Phases of Hacking and Types of Hacking, MS Patch release date and Zero Day Attack


* Microsoft Patch files Release Date

Patch Tuesday occurs on the second, and sometimes fourth, Tuesday of each month in North America. As far as the integrated Windows Update (WU) function is concerned, Patch Tuesday begins at 18:00 or 17:00 UTC (10:00 PST (UTC−8) or 10:00 PDT (UTC−7).



 * Zero Day Attack

Zero Day is an attack that exploits a potentially serious software security weakness that the vendor or developer may be unaware of.

The software developer must rush to resolve the weakness as soon as it is discovered in order to limit the threat to software users. The solution is called a software patch.



 * Phases of Hacking

The five phases of Hacking are as follow:
=>Reconnaissance
=>Scanning
=>Gaining Access
=>Maintaining Access
=>Covering Tracks


 Reconnaissance:- This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Address Range, Network, DNS records, etc.

Scanning:- It involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attack such as computer names, IP addresses, and user accounts.

Gaining Access:- After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Phase 1 and Phase 2. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. Examples include stack based buffer overflows, denial of service (DoS), and session hijacking.Gaining access is known in the hacker world as owning the system.

Maintaining Access:- Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.

Covering Tracks:- Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.


* Types of Hacking Attacks:

Some of them involve:-
1. Keylogger
Keylogger is a simple software that records the key sequence and strokes of your keyboard into a log file on your machine. These log files might even contain your personal email IDs and passwords.
Keylogger is one of the main reasons why online banking sites give you an option to use their virtual keyboards.

 2. Denial of Service (DoS\DDoS)
A Denial of Service attack is a hacking technique to take down a site or server by flooding that site or server with a lot of traffic that the server is unable to process all the requests in the real time and finally crashes down.
For DDoS attacks, hackers often deploy botnets or zombie computers which have got the only work to flood your system with request packets.

3. Waterhole attacks
If you are a big fan of Discovery or National Geographic channels, you could relate easily with the waterhole attacks. To poison a place, in this case, the hacker hits the most accessible physical point of the victim.
For example, if the source of a river is poisoned, it will hit the entire stretch of animals during summer. In the same way, hackers target the most accessed physical location to attack the victim. That point could be a coffee shop, a cafeteria etc.
Once hackers are aware of your timings, they might create a fake Wi-Fi access point and modify your most visited website to redirect them to you to get your personal information.

 4. Fake WAP
Even just for fun, a hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected the fake WAP, a hacker can access your data, just like in the above case.

5. Eavesdropping (Passive Attacks)
Unlike other attacks which are active in nature, using a passive attack, a hacker just monitors the computer systems and networks to gain some unwanted information.
The motive behind eavesdropping is not to harm the system but to get some information without being identified.

6. Phishing
Phishing is a hacking technique using which a hacker replicates the most-accessed sites and traps the victim by sending that spoofed link.
Once the victim tries to login or enter some data, the hacker gets that private information of the target victim using the trojan running on the fake site.

7. Virus, Trojan etc.
Virus or trojans are malicious software programs which get installed into the victim’s system and keeps sending the victims data to the hacker.

8. ClickJacking Attacks
ClickJacking is also known by a different name, UI Redress. In this attack, the hacker hides the actual UI where the victim is supposed to click.
In another word, the attacker hijacks the clicks of the victim that aren’t meant for the exact page, but for a page where the hacker wants you to be.


9. Cookie theft
The cookies of a browser keep our personal data such as browsing history, username, and passwords for different sites that we access. Once the hacker gets the access to your cookie, he can even authenticate himself as you on a browser.

10. Bait and switch
Using bait and switch hacking technique, the hacker runs a malicious program which the user believes to be authentic. This way, after installing the malicious program on your computer, the hacker gets unprivileged access to your computer.

 11. SQL Injection
SQL Injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.



Comments

Post a Comment

Popular posts from this blog

Network Cameras, IVMS and Firewall

Image
* Network cameras A network camera, often also called an IP camera, can be described as a camera and computer combined in one unit. The main components of a network camera include a lens, an image sensor, one or several processors, and memory. The processors are used for image processing, compression, video analysis and networking functionalities. The memory is used for storing the network camera’s firmware (computer program) and for local recording of video sequences. Like a computer, the network camera has its own IP address, is connected directly to a network and can be placed wherever there is a network connection. This differs from a web camera, which can only operate when it is connected to a personal computer (PC) via the USB or IEEE 1394 port, and to use it, software must be installed on the PC. A network camera provides web server, FTP (File Transfer Protocol), and e-mail functionalities, and includes many other IP network and security protocols. A network camera can ...
Read more

Techniques used for Footprinting

Image
* Some Techniques used for Footprinting - Ping Sweep Ping a range of IP addresses to find out which machines are awake. how to ping? Go to cmd -> type: ping (address/domain) eg. ping www.facebook.com - TCP Scans Scan the ports on a machine to see which services are offered.TCP scans can be performed by scanning a single port on a range of IPs, or by scanning a range of ports on single IP, both techniques yield useful information. - Open Source Footprinting It is the easiest and the safest way to go about finding information that is available to the public, such as phone numbers, addresses, etc. Performing whois requests, searching through DNS tables are other forms of open source footprinting. Most of this information is fairly easy to get and within legal limits. One way to check for sensitive information is to check the HTML source code of the website to look for links, comment,Meta tags etc. -   Using Tools whois is the best tool to get information about the w...
Read more

Data Extraction and some tools use for Data Extraction

Image
* Data Extraction Data extraction is the act or process of retrieving data out of (usually unstructured or poorly structured) data sources for further data processing or data storage (data migration). The import into the intermediate extracting system is thus usually followed by data transformation and possibly the addition of metadata prior to export to another stage in the data workflow. Typical unstructured data sources include web pages, emails, documents, PDFs, scanned text, mainframe reports, spool files, classifieds, etc.Extracting data from these unstructured sources has grown into a considerable technical challenge where as historically data extraction has had to deal with changes in physical hardware formats, the majority of current data extraction deals with extracting data from these unstructured data sources, and from different software formats. This growing process of data extraction[3] from the web is referred to as Web scraping. * Data Extraction Tools:- Ther...
Read more