Photo by Sajad Nori on Unsplash
Hey there Boyz and Girlz,
How was your Saturday? Getting that weekend vibes aren’t we? Feels good when the week is ending, because you might’ve done something nice this week. It doesn’t matter if it’s a big thing or a small thing, they hold the same positive values. Now, let’s see our topics for today!
- DDOS Mitigation
Let’s see what is a DDOS attack, DDOS is short for “distributed denial of service”, the attacker uses a series of scripts by integrating different IPs and user-agents into it and performs a constant connection requests to a browser. When the browser is constantly getting these enormous requests, it cannot serve to each and every one of them and eventually crashes. That’s the basic part of it. Now, it may sound ridiculous but in this 2024, the DDOS attacks are like wearing some pajamas into a fashion show, they are very old that the attackers won’t even bother except for those script kiddies who just got an idea on using python scripts, No matter what kind of scripts you’re using don’t forget that the scripts don’t integrate a rotating proxy to hide your IP, they simply contain a default user-agent which works with your real IP address.
Photo by Muha Ajjan on Unsplash
We can mitigate these scripts by using Cloudflare protection, DigiSecurity etc. It became a lot easier because of the better user-friendly enabled interaction which the services are using. It’s boring to discuss these same topics over and over again, I won’t like this part, so let’s see the next one.
2.Remote Code Execution
Remote Code Execution(RCE) is a a type of security method where an attacker uses parts/segments of code to fully-compromise a system. First, the attacker needs to search and look for potential vulnerable parts where the RCE is possible, It’s very critical to protect badly safeguarded endpoints, endpoints are literally the least visited parts of an application/services, In simple terms, the parts where there is little to no user traffic. These parts are insecure because the developers take them easy and doesn’t stress, which they really should. The attackers can easily guess these things, the least visited places on earth are always the dangerous out of all the places which are packed, whatever the season is.
Photo by Avi Richards on Unsplash
What makes this RCE serious is the possibility of an attacker downloading malicious scripts and executing them, Linux and windows environments have the execution capabilities, for example, Linux servers support curl and wget commands by which the attacker can make the malicious code in a single line-code and execute them to gain access, on windows the windows power-shell and cmd are a nice delight, while it can be hard to gain privileges after the compromise, It’s still highly possible.
3.Backdoor Attacks
Backdoor attacks are a type of attacks which can be used to gain UN-authorized access into an application(when i say application it can be services, web apps etc, it’s a broad-term), Why do they exist? Because developers cannot build an entire application on one night, so if anything goes wrong they can access the backdoor which they had implemented and correct their mistakes and bugs, Now, It might be hard to look for backdoors, buy the attackers surely know that they exist, they are just invisible.
Photo by Takeshi Morisato on Unsplash
What we can gain from backdoor? a peek into the entire application with it’s source code, third party services that were used/using or integrated. The attackers can completely rebuild the application or even create malware focusing on the original application, to compromise the systems which are using the exposed source code. You might be wondering “ what’s important thing with this source code being safe? “ the source code is the foundation of that application, it tells the available resources on how to work, what to do and when to do. If the source is leaked, It’s highly plausible to create malware which disrupts it’s services’ functionalities and working methods, or even worse make it crash. Some can even sell that source code for some quick cash because the code has less time complexity, Just joking lol, The code is said to be efficient and robust. With that leak the buyers can create similar applications with that same performance and nobody would notice unless some reverse engineers reverse the code and see that surprise. Popular reverse engineering tools involve IDA, Ghidra etc. You may need some knowledge on assembly level language and some basic programming knowledge that’s it! You can reverse engineer these applications too.
4.Cyberattacks on Healthcare Sectors
It’s not a new thing, cyberattacks are constantly being fired at healthcare sectors, because the attackers can easily manipulate and blackmail them. Because without the help of computers a lot of work and day-to-day tasks would reach a halt. The most common attacks include ransomware, money laundering by the ways of phishing, data leakage, hospital database compromises etc. While they do this mostly for the money, they get both of what they wish for. Once they get their hands on the victim’s data, they can send a formal mail asking for a ransom so that they won’t leak it, I would say that they had already sold that precious data even before they send that kind of mails, to whom? The highest bidder in some deep web forum. That bidder will then continue to sell thrice of what he got for, to others maybe in some other private forums. It’s amazing how many hands the data gets into.
Photo by Hush Naidoo Jade Photography on Unsplash
Now, a quick question what kind of a sheep trusts a wolf? It’s that simple. Anyone with a common sense would never pay the money, It’s just giving them what they gracefully wished for. The victims should focus on their data recovery and open investigations on what really happened. The systems use little to less secure and don’t get me started on their network security. Nurses are taught to do all the important things yet i do not know why they aren’t taught on security education and awareness. Even for a successful company protecting each and every part of their company is a hassle and a headache but they do it anyhow because It’s their own data while in other hand the data getting stolen is a serious personal information of patients, no need of doctors’ that data is already available in linkedin to download freely. It’s easier said than done, I hope they change these things so that i don’t have to worry about my data being leaked whenever i go for a checkup.
5.Information Security
As we were discussing on privacy and It’s role above, Let’s try to learn a few more things. Information can be anything which is publicly/privately available to certain people. With access to that information, people can use it for illicit purposes such as stealing another person’s identity, doing illegal activity under your name, spoiling one’s reputation by creating a bad social media behavior, participating in terrorism and doing anti-nationalist behavior. These are not all, but they are very serious and critical ways to do the things from just the personal information. Nowadays, people are doing and uploading whatever thats infront of them, maybe for external validation or attention, we never know. I won’t instruct you to not use any social media, but to use it consciously and mindfully, refrain from sharing information that is not required for others to know. Refrain from hearing from shady people whom you’ve never heard of.
Photo by Thea on Unsplash
While these big companies boast about their security policies and cool encryption protocols, they simply are not enough. How much time would it take to create some new decryption algorithms? How much time would it take for attackers to plan a new attack with 0 percentile failure? maybe a few months after the data has been dumped, that’s it. Whatever lost, is lost. It cannot be acquired again, be it people, things, stuff and anything.That’s why you should be cautious of what you share, the things you share can be used against you. The things you share can be used to judge you. It wouldn’t be such a big deal if people submit less of their personal data, but they never do it. From their pet name to their grandfather’s name, everything is being shared in such a dramatic way that they think that they are in a competition of “sharing things”.
In cybersecurity, each cataclysmic threat events are almost rhyming to the next ones, Just as how their beginning was humble, so will their endings be. I’ll see you tomorrow then!