Labels

Cyber Attacks


 Vulerability,Threat and Risk
cybersecurity cyber security jobs cybersecurity certification facebook login java ruby soap mongodb matlab mysql maven php facebook login page vi pointer pointer microsoft access python tutorial nodejs ariba qa encapsulation polymorphism lisp java arraylist arraylist java socket scala aws lambda c string tutorial online java compiler vba java compiler online sql update java array lua quick sort html comment merge sort bubble sort html image sql create table python if statement insertion sort matlab for loop for loop matlab tuple python online online python online python compiler jsp python online compiler online c compiler python operators python sleep selection sort java tutorial javascript tutorial assembly language python if divide and conquer python replace java compiler java set sql tutorial nodejs tutorial c compiler readlines python python readlines ethical hacks java generics python command line arguments batch file python not equal elif quantization java string length polymorphism in java strcpy pointers java online ide online java ide printf c pointers in c c printf qa testing multithreading in java java multithreading excel quick analysis tool scanf in c java charat http requests charat java malloc c strcmp c java online compiler network security with firewall java online 2d array python atoi c atoi in c java char fopen c computer ports fopen in c java string substring waterfall model python lower java absolute value sql where clause kafka tutorial sprintf c ruby for loop java constants ajax strtox atoi fgets inheritance java multiplexers pass python python online ide quicksort teradata perl design patterns binary code flask azure portal java interfaces node js java interface sql like java collections singleton python time powershell guice dynamic programming python compiler stack java python interview questions java stack rdbms sql left join angular material sed c strtok what is an instance variable in java flow of energy in an ecosystem relational algebra instance variables java c function free in c free c how to change font in html instance variable java python hashtable online java editor what is soap python isnumeric fread c database types algorithm for merge sort process vs thread html change font fread in marketing communications ten thousandths place typedef isnumeric python hashtable python plsql ten thousandth c free exception handling in java java method call batch file commands basic java java online editor what is grub sqrt python strncpy create table communication process kruskal's algorithm mosfet git clone data structures switch case whatis linux command jenkins git tutorial python length of list bing image search google colab cobol shell script java 8 binary search tree linked list bfs sql update statement c programming java switch jdbc sap ariba ms access hashset java parseint data types in sql malloc python split decorator pattern java square root data types c date functions sql custom tag what is bean in spring what are constraints in sql hibernet tutorial nested loops python java bitwise operators c data types java editor online c files json for java java tutorial point c read from file hibernate in java symmetric distribution c file read file c ruby if else salesforce tutorial c strcat scala tutorial mutex vs semaphore pandas tutorial python strcat c java to json computer applications strstr c break loop python software design query in access pyspark tutorial date functions in sql reading a file in c readlines html for bold text powershell tutorial what is web services



We all come across this three words in our daily life. But in Cyber World this three word have a great impact in our daily surfing in internet or managing our devices or server.
  • Vulnerability



In Cyber Security, a vulnerability is a weakness(bugs, defect in software or hardware) which can be exploited by a  attack to gain unauthorized access to or perform unauthorized actions on a computer system. Vulnerabilities can allow attackers to run code, access a system's memory, install malware, and steal, destroy or modify sensitive data.
To exploit or take advantage of a vulnerability an attacker must be able to connect to the computer system. Vulnerabilities can be exploited by a variety of methods including SQL injection, buffer overflows, cross-site scripting (XSS) and open source exploit kits that look for known vulnerabilities and security weaknesses in web applications. 
  • Threat


Cyber or Cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include computer viruses, data breaches, Denial of Service (DoS) attacks and other attack vectors.
Cyber threats also refer to the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties. 
  • Risk



Cyber risk is commonly defined as exposure to harm or loss resulting from breaches of or attacks on information systems. However, this definition must be broadened. A better, more encompassing definition is “the potential of loss or harm related to technical infrastructure or the use of technology within an organization.”


 Risk Management- How to be safe?



Risk Management is the key to Cyber Security.
Managing the risk factor is the main key to be safe in this Cyber world.







Risk = threat * vulnerability * consequences


Risk is threat multiplied with vulnerability with its consequences.
Now up course a intruder knows about your vulnerability and knows the consequences of using them.
Now let me explain all these with an example. As an android user you have downloaded an cracked or mod app from a malicious website instead of downloading it from google play store. Now u may not know that the app you have downloaded may contain a malicious code or let say a virus attached to it. It may merged with a tool that share your phone information to some listener server or a hackers server. These tools are hidden inside the apps as soon as u give them permission like for camera,storage,mic, call,recorder,etc.
Now without your knowledge your information which may contain us passwords, private file, important documents,call recordings are exposed to the hacker. They even can control your phone to send messages and as said u don't know what is going on a hacker's mind. He can use your device to attack other users that is known as DOS attacks.



Here the potential threat is the app you have downloaded, the vulnerabilities are permissions u have given to it and up course the consequences is getting hacked and if we multiply all these then there is a great risk in downloading those files or apk files.

Now the question is how to be safe from vulnerabilities. Sadly the answer to this question is no system is completely safe in other words there is no perfect System.But yes we can minimize the threat by keeping our knowledge updated.

There are also many malicious apps available on our play store.These apps are actually developed by fake developers and are also verified by google play store. But they are now identified and for more information follow this link
https://cybernews.com/security/secret-network-27-app-developers-in-play-store/
 Action or potential occurrence (whether or not malicious) to breach the security of the system by exploiting its known or unknown vulnerabilities. It may be caused by (1) gaining unauthorized access to stored information, (2) denial of service to the authorized users, or (3) introduction of false information to mislead the users or to cause incorrect system behavior (called spoofing).


Read more: http://www.businessdictionary.com/definition/threat.html
Labels:

Comments

Post a Comment

If u have any doubt then let me know