" about a suspicious purchase.
The victim clicks a link to a fake login page, enters credentials, and the attacker gains access
to their account.

Identifying Phishing Attacks


Look for:

Poor grammar or generic greetings.


Domain names mimicking legitimate websites.
Suspicious email addresses or disguised links.

Staying Safe

Delete and report suspicious emails without opening them.


Avoid clicking links; navigate to websites manually.
Keep devices and antivirus software updated.
Limit sharing personal information publicly.

Malware and ransomware


Malware and Ransomware Overview

Malware is malicious software designed to harm or control systems, often used for data theft
or remote command and control (C2). Ransomware, a specialized malware type, encrypts
data and demands payment (usually in cryptocurrency) for decryption. Ransomware spreads
through vulnerabilities or social engineering, such as malicious email attachments or
exploitations of software flaws.

Delivery Methods

Phishing emails with malicious attachments (e.g., Word macros, .exe, .ps1 scripts).
Exploiting vulnerabilities in public-facing infrastructure like web servers.

Staying Safe

Regularly update software to fix vulnerabilities.


Avoid clicking suspicious links or downloading unknown files.
Do not plug in unknown USB devices.
Back up important data regularly.
Keep antivirus software updated and active.
In case of ransomware, avoid paying the ransom; instead, contact authorities and isolate
the infected device.
Passwords and Authentication
Password Security Overview

Passwords are essential for authentication but can be compromised by insecure practices
such as reusing passwords or using easily guessed ones. A strong password is crucial to
protecting accounts.

Strong Passwords

Focus on length rather than complexity.


Use passphrases (e.g., "Vim is the best editor!") or random strings (e.g.,
"w41=V1)S7KIJGPN").
Avoid predictable patterns or personal connections.

Weak Passwords

Short passwords or those with simple patterns (e.g., "Gareth2012!") are easy to guess.
Password reuse increases vulnerability to breaches.

Password Storage

Secure storage involves hashing, making passwords irreversible.


Weak storage methods (e.g., plaintext) expose users during breaches.

Exposed Passwords

Data breaches can leak usernames and hashed passwords.


Tools like "Have I Been Pwned?" notify users of potential exposure.

Password Attacks

Local Attacks: Brute-forcing hashed passwords using wordlists or mutations.


Remote Attacks: Credential stuffing or brute-forcing known usernames.

Staying Safe
Multi-Factor Authentication and Password Managers
Multi-Factor Authentication (MFA)
MFA requires more than one authentication factor to log in, improving security. Common
factors include:

1. Something you have (e.g., TOTP apps, smart cards).


2. Something you know (e.g., passwords).
3. Something you are (e.g., biometrics).
While SMS-based MFA is common, it is less secure due to potential interception. Using
authenticator apps like Google Authenticator or Authy to generate TOTPs locally is more
secure and reliable.

Password Managers
Password managers store and manage strong, unique passwords securely. Features include:

Encrypted vaults accessible via a master password or biometrics.


Automatic password generation and auto-fill functionality.

Public Network Safety


Public WiFi Risks and Solutions

The Problem
Public WiFi is convenient but risky. Attackers can exploit it for man-in-the-middle attacks,
intercepting traffic or stealing credentials, especially on non-encrypted websites. Connecting
to any network also exposes your device to potential threats.

Solutions

Avoid Untrusted Networks: Use private networks or mobile hotspots when possible.
Use a VPN: VPNs encrypt traffic, making intercepted data unreadable. Paid VPNs like
ProtonVPN or Mullvad VPN provide better security than free options.

Website Connection Security

Always ensure websites use HTTPS (indicated by a padlock in the browser).


Do not trust websites with broken padlock icons or certificate errors.
Never enter sensitive information on websites without HTTPS, especially on public
networks.

Backups
Backups Overview

Backups are crucial for protecting data, enabling recovery regardless of damage. They are
essential for both critical business data and personal files like photos.

The Golden 3,2,1 Rule

1. Maintain at least three copies of your data, including the original.


2. Store backups on at least two different storage mediums (e.g., cloud and USB).
3. Keep one or more backups off-site (e.g., cloud services like Google Drive).
Frequency
Backup frequency depends on the data's sensitivity and risk level. High-risk organizations
may back up multiple times daily, while home users might back up weekly. Ensure backups are
recent to remain effective.

Updates and Patches


Updates and Patches Overview

Software Updates
Updates fix bugs, add features, and patch vulnerabilities. Regularly updating software,
especially operating systems, is critical for security. For example, the WannaCry ransomware
used the Eternal Blue vulnerability in Windows, which could have been prevented by applying
the MS17-010 patch. Deprecated software no longer receives updates (EOL) and should be
replaced or isolated to avoid exploitation.

Antivirus Updates
Antivirus software relies on up-to-date databases of malware signatures. Frequent updates
ensure it can detect and block the latest threats. Allow antivirus updates to maintain
effectiveness and avoid potential malware slipping through outdated defenses.

You might also like