Category: Basics

Hello, aspiring ethical hackers. In this blogpost, you will learn about cryptography or in the cybersecurity sense about encryption. The word cryptography came from a Greek word kryptos which means “hidden secret” and it plays a very important role in cybersecurity.

What is cryptography?

Cryptography is the study of secure communication techniques. It is closely associated with encryption which is an act of taking an ordinary text and scrambling it to transform it in to cipher text. The aim of this encryption is to make sure that the message is only understood by someone which it is intended to.

Types of Cryptographic techniques

There are three types of cryptographic techniques. They are,

1. Single key cryptographic system (Symmetric encryption)
2. Public key cryptographic system (Asymmetric encryption)
3. Hash Functions.

What is a cryptographic key?

A cryptographic key is a string of characters used with an encryption algorithm to transform data into a scrambled form or cipher text.

What is an encryption algorithm?

An encryption algorithm is the method used to transform plain text to cipher text.

1. Symmetric encryption (Single key cryptographic system)

In symmetric encryption, a single key is used to both encrypt and decrypt data.

Hence it is known as single key cryptographic system. Symmetric encryption is very fast and hence used wherever speed is required for encryption. For example, it is used for encrypting credit card information and other confidential information, making malware and virus Fully Undetectable (FUD) etc. There are various encryption algorithms. The most popular encryption algorithms are   DES, 2DES, 3DES, AES, IDEA, RC4, RC5,  RC6, Blowfish etc.

2. Public key cryptographic system or asymmetric encryption (PKCS):

Also known as asymmetric encryption, Public key cryptographic system (PKCS) uses two keys: Public key and Private key. The data is encrypted with the Public key and can only be decrypted with private key or vice versa.

Since two different keys are used for encryption and decryption, even if any attacker knows about the key used for encryption there is no threat to any data. It is more secure than the single key cryptographic system but a bit slow. This is used in online communications like HTTPS, digital signatures etc. Example of Public key cryptography system algorithms are RSA, Diffie-Hellman etc.

3. Hash Functions or Message Digests:

A hash function is a versatile one-way cryptographic algorithm that converts plain text to a fixed length of encrypted text which is known as a message digest or simply a hash. A hash is known as a one-way function since once it encrypted it cannot be decrypted but (or decrypting it is very complex and difficult). Hash functions and message digests are used whenever the decrypting is not needed like hashing the passwords etc. Example of hash functions are MD5, SHA-1, SHA-512, RIPEMD etc.

Hello, aspiring ethical hackers. In this blogpost you will learn about IoT security or Internet of Things (IoT) security. But before you understand IOT security, you need to understand what Information of Things (IOT) is.

What is Information of Things (IoT)?

A few years back, getting an internet connection to our home was a bit rare and costly. I remember most of my friends had a computer at home but nobody had internet. Nowadays, even device (that once existed without the need of internet) can be connected to the internet.

These devices include lightbulbs, security cameras, fans, Refrigerator, Washing machine and almost all the devices of a smart home. They are connected to internet to add comfort to humans. All these devices are together known as Internet of Things (IOT).

Unlike your computer, laptop or mobile, these devices don’t need any human interaction to connect to internet.

What is IoT security?

As you should have figured out by now, IoT security is ensuring the security of these devices to protect your network.

What are various threats to IoT security?

Every device that is connected to internet is vulnerable to hacking. MIRAI botnet proved it. Internet of Things (IoT) devices are built with usability and human comfort in mind. The most common threats to IOT devices are.

1. Firmware vulnerabilities:

Every digital device has a firmware which is similar to a operating system on a computer. However, it cannot by easily updated as a operating system. So, once a vulnerability is detected in the firmware and exploited in an IOT device, it is difficult to upgrade or patch it.

2. Credential attacks:

Although IoT devices come with credentials, these are default credentials that hat are insecure and easy to guess. In most IoT devices, these credentials cannot even be reset or changed. So, any attacker can easily guess the credentials, take control of the devices.

3. Man-in-the-Middle attacks:

Man in the middle (MiTM) attacks are just not limited to computers and servers. It is also possible to perform packet sniffing and password sniffing between the IOT device and the server it is connecting to. If the transmission is taking place in clear text, hackers can sniff on it.

4. Physical access attacks:

Most IoT devices are placed in easily accessible locations. If hackers can get hold of this device, they can take control of the device.

Hello, aspiring ethical hackers. In this blogpost, you will learn about cloud security. Before you learn about cloud security, you need to have a basic idea about what is cloud computing or cloud. Let me give you an example. Have you ever used Gmail or any other email service? What do you do to check your email? You open a browser or email client and go to the URL of the email service, enter your credentials and finally read your mails or start composing an email. Have you ever thought where all the mails are stored? Definitely not on your own system. They are stored elsewhere. Well, this is exactly how cloud computing works.

What is cloud computing?

Cloud computing is providing of computer system resources like data storage, computing power, networking, servers and software etc over the internet on demand.

Types of Cloud computing

Services in cloud can be provided as per anyone’s need with customization. However, there are three models of cloud computing that are generally preferred.

1. Infrastructure as a Service (IaaS):

In this model of cloud service, customers rent the building blocks of computing like servers (physical or virtual), storage and networking. It is usually rented by those organizations which want to have complete control over their cloud. The needed software and applications are installed by the organization.

2. Platform as a Service (PaaS):

What if organization or users don’t have the technical know how about installing everything on their rented hardware on cloud. The PaaS model comes to their rescue. This model comes with the installation of required tools and software along with basic computing resources provided in IaaS. For example, imagine you want to rent a WAMP server on cloud. Along with the basic computing resources, it comes with a Windows 10 machine with WAMP server installed on it. You still have to create the websites to be hosted on the WAMP server.

