SlideShare a Scribd company logo

Cyber Security Fundamentals

Download as PPTX, PDF
Apurv Singh Gautam
Apurv Singh Gautam

This seminar was delivered to 2nd-year CS and IT students of Symbiosis Institute of Technology

Technology
1 of 32
CYBER SECURITY FUNDAMENTALS By – Apurv Singh Gautam
WHAT TO EXPECT??
NEED OF SECURITY • Increasing awareness of technology but not Security • Continuous Development & Competition in IT • Increasing number of Cyber Criminals • Increasing use of Network elements & applications • Decreasing level of skill set
NEED OF SECURITY • Any Security breach in the website of any person increases the risk of the public image • Any Security breach in the website of any company increases the risk of company reputation • Any Security breach in the government website may increase the risk on project management and government operations
WHAT IS HACKING?? • Hacking is an art of exploring various security breaches • What people believe: It’s an anti-social activity : All the hackers are bad people • The terms Hacker and Hacking are being misinterpreted and misunderstood with negative sidelines
COMMUNITIES OF HACKERS • Hackers • Crackers • Phreaks • Script Kiddies
TYPES OF HACKERS • White Hat Hacker - They use their knowledge and skill set for good constructive intents. They find out new security loopholes and their solutions • Black Hat Hacker - They use their knowledge and skill set for illegal activities and destructive intents • Grey Hat Hacker – They use their knowledge and skill set for legal and illegal purpose. They are white hats in public but internally they do some black hat work
NETWORKING FUNDAMENTALS
IP ADDRESS IP Address is also known as, • Logical Address, or • Unique Identity Address It is used to identify the systems. Whenever any computer connects itself with the internet or with LAN, it gets one IP address, that IP address is always unique in the network. This means, once an IP address is assigned to any system in the network, it cannot be assigned to any other system. The same in the internet, if one IP address has been assigned to one system, it cannot be assigned to anyone else
IP TYPES • Internal IP - Whenever a computer connects itself with an Internal Network (LAN) , it gets an Internal IP. This IP will be the identity of the particular computer in the network • External IP - Whenever a computer connects itself with the internet , it gets an IP address by ISP. This IP will be the identity of the particular computer over the internet.
IP TYPES Both the Internal & External IP address can be allocated in two forms. • Static IP Address - Static IP Address remains same in all the sessions. • Dynamic IP Address - Dynamic IP Address keeps changing in all the sessions.
INTRODUCTION TO TROJANS
VIRUS & WORMS Virus, Vital Information Resource Under Seize , is a piece of code which is meant for the malicious purpose. It can replicate itself In the same system or also to the external hard drive. It may harm your system by deleting vital information from your hard drive or by corrupting the operating system files. Worms are the virus that replicates itself by resending itself as an e- mail attachment or as part of a network message. Worms does not alter files but resides in active memory and duplicates itself. Worm use parts of an operating system that are automatic and usually invisible to the user
TROJANS Trojans are piece of code which is meant for the remote administration purpose. It may or may not harm your computer but the hacker can administrate your computer remotely. A hacker may see the webcam, can get the logs of all the key strokes and can also delete any file & folders from your system. Trojans are one of the most dangerous and widely used by hackers to get into the systems
TYPES OF TROJANS • Direct Connection Trojan • Reverse Connection Trojan
DIRECT CONNECTION TROJAN In the direct connection Trojan, Victim’s IP Address plays essential role. Hacker sends Trojan to victim, victim unknowingly executes it. To get the remote connection of victim’s computer, hacker needs to have IP Address of victim. Hacker uses different methods to get the IP address of victims such as, • Email Tracing • IP Grabbing • Social Engineering
REVERSE CONNECTION TROJAN Hacker creates the Trojan with his own IP address. In this case, when a victim executes the Trojan, hacker gets the connection. Hacker needs to open one port to get the connection.
RAT (REMOTE ADMINISTRATION TOOL) RAT IS, Remote Administration Tool used to create the Trojans. One can use their own coding to create the Trojans also but RAT may help you to create it easily. • It is also used to control the victim’s computer. After creating and sending the Trojan, hacker needs to open a port on his own system, for this a hacker can use RAT. • RAT is created by the hackers to help the hackers, • Also after getting the connection hacker can perform various tasks such as accessing the webcam, file & folder operations, edit the registry and even can edit the command prompt of the victim using RAT.
RAT (REMOTE ADMINISTRATION TOOL) RATs are available for both the types of Trojans. There are numerous RATs available over the internet such as, • Cyber Gate • Dark Comet • Pro Rat • Poison Ivy • Net Bus Etc, etc, etc, …
INTRODUCTION TO SOCIAL ENGINEERING “Cause there’s no PATCH for HUMAN STUPIDITY”
WHAT IS SOCIAL ENGINEERING?? In context of Information Security, it is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
TECHNIQUE • Human Interaction • Respectable & Known Person or Entity • Assembling all gathered information together
TYPES OF SOCIAL ENGINEERING • Quid Pro Quo – Something for something • Phishing • Baiting • Pretexting • Diversion Theft
WEAKEST LINK?? No matter how strong your: • Firewalls • IDS & IPS • Cryptography • Anti-Virus Software • You are the weakest link in computer security. People are more vulnerable than computers. • “The weakest link in the security chain is the human element: - Kevin Mitnick
WAYS TO PREVENT SOCIAL ENGINEERING • User Awareness • Policies • Third party Test • Be Smart
CONTACT • Email – apurvsinghgautam@gmail.com • Mobie No. - +91 9918045500 • Social Name – Apurv Singh Gautam (Google, Facebook, Twitter, LinkedIn, Quora, etc etc)

