**EasyPatriot - Learn Online Safety and Virus Protection!** ============================================================= .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/image_processing20200817-16566-13lc2h2.gif :width: 80% :align: center .. Note:: ★This page is based on Section 2 and Unit 2 of the official CyberPatriot learning material★ **Introduction To CyberSecurity** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. raw:: html **Visiting Malicious Websites – Sites to Avoid** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/2.png :align: center .. Note:: This is a prime example of how a web browser handles visiting malicious web pages with a content block warning screen. **★Core Knowledge★ -** For secured websites online: HTTPS is HTTP with encryption. The only difference between the two protocols is that HTTPS uses TLS (SSL) to encrypt normal HTTP requests and responses. As a result, HTTPS is far more secure than HTTP. A website that uses HTTP, has http:// in its URL, while a website that uses HTTPS, has https:// in its url. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/3.jpg :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/4.jpg :width: 50% :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/5.jpg :width: 60% :align: center .. Note:: These images above are perfect examples of sketchy online websites that are not secure at all and is offering a "free" download of a game. It will lead you to a website that is trying to trick you into collecting personal information disguised as a fake account request. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/6.jpg :width: 50% :align: center **★Core Knowledge★ -** This site security pop-out bubble, found on every site, online means that your credit card details, passwords, address, and any personal information and personal data not encrypted, will be vulnerable to attacks and could be stolen and sold on dark market sites. In these cases, we suggest that you don’t enter sensitive details on insecure websites. **★Core Knowledge★ -** Don't visit any unknown and trusted links (even if it has https and looks clean). Attackers can, easily, use a legitimate website hosting site and embed their hacking tools in there. **★Core Knowledge★ -** Don't plug any unknown and untrusted devices into your computer. Once a device is in, it can wreak all sorts of havoc from running scripts to redirecting to dangerous websites on its own, which can do anything from accessing your webcam, deleting your files, to downloading spyware, the only limit is the attacker's imagination. **Types of Dangerous Viruses and How to Protect Yourself** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. Note:: Viruses - a virus is a program that replicates by attaching itself to other programs. The infected program must be executed for a virus to run. The program might be an application, a macro in a document, a Windows system file, or a boot loader program. A **boot sector virus** is a type of malware that infects a system's boot partition or the Master Boot Record (MBR) of a hard disk. During startup, and before security software can be executed, the virus executes a malicious code. Once a computer is infected, a boot sector virus will try to infect every disk that is accessed on the infected system. A **browser hijacker** is a malware program, that modifies web browser settings, without the user's permission and redirects the user to websites the user had not intended to visit. It is often called, a browser redirect virus, because it redirects the browser to other, usually, malicious websites. A **direct action computer virus** is a class of self-replicating malware that is attached to an executable file. They are, typically, embedded in, otherwise, legitimate programs that require execution to run. After downloading and executing an infected program, the direct action computer virus will spread. A **file-infecting virus** is a type of malware that infects executable files with the intent to cause permanent damage or make them unusable. A file-infecting virus overwrites code or inserts infected code into an executable file. A **macro virus** is written in the same macro language, used to create software programs, such as Microsoft Excel or Word. It centers on software applications and does not depend on the operating system (OS). As a result, it can infect any computer running any kind of OS, including Windows, macOS and Linux. A **multipartite virus** is a fast-moving virus, that uses file infectors or boot infectors, to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system, or the program files. An **overwriting virus** is a malicious program which, after infection, will effectively destroy the original program code, typically, by overwriting data in the system's memory. **Polymorphic viruses** are complex file infectors, that can create modified versions of itself, to avoid detection, yet, retain the same basic routines after every infection. To vary their physical file makeup, during each infection, polymorphic viruses encrypt their codes and use different encryption keys every time. A **resident virus** is a kind of computer virus that hides and stores itself within the computer memory, which then allows it to infect any file, that is run by the computer, depending on the virus' programming. **Web Scripting Virus** is malware that has the capacity to breach web browser security. When it breaches the web browser security, it injects some malicious code to take over the web browser and alter some settings. This type of malware spreads like any other computer virus. **Core Knowledge: 10 of the most dangerous malware threats of all time!