SlideShare uma empresa Scribd logo

MAN IN THE MIDDLE ATTACK (MITM).pptx

Transferir como PPTX, PDF
E
EzraBehr

a well built presentation on what man in the middle (MITM) attack is, with examples and tips.

Tecnologia
1 de 13
MAN IN THE MIDDLE ATTACK (MITM) NAME
What is MAN IN THE MIDDLE (MITM) A man-in-the-middle (MITM) attack is a cyber attack where an attacker intercepts and potentially alters communication between two parties without their knowledge. The attacker positions themselves between the sender and the recipient, allowing them to eavesdrop on the communication or manipulate the data being transmitted. This attack can lead to unauthorized access, data theft, and other security breaches.
MITM There are several other names used to refer to a man-in-the- middle (MITM) attack, which are often based on the specific techniques or variations of the attack. Here are a few common alternative names for MITM attacks:
MITM - INTERCEPTION ATTACK This name emphasizes the attacker's ability to intercept and capture the communication between the sender and the recipient. It highlights the act of eavesdropping and unauthorized access to the transmitted data.
MITM - JANUS ATTACK The term "Janus" refers to a two- faced Roman god, symbolizing deception. This name reflects the attacker's ability to deceive both parties involved in the communication by impersonating each one and manipulating the data in the middle.
MITM - SESSION HIJACKING This name focuses on the attacker's objective of hijacking an established session between two parties. By gaining control of the session, the attacker can manipulate or inject their own commands or data into the ongoing communication.
MITM - BUCKET BRIGADE ATTACK This name draws an analogy to a bucket brigade, where people pass buckets of water down a line to extinguish a fire. Similarly, in a bucket brigade attack, the attacker relays messages between the sender and the recipient, often altering or injecting their own content.
STORY In March 2011, the ComodoHacker (name of a hacker) successfully tricked one of Comodo's trusted resellers, Registration Authority (RA), into issuing fraudulent SSL certificates for popular websites like Google, Yahoo, Skype, and Microsoft's Live.com. These certificates were used to authenticate secure connections between users and the targeted websites, making it possible for the attacker to intercept and decrypt supposedly secure communications.
STORY By compromising the RA's systems and impersonating legitimate entities, the attacker was able to issue these unauthorized certificates. This enabled them to intercept user data, including login credentials, financial information, and private communications, leading to potential unauthorized access and data theft. The attack was discovered when an observant user noticed a mismatch in the SSL certificate presented by Google. Comodo was alerted to the issue, and they promptly revoked the fraudulent certificates.
PRESENTATION…
HOW TO PROTECT YOURSELF FROM A MITM ATTACK 1.Use secure networks and avoid public Wi-Fi whenever possible. Consider using a VPN for added security. 2.Ensure communication channels are encrypted and look for "https" and a padlock symbol. 3.Verify the authenticity of digital certificates presented by websites or applications. 4.Keep software and devices up to date to patch vulnerabilities. 5.Be cautious with email, links, and downloads, and watch for phishing attempts.
HOW TO PROTECT YOURSELF FROM A MITM ATTACK 6. Create strong, unique passwords and use a password manager. 7. Enable two-factor authentication (2FA) for added security. 8. Only download mobile apps from trusted sources and reviewer missions. 9. Install reputable anti-malware software and keep it updated. 10. Stay informed, be vigilant, and trust your instincts.
THANK YOU

Recomendados

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Middle man cheating
Middle man cheatingMiddle man cheating
Middle man cheatingtarunikahsundrajahpi
 
Cyber theft !!!
Cyber theft !!!Cyber theft !!!
Cyber theft !!!Milan Kapoor
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
basics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackbasics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackPILAMPIRAYAsstProfes
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityDeepanshu Kapoor
 
Different Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDifferent Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDaniel Martin
 

Recomendados

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Middle man cheating
Middle man cheatingMiddle man cheating
Middle man cheatingtarunikahsundrajahpi
 
Cyber theft !!!
Cyber theft !!!Cyber theft !!!
Cyber theft !!!Milan Kapoor
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
basics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackbasics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackPILAMPIRAYAsstProfes
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityDeepanshu Kapoor
 
Different Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDifferent Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDaniel Martin
 
Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsdeorwine infotech
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxMuhammadKashif584561
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
cyber_crim.pptx
cyber_crim.pptxcyber_crim.pptx
cyber_crim.pptxVishwanath976500
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats InvolvedSumitKala7
 
Security threats ecom
Security threats ecomSecurity threats ecom
Security threats ecomVijay Kumar Verma
 
