What is Cookie theft?
Cookie theft also known as sidejacking or session
hacking, happens when cookies from the websites you
visit are stolen through an unsecure connection. The
cookie can then be used to allow the hacker to pretend
they are you. They can’t necessarily gain access to your
login credentials, but they can access the site as you
(using your session ID) and change your account settings
to hijack it.
How to avoid this technique:
• Make sure you’re always visiting a secure site https not http.
• Use a host VPN to encrypt your traffic.
@geekcode
Cookie theft also known as sidejacking or session
hacking, happens when cookies from the websites you
visit are stolen through an unsecure connection. The
cookie can then be used to allow the hacker to pretend
they are you. They can’t necessarily gain access to your
login credentials, but they can access the site as you
(using your session ID) and change your account settings
to hijack it.
How to avoid this technique:
• Make sure you’re always visiting a secure site https not http.
• Use a host VPN to encrypt your traffic.
@geekcode
What is FTP?
File Transfer Protocol (FTP) is, as the name suggests, a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this, and- as we’ll come on to later- relays commands and data in a very efficient way.
How its work?
FTP session operates using two channels:
• Command/Control channel
• Data channel
The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data.
@geekcode
Share with your friends/family ❤️
File Transfer Protocol (FTP) is, as the name suggests, a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this, and- as we’ll come on to later- relays commands and data in a very efficient way.
How its work?
FTP session operates using two channels:
• Command/Control channel
• Data channel
The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data.
@geekcode
Share with your friends/family ❤️
What is Cryptography?
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.
@geekcode
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.
@geekcode
Why we need cryptography?
Without encryption communications over the internet will be very insecure, and it would be very easy for someone to see your data. Fortunately this isn't true, and almost all of the data you get/send over the internet is encrypted and cannot be seen in plain text by someone who got access to it.
@geekcode
Without encryption communications over the internet will be very insecure, and it would be very easy for someone to see your data. Fortunately this isn't true, and almost all of the data you get/send over the internet is encrypted and cannot be seen in plain text by someone who got access to it.
@geekcode
Types of Cryptographic Techniques?
Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.
There are Three types of cryptographic techniques used in general-:
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.
Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.
Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.
@geekcode
Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.
There are Three types of cryptographic techniques used in general-:
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.
Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.
Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.
@geekcode
WHAT IS BAIT & SWITCH ?
The bait and switch hacking technique leverages internet
clickable ads to divert a user to malicious websites.This
largely depends on the advertiser who accepts ads: the
larger the host site (like Facebook or Google), the more
safeguards they have in place to prevent something this technique.If a bait and switch is successful, the malicious site could either steal your credentials or install malware on your computer, which will help the hacker gain access to your
computer and network.
How to avoid this technique:
📌Don’t click on ads while browsing the web –
especially if it’s solicited to you
📌 Use a secure browser plug-in that blocks pop-ups
📌Use a browser or solution that recognizes known
malicious sites.
@geekcode
The bait and switch hacking technique leverages internet
clickable ads to divert a user to malicious websites.This
largely depends on the advertiser who accepts ads: the
larger the host site (like Facebook or Google), the more
safeguards they have in place to prevent something this technique.If a bait and switch is successful, the malicious site could either steal your credentials or install malware on your computer, which will help the hacker gain access to your
computer and network.
How to avoid this technique:
📌Don’t click on ads while browsing the web –
especially if it’s solicited to you
📌 Use a secure browser plug-in that blocks pop-ups
📌Use a browser or solution that recognizes known
malicious sites.
@geekcode
Detailed report on new Android banker - S.O.V.A.
⚡Discovered in August 2021
⚡Includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
@geekcode
⚡Discovered in August 2021
⚡Includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
@geekcode
ThreatFabric
S.O.V.A. - A new Android Banking trojan with fowl intentions
A new Android trojan was advertised on hacking forums, featuring overlays, keylogging and with intentions of adding Ransomware attacks and DDoS