3. Software as a service (SaaS):

The most popular cloud model, it provides just all the resources and software you need. For example, let’s just say you rented a WordPress website on cloud for you. All you have to do is login into the WordPress website on your browser and upload blogposts. Rest all the cloud provider takes care for you.

What is Cloud Security?

Cloud security is the concept of providing security to the cloud-based systems from all the usual threats and dangers of cyber security. Cloud security is the responsibility of both the cloud service provider and the end user.

What are some cloud security threats?

Systems in cloud are vulnerable to all threats usual networks do like zero-day-vulnerabilities, DoS, phishing and malware etc.

Hello, aspiring Ethical Hackers. In this blogpost, you will learn about different security technologies that are used in an organization to protect the network against cyber-attacks. Various devices and software come into play while protecting the organization from a variety of threats. Let’s learn about each of them.

1. Firewall:

A firewall is the most common defensive measure that is used in organizations against cyber attacks. It can be considered the first layer of defense against hackers. Just as its name implies, it works as a wall between two networks thus preventing malicious traffic from entering the network of the organization. Learn more about firewalls here.

2. Anti-Malware:

In one of our previous articles, you learnt about virus and malware. Anti virus protects the computers and other devices in the network from this malicious software. Learn more about Antivirus.

3. Intrusion Detection System (IDS):

An Intrusion Detection System (IDS) monitors the entire traffic of the network and as soon as it sees any traffic that it considers malicious, it raises an alert. Learn more about IDS.

4. Intrusion Prevention System (IPS):

An Intrusion Prevention System (IPS) is one step above IDS. It performs the functions just like an IDS, but whenever it detects malicious traffic, it tries to prevent the connection by dropping the packets. Learn more about Intrusion Prevention System (IPS).

5. Endpoint Detection & Response (EDR):

Endpoint Detection and Response is used to monitor end user devices on the network for malware and acts against them if needed.

6. Honeypot:

Sometimes, organizations need to understand what hackers would be interested in once they are in their network. A honeypot serves this purpose. A honeypot acts as a juicy target and attracts towards thus preventing them from hacking anything in the original network. A honeypot designed with a lot of vulnerabilities that can keep the hackers constantly interested. Learn more about honeypots.

7. Demilitarized Zone (DMZ):

A demilitarized zone is a network used to add an external layer of security to the organization’s network. Usually placed at the perimeter, it has access to the external network. It usually contains an external facing service.

8. Data-Loss Prevention (DLP):

Data Loss Prevention (DLP) ensures that no confidential data is being sent out of the organization’s network. Confidential data refers to data that once exposed to the internet can harm the security of the network.

9. Security Incident & Event manager (SIEM):

A security Incident & Event Manager raises an alert if it detects any malicious activity. That’s all about the various security technologies.

Hello aspiring Ethical Hackers. In this blogpost, you will learn about steganography. Before you learn what is it, you need to learn why are we learning about it. In Feb 2023, Red Eyes Hacking Group (APT37) used a jpg image as attachment in one of their spear phishing email. When victims clicked on this image, it triggered an exploit that ran shellcode on the victim’s computer to download and execute a malicious payload that is stored within the jpg file mentioned above. But how was the malicious payload was hidden inside the jpg image?

What is Steganography?

It is an art or technique of hiding secret or any precious information inside something that looks common & ordinary. This information is hidden in such a manner that its presence is not evident to the human inspection. The word stegano graphy came from Greek word steganographic, that is combination of words steganos (meaning hidden or concealed) and graphia (writing).

In ancient and medieval times, kings used steganography to forward messages secretly. Greeks were the fist to use it. Coming to modern times, hackers are using it to hide malicious code in images, text, files, audio, video film and any other medium that looks benign.

Types of Steganography

There are five types of stegano graphy. They are,

1. Text stegano graphy
2. Image stegano graphy
3. Video stegano graphy
4. Audio stegano graphy
5. Network Stegano graphy

1. Text Steganography::

In text steganography, the secret information is hidden in a piece of text. For example, let’s say a text contains “Indians love Unity”. This may look like an ordinary or normal text. But just take the first letter of these three words. That becomes “ILU” a shortcut for I Love You message used by youngsters.

2. Image Stegano graphy:

As you might have already expected, when the secret information is hidden in an image (digital image) it is known as Image steganography.

3. Audio Steganography:

If the information we want to hide is hidden in an audio, it is known as audio steganography. Humans can hear sound that only contains certain frequencies. So, by altering the properties of audio like frequency, amplitude etc. secret messages can be hidden. However, to be able to receive and understand this secret information, the receiver needs to have smart listening devices to decipher the hidden information.

4. Video Steganography:

If the secret information is hidden in a video, it is called video steganography. A video is simply a representation of a sequence of consecutive images. So, we can say that this is an advanced version of Image steganography.

5. Network Steganography:

Considered to be more advanced and practically useful to Black Hat Hackers, in Network steganography information is hidden in network traffic. For example, it can be hidden in the TCP/IP headers etc.

Examples of Steganography attacks in hacking

1. In September 2022, researchers at ESET discovered a previously unknown Threat actor they named Worok hiding malicious payload in PNG files.
2. In 2019, researchers at Symantec observed a Russian cybersecurity group waterbug (also known as just the malicious) delivering a publicly known backdoor by hiding it in a WAV file.
3. In the same year, security researchers at Cylance observed a hacking campaign that was delivering XMRIG Monero CPU miner by hiding them in WAV files.
4. PLATINUM hacker group, that usually targets Governments of South Asia and South East Asia, embedded their malware commands in the HTML code of a website. They achieved this by encoding malware commands in a specific sequence of “TAB” and “SPACE” bar.

In future steganography is going to increase in cyber security.