BE-Hacktive
HackTricksTwitterLinkedInSponsorWebsite
English
English
  • BE-Hacktive
  • About the author and the project
  • Table of contents
  • Contact
  • 🎬Synopsis
    • Technology over time
    • Cybersecurity
    • CVE
  • 🏆Eskooly - CVE
    • ESKOOLY
    • CVE-2024-27709 - SQL Injection in Eskooly Web Product v.3.0
    • ESkooly - Broken Authentication
      • CVE-2024-27710 - Privilege Escalation via Authentication Mechanism in Eskooly Web Product <= v3.0
      • CVE-2024-27711 - User Enumeration via Sign-up Process in Eskooly Web Product <= v3.0
      • CVE-2024-27712 - User Enumeration via Account Settings in Eskooly Web Product <= v3.0
    • CVE-2024-27713 - Protection mechanism Failure in Eskooly Web Product <= v3.0
    • CVE-2024-27715 - Inadequate Password Update Verification in Eskooly Web Product <= v3.0
    • CVE-2024-27716 - Cross-site Scripting (XSS) in Eskooly Web Product <= v3.0
    • CVE-2024-27717 - Cross-Site Request Forgery (CSRF) in Eskooly Web Product <= v3.0
  • 🚨Tip 1 - Raising awareness
    • Phishing
      • Phishing - Origins
      • Phishing - Evolution
      • Phishing - Statistics
      • Phishing - Techniques
      • Phishing - Protection
    • Malware
      • Malware - Origines
      • Malware - Evolution
      • Malware - Categories
      • Malware - Ransomware
    • Passwords
      • Passwords - Origins
      • Passwords - Evolution of authentication
      • Passwords - Statistics
      • Passwords - Protect yourself
  • 🧨Capsule 2 - Ethical Hacking
    • Definition and Methodology
  • 🧰Capsule 3 - Tools
    • Burp Suite
      • Installation
      • Intercept HTTP traffic with Burp Proxy
      • Define the perimeter
      • Intruder et Repeater
  • Capsule 2 - Ethical Hacking
    • Page 1
  • 📖Articles
    • Cybersecurity 2023: 5 major threats and how to protect yourself from them
    • Am I a victim of data leaks?
    • LOG4J: The vulnerable bookstore that is shaking the planet
    • LOG4SHELL: COME, SEE, LIVE
    • Protecting Your Child Online: Tips for Safer Internet Day
    • ChatGPT: Revolution or threat?
    • The FBI dismantles Raptor Train: A Chinese Botnet that Infected 260,000 IoT Devices Worldwide!
  • 🗞️News
    • Active exploitation of TP-Link, Apache and Oracle vulnerabilities detected
    • Microsoft stresses the urgency of patching Exchange servers locally
Powered by GitBook
On this page
  • 1. Ransomware: The digital hostage
  • Description
  • Miscellaneous facts
  • Protection
  • 2. DDoS: Server overload
  • Description
  • Miscellaneous facts
  • Protection
  • 3. Phishing: The digital scam
  • Description
  • Miscellaneous facts
  • Protection
  • 4. MitM Attacks: The Sneaky Interception
  • Description
  • Miscellaneous facts
  • Protection
  • 5. IoT vulnerabilities: Connected objects at risk
  • Description
  • Miscellaneous facts
  • Protection
  • Conclusion
  1. Articles

Cybersecurity 2023: 5 major threats and how to protect yourself from them

As we enter 2024, the digital landscape is more complex than ever. Cybersecurity has become a top priority for individuals and businesses.

PreviousPage 1NextAm I a victim of data leaks?

Last updated 5 months ago


1. Ransomware: The digital hostage

Description

Ransomware encrypts user data, demanding a ransom for decryption.

See the Be-Hacktive capsule on Ransomware!

Miscellaneous facts

  • Belgium: Cyberattack in Belgium: the city of Liège victim of ransomware, in 2021

  • France: Ransomware: hackers paralyze a French hospital and demand 10 million euros, in 2022

Protection

Non-exhaustive list:

  • Frequent data backups.

  • Avoid suspicious links or attachments.

  • Use up-to-date antivirus software.


2. DDoS: Server overload

Description

DDoS attacks flood a site with traffic, making it inaccessible.

Miscellaneous facts

GitHub, targeted in 2018, suffered a massive 1.35 terabytes per second attack.

Protection

Non-exhaustive list:

  • Services de mitigation DDoS.

  • Robust firewalls.

  • Constant traffic monitoring.


3. Phishing: The digital scam

Description

Phishing attacks seek to trick the user into obtaining sensitive information.

Miscellaneous facts

In 2017, employees of Google and Facebook were victims, causing a loss of $100 million.

Protection


4. MitM Attacks: The Sneaky Interception

Description

Man-in-the-middle attacks capture communication between two parties.

Miscellaneous facts

In 2017, a data breach was confirmed at Equifax, exposing more than 143 million Americans. As a result, Equifax created a website called equifaxsecurity2017.com to allow its customers to see if the breach affected them.

United States: what is the Equifax affair, one of the biggest hacks in history?

Protection

Non-exhaustive list:

  • HTTPS connections exclusively.

  • Avoid public Wi-Fi or use a VPN.

  • Check site certificates.


5. IoT vulnerabilities: Connected objects at risk

Description

The Internet of Things (IoT) is the networking of objects. It is comparable to a social network or an email provider, but IoT connects devices rather than people. Business Insider experts expect the number of connected objects to reach 47 billion by 2027.

Miscellaneous facts

The Mirai attack in 2016 transformed connected objects into botnets, causing major disruption.

Protection

Non-exhaustive list:

  • Change default passwords.

  • Regular updating of devices.

  • Disconnect unused devices.


Conclusion

Cybersecurity is a constantly evolving field. By staying informed and adopting appropriate security measures, you can protect yourself against the major threats of 2023.

The very first capsule of the blog talks about it

📖
😄