The idea behind a MITM attack is that the attacker places himself in the middle of the communication between a client and a server and uses a sniffer. Therefore, any communication that is being performed between a client and a server will be captured by the attacker.
Once an attacker successfully becomes the man in the middle, he can perform many attacks on the target network such as capturing all the traffic, denial of service attacks, dns spoofing, and session hijacking, to name a few.
A DoS attack is an attack on a computer or network that reduces, restricts, or prevents access to system resources for legitimate users. In a DoS attack, attackers flood a victim’s system with nonlegitimate service requests or traffic to overload its resources and bring down the system, leading to the unavailability of the victim’s website or at least significantly reducing the victim’s system or network performance. The goal of a DoS attack is to keep legitimate users from using the system, rather than to gain unauthorized access to a system or to corrupt data.
A DDoS attack is a large-scale, coordinated attack on the availability of services on a victim’s system or network resources, and it is launched indirectly through many compromised computers (botnets) on the Internet.
Attackers perform a phishing attack by sending an email containing a malicious link and tricking the user into clicking it. Clicking the link will redirect the user to a fake website that appears similar to the legitimate website. The website prompts the user to enter sensitive information, such as usernames, passwords, bank account details, and social security numbers, and divulges the data to the attacker. Later, the attacker may be able to establish a session with the legitimate website by using the victim’s stolen credentials to perform malicious operations on the target legitimate website.
Spoofing is the act of disguising a communication or identity so that it appears to be associated with a trusted, authorized source. Spoofing attacks can take many forms like IP address spoofing, DNS spoofing, MAC spoofing, DHCP spoofing, etc.
A brute-force attack gets its name from the “brutish” or simple methodology employed by the attack. A bruteforce attack would try all possible combinations until the correct password is found. Attackers often use bots to perform bruteforce attack as it is time consuming. When password-guessing, this method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attack are used because a brute-force search takes too long.
Session hijacking is one of multiple types of MITM attacks. Session hijacking is an attack in which an attacker takes over a valid Transmission Control Protocol (TCP) communication session between two computers. Because most types of authentications are performed only at the start of a TCP session, an attacker can gain access to a machine while a session is in progress. Attackers can sniff all the traffic from established TCP sessions and perform identity theft, information theft, fraud, etc.
An insider is any employee (trusted person) who has access to the critical assets of an organization. An insider attack involves using privileged access to violate rules or intentionally cause a threat to the organization’s information or information systems. Insiders can easily bypass security rules, corrupt valuable resources, and access sensitive information. Insider attacks may cause great loss to the company. Further, they are dangerous because they are easy to launch and difficult to detect.
Ransomware is a type of malware that restricts access to the infected computer system or critical files and documents stored on it, and then demands an online ransom payment to the malware creator(s) to remove user restrictions. Ransomware might encrypt files stored on the system’s hard disk or merely lock the system and display messages meant to trick the user into paying the ransom.
BlackCat, WannaCry, BlackMatter are the popular examples of ransomware.
Almost every web application attack is due to unvalidated input: failure to validate input upon authentication, on form fields, or other inputs such as http headers and cookies. Web application hacking happens because either developer isn’t taught to validate inputs, or they don’t pay much attention to it.
Some common web attacks are CSRF (Cross-Site Request Forgery), XSS (Cross Site Scripting)
CSRF is an attack in which the attacker exploits the victim’s active session with a trusted site to perform malicious activities such as item purchases and the modification or retrieval of account information.
According to ancient Greek mythology, the Greeks won the Trojan War with the aid of a giant wooden horse that was built to hide their soldiers. The Greeks left this horse in front of the gates of Troy. The Trojans thought that the horse was a gift from the Greeks, which they had left before apparently withdrawing from the war and brought it into their city. At night, the Greek soldiers broke out of the wooden horse and opened the city gates to let in the rest of the Greek army, who eventually destroyed the city of Troy.
Inspired by this story, a computer Trojan is a program in which malicious or harmful code is contained inside an apparently harmless program or data, which can later gain control and cause damage, such as ruining the file allocation table on your hard disk.
Structured Query Language (SQL) is a textual language used by a database server. SQL commands used to perform operations on the database include INSERT, SELECT, UPDATE, and DELETE. These commands are used to manipulate data in the database server.
SQL injection is a technique used to take advantage of unsantized input vulnerabilities to pass SQL commands through a web application for execution by a backend database. In this technique, the attacker injects malicious SQL queries into the user input form either to gain unauthorized access to a database or to retrieve information directly from the database. Such attacks are possible because of a flaw in web applications and not because of any issue with the database or the web server.
A supply chain attack targets an organization’s supply chain. Because weak links in a supply chain are an easier target for cybercriminals, organizations should be more aware of the security implemented within each step of their supply chain. Supply chain involves individuals, activities, technology of organization. Sometimes, an organization/industry has contracts with third party vendors so the attack can originates from their applications too.
Copyright © 2024 TeleNetworks Technologies Private Limited - All Rights Reserved.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.