Sanyam J - OpenGenus IQ: Learn Computer Science

SamSam Ransomware: made $850K by attacking government organizations

SamSam Ransomware uses a custom infection in targeted attacks and the ransomware have been made by SamSam group. The ransomware has been publically available since 2015 and has been known for targeting government entities in USA. The ransomware is developed privately and modernized regularly

cyber security

Jigsaw Ransomware: Pay $150 in bitcoin with live support or get files deleted

Jigsaw Ransomware (BitcoinBlackmailer) targets Microsoft Windows first appeared in 2016. The ransomware is desgined to spread through malicious attachments in spam emails. It not only encrypts the user's files but also deletes them if the user takes too long to make the ransom payment of $150

cyber security

Heap Spraying Attack

Heap Spraying Attack is a type of cyber attack in which the attacker uses the ability to write the series of bytes in the memory for the running program at various places in the heap. The main aim of the attack is to ensure that the bytes can be accessed later as the vector of the separate attack.

cyber security

DLL Hijacking Attack

Dynamic Link Libraries (DLL) Hijacking is an type of cyber attack when hackers replace the genuine .dll file with the malicious file. This corrupted file, when used by the application, gives erroneous results as programmed by the hacker.

cyber security

Password Spraying Attack

Password Spraying is a form of cyber attack similar to a brute force attack, where the hacker tries to gain access to the company system by testing out a small number of commonly used passwords on a large number of accounts. This attack allows a attacker to gain access to multiple accounts

cyber security

BlueBump Attack

BlueBump attack is an cyber attack for bluetooth enabled devices. The attack allows the attacker to connect to the Bluetooth device of target, and then exploit the link key of the target device. The attack gives the attacker unlimited access to the victim's device which is in a very limited range

cyber security

Xpath Injection Attack

XPath Injection is an cyber attack used to fetch sensitive data (stored in XML format) from a website, by injecting malicious XPath queries. This attack works for applications that leverage user-supplied information to construct XPath queries.

cyber security

BlueSmack Attack

Bluesmack is a cyber attack done on bluetooth enabled devices. The attack uses L2CAP (Logic Link Control And Adaptation Protocol) layer to transfer an oversized packet to the Bluetooth enabled devices, resulting in the Denial of Service (DoS) attack.

cyber security

OS Command Injection Attack

OS Command Injection is a form of shell injection attack, mostly used for execution of unauthorized OS commands in the operating system (OS) to target the system (usually a web server) and degrade its performance. In this attack, the hacker aims to find and exploit some of the vulnerable application

cyber security

Malvertising Attack

Malvertising is a type of cyber attack in which an hacker use the online advertising to spread the malware. The attack can infect a system pre-click or post-click. A pre-click malvertisement can be embedded in the main scripts of the page. It can even initiate drive-by-download on visiting the site

cyber security

Fork Bomb Attack

Fork Bomb Attack is a type of denial of service attack which causes the degradation of a system by making it run out of the memory. The attack forks the processes recursively to fill the entire available memory, thus choking system resources. Locating and terminating a Fork Bomb is a tedious process

cyber security

Drive By Login Attack

Drive-By Login is a form of phishing attack in which a hacker sets up the malicious code on the victim's favorite website through through various methods of social engineering and bugs in website. Use anti-phishing tools and keep browser upto date to stay safe from this attack

cyber security

Tabnabbing Attack

Tabnabbing is a form of cyber attack which enables an hacker to take the advantage of the idle tabs in the browser and use them for carrying out the phishing attacks. The attack can be carried out even if the javascript is disabled, using the HTML attribute or a "meta refresh" meta element

cyber security

UDP Flood Attack

UDP Flood Attack is a type of Denial of Service attack in which a hacker floods the random ports on the victim host with UDP packets. In this attack, the hacker spoofs the IP Address of the packets, to make sure that the returning ICMP packets don’t reach back to the hacker.

cyber security

DNS Amplification Attack

DNS (Domain Name System) Amplification is a form of reflection based DDoS attack, in which a hacker spoofs the look-up requests to spoof the DNS servers to hide the source of an exploit and also to direct the response to the target. The attack exploits the disparity in the bandwidth consumption

cyber security

IP Spoofing Attack

IP (Internet Protocol) Spoofing is a form of cyber attack in which hacker crafts the IP packets which are used to carry out the DDoS attacks as well as MitM attack. In this attack, the fake crafted IP packets are used to impersonate another system or is used to hide the identity of the hacker.

cyber security

MAC Flooding Attack

MAC (Media Access Control) Flooding is a type of cyber attack done in a network to compromise the security of the network switches. In this attack the network is flooded with the fake MAC addresses. The hacker uses this attack to steal sensitive data that is being transferred in the network.

cyber security

Ping Of Death Attack

Ping of Death (PoD) Attack is a form of DDoS attack, which is used for disrupting the victim network by sending the packets larger then the max size allowed using some arbitrary commands. The attack degrades the targeted system or even freeze the system.

cyber security

Smurf Attack

Smurf Attack is a type of DDoS Attack, which floods the system with the spoofed ping messages. The attack has an amplification vector that increases the damage by exploiting the characteristics of the broadcast network. The attack swamps the internet with the replies to ICMP echo requests.

cyber security

BlueBugging Attack

Bluebugging is a type of cyber attack done on the Bluetooth enabled devices. The attack allows the hacker to access the cell commands and infiltrate the phone calls, read and send SMS. This allows any hacker to modify the contact list, connect to the internet and eavesdrop on any phone conversation

cyber security

Distributed Denial Of Service Attack (DDoS)

Distributed Denial Of Service (DDoS) is a form of cyber attack which is done to make target online services unavailable to the users. The attack disrupts the normal traffic of a targeted server, network or service by overwhelming the target or its surrounding infrastructure

cyber security

Man In The Middle Attack (MitM)

Man In The Middle (MitM) is a type of cyber attack in which a hacker intercepts the communication between two people either to eavesdrop or to impersonate one of the person. The aim of the attack is to steal financial details such as account details, credit card numbers or sensitive details

cyber security

Denial Of Service Attack

Denial Of Service Attack is a form of cyber attack basically used by hackers to prevent the victims from accessing any legitimate service. This hacker floods the web servers with excessive traffic in order to succeed in this attack. The attack does not result in theft or loss of data

cyber security

SQL Injection Attack

SQL(Structured Query Language) Attack is a cyber attack used for the manipulation of the backend database through the malicious SQL Query. The attack allows a hacker to cause repudiation issues and spoof the identity. The attack allows the complete exposure of the database

Software Engineering

Control Flow in Python

In Control Flow, there are certain conditions which we put with the help of predefined syntaxes and the program then run in that order and chooses the condition as a output. Control statements include conditional and iteration statements like if else, while, do while and if elif and for loop