Showing posts with label Blogging. Show all posts
Showing posts with label Blogging. Show all posts

Thursday, 10 January 2019

Social Engineering Attack types and Precautions

Social Engineering Attack

Social engineering attacks are a form of psychological manipulation that exploits human behavior to trick individuals into giving away confidential information. These attacks can be carried out through various channels, including email, phone, social media, and in-person interactions. There are different types of social engineering attacks and how to protect ourselves from falling victim to them.


Types of Social Engineering Attacks


Phishing Attacks

Phishing attacks are the most common type of social engineering attack, and they involve the use of fraudulent emails or websites to trick individuals into giving away sensitive information, such as login credentials or credit card details. These emails or websites are designed to look like legitimate ones, often by replicating the logos and designs of well-known companies. Phishing attacks can also be carried out through phone calls or text messages.


Pretexting Attacks

Pretexting attacks involve the use of a fabricated story to convince an individual to disclose sensitive information. The attacker might pose as someone in authority, such as a bank employee or a company executive, and use the fabricated story to convince the victim to share confidential information.


Baiting Attacks

Baiting attacks involve the use of physical or digital media to lure individuals into disclosing sensitive information. For example, an attacker might leave a USB drive lying around in a public place, hoping that someone will pick it up and plug it into their computer. The USB drive might contain malware that can steal sensitive information from the victim's computer.


Spear Phishing Attacks

Spear phishing attacks are similar to phishing attacks, but they are targeted at specific individuals or groups. The attacker will research their target and craft a personalized email or message to make it seem more convincing. The goal is to trick the victim into divulging sensitive information or clicking on a malicious link.


Tailgating Attacks

Tailgating attacks involve the physical manipulation of individuals to gain access to restricted areas. The attacker might pose as an employee or a delivery person and follow someone into a restricted area. Once inside, they can steal sensitive information or carry out other malicious activities.


How to Protect Ourself from Social Engineering Attacks


Be cautious of unsolicited emails or messages. If an email or message seems too good to be true or asks for sensitive information, it is probably a social engineering attack.


Verify the identity of the person or organization before giving away any sensitive information. If you receive a phone call or message from someone claiming to be from your bank, for example, call the bank directly to verify their identity.


Install and regularly update anti-virus and anti-malware software on your devices.


Use strong passwords and enable two-factor authentication on your accounts.


Be mindful of what you post on social media. Avoid sharing personal information that could be used by attackers to carry out social engineering attacks.


Educate yourself and your employees about social engineering attacks. Awareness and training are key to preventing social engineering attacks.


In conclusion, social engineering attacks are a real threat in today's digital age. The best way to protect yourself is to be aware of the different types of social engineering attacks and to take proactive measures to prevent them.

Posted by at No comments:
Labels: , , , , , ,

Tuesday, 14 April 2015

What is Cross Site Scripting?

Cross-Site Scripting Attacker inserts malicious code into an application, when regular users request the webpage it returns the malicious page and the attacker gains control over user data via code he injects.

Countermeasure

Safely validating untrusted HTML input

Cookie security

Disabling scripts

Posted by at No comments:
Labels: , , , , , , , , ,

Tuesday, 7 April 2015

What is Dictionary Attacks?

 


A dictionary attack is a brute-force technique where attackers run through common words and phrases, such as those from a dictionary, to guess passwords. It is also known as dictionary password attack. 

Most people use real words as passwords.

Trying all dictionary words and makes the attack much faster.

Hackers and spammers attempt to log in to a computer system by trying all possible passwords until the correct one is found.

Countermeasures

Lockout a user after X no of  failed login attempts

Not using Dictionary words as passwords

Posted by at No comments:
Labels: , , , , , , , ,

Tuesday, 24 March 2015

What is Fraggle Attacks?

 

A Fraggle attack is exactly the same as a smurf attack, except that it uses the user datagram protocol, or UDP, rather than the more common transmission control protocol, or TCP. Fraggle attacks, like smurf attacks, are starting to become outdated and are commonly stopped by most firewalls or routers.

