[CrashCourse CS] #32 Hackers & Cyber Attacks

Steve·2021년 9월 24일
0

White Hats - Good guys, Black Hats - Bad guys
Hacktivist - who use their skills to promote a social or political goal


Social Engineering - where a person is manipulated into divulging confidential information, or configuring a computer system so that it permits entry by attackers.

  • Phishing
  • Pretexting - The attacker pretends to be from a company's IT department, often call a first number, and then ask to be transferred to a second, so that the phone number appears to be internal to the company. Then instruct to configure their computer in a compromising way, or get them to reveal confidential details.
  • Trojan horse (often through emails)

Malware - malicious software
Ransomeware - encrypt files and demand a ransom


Brute force entry - try every password

  • NAND mirroring - if you have physical access to the computer, you can attach wires to the device's memory chip and make a perfect copy of its contents. If password attempts fails and devices makes you wait, simply reflash(reset) the memory and try again.

Exploit - utilizing a bug to gain capabilities or access

Buffer overflow

bounds checking - testing the length of input before copying it into a buffer

Code injection

  • Most username and password forms on the web don't let ouy include special symbols like ';' as a first level of defense.
  • Good servers sanitize input by removing or modifying special characters before running query.

Zero day vulnerability - when a new exploitable bug is discovered that the software creators weren't aware of.

Worms - If bugs are left open on enough systems, it allows hackers to write a program that jump from computer to computer automatically.

Botnet - If a hacker can take over a large number of computers, they can be used together to form a botnet.

  • sending huge volumes of spam
  • mine bitcoins
  • launch DDoS(Distributed Denial of Service) attacks against servers.

DDoS is where all the computers in the botnet send a flood of dummy messages. This can knock services offline.

Cyberwarfare - cyber attacks

Vocabulary

  • hacking - developing creative solutions to problems
  • resilient - 회복력 있는, 탄력있는
  • divulge - (비밀을)누설하다, 폭로하다.
  • yield - 산출하다, 생산하다.
  • compromised - 손상된
  • unwitting - 자신도 모르는
  • ransom - 몸값
  • thwart - 좌절시키다
  • mayhem - 대혼란, 아수라장
  • nefarious - 범죄의, 비도덕적인
  • arbitary - 임의적인, 제멋대로인
profile
게임과 프론트엔드에 관심이 많습니다.

0개의 댓글