Cyber World

  What is Phishing? ‘Phishing’ is when criminals use emails, text messages or phone calls to trick their victims. AIM – To make you visit a website, which may download a virus onto your computer, or steal bank details or other personal information. 5 most common type of phishing attack ·        Email Phishing – Most phishing attacks are sent by emails. ·        Spear Phishing ·        Whaling – Whaling attacks are more targeted, taking aim at senior executives. ·        Smishing and Vishing ·        Angler Phishing Why do cybercriminals create email phishing scams? The answer is simple. Email is often an organization’s weakest security link. Once the security breach has begun, email hackers have access to all sort of information – from personal data to sensitive corporate documents. If you receive a phishing emai...

  what is dirty cow vulnerability? Dirty COW was a vulnerability in the Linux kernel. It allowed processes to write read-only files. This exploit made use of a race condition that lived inside the kernel functions which handle the copy-on-write (COW) feature of memory mappings. CVE number of dirty cow- CVE-2016-5195 ·        About CVE-2016-5195 – A race condition was found in the way the Linux kernel’s memory subsystem handles the copy-on-write breakage of private read-only memory mappings. ·        An attacker would first require access to a shell on the device before they could use this exploit. What does this vulnerability do? This vulnerability allows the user to bypass the normal file system protections and write to files that are owned by the system. Consequences ·        Opens up many avenues for attack, ·        which results in the unpr...

Android users are advised to download apps only from official app stores in order to avoid ‘Daam’ virus, which hacks call records and gains camera access. As per CERT-In, users shouldn’t browse un-trusted websites or follow un-trusted links and must install updated antivirus software. Exercise caution towards shortened URL’s and numbers that don’t look like genuine/regular mobile numbers, it added. Malware – ‘daam’ virus The Daam virus represents a new breed of malware specifically targeting Android devices. Its advanced capabilities allow it to infiltrate your smartphone’s operating system, granting unauthorized access to your personal data and compromising your privacy. If the device is at risk ·        Unusual battery drain ·        Unexpected data usage ·        Unfamiliar apps or pop-ups ·        Unusual device behaviour conclusion Remember, your...

Software Piracy ·        The use and or distribution of copyrighted computer software in violation of the copyright laws or applicable licence restrictions. ·        Software piracy can be done by copying, downloading, sharing, selling or installing multiple copies of software onto personal or work computers. Most pirated softwares ·        Microsoft Office ·        Adobe Photoshop ·        Windows ·        Adobe Premiere ·        Final Cut Pro Types of software policy ·        Soft Lifting: Means sharing a program with someone who is not authorised by the licence agreement to use it. ·        Hard Disk Loading: This form of piracy involves loading an unauthorized copy of software onto a computer be...

  What is ChatGPT? ·        ChatGPT is an AI-based trained model which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer follow up questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests. ·        The "Chat" in the name is a reference to it being a chatbot, and the "GPT" stands for  generative pre-trained transformer . Family of ChatGPT Its parent company is OpenAI. ChatGPT is a sibling model to InstructGPT. Research Today’s research release of ChatGPT is the latest step in OpenAI’s iterative deployment of increasingly safe and useful AI systems. Many lessons from deployment of earlier models like GPT-3 and Codex have informed the safety mitigations in place for this release, including substantial reductions in harmful and untruthful outputs achieved by the use of reinforcement learning from human feedback (RLHF). Fe...

  What is Nullcon? Nullcon came into existence in 2010 and is managed and marketed by  Payatu Technologies Pvt Ltd . With the advent of cutting-edge technologies, security is crucial as technology brings a myriad of threats along. What Nullcon do? ·        Nullcon is an extensive platform for the exchange of information about zero-day vulnerabilities, latest attack vectors, and other cyber threats. ·        A section of conference – Desi Jugaad – is dedicated to hackers/researchers who come up with innovative solutions for real life challenges and are interested in taking new initiatives in cyber security What Nullcon have? ·        Research driven technical talks ·        CXO track ·        Hands-on training sessions ·        Keynotes from renowned security researchers ·  ...