The attacker sends UDP packets to the random ports of the victim host. The victim will check for application listening on the port and reply with the "ICMP destination unreachable" packet.

The attacker can spoof the IP address of the UDP packets so that no one can trace it back.

Countermeasures

Close all unused ports.


Posted by at No comments:
Labels: , , , , , , ,

Friday, 6 March 2015

What is Brute Force Attack?

Brute Force Attack

A brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly.

The attacker systematically checks all possible passwords and passphrases until the correct one is found.

When password guessing, this method is very fast when used to check all short passwords.

There is a computer program run automatically to get the password.

The most basic brute force attack is a dictionary attack, where the attacker works through a dictionary of possible passwords and tries them all.

Countermeasures

• Account Lockout - You Have Implemented Account Lockout With A Clipping Level Of 4

• Strong Passwords -  A strong password must be at least 12 characters long and should consist of a random collection of uppercase and lowercase letters, numbers, and special characters.

• Implement Captcha - It is used to differentiate between real users and automated users, such as bots.


Posted by at No comments:
Labels: , , , , , , , , ,

Friday, 20 February 2015

What is Man-In-The-Middle Attack?

 

Man-In-The-Middle Attack AKA MITM

It is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.


Countermeasures

Digital Signature - A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents.

Mutual authentication - Mutual authentication, also known as two-way authentication, is a security process in which entities authenticate each other before actual communication occurs.

Posted by at No comments:
Labels: , , , , , , , , ,

Friday, 13 February 2015

What is the two kind of cyber attacks?


 

There is two kinds of attacks.

Active Attack - which listens

    An active attack is network exploitation in which a hacker attempts to make changes to data on the target or data en route to the target.

Passive Attack - which modifies

    A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target.
Posted by at No comments:
Labels: , , , , ,

Thursday, 21 June 2012

How to add Twitter Bird to Your Blog



1.    First go to your  DASHBOARD >> DESIGN >> EDIT HTML
2.    Then press CTRL+F on your key board and search for following code

</body>

3.      Then copy the following code and paste it below the </body> code
<!-- Twitter Bird start Techblaster.net --> <script src='http://yourjavascript.com/1523826141/Flying twitter bird.js' type='text/javascript'>
</script> <script type='text/javascript'> var twitterAccount = "Add your Twitter name here"; var tweetThisText = " <data:blog.pageTitle/>: <data:blog.url/> "; tripleflapInit(); </script> <span style='font-size:11px;position:absolute;'/><a href='http://www.techblaster.net' target='_blank'>Twitter Bird Gadget</a> <!-- Twitter Bird end Techblaster.net -->

4.  Now replace the sentence “Add your Twitter name here” with your twitter name. 

5.    Then click on SAVE TEMPLATE at the bottom of your page
Well it is over. Now view your blog and see how nice this bird is flying all around your blog. If you have any problems feel free to post it below.
Posted by at No comments:
Labels: , ,

Friday, 13 January 2012

How to Add Pacman game on Blogger


Why I choose this Game?

I had chosen this widget even if there were a lot of numbers of widgets were available for these reasons: 

No Ads.
No linking to any other sites.
Sounds available.
Keyboard keys.
Automatic Sizing. 
Fast Loading.

Adding Pac Man Game To Blogger.

Log on to blogger.
Go to the layout tab.
Click on Add A Gadget button.
Choose the more gadgets tab.
Search for this keyword:
Pacman Flash Game
Click On that.
Click on save button after adjusting its size.
Done.
Posted by at No comments:
Labels: ,

Thursday, 15 September 2011

How to Install Twitter Application for Google+






1.  Click here to install the twitter application.
2.  Once installed, restart your browser and log into your Google Plus account.
3.  At the top you will see a twitter button. Click it and click the Sign in button so that you could permit the application to access your twitter feed.
4.  Once you allow the access you can then revisit your account to post, read and receive tweets live as shown below.
Posted by at No comments:
Labels: , ,