** .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/image1000.jpg :width: 70% :align: center **Clop ransomware** Clop is one of the most recent and most dangerous ransomware threats to emerge. It represents a variant of the infamous CryptoMix ransomware, which commonly hits Windows users. Ahead of starting to encrypt, Clop ransomware blocks more than 600 Windows processes and disables multiple Windows 10 applications, including Windows Defender and Microsoft Security Essentials, severely curtailing opportunities to protect data. **Windows OS Ransomware** In recent months, hackers have distributed emails, instructing targets to quickly install an urgent Windows OS update. When users start to download the supposed update, ransomware ‘.exe’, files make their way onto the device. Email security controls and a comprehensive consolidated security solution can help stop these types of malware events. Turning on Windows Ransomware Protection .. image:: https://github.com/natt96z/cybersac/blob/main/docs/img/Ransomware%20Protection.png?raw=true :width: 70% :align: center **Zeus Gameover** This malware type is part of the “Zeus” family of malware. Zeus Gameover is a Trojan – a malware disguised as something legitimate - that aims to obtain financial information, which steals whatever is in a bank account. Experts state that, the most difficult aspect of this malware is the fact that, it doesn’t require a centralized “command and control” server to complete transactions, making it challenging for investigators and law enforcement to identify the criminals behind these hacks. Zeus Gameover, effectively, bypasses centralized servers, creating independent servers with which to share data. In short, it’s nearly impossible to determine where stolen data has gone. **Shlayer malware** This type of malware plagues macOS devices, relies on Flash updates and social engineering tactics, in order to dupe victims into installing the malware on devices. Initially, hackers used a specific zero-day vulnerability to launch this threat. However, hackers are coming up with new schemes to get this malware onto computers, that largely hinge on social engineering tactics. **Agent Tesla** Agent Tesla is a powerful, easy-to-use form of spyware. Specifically, Agent Tesla is a Remote Access Trojan (RAT), that exfiltrates credentials, logs keystrokes, copies clipboard data and collects images from a victim’s computer. In recent years, malware has seen a huge surge in popularity, and more than 6,000 nefarious persons pay subscription fees in order to license the software. The malware includes a wealth of features designed to help it remain undetected by network systems and often arrives in the form of an email attachment. **RaaS** Ransomware-as-a-Service (RaaS) has gained extensive popularity among ransomware gangs for a variety of reasons. The growth of RaaS highlights how easy it is for non-coders and non-techies to execute ransomware attacks. **Fleeceware** Although individuals may delete certain apps from their phones, Fleeceware continues to charge app users significant sums of money. According to recent research, more than 600 million Android users have, unintentionally, downloaded “Fleeceware” onto devices across the past few years. While Fleeceware does not represent a major security threat to privacy or data, Fleeceware is still remarkably common. It’s a shady practice that app developers engage in. **IoT device attacks** Did you recently install a smart doorbell, or get smart speakers? Hackers are looking to exploit the vulnerabilities within these devices in order to steal information. Hacker’s target IoT devices for several reasons. In many instances, IoT devices are so small (have so little storage) that they can’t accommodate proper security measures. IoT devices commonly contain easy-to-access data, ranging from passwords to user names. Hackers leverage this data to break into accounts, and to steal more information. In addition, hackers can co-opt internet-based cameras and microphones in order to spy on, communicate with, and manipulate people. These devices can represent weak points within corporate security networks and can be used to spread malware. **Cryptojacking** Cryptojacking represents a security threat that is entirely unique to cryptocurrencies. Crypto-malware, effectively, saves hackers large overheads, as it allows them to “mine” cryptocurrencies without paying for expensive mining hardware or racking up large electricity bills. Once cryptocurrencies have been mined, they are sent to crypto-wallets that are controlled by malware operators. **Social engineering** In social engineering