Introduction: In the fast-evolving digital age of the 21st century, cybersecurity has emerged as a paramount concern for governments, businesses, and individuals. The Workshop on Cybersecurity is a comprehensive and immersive event designed to address the challenges posed by cyber threats and equip participants with the knowledge and tools to safeguard their digital assets. This workshop, to be held over five days, seeks to empower attendees with the latest insights and practices in cyber defense, fostering a culture of resilience and proactive security measures. Day 1: Understanding the Cyber Landscape The workshop commences with a deep dive into the complex cyber landscape that defines modern society. Distinguished experts from the cybersecurity field will present an overview of the ever-changing cyber ecosystem, highlighting its interconnectedness and vulnerabilities. Participants will gain valuable insights into the roles of governments, corporations, and individuals in shaping the cyber landscape. Key topics covered will include the global impact of cyberattacks, the importance of international collaboration in countering cyber threats, and the significance of public-private partnerships. This foundational knowledge will serve as the basis for the subsequent discussions on cyber defense strategies. Day 2: Unraveling Cyber Threats and Attack Vectors Day two focuses on understanding the multitude of cyber threats and attack vectors that can target individuals and organizations. Renowned cybersecurity researchers will present real-life case studies of recent cyber incidents, ranging from nation-state-sponsored attacks to financially motivated hacking campaigns. Participants will gain a comprehensive understanding of the tactics employed by threat actors and the motivations behind their actions. Through interactive sessions, attendees will be immersed in simulated cyber-attack scenarios, enabling them to identify and mitigate potential threats effectively. The day will emphasize the need for a proactive and adaptive approach to cybersecurity, as well as the importance of threat intelligence sharing to bolster collective defense capabilities. Day 3: Building Robust Cyber Defense Strategies Day three delves into the development and implementation of robust cyber defense strategies. Experts in the field will introduce participants to cutting-edge tools and technologies that can effectively detect, prevent, and respond to cyber threats. Topics covered will include advanced threat hunting techniques, next-generation firewalls, intrusion detection systems, and incident response best practices.

1. Cyber Security
Cybercrime awareness and Investigation

2. Introduction
Mehedi Hasan
Master's in Information Systems security
Bangladesh University of Professionals (BUP),
Cell Phone : +8801713000056
Working Area: Electronics and Industrial Security.
Job Experience: 15 Years (Multinational Company)
• Brother International Singapore (Full Time)
• Law Enforcement & Intelligence
• Bangladesh Computer Council (B.C.C) (Guest Trainer)
• Cyber Crime Awareness Foundation (Member)
Professional Training: Singapore, Indonesia, Malaysia, Vietnam,
Thailand, Nepal and India.

3. Introduction
Case Study

4. Attacks on Banking Sector
Digital Forensic and Investigations
Social Engineering
Different types of Attack
Information Gathering
4
Introduction
Countermeasure
Chapter Outline

5. Introduction
Hacking: Unauthorized access in a system

6. Types of Hacking
• Website Hacking.
• Email Hacking.
• Network Hacking.
• Password Hacking.
• Online Bank Hacking
• Computer Hacking.

7. Welcome to Cybercrime
Awareness

8. Who is a Hacker
He is not a Hacker
He is a Hacker
• Not a Criminal
• Not someone who is expert on Microsoft word, excel.
•Think outside of the box.
•Wants to test his limits.
•Has unlimited curiosity.
•Discover s unknown features about technology.
•Dedicated to knowledge
•Highly creative.

9. Who is Hacker
Hacker Cracker
Lots of Knowledge & Experience Lots of Knowledge & Experience
Good person Bad person
Strong Ethics Poor Ethics
No Crime Involved with crime
Like to fights against criminal They are criminal

10. Modern Hacker
Networking Programming Operating System
Hacker

11. Steps Of Hacker
•Step 1: Identify Victim
•Step 2: Information Gathering.
•Step 3: Identify Loophole.
•Step 4: Actual Hack.
•Step 5: Escape without a trace.
Hacking into computer, is just like breaking into a house

12. Case Study
• Balancing money.
• Mumbai Lady.
• NASA
• Bangladesh Bank.
• American Bank.
• FBI Attack

13. Balancing money

14. Mumbai Lady
• A lady live in Mumbai,
India lived in an
apartment.
• Attacker broke into her
computer & switched her
web camera on!
• Biggest cyber crime
involving privacy invasion
in the world!