Monday, 1 August 2011

How to Add Facebook Comments to Blogger



Instructions

Log in to Facebook with the account that you want to administrate the comments for your blog. Browse to Developers.Facebook.com/setup to create the comment application for your blog.
Enter the name of your blog in the first box, and then enter the URL of your blog in the second box. Ensure that you enter the full URL with the "/" character at the end; otherwise, the application won't create. Choose a language from the drop-down menu, and then click "Create Application."
Copy or write down the application number generated by Facebook.
Copy the following HTML Code:
<b:if cond='data:blog.pageType == "item"'>
<div id='fb-root'/>
<script>
window.fbAsyncInit = function() {
FB.init({appId: 'APPLICATIONID', status: true, cookie: true,
xfbml: true});
};
(function() {
var e = document.createElement('script'); e.async = true;
e.src = document.location.protocol +
'//connect.facebook.net/en_US/all.js';
e.async = true;
document.getElementById('fb-root').appendChild(e);
}());
</script>
<fb:comments/>
</b:if>
<div style='clear: both;'/> <!-- clear for photos floats -->
</div>
<b:if cond='data:post.hasJumpLink'>
<div class='jump-link'>
<a expr:href='data:post.URL + "#more"' expr:title='data:post.title'><data:post.jumpText/></a>
</div>
</b:if>
Log in to your Blogger account at Blogger.com. Select the blog you want to edit, and then click on the "Design" tab. Click the "Edit HTML" link followed by "Expand Widget Templates." Find "<data:post.body/>" and paste the HTML code below it. Change "APPLICATIONID" in the HTML code to the Facebook Developer Application ID number you were given. Click "Save Template."
Click "Settings" followed by "Comments." Choose to "Hide" the Blogger comments. Scroll down to the bottom of the page, and then click "Save Settings."
Click the "View Blog" link to see your blog, and then click the title of a post. Scroll to the bottom of the post, and the Facebook comment box will be there. Click the "Administer Comments" link under the box to adjust the settings for your blog.


Posted by at No comments:
Labels: , ,

Wednesday, 11 May 2011

How to protect our Blog From Coping



For disabling right click function:

You’ll need to add new html/javascript element to your layout.
Now go to your blogger account.
Navigate to Layout >> Add a GadGet >> and select html/javascript
Then copy the next code and past in in html/javascript text box area

<script language="JavaScript">
<!--
//Disable right mouse click Script
//By Cyber World (contact@esoftload.info) w/ mods by Software Store
//For full source code, visit http://www.esoftload.info
var message="Function Disabled!";
///////////////////////////////////
function clickIE4(){
if (event.button==2){
alert(message);
return false;
}
}
function clickNS4(e){
if (document.layers||document.getElementById&&!document.all){
if (e.which==2||e.which==3){
alert(message);
return false;
}
}
}
if (document.layers){
document.captureEvents(Event.MOUSEDOWN);
document.onmousedown=clickNS4;
}
else if (document.all&&!document.getElementById){
document.onmousedown=clickIE4;
}
document.oncontextmenu=new Function("alert(message);return false")
// -->
</script>

then save the html/javascript. and view you blog.
when you try to do right click. a message will tell you that “Function disabled”
and if you want to change this words” Function Disabled”
find the next line in the code

var message="Function Disabled!";

and change Function Disabled! to what ever you want.

For disabling copy paste function:

Log in to Blogger, go to Layout -> Edit HTML
And mark the tick-box “Expand Widget Templates”

Now find this in the template:

<head>

And immediately BELOW/AFTER it, paste this code:

<!--Disable Copy And Paste-->
<script language='JavaScript1.2'>
function disableselect(e){
return false
}
function reEnable(){
return true
}
document.onselectstart=new Function ("return false")
if (window.sidebar){
document.onmousedown=disableselect
document.onclick=reEnable
}
</script>

Click on Save Template and you are done.
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)
Twitter Bird Gadget