attempts, hackers aim to manipulate individuals, -via in-person or electronic interactions-, into divulging corporate or personal information. Although social engineering isn’t a type of malware per-se, it does provide hackers with an avenue through which to distribute malware, and it can result in high-profile malware attacks. **Best Virus Software for Increased System Security** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/18.jpg :width: 65% :align: center **Bitdefender:** packs a huge collection of security-centric features, among them password management, enhanced security for online transactions, ransomware protection, Active Do Not Track, and even a VPN. The default Quick Actions lets you launch a quick system, or vulnerability scan, open the VPN, and configure Safepay online protection. You can configure the product to add a feature, such as, the File Shredder or Wallet password manager, in the main display, and you can swap out features you do not use much. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/19.jpg :width: 45% :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/20.jpg :width: 40% :align: center **Webroot:** When it encounters an unknown app, it runs it in a bubble, preventing the app from making any permanent system changes, until its cloud-based intelligence reaches a conclusion about the program. If it’s malicious, the tiny local Webroot program wipes out the attacker and reverses its actions. WEBROOT has a Near-perfect score in our malware protection and phishing protection tests. It is light on system resources, has fast scan capabilities, is tiny in size, and can remediate ransomware damage. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/21.jpg :width: 33% :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/22.jpg :width: 50% :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/23.jpg :width: 50% :align: center **Malwarebytes:** includes limited signature-based detection as one of its many layers, but relies heavily on more modern forms of detection. Web protection blocks traffic to known dangerous addresses, whether by the browser or by a malicious application. Ransomware protection watches for the behaviors that occur when an unknown program is getting ready to encrypt your files. It should catch even a zero-day ransomware attack, with no need to recognize anything, but behaviors that suggest ransomware. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/25.jpg :width: 33% :align: center .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/28.jpg :width: 50% :align: center Exploit attacks take advantage of security holes, in popular applications, using the security vulnerability to take control. Even if you keep your operating system and programs patched, there's always a window when the vulnerability is known, but not yet patched. Malwarebytes shields several dozen popular applications against attack. This is a generalized protection against exploit behaviors, not protection, against specific exploits. **Online Safety – Phishing and avoiding malware** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/40.jpg :width: 50% :align: center **Core Knowledge: How does online phishing work?** .. Note:: 1. The phisher starts by choosing their intended victims, (whether at the organizational or individual level), and develops tactics to gather information they can use to attack. 2. The phisher will next construct techniques, like counterfeit emails or fake websites, to transmit messages that tempt their victims into providing data. 3. The attack then starts when phishers send victims messages that seem legitimate. 4. Once the attack has been launched, the phishers will watch and gather the information, that the victims enter on the phony web pages. 5. Finally, phishers exploit the information they have gathered to make fraudulent or unlawful purchases. .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/41.jpg :width: 58% :align: center **Lets test out Phishing Box's Phishing Test!:** This online test will see if you can tell the difference, between a phishing attempt and a legitimate form of communication, through email and or other messaging platforms. Spam emails, and even ones that hit our regular inbox, are secretly set up to scrape important user data from us with clone like tactics, such as, password recovery and bank statements that seem real but arent. Take the phishing test online now `Click or Tap to Begin Test`_. .. _Click or Tap to Begin Test: https://www.phishingbox.com/phishing-test/ .. Note:: Use uBlock Origin to avoid incorrect download button and malicious pop ups. The uBlock Origin is a cross-platform, free and open-source browser extension, for content filtering, that is primarily intended to counteract privacy invasion in an effective and user-friendly way. Blocking annoying full screen ads, removing fake download buttons and preventing sketchy pop-ups, can keep your web surfing safe! .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/42.jpg :width: 50% :align: center Check out uBlock Origin. It works on most popular web browsers (Desktop):`Click Here`_. .. _Click Here: https://ublockorigin.com/ .. raw:: html **3 Types of Hackers: The Good, The Slighlty Bad, and The Ugly** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/security-white_gray_black_hat.png :width: 60% :align: center **White Hat Hacker (The Good)** .