What is FTP?
File Transfer Protocol (FTP) is, as the name suggests, a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this, and- as we’ll come on to later- relays commands and data in a very efficient way.
How its work?
FTP session operates using two channels:
• Command/Control channel
• Data channel
The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data.
@geekcode
Share with your friends/family ❤️
File Transfer Protocol (FTP) is, as the name suggests, a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this, and- as we’ll come on to later- relays commands and data in a very efficient way.
How its work?
FTP session operates using two channels:
• Command/Control channel
• Data channel
The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data.
@geekcode
Share with your friends/family ❤️
What is Cryptography?
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.
@geekcode
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.
@geekcode
Why we need cryptography?
Without encryption communications over the internet will be very insecure, and it would be very easy for someone to see your data. Fortunately this isn't true, and almost all of the data you get/send over the internet is encrypted and cannot be seen in plain text by someone who got access to it.
@geekcode
Without encryption communications over the internet will be very insecure, and it would be very easy for someone to see your data. Fortunately this isn't true, and almost all of the data you get/send over the internet is encrypted and cannot be seen in plain text by someone who got access to it.
@geekcode
Types of Cryptographic Techniques?
Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.
There are Three types of cryptographic techniques used in general-:
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.
Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.
Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.
@geekcode
Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.
There are Three types of cryptographic techniques used in general-:
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.
Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.
Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.
@geekcode
WHAT IS BAIT & SWITCH ?
The bait and switch hacking technique leverages internet
clickable ads to divert a user to malicious websites.This
largely depends on the advertiser who accepts ads: the
larger the host site (like Facebook or Google), the more
safeguards they have in place to prevent something this technique.If a bait and switch is successful, the malicious site could either steal your credentials or install malware on your computer, which will help the hacker gain access to your
computer and network.
How to avoid this technique:
📌Don’t click on ads while browsing the web –
especially if it’s solicited to you
📌 Use a secure browser plug-in that blocks pop-ups
📌Use a browser or solution that recognizes known
malicious sites.
@geekcode
The bait and switch hacking technique leverages internet
clickable ads to divert a user to malicious websites.This
largely depends on the advertiser who accepts ads: the
larger the host site (like Facebook or Google), the more
safeguards they have in place to prevent something this technique.If a bait and switch is successful, the malicious site could either steal your credentials or install malware on your computer, which will help the hacker gain access to your
computer and network.
How to avoid this technique:
📌Don’t click on ads while browsing the web –
especially if it’s solicited to you
📌 Use a secure browser plug-in that blocks pop-ups
📌Use a browser or solution that recognizes known
malicious sites.
@geekcode
Detailed report on new Android banker - S.O.V.A.
⚡Discovered in August 2021
⚡Includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
@geekcode
⚡Discovered in August 2021
⚡Includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
@geekcode
ThreatFabric
S.O.V.A. - A new Android Banking trojan with fowl intentions
A new Android trojan was advertised on hacking forums, featuring overlays, keylogging and with intentions of adding Ransomware attacks and DDoS
Cyber Kill Chain ?
The cyber kill chain CKC is a classic cybersecurity model developed by the computer security incident response (CSIRT) team at Lockheed Martin. The purpose of the model is to better understand the stages an attack must go through to conduct an attack, and help security teams stop an attack at each stage.
The kill chain model describes an attack by an external attacker attempting to gain access to data or assets inside the security perimeter. The attacker performs reconnaissance, intrusion of the security perimeter, exploitation of vulnerabilities, gaining and escalating privileges, lateral movement to gain access to more valuable targets, attempts to obfuscate their activity, and finally exfiltrate data from the organization.
@geekcode
The cyber kill chain CKC is a classic cybersecurity model developed by the computer security incident response (CSIRT) team at Lockheed Martin. The purpose of the model is to better understand the stages an attack must go through to conduct an attack, and help security teams stop an attack at each stage.
The kill chain model describes an attack by an external attacker attempting to gain access to data or assets inside the security perimeter. The attacker performs reconnaissance, intrusion of the security perimeter, exploitation of vulnerabilities, gaining and escalating privileges, lateral movement to gain access to more valuable targets, attempts to obfuscate their activity, and finally exfiltrate data from the organization.
@geekcode