Recommended

Hacking
HackingHacking
Hacking
Sharique Masood
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Cyber security
Cyber securityCyber security
Cyber security
Sajid Hasan
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Data security
Data securityData security
Data security
ForeSolutions
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 

Recommended

Hacking
HackingHacking
Hacking
Sharique Masood
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Cyber security
Cyber securityCyber security
Cyber security
Sajid Hasan
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Data security
Data securityData security
Data security
ForeSolutions
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Hacking
HackingHacking
Hacking
Ranjan Som
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
PranjalShah18
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Priyanshu Ratnakar
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Sharath Raj
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Vivek Agarwal
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
Network attacks
Network attacksNetwork attacks
Network attacks
Manjushree Mashal
 
Security models
Security models Security models
Security models
LJ PROJECTS
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Monika Deswal
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
Evolve IP
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
Anuradha Moti T
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
Workshop on Cyber security
Workshop on Cyber security Workshop on Cyber security
Workshop on Cyber security
Mehedi Hasan
 

More Related Content

What's hot

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Sharath Raj
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 

What's hot (20)

Hacking
HackingHacking
Hacking
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Network security
Network securityNetwork security
Network security
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
cyber security
cyber securitycyber security
cyber security
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
Security models
Security models Security models
Security models
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
 

Similar to Cyber Security Fundamentals

Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
Workshop on Cyber security
Workshop on Cyber security Workshop on Cyber security
Workshop on Cyber security
Mehedi Hasan
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigation
Mehedi Hasan
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 

Similar to Cyber Security Fundamentals (20)

Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
Workshop on Cyber security
Workshop on Cyber security Workshop on Cyber security
Workshop on Cyber security
 
Hacking intro
Hacking introHacking intro
Hacking intro
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigation
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security
 

More from Apurv Singh Gautam

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
Apurv Singh Gautam
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
Apurv Singh Gautam
 

More from Apurv Singh Gautam (14)

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS student
 
SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)
 
Cyber Security Seminar Day 1
Cyber Security Seminar Day 1Cyber Security Seminar Day 1
Cyber Security Seminar Day 1
 
Bitcoin Forensics
Bitcoin ForensicsBitcoin Forensics
Bitcoin Forensics
 
Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
 
OSINT
OSINTOSINT
OSINT
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Flexible Displays
Flexible DisplaysFlexible Displays
Flexible Displays
 
India against corruption
India against corruptionIndia against corruption
India against corruption
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management system
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 