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/Nintendo_Switch_hardware_glitch_derrek.png :width: 60% :align: center Black hat hackers and white hat hackers both employ the same hacking methods and tools, especially, when conducting external penetration tests (pen tests). White hat hackers, however, want to assist a company in strengthening its security. White hat hackers will allow the company to see possible bugs in typical hardware and software and are important parts in hardening the technology we use everyday. They even, regularly, partipipate in bounty hacking competitions to earn easy income on there skills. Anyone should safely aim to be this kind of hacker as they even ask company permission as well. **Grey Hat Hacker (The Slightly Bad)** .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/Linux_on_ps4.png :width: 60% :align: center Gray hat hackers are there between white and black hackers. Black hat and white hat hacking tactics are combined by gray hat hackers. Gray hat hackers, frequently, scan systems for vulnerabilities without the owner's knowledge or consent. If problems are discovered in hardware and software, they notify the owner and may, occasionally, demand a modest fee to have the issue resolved, but not by force. Usually, bugs and exploits also get leaked into public spaces by this type of hacker, thing, such as, smartphone jailbreaking and game console exploits are common with these hackers. **Black Hat Hacker (The Ugly)** .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/blACK%20HACKER.jpg :width: 60% :align: center Black Hat hackers are crooks that, intentionally, breach computer networks. They might also disseminate malware that steals passwords, credit card numbers, and other private data, damages files, or seizes control of systems. They are famous for creating software that holds user data hostage, as well, in demand for money and for information, not to end up on the dark web. These hackers also work in large groups, pirating and forming warez groups to spreading illegally downloaded material. **One of Many Password Lists – Why Using a Strong Password Matters!** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/11.jpg :width: 68% :align: center **Core Knowledge:** This is a massive example of a complete repository, for leaked user passwords, from past years and proof that having a strong password matters! The first line of security against unwanted access to your computer and personal information is provided by passwords. Your computer and online data will be more secure from hackers and bad malware if your password is strong. A good password, usually, has at least 12 characters long, (the longer, the better), and has a combination of upper and lowercase letters, numbers, punctuation, and special symbols. Random and unique is the way to go! `Check Out Daniel Miessller's SEC List on GitHub`_. .. _Check Out Daniel Miessller's SEC List on GitHub: https://github.com/danielmiessler/SecLists/tree/master/Passwords **Demonstration of Stealing Passwords From Browser Password Manager** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I made this short video after someone online told people to use password managers. I added in saying it should be a dedicated password manager like Bitwarden or Keepass because browser passwords most of the time, are stored in plain text. Meaning if someone knows the correct directory or aplications to access those directories, they are able to extract your passwords and steal them. https://tube.tchncs.de/videos/embed/b2b31d15-015c-417a-bcae-3def0a5fb159 .. raw:: html **Bitwarden Password Manager: Test Password Strength, Create Strong Passwords, and Store Passwords!** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Bitwarden is a free and open source (FOSS) password manager. Their website allows us to test our passwords and generate passwords for us to see what their tool does. I highly recommend Bitwarden for an end-to-end encrypted (E2EE) password manager for all devices. Bitwarden Password Strength Testing: https://bitwarden.com/password-strength/ Bitwarden Strong Password Generator: https://bitwarden.com/password-generator/ Bitwarden Sign Up: https://vault.bitwarden.com/#/register?layout=default **Password Checker: Test the strengths of your passwords! (Password Monster)** .. raw:: html **EasyPatriot CyberQuiz (Beta)** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. raw:: html
**EasyPatriot CyberVideos** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. image:: https://raw.githubusercontent.com/natt96z/cybersac/main/docs/img/video-camera-icon-set-in-black-and-white-colors-movie-symbol-illustration-vector.jpg This section is based on material introduced in this difficulty of the website, these videos provide interesting in-depth tutorials and summaries of the material described above. Also please note, video material is subject to change. .. raw:: html .. raw:: html .. raw:: html .. raw:: html