15. What will we learn?
• Not teach you how to become a criminal
• Teach you to think like a computer hacker.
• Teach you how computer criminals work.
• Implement solutions against criminals.
• Techniques to protect yourself.

16. The Anatomy of IP Addresses
• An IP address acts as the unique identity of a computer at
which if can be contacted.

17. The Anatomy of IP Addresses
Class Range
A 0.0.0.0 to 126.255.255.255
B 128.0.0.0 to 191.255.255.255
C 192.0.0.0 to 223.255.255.255
D 224.0.0.0 to 239.255.255.255
E 240.0.0.0 to 255.255.255.255

18. Email Spoofing
www.anonymizer.in/fake-mailer/
Email Spoofing is the art of sending a spoofed email from
somebody else’s email account.

19. SMS Spoofing
http://www.spranked.com,http://www.phonytext.com
SMS Spoofing is the art of sending a spoofed SMS from
somebody else’s mobile phone.

20. SMS Spoofing

21. SMS Spoofing

22. Ransomware
Ransomware is malware for data kidnapping, an exploit in
which the attacker encrypts the victim's data and demands
payment for the decryption key.

23. Email Spoofing
www.anonymizer.in/fake-mailer/
Email Spoofing is the art of sending a spoofed email from
somebody else’s email account.

24. Email Spoofing
www.anonymizer.in/fake-mailer/
Email Spoofing is the art of sending a spoofed email from
somebody else’s email account.

25. Email Spoofing
• Spam Filters with Firewall
• Filtering Software
• User awareness

26. Investigation
• Users behavior analysis
• Email Header Analysis
• IP Logger
• SMS / Conversation
• Web link sharing

27. How to find a remote system’s IP address
www.getnotify.com

28. How to find a remote system’s IP address
www.didtheyreadit.com

29. How to find a remote system’s IP address
www.politemail.com

30. Microsoft Outlook Header Analysis

31. How to find a remote system’s IP address
Email header analysis

32. How to find a remote system’s IP address
www.mxtoolbox.com

33. How to find a remote system’s IP address
EmailtrakerPro

34. How to find a remote system’s IP address
By sending link to victim

35. How to find a remote system’s IP address
Internet Chat: netstat -n

36. How to find a remote system’s IP address
www.whatismyipaddress.com

37. IP Address
• Change the name of the exe file.
• Change the port being used by tor.
• Add bridge relays to tor.
How to unblock Tor?

38. People Hacking
Whatever you do online, you are leaving a trace behind on some
website, server of system in some part of the world or other.
People hacking is the technique of searching the entire internet
looking for private information about some individual. The
information that you can find out is the following.
• Contact Addresses.
•Date of Birth.
•Email Address.
•Contact Number.
•Place of Work.
•Satellite Photos.
•Work History.

39. Proxy Workbench
www.pipl.com

40. Proxy Workbench
www.anywho.com

41. Steps Of Hacker
•Step 1: Identify Victim
•Step 2: Information Gathering.
•Step 3: Identify Loophole.
•Step 4: Actual Hack.
•Step 5: Escape without a trace.

42. Identify Loophole
• Port Scanning
• Send email with attach.
• User Analysis

43. IP Scanning

44. Proxy Workbench
www.googlemap.com
www.googleearth.com

45. Steps Of Hacker
•Step 1: Identify Victim
•Step 2: Information Gathering.
•Step 3: Identify Loophole.
•Step 4: Actual Hack.
•Step 5: Escape without a trace.

46. Actual Attack
• Virus
• Trojans
• Malware
• Keylogger
• Phishing
• Exploits
• Social Engineering

47. Virus
Vital Information Resources Under Siege
A computer virus is a program or piece of code that is loaded
onto your computer without your knowledge and runs against
your wishes. Viruses can also replicate themselves.

48. Trojans
NETBUS, BACK ORRIFICE, SUB7, GIRLFRIEND and WIN BACKDOOR.
Trojans are RATs or Remote Administration tools that give
an attacker remote control or remote to the victim’s
computer

49. Trojans
Ardamax Keylogger, Sniperspy, Winspy.
Software Keylogger

50. Trojans
Hardware Keylogger

51. Trojans
• Use updated Antivirus
• Scan your system regularly
• Scan flash media/Drive before use.
•

52. Trojans

53. Break

54. Phishing Attacks

55. Phishing Attacks

56. Phishing Attacks

57. Phishing Attacks

58. Social Engineering Attacks
• Mobile phones were used.
• Do not allow strangers to make calls from your mobile – your
phone could be detonating a bomb.

