There are some MITM (Man-in-the-middle) attacks that we have already covered in these previous articles which you can read about: ARP and DNS spoofing; well now it’s time to look at Session Hijacking.
There are various different types of malware and different ways that they have been built to infect systems. One of those types is called macro malware, which are essentially scripts that contain several commands for the automation of tasks for different applications through Microsoft Office documents. Characteristically, macro are provided as a mechanism for us to improve and work better with automations in Word, Excel etc.
Read More »
The Cloud for a while now has been a buzzword in the field of tech. However it isn’t the only way to move forward with today’s technology. We are going to discuss some alternatives ways in which you can work without using the Cloud.
Is our data secure on the internet or is confidential information that we upload at risk on the internet?
The answer is YES it is at risk.
Over the years, this issue has been proven many times over. Millions of companies per year have the horrible experience of having their confidential data stolen.
Using sniffing methods, hackers can easily steal any personal data over the internet, it is not easy to do of course but by hijacking a BGP session an expert can get into your ISP and start a “man in the middle” attack.
Back in the 90’s, when a computer was connected to the internet via a modem, it was assigned a Public IP address, and as a result, the computer was visible to the internet directly. Modern day modems integrate the following components: a router, switch, firewall, wireless feature and DHCP Services, whilst the NAT service works simultaneously beside them.
Atmos is a continuation of a previous threat which was called Citadel. It is the evolution of a credential stealer which now boasts comprehensive functionality used by criminals. Atmos can be used as hacktool or RAT for infiltration. The main concern is the success of previous version, which the FBI stated that they uncovered a botnet of over 11 million computers worldwide.
Acceptable risk comes up in conversation when talking about Operating systems security as although it is a basic requirement, it is something which introduces potential security challenges as well. So unless your IT staff understand each section of code in an operating system’s complex software then it is unlikely you can guarantee that there is no security concerns associated with it.
The UK governments produced guidance in 2015 explaining their recommendation that passwords should not be changed regularly. Communications-Electronics Security Group (CESG), a group within the UK Government Communications Headquarters (GCHQ) released this guidance to the general public. This for a lot of IT professionals may seem to go against IT best practices, however it does highlight some fundamental rethinking which may be required within the IT industry on what is considered by most as a basic rule of thumb. Read More »