Cyber crime
Cyber crimeCyber crime
Cyber crimewindows21
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptSukhdev48
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
Seminar
SeminarSeminar
SeminarChëëñå Båbü
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docxMehwishAnsari11
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptxjamesdavis7162
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securityAdvAbdulMueedAhmad
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docxTanushreeChakraborty27
 
Cybercrime
CybercrimeCybercrime
CybercrimeYash Kothari
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHemantSharma134028
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSHackingmantra
 
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdfCyber security professional services- Detox techno
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Mais conteúdo relacionado

Semelhante a MAN IN THE MIDDLE ATTACK (MITM).pptx

Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsdeorwine infotech
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxMuhammadKashif584561
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats InvolvedSumitKala7
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptSukhdev48
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docxMehwishAnsari11
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptxjamesdavis7162
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHemantSharma134028
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSHackingmantra
 

Semelhante a MAN IN THE MIDDLE ATTACK (MITM).pptx (20)

Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methods
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptx
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
cyber_crim.pptx
cyber_crim.pptxcyber_crim.pptx
cyber_crim.pptx
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved
 
Security threats ecom
Security threats ecomSecurity threats ecom
Security threats ecom
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber Crime
 
Seminar
SeminarSeminar
Seminar
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptx
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKS
 
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
 

Último

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Último (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

MAN IN THE MIDDLE ATTACK (MITM).pptx

  • 1. MAN IN THE MIDDLE ATTACK (MITM) NAME
  • 2. What is MAN IN THE MIDDLE (MITM) A man-in-the-middle (MITM) attack is a cyber attack where an attacker intercepts and potentially alters communication between two parties without their knowledge. The attacker positions themselves between the sender and the recipient, allowing them to eavesdrop on the communication or manipulate the data being transmitted. This attack can lead to unauthorized access, data theft, and other security breaches.
  • 3. MITM There are several other names used to refer to a man-in-the- middle (MITM) attack, which are often based on the specific techniques or variations of the attack. Here are a few common alternative names for MITM attacks:
  • 4. MITM - INTERCEPTION ATTACK This name emphasizes the attacker's ability to intercept and capture the communication between the sender and the recipient. It highlights the act of eavesdropping and unauthorized access to the transmitted data.
  • 5. MITM - JANUS ATTACK The term "Janus" refers to a two- faced Roman god, symbolizing deception. This name reflects the attacker's ability to deceive both parties involved in the communication by impersonating each one and manipulating the data in the middle.
  • 6. MITM - SESSION HIJACKING This name focuses on the attacker's objective of hijacking an established session between two parties. By gaining control of the session, the attacker can manipulate or inject their own commands or data into the ongoing communication.
  • 7. MITM - BUCKET BRIGADE ATTACK This name draws an analogy to a bucket brigade, where people pass buckets of water down a line to extinguish a fire. Similarly, in a bucket brigade attack, the attacker relays messages between the sender and the recipient, often altering or injecting their own content.
  • 8. STORY In March 2011, the ComodoHacker (name of a hacker) successfully tricked one of Comodo's trusted resellers, Registration Authority (RA), into issuing fraudulent SSL certificates for popular websites like Google, Yahoo, Skype, and Microsoft's Live.com. These certificates were used to authenticate secure connections between users and the targeted websites, making it possible for the attacker to intercept and decrypt supposedly secure communications.
  • 9. STORY By compromising the RA's systems and impersonating legitimate entities, the attacker was able to issue these unauthorized certificates. This enabled them to intercept user data, including login credentials, financial information, and private communications, leading to potential unauthorized access and data theft. The attack was discovered when an observant user noticed a mismatch in the SSL certificate presented by Google. Comodo was alerted to the issue, and they promptly revoked the fraudulent certificates.
  • 11. HOW TO PROTECT YOURSELF FROM A MITM ATTACK 1.Use secure networks and avoid public Wi-Fi whenever possible. Consider using a VPN for added security. 2.Ensure communication channels are encrypted and look for "https" and a padlock symbol. 3.Verify the authenticity of digital certificates presented by websites or applications. 4.Keep software and devices up to date to patch vulnerabilities. 5.Be cautious with email, links, and downloads, and watch for phishing attempts.
  • 12. HOW TO PROTECT YOURSELF FROM A MITM ATTACK 6. Create strong, unique passwords and use a password manager. 7. Enable two-factor authentication (2FA) for added security. 8. Only download mobile apps from trusted sources and reviewer missions. 9. Install reputable anti-malware software and keep it updated. 10. Stay informed, be vigilant, and trust your instincts.