involves attempting to hide a true identity by using someone else’s e-mail IP address Spoofing can apply 3 can apply to emails, phone calls, and websites,, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP) or Domain Name System (DNS) server. Spoofing can be uses to access to a target’s personal information, spread malware through infected links attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack.
Spoofing and Spam Web Sites:
Spoofing is often the way a bad actor gains access in order to execute a larger cyber attack such as an advanced persistent threat or a man-in-the-middle attack Spoofing a Web site sometimes involves pharming. while attempts to capture personal information by getting users to visit a fake website, pharming redirects users to false websites without them even knowing it. One way that pharming takes place is via an e-mail virus that “poisons” a user’s local DNS cache. It does this by modifying the DNS entries, or host files.
For example, instead of having the IP address 17.254.3.183 direct to www. apple.com, it may direct to another website determined by the hacker. Pharmers can also poison entire DNS servers, which means any user that uses the affected DNS server will be redirected to the wrong website, While pharming is not as common as phishing scams are, it can affect many more people at once.
This is especially true if a large DNS server is modified So, if you visit a certain website and it appears to be significantly different than what you expected, you may be the victim of pharming Spam (junk) Web sites are a little different. These are sites that promise to offer some product or service, but in fact are just a collection of advertisements for other sites, some of which contain malicious code.
For instance, you (may search for of town) weather,” and then click on a link that promises your local weather, but then discover that all the site docs is display ads for weather-related products or other Web sites. Junk or spam Web sites typically appear on search results, and do not involve e-mail. These sites cloak their identities by using domain names similar to legitimate firm names, and redirect traffic to known spammer-redirection domains such topscarchi.com.
Identity fraud is the use by one person of another person’s personal information : without authorization, to commit a crime that other person or a third person, identity fraud is committed in the context of financial advantage, such as access victim’s credit card, bank or loan accounts. False identity documents have been used in criminal activity or in dealings with government agencies, such as immigrate Often today, the identities of real persons are used in the preparation of these file documents.
A person’s personal information may be surreptitiously commonly described as identity theft, in a variety of ways. A fraudster may another person’s basic personal details (such as name, address, username and PIN) access the victim’s online accounts, including banking accounts, email, and social media accounts.
DENIAL OF SERVICE (DOS) AND DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS:
A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of malicious cyber threat actor. Services affected may include email. websites, online accounts (e.g., banking), or other services that rely on the affected computer network. A denial-of-service condition is accomplished by or network with traffic until the target cannot respond or seeing the targeted host crashes, preventin access for legitimate users.
DoS attacks can cost an organization both time and while their resources and services are inaccessible. A “denial of service or attack is used to tie up a website’s resources so that users who need to access the cannot do so. Many major companies have been the focus of DoS attacks because Dose attacks are a by attempts at blackmailing site owners to pay tens hundreds of thousands of dollars to the hackers in return for stopping the DoS attack
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS:
A DDoS attack requires an attacker to gain control of a network of online machınes order to carry out an attack. Computers and other machines (such as IoT devices) infected with malware, turning each one into a bot (or zombie). The attacker then remote control over the group of bots, which is called a botnet.
Once a botnet has been established. the attacker is able to direct the machines sending updated instruction actions to each bot via a method of remote control. When address of a victim is targeted by the botnet. each bot will respond by requests to the target, potentially causing the targeted server or network to over capacity, resulting in a denial-of-service to normal traffic. Because each legitimate Internet device, separating the attack traffic from normal traffic difficult.
SNIFFING:
Sniffer: a type of caves dropping program that monitors information travelling over a network Sniffing is a process of monitoring and capturing all data packets passing through given network. Sniffers are used by network/system administrator to monitor and troubleshoot network traffic.
However, it is also widely used by hackers and crackers to gather information illegally about networks they intend to break into Using a packet sniffer it is possible to capture data like passwords, IP addresses, protocols being used on the network and other information that will help the attacker infiltrate the network All network data travels across the Internet, and then into and out of PC’s, in the form of individual, variable size data packets.
Since the typical PC user never “sees” any of this raw data, many spyware systems covertly send sensitive information out of the user’s computer without their knowledge. A “Packet Sniffer” is a utility that sniffs without modifying the network’s packets in any way. By comparison, a firewall sees all of a computer’s packet traffic as well, but it has the ability to block and drop any packets that its programming dictates. Packet sniffers merely watch, display, and log this traffic.
Today’s networks may already contain built-in sniffing modules. Most hubs support the RMON standard, which allow the intruder to remotely using SNMP, which has weak authentication Many corporations employ Network Associates “Distributed Sniffer Servers”, which are set up with easy to guess passwords. Windows NT machines often have a “Network Monitoring Agent” installed, which again allows for remote sniffing. Packets sniffing are difficult to detect, but it can be done. But the difficulty of the solution means that in practice, it is rarely done
INSIDER ATTACKS:
We tend to think of security threats to a business as originating outside the organization, In fact, the largest financial threats to business institutions come not from robberies but from embezzlement by insiders. An insider attack is a malicious attack on a network or computer system by a person with authorized system access Insiders that perform attacks have a distinct advantage over external attackers because they have authorized system access and also may be familiar with network architecture and system policies/procedures.
In addition, there may be less security against insider attack because many organizations focus on protection from external attacks, An insider attack is also known as an insider threat. Insider attacks can affect all computer security elements and range firm stealing sensitive data to injecting Trojan viruses in a system or network. Insiders also may affect system availability by overloading computer/network storage or processing capacity, leading to system crashes.
Internal intrusion detection systems (IDS) protect organizations against attacks. but deploying such systems is not easy. Rules must be established to that unintended attack warnings are not triggered by employees
POORLY DESIGNED SERVER AND CLIENT SOFTWARE:
Many security threats quarry on poorly designed server and client software the application software sometimes in the operating system and sometimes including browsers. The increase in complexity and size of software program coupled with demands for timely delivery to markets, has contributed to an increase in software flaws that hackers can exploit.
For instance, SQL injection attacks to advantage of vulnerabilities in poorly coded Web application software that fails properly validate or filter data entered by a user on a Web page to introduce program code into a company’s systems and networks. An attacker can use this inn validation error to send a rogue SQL query to the underlying database to access database, plant malicious code, or access other systems on the network.
Large We applications have hundreds of places for inputting user data, each of which creates opportunity for an SQL injection attack. A large number of Web-facing application are believed to have SQL injection weakness, and tools are available for hackers check Web applications for these weakness.
Each year, security firms identify thousands of software vulnerabilities in Internal browsers, PC, Macintosh, and Linux software, as well as mobile device operate systems and applications. no patch yet exists. Zero-day vulnerability is one that been previously unreported and for which no patch yet exists. In 2012, 14 zero-ads weaknesses were reported, up from 8. The trend continues in 2013. Not super Java has been the target of several zero-day attacks during 2013. For instance, January 2013, just a day after Oracle had patched two previous zero-day weaknesses
NEW POST
FOLLOW ON TWITTER
