SlideShare a Scribd company logo

Cybersecurity _ Man in the Middle (MITM) Attack.pptx

Download as PPTX, PDF
R
Rejwana1

A MITM attack is a type of cyber-attack where a user is introduced to some kind of meeting between two parties by a malicious person, manipulates both parties and gains access to the data that the two people try to supply each other. A man-in-the-middle attack also helps a malicious attacker, not recognizing any type of participant until it's too late, to hack and send data transmission to someone else. MITM attacks may be referred to in certain cases, such as MITM, MITM, MIM, or MIM.

Technology
1 of 15
CYBERSECURITY | MAN IN THE MIDDLE ATTACK
INTRODUCTION • There are many types of security threats that attackers can use to access unsafe applications • While intimidators can carry out some of these attacks using automated software, others require a more active role than attackers • In this tutorial, we will explain the basic concepts behind a man-in-the-middle attack, and provide examples and mitigation strategies
WHAT IS A MAN- IN-THE-MIDDLE ATTACK? • A MITM attack is a type of cyber-attack where a user is introduced to some kind of meeting between two parties by a malicious person, manipulates both parties and gains access to the data that the two people try to supply each other • A man-in-the-middle attack also helps a malicious attacker, not recognizing any type of participant until it's too late, to hack and send data transmission to someone else • MITM attacks may be referred to in certain cases, such as MITM, MITM, MIM, or MIM
WHO ARE THE TARGETS OF MAN-IN-THE- MIDDLE ATTACKS? • Anyone can be attacked at any time • The device from which the computer or mobile phone is using the Internet is not considered, if the connection is insecure, especially when using free WiFi, you are more likely to have a moderate attack • After entering a website, if you see that https: // is not written in green at the beginning of the name lock, then leave the site quickly
HOW DOES THE MITM ATTACK WORK? • During MITM attacks, cybercriminals put themselves in the middle of data transactions or online communication • Online banking and e-commerce sites, which require secure authentication with a public key and a private key, are the main targets of MiTM attacks because they enable attackers to capture login credentials and other confidential information • The attacker tricks the client and the server into believing that they are exchanging information with each other, while the attacker intercepts the data, creates a connection to the original site, and acts as a proxy to read and insert false information into the communication
THE FOLLOWING STEPS INVOLVE A COMMON DATA BARRIER STRATEGY The decryption phase is where the pasted data is not encrypted This vital step enables the attacker to finally decipher and use the data to their advantage; For example, they may steal identities or disrupt business activities
WHAT ARE THE TYPES OF MAN- IN-THE-MIDDLE ATTACKS? • To gain access to devices and sensitive information, cybercriminals use the following methods to manage MiTM attacks • Spoofing the domain name system • HTTP spoofing • Secure socket layer hijacking • Email hijacking • Wi-Fi eavesdropping • Session Hijacking • Cache poisoning
HOW TO PREVENT MAN- IN-THE-MIDDLE ATTACK • Mitigation is the best defense against MiTM attacks
SECURE CONNECTION
AVOID PHISHING EMAILS • Clicking on these links should be avoided, as they may redirect a user to a fake website or download malicious software to their device
VIRTUAL PRIVATE NETWORK ENCRYPTION
ENDPOINT SECURITY • Extensive endpoint security is most important when trying to prevent the spread of malware and other cyber attacks • By educating users about the dangers of MiTM attacks and implementing mandatory active security awareness training for employees, organizations can protect their sensitive data in advance • The training should teach users how to detect malicious emails and enlighten them about the best practices for security, such as implementing a VPN, avoiding public Wi-Fi networks, and not clicking on suspicious email links
EXAMPLES OF MAN-IN-THE- MIDDLE ATTACKS • Although the history of MiTM attacks dates back to pre-Internet times, they have gained the most traction and limelight in recent years • The following are some popular real-world examples of man-in-the-middle attacks
EQUIFAX'S MOBILE APPLICATION • Equifax, one of the largest credit reporting agencies, suffered a massive data breach in 2017 that leaked financial information to nearly 150 million people in the United States • In addition to this breach, it was discovered that the company's mobile phone apps do not always use HTTPS • Simultaneously Equifax enables users to intercept data
DESIGNER • DigiNotar, a Dutch issuer of digital security certificates, was breached in 2011 when a threatening actor gained access to 500 certificates for prominent websites such as Google and Skype • The threat actor uses a MiTM attack tactic to persuade users to enter passwords on fake websites and pretend to be real • DigiNotar has finally filed for bankruptcy to recover from the loss of this data breach

Recommended

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxANIKETKUMARSHARMA3
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security and its controls.pptx
Cyber security and its controls.pptxCyber security and its controls.pptx
Cyber security and its controls.pptxsrikmhh
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 

Recommended

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxANIKETKUMARSHARMA3
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security and its controls.pptx
Cyber security and its controls.pptxCyber security and its controls.pptx
Cyber security and its controls.pptxsrikmhh
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Challenges 14 security (1).pdf
Challenges 14 security (1).pdfChallenges 14 security (1).pdf
Challenges 14 security (1).pdfdhayadhayananth1
 
Cyber security
Cyber securityCyber security
Cyber securityAshok Mankodi
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx56ushodayareddy
 
cyber threats and attacks.pptx
cyber threats and attacks.pptxcyber threats and attacks.pptx
cyber threats and attacks.pptxsakshiyad2611
 
Cyber security
Cyber securityCyber security
Cyber securityPawanKalyanAmbati
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptxPradeeshSAI
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityYellowSlice1
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityApplied Forensic Research Sciences
 
Exploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat LandscapeExploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat Landscapecyberprosocial
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Cybercrime
CybercrimeCybercrime
CybercrimeVansh Verma
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptxMuhammadRehan856177
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computingEduardo Cambinda
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtaufiq463421
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 

More Related Content

Similar to Cybersecurity _ Man in the Middle (MITM) Attack.pptx

Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Challenges 14 security (1).pdf
Challenges 14 security (1).pdfChallenges 14 security (1).pdf
Challenges 14 security (1).pdfdhayadhayananth1
 
cyber threats and attacks.pptx
cyber threats and attacks.pptxcyber threats and attacks.pptx
cyber threats and attacks.pptxsakshiyad2611
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptxPradeeshSAI
 
Exploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat LandscapeExploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat Landscapecyberprosocial
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtaufiq463421
 

Similar to Cybersecurity _ Man in the Middle (MITM) Attack.pptx (20)

Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Challenges 14 security (1).pdf
Challenges 14 security (1).pdfChallenges 14 security (1).pdf
Challenges 14 security (1).pdf
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
cyber threats and attacks.pptx
cyber threats and attacks.pptxcyber threats and attacks.pptx
cyber threats and attacks.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Exploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat LandscapeExploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat Landscape
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computing
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
 

Recently uploaded

Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekCzechDreamin
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfFIDO Alliance
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...CzechDreamin
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 

Recently uploaded (20)

Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 

Cybersecurity _ Man in the Middle (MITM) Attack.pptx

  • 1. CYBERSECURITY | MAN IN THE MIDDLE ATTACK
  • 2. INTRODUCTION • There are many types of security threats that attackers can use to access unsafe applications • While intimidators can carry out some of these attacks using automated software, others require a more active role than attackers • In this tutorial, we will explain the basic concepts behind a man-in-the-middle attack, and provide examples and mitigation strategies
  • 3. WHAT IS A MAN- IN-THE-MIDDLE ATTACK? • A MITM attack is a type of cyber-attack where a user is introduced to some kind of meeting between two parties by a malicious person, manipulates both parties and gains access to the data that the two people try to supply each other • A man-in-the-middle attack also helps a malicious attacker, not recognizing any type of participant until it's too late, to hack and send data transmission to someone else • MITM attacks may be referred to in certain cases, such as MITM, MITM, MIM, or MIM
  • 4. WHO ARE THE TARGETS OF MAN-IN-THE- MIDDLE ATTACKS? • Anyone can be attacked at any time • The device from which the computer or mobile phone is using the Internet is not considered, if the connection is insecure, especially when using free WiFi, you are more likely to have a moderate attack • After entering a website, if you see that https: // is not written in green at the beginning of the name lock, then leave the site quickly
  • 5. HOW DOES THE MITM ATTACK WORK? • During MITM attacks, cybercriminals put themselves in the middle of data transactions or online communication • Online banking and e-commerce sites, which require secure authentication with a public key and a private key, are the main targets of MiTM attacks because they enable attackers to capture login credentials and other confidential information • The attacker tricks the client and the server into believing that they are exchanging information with each other, while the attacker intercepts the data, creates a connection to the original site, and acts as a proxy to read and insert false information into the communication
  • 6. THE FOLLOWING STEPS INVOLVE A COMMON DATA BARRIER STRATEGY The decryption phase is where the pasted data is not encrypted This vital step enables the attacker to finally decipher and use the data to their advantage; For example, they may steal identities or disrupt business activities
  • 7. WHAT ARE THE TYPES OF MAN- IN-THE-MIDDLE ATTACKS? • To gain access to devices and sensitive information, cybercriminals use the following methods to manage MiTM attacks • Spoofing the domain name system • HTTP spoofing • Secure socket layer hijacking • Email hijacking • Wi-Fi eavesdropping • Session Hijacking • Cache poisoning
  • 8. HOW TO PREVENT MAN- IN-THE-MIDDLE ATTACK • Mitigation is the best defense against MiTM attacks
  • 10. AVOID PHISHING EMAILS • Clicking on these links should be avoided, as they may redirect a user to a fake website or download malicious software to their device
  • 12. ENDPOINT SECURITY • Extensive endpoint security is most important when trying to prevent the spread of malware and other cyber attacks • By educating users about the dangers of MiTM attacks and implementing mandatory active security awareness training for employees, organizations can protect their sensitive data in advance • The training should teach users how to detect malicious emails and enlighten them about the best practices for security, such as implementing a VPN, avoiding public Wi-Fi networks, and not clicking on suspicious email links
  • 13. EXAMPLES OF MAN-IN-THE- MIDDLE ATTACKS • Although the history of MiTM attacks dates back to pre-Internet times, they have gained the most traction and limelight in recent years • The following are some popular real-world examples of man-in-the-middle attacks
  • 14. EQUIFAX'S MOBILE APPLICATION • Equifax, one of the largest credit reporting agencies, suffered a massive data breach in 2017 that leaked financial information to nearly 150 million people in the United States • In addition to this breach, it was discovered that the company's mobile phone apps do not always use HTTPS • Simultaneously Equifax enables users to intercept data
  • 15. DESIGNER • DigiNotar, a Dutch issuer of digital security certificates, was breached in 2011 when a threatening actor gained access to 500 certificates for prominent websites such as Google and Skype • The threat actor uses a MiTM attack tactic to persuade users to enter passwords on fake websites and pretend to be real • DigiNotar has finally filed for bankruptcy to recover from the loss of this data breach