Cyber Security Fundamentals

  • 2.
  • 4. NEED OF SECURITY • Increasing awareness of technology but not Security • Continuous Development & Competition in IT • Increasing number of Cyber Criminals • Increasing use of Network elements & applications • Decreasing level of skill set
  • 5.
  • 6. NEED OF SECURITY • Any Security breach in the website of any person increases the risk of the public image • Any Security breach in the website of any company increases the risk of company reputation • Any Security breach in the government website may increase the risk on project management and government operations
  • 7.
  • 8. WHAT IS HACKING?? • Hacking is an art of exploring various security breaches • What people believe: It’s an anti-social activity : All the hackers are bad people • The terms Hacker and Hacking are being misinterpreted and misunderstood with negative sidelines
  • 9. COMMUNITIES OF HACKERS • Hackers • Crackers • Phreaks • Script Kiddies
  • 10. TYPES OF HACKERS • White Hat Hacker - They use their knowledge and skill set for good constructive intents. They find out new security loopholes and their solutions • Black Hat Hacker - They use their knowledge and skill set for illegal activities and destructive intents • Grey Hat Hacker – They use their knowledge and skill set for legal and illegal purpose. They are white hats in public but internally they do some black hat work
  • 12. IP ADDRESS IP Address is also known as, • Logical Address, or • Unique Identity Address It is used to identify the systems. Whenever any computer connects itself with the internet or with LAN, it gets one IP address, that IP address is always unique in the network. This means, once an IP address is assigned to any system in the network, it cannot be assigned to any other system. The same in the internet, if one IP address has been assigned to one system, it cannot be assigned to anyone else
  • 13. IP TYPES • Internal IP - Whenever a computer connects itself with an Internal Network (LAN) , it gets an Internal IP. This IP will be the identity of the particular computer in the network • External IP - Whenever a computer connects itself with the internet , it gets an IP address by ISP. This IP will be the identity of the particular computer over the internet.
  • 14. IP TYPES Both the Internal & External IP address can be allocated in two forms. • Static IP Address - Static IP Address remains same in all the sessions. • Dynamic IP Address - Dynamic IP Address keeps changing in all the sessions.
  • 16. VIRUS & WORMS Virus, Vital Information Resource Under Seize , is a piece of code which is meant for the malicious purpose. It can replicate itself In the same system or also to the external hard drive. It may harm your system by deleting vital information from your hard drive or by corrupting the operating system files. Worms are the virus that replicates itself by resending itself as an e- mail attachment or as part of a network message. Worms does not alter files but resides in active memory and duplicates itself. Worm use parts of an operating system that are automatic and usually invisible to the user
  • 17. TROJANS Trojans are piece of code which is meant for the remote administration purpose. It may or may not harm your computer but the hacker can administrate your computer remotely. A hacker may see the webcam, can get the logs of all the key strokes and can also delete any file & folders from your system. Trojans are one of the most dangerous and widely used by hackers to get into the systems
  • 18. TYPES OF TROJANS • Direct Connection Trojan • Reverse Connection Trojan
  • 19. DIRECT CONNECTION TROJAN In the direct connection Trojan, Victim’s IP Address plays essential role. Hacker sends Trojan to victim, victim unknowingly executes it. To get the remote connection of victim’s computer, hacker needs to have IP Address of victim. Hacker uses different methods to get the IP address of victims such as, • Email Tracing • IP Grabbing • Social Engineering
  • 20. REVERSE CONNECTION TROJAN Hacker creates the Trojan with his own IP address. In this case, when a victim executes the Trojan, hacker gets the connection. Hacker needs to open one port to get the connection.
  • 21. RAT (REMOTE ADMINISTRATION TOOL) RAT IS, Remote Administration Tool used to create the Trojans. One can use their own coding to create the Trojans also but RAT may help you to create it easily. • It is also used to control the victim’s computer. After creating and sending the Trojan, hacker needs to open a port on his own system, for this a hacker can use RAT. • RAT is created by the hackers to help the hackers, • Also after getting the connection hacker can perform various tasks such as accessing the webcam, file & folder operations, edit the registry and even can edit the command prompt of the victim using RAT.
  • 22. RAT (REMOTE ADMINISTRATION TOOL) RATs are available for both the types of Trojans. There are numerous RATs available over the internet such as, • Cyber Gate • Dark Comet • Pro Rat • Poison Ivy • Net Bus Etc, etc, etc, …
  • 23. INTRODUCTION TO SOCIAL ENGINEERING “Cause there’s no PATCH for HUMAN STUPIDITY”
  • 24. WHAT IS SOCIAL ENGINEERING?? In context of Information Security, it is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
  • 25.
  • 26. TECHNIQUE • Human Interaction • Respectable & Known Person or Entity • Assembling all gathered information together
  • 27. TYPES OF SOCIAL ENGINEERING • Quid Pro Quo – Something for something • Phishing • Baiting • Pretexting • Diversion Theft
  • 28.
  • 29. WEAKEST LINK?? No matter how strong your: • Firewalls • IDS & IPS • Cryptography • Anti-Virus Software • You are the weakest link in computer security. People are more vulnerable than computers. • “The weakest link in the security chain is the human element: - Kevin Mitnick
  • 30. WAYS TO PREVENT SOCIAL ENGINEERING • User Awareness • Policies • Third party Test • Be Smart
  • 31.
  • 32. CONTACT • Email – apurvsinghgautam@gmail.com • Mobie No. - +91 9918045500 • Social Name – Apurv Singh Gautam (Google, Facebook, Twitter, LinkedIn, Quora, etc etc)