59. Types of ATM frauds
Card Stolen
PIN Compromise
Card Skimming

60. What is ATM Skimming

61. ATM frauds
Video surveillance
Hidden video camera
Overhead cell phone
camera
Remotely positioned
cameras
PIN pad overlay

62. ATM frauds
• Choose your ATM machines carefully
•Check the card slot carefully
• Ensure that there are no hidden cameras
• Shield your hand when you enter in your PIN
• Avoid using ATMs in isolated locations
• Always prefer ATM machines near Bank Branch.

63. Windows Hacking
Online Attack : Cain and Able
Dumps password hashes from the SAM file requires admin access
http://www.oxid.it

64. Cracking Network Passwords
Brutus
Fantastic Brute Force Password cracking tools

65. Captcha
Solution Against Brute force attacks

66. Network Attack
• Man In the meddle attack
• Brut forcing
• Botnet
• DOS and DDOS Attack

67. DOS Attack
NPING
Command line packet generator

68. DOS Attack
Cyber terrorism War

69. Low Orbit lon Cannon (LOIC)
It is an open source network stress tool. But can also be
used as a dDOS attack application.
Http://cisko.fr/

70. DDOS Attack
DoSHTTP

71. DOS Attack
Cyber terrorism War

72. DDOS Attack
Firewall
• They can Prevent Denial-of-Service (DoS) Attacks
• Prevent illegal modification / access of internal data
administered
network
public
Internet
firewall
trusted “good guys” untrusted “bad guys”

73. Social Engineering

74. Social Engineering

75. Social Engineering

76. Social Engineering

77. Social Engineering

78. Social Engineering

79. Social Engineering

80. Social Engineering

81. Social Engineering

82. CCTV Hacking
• inurl:/view.shtml
• intitle:”Live View / – AXIS” | inurl:view/view.shtml^
• inurl:ViewerFrame?Mode=
• inurl:ViewerFrame?Mode=Refresh
• inurl:axis-cgi/jpg
• intitle:”EvoCam” inurl:”webcam.html”
• intitle:”Live NetSnap Cam-Server feed”
• http://74.94.148.163:8080/ViewerFrame?Mode=Motion

83. Attacks on Banking Sector
Digital Forensic and Investigations
Social Engineering
Different types of Attack
Information Gathering
83
Introduction
Countermeasure
Chapter Outline

84. Digital forensic
• Forensic & Digital forensic:
• Forensics is the application of science to solve a legal problem
• Digital Forensics is a part of forensic science (in relation to
computer crime) focusing on the recovery and investigation of
material (essentially data) found in digital devices.
In a word, It is recovery Science

85. Computer forensic
Identity Finder

86. Smartphone forensic
Andriller

87. Digital Forensic

88. Digital Forensic
• Deleted Files
• Logs
• Special System files (registry etc.)
• Email archves, printer spools
• Adminirtrative setting
• Internet History
• Chat archives
• Encrypted Fiels /Password protected files

89. Countermeasure
Install Safety software program
• Secure browsing tools.
Cleaner, Antivirus Program, Awareness.
• Data safety tools
Folder Locker, True Crypt, SafeHouse
Explorar, BitLocker.

90. Investigation and Quarry

91. Investigation & Detection
http://www.edecision4u.com/PRODUCTS.html

92. Investigation & Detection
http://www.edecision4u.com/PRODUCTS.html
https://60.251.127.211:13443 Login: rootpass000000
Wireless-
Detective
Real-Time Wireless
Forensics and Lawful
Interception System
E-Detective
Real-Time Network Forensics and
Lawful Interception System

93. Attacks on Banking Sector
Digital Forensic and Investigations
Social Engineering
Different types of Attack
Information Gathering
93
Introduction
Countermeasure
Chapter Outline

94. Cyber Crime Awareness
• Password Changing policy.
• Don’t use simple password. (apni123, apni789, apni111,
123456, 098765, 0171300056, apni00056, apniabc)
• Don’t click on un trusted link.
• Spoofing email (Lottery, Girlfriend/boyfriend, Job)
• Remove unknown friend social media.
•Use strong password.
• Do not give your device to un trusted people.

95. Countermeasure
• Use Antivirus &Regularly scan computer and
external portable devices.
•Always check a website name in the browser
before entering your private information.
•Protect your computer with password.
• Always ask guidance from expert incase of doubt.

96. .