QuantumInsert is an NSA attack described in the Snowden documents. A QuantumInsert is a sophisticated type of Man-In-The-Middle attack. The NSA uses secret servers strategically placed on the internet backbone, codenamed Quantum. These servers intercept traffic to well-known web sites like Google, Yahoo, LinkedIn, Facebook and so forth. The Quantum servers are placed in places…
The following is a description of one of the NSAs cyber-attack methods revealed on the Snowden documents. FoxAcid is a system designed by the NSA capable of launching a variety of attacks at target computers. The NSA refers to this as an “exploit orchestrator”. It is a Windows 2003 server loaded with PERL scripts and…
A Man-in-the-Middle attack is a cyber-attack where an intruder injects themselves in the middle of the communication between two parties. The intruder pretends to be both parties. Let us imagine that John is talking to Mary over the phone. Frank listens in by capturing John’s side of the conversation then forwarding it to Mary. He…
Advanced persistent threat (APT) typically denotes a criminal trespasser or group of trespassers who break into your network and stay there undetected. Usually the purpose of such criminal activity is to steal information without the victim ever knowing. Criminals only take this kind of care when stealing from high value targets. In the past APT…
The most commonly referred to malicious software is a computer virus. Viruses reproduce replicas of themselves infecting files, programs or sectors of your disk. Viruses perform malicious activities such as: block off your hard drive reducing available space; take up CPU time just to slow down your computer; corrupt data thus ruining files; displaying unwanted…
The most common tool used by criminals is a Trojan horse. Unlike a virus a Trojan horse does not self-replicate. A Trojan horse, or Trojan, is malicious software (malware) pretending to perform some useful function while actually installing some harmful programs creating a backdoor to your computer for some criminal to enter. The name comes…
Botnets actually started out as legitimate networks of Internet Relay Chat (IRC) clients connected through scripts named bots. The purpose was to keep the IRC channels open while preventing unwanted users from gaining access to the IRC network. Criminals created scripts similar to the IRC bot in that they are designed to have computers communicate…
Cross-site scripting (XSS) allows criminals to introduce code through dynamic or interactive content such as via a web page, an interactive form, link, newsgroup posting, or any type of content that executes in your browser. HTML (Hyper Text Markup Language) is the common language web pages are delivered in. The code is made up of…
Phishing is when criminals impersonate well-known reputable organizations sending emails as that organization to lure a person into revealing private information that can be used in identity theft. The email informs the target they must go to a website to update their information. Criminals will attempt to scam you into revealing usernames, passwords, credit card…
A rootkit is the combining of two words. The first is “root”. Root is the default username for the administrator account on the traditional Unix operating system. The second word is “kit”. Kit is short for toolkit, referencing the modules used to deliver the tool. A rootkit is a hidden program that enables root or…
techblahblah 