  AI, or artificial intelligence, is a transformative technology that has the potential to revolutionize various industries and reshape economies around the world. While AI can bring significant benefits and economic growth, it is unlikely to be the sole reason for a recession in India. The impact of AI on the economy is complex and multifaceted, and its consequences depend on how it is adopted, regulated and integrated into existing systems. ·        Automation and job replacement One concern often associated with AI is the potential for automation to replace human workers, leading to job losses. It is true that a certain repetitive and routine task can be automated, but AI also creates new opportunities and enhances productivity. Historically, technological advancements have led to the evolution of jobs rather than their complete eradication. As AI technology develops, it is likely to create new roles and demands for skilled professionals in areas...

  Packet Sniffing is the process of collecting and logging packets of information that are sent between network nodes. These packets of data can then be gathered, stored and analysed in order to better understand exactly what data is being sent across a given network. Packet sniffing Attack A Packet Sniffing attack is a network created threat where a malicious entity captures network packets intending to intercept or steal data traffic that may have been left unencrypted. Methods used for packet sniffing attack ·        TCP Session Hijacking ·        DNS poisoning ·        JavaScript Card Sniffing attacks ·        Address Resolution Protocol (ARP) Sniffing ·        DHCP Attack Avoiding packet sniffing ·       Use a VPN Service ·       Avoid unreliable public wi-fi ...

  What is Quantum Computing? Quantum computing is a rapidly-emerging technology that harnesses the laws of quantum mechanics to solve problems too complex for classical computers. Why do we need Quantum Computers? Quantum computers will help immensely with problems related to optimization, which play key roles in everything from defence to financial trading. The Cybersecurity Implications of Quantum Computing ·        Threat 1: Harvest Now, Decrypt Later- Threat actors collect encrypted data from target organizations today, fully anticipating that data can be decrypted later when quantum computing reaches a maturity level capable of rendering many publicly utilized cryptographic algorithms like RSA entirely obsolete. ·        Threat 2: Making Asymmetric Cryptography Obsolete It poses a “Quantum Threat,” a match for the complicated math problems previously unbeatable by classic computers. The world's data, c...

  Why Hackers choose Linux? ·        Hackers choose Linux because of its general lack of patch management for the OS system, outdated third-party applications and lack of password enforcement. ·        Hackers also prefer Linux because it susceptible to PHP web misconfigurations, including un-validated parameters, broken access control, cross-site scripting flaws, buffer overflows, command injection flaws, error handling problems, remote administration flaws and insecure use of cryptography. ·        Linux also continues to work efficiently even when there is little space left on the hard drive, which is nearly impossible in most other operating systems. ·        Linux is the most popular choice for hackers due to its flexibility, open-source platform, portability and command line interface and compatibility with popular hacking tools. Portability and...

  What are security firm? Multinational Security Firms around the world provide expert services to private and public clients. what do they do? ·        Private Security firms primarily provide guard and patrol services. ·        In many countries, the security industry primarily engages in the prevention of unauthorized activity or entry. ·        Detection of emergencies as well as investigation of the incidents can be the main duties of the private security personnel. Top security firms 1.       G4S - It segments into two businesses – 1) The Secure Solutions 2)Cash Solutions 2.      Securitas AB - It operates the business in the global market in North America, Latin America, Asia, and the Middle East. 3.      ADT - It has become a leading alarm and other surveillance system provider in the United State an...

What is Pegasus spyware? Pegasus is a spyware that can be covertly installed on  devices  running most versions of  iOS  and  Android.   Capability of Pegasus   Who has been targeted by Pegasus? ·        Reading text messages ·        Arab royal family members ·        Tracking calls ·        64 business executives ·        Collecting passwords ·        85 human rights activists ·        Location tracking ·        600+ politicians/ government officials ·        Accessing device's microphone and camera ·     ...