Tag Archive for: Learn

What is ethical hacking and how to learn it

/in




a close up of a computer keyboard: What is ethical hacking and how to learn it

© Provided by The Statesman
What is ethical hacking and how to learn it

Last year, Cosmos Bank in Pune was attacked by cybercriminals. Hackers broke into the ATM server of the bank and stole the details of Visa and Rupay debit card owners. This attack resulted in a loss of Rs 94 crore for the bank as well as a major privacy breach for the users. Hackers are not always as cool as V from V for Vendetta with his Guy Fawkes mask and cool daggers, single handedly destroying fascism. Attacks like the one at Cosmos Bank are a threat not just to businesses but also to folks who use those businesses. How was it possible for hackers to pull off something as huge as the theft of INR 94 crores without even being physically present? Can it be stopped? Where does ethical hacking come into play? Let’s learn about this a little more.

What is hacking?

When we read the word hacking, we may instantly think of a black screen running endless lines of bright green code like Matrix, but really, what is hacking? To put it simply, hacking is using computer skills to find the weaknesses in a computer or a network and then, exploiting those weaknesses by gaining unauthorised access to the system or network.

Think of a computer or a network as a room. A hacker would survey the room from the outside, identify all the weaknesses in that room such as breakable windows, weak locks, etc., and find out ways to break into that room without raising any alarms.

Types of hacking

Based on the kind of target, hacking is divided mainly into five types.

1. Web application hacking: This type of hacking targets applications that require the use of the internet on your browser. It includes email programs, Google apps, shopping carts, online forms, etc.

2. System hacking: This type of hacking seeks access to individual computers on a network by cracking passwords, installing spyware into the system, etc.

3. Web server hacking: A web server is a computer that displays web content. Attacks on a web server can affect websites and the users as they are hosted on web servers.

4. Wireless network hacking: This kind of hacking involves intercepting wireless connection and traffic from non-secure networks. Hackers can…

Source…

Convention lets kids learn about ‘white hat hacking’ | Lifestyles

/in


BLOOMSBURG — Kids ages 7 to 17 are invited to learn about “white hat hacking” at a special conference hosted by the Bloomsburg Children’s Museum this Saturday.

The event will be held from 10 a.m. to 4 p.m. in the Arts & Crafts Building on the Bloomsburg Fairgrounds, and will feature guest speakers, workshops, and STEM work stations. Doors will open at 9 a.m.

Participants will learn from ethical hackers, information security professionals, and educators, and will have a chance to win prizes.

According to museum director Ginny Weibel, “Students will learn how to code, program, work with robotics, make electrical circuits, break codes and ciphers, engineer rockets, and learn about internet safety.

“We also take the term ‘hack’ loosely at our conference,” she added, “so kids will learn things like financial hacks and healthy eating hacks.”

Hak4Kidz began in 2017 and was created to complement BloomCON, Bloomsburg University’s annual digital forensics, cybersecurity, and hacking conference, which each year hosts a variety of speakers and features unique workshops and cybersecurity challenges. BloomCON will be held virtually this year. The BloomCON Hak4Kidz event was canceled last year due to COVID shutdowns.

Webel said attendance at the conference grew from 40 people in 2017 to more than 400 in 2019.

Dubbed as “Pennsylvania’s only kid-friendly hacking conference,” Weibel said “you’d have to go to Washington D.C. or Chicago to get to a similar conference.”

The museum, along with BloomCON leader Dr. Phil Polstra, worked with Dave Schwartzberg, founder of Hak4Kidz in Chicago to bring the program to Bloomsburg.

“The need to get kids interested in STEM-type jobs is undeniable,” Weibel said. “The Pennsylvania Department of Education reports that there will be a 9 percent growth in STEM-related jobs in the state by 2026 – that’s over a half million jobs.” The department also reports, she said, that in 10 years, 71 percent of all new jobs in the state will require computer science skills.

“Having a conference of this type in our region adds so much…

Source…

City Has Opportunity To Learn From Ransomware Attack: Cybersecurity Expert

/in


A cybersecurity expert believes Saint John has an opportunity to learn from the ransomware attack that took down its network last November.

Last week, City Manager John Collin told council that a third-party review found it very unlikely the attack had caused the city to lose any confidential data like personal payment info.

Dominic Vogel is the founder & chief strategist of Cyber SC. He says the city can use their experience with cybercriminals to prepare for the future.

“This affords them the opportunity to build security in right while there are still lots of cities and municipalities that feel ‘oh, we dodged a bullet, but we don’t need to invest in cybersecurity,’” Vogel said. “They’re sort of living in a false world.”

Vogel pointed out that there are never any guarantees that no personal information was lost in a breach, however it is reassuring that a third-party company was consulted and found no evidence of payment information going missing.

The concern now is that the city and residents let its guard down once again.

Vogel says hackers don’t necessarily need payment information to consider an attack successful. Instead, they can use other info to launch future successful phishing attacks.

“(Non-payment) information can be used to craft more believable phishing emails that can be sent to you,” he said. “And if those emails are more believable, you’re more likely to fall victim to that.”

So long as the city remains vigilant, and considers the advice of cybersecurity experts, Vogel believes last November’s attack could prove to be a helpful learning experience.

“What we need to see long-term from the city and this executive, is they don’t have short-term memory and think ‘oh, we survived this. Nothing bad happened, no data was compromised. We’re not going to change our ways.’ I’m very hopeful that they do change their ways.’”

Source…

. Hacking News — learn more about it — The Hacker News

/in


Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

January 22, 2021Ravie Lakshmanan

SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access ( SMA ) that are used to provide users with remote access to internal resources. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products,” the company exclusively told The Hacker News. The development comes after The Hacker News received reports that SonicWall’s internal systems went down earlier this week on Tuesday and that the source code hosted on the company’s GitLab repository was accessed by the attackers. SonicWall wouldn’t confirm the re

Source…