SlideShare una empresa de Scribd logo

MAN IN THE MIDDLE ATTACK (MITM).pptx

Descargar como PPTX, PDF
E
EzraBehr

a well built presentation on what man in the middle (MITM) attack is, with examples and tips.

Tecnología
1 de 13
MAN IN THE MIDDLE ATTACK (MITM) NAME
What is MAN IN THE MIDDLE (MITM) A man-in-the-middle (MITM) attack is a cyber attack where an attacker intercepts and potentially alters communication between two parties without their knowledge. The attacker positions themselves between the sender and the recipient, allowing them to eavesdrop on the communication or manipulate the data being transmitted. This attack can lead to unauthorized access, data theft, and other security breaches.
MITM There are several other names used to refer to a man-in-the- middle (MITM) attack, which are often based on the specific techniques or variations of the attack. Here are a few common alternative names for MITM attacks:
MITM - INTERCEPTION ATTACK This name emphasizes the attacker's ability to intercept and capture the communication between the sender and the recipient. It highlights the act of eavesdropping and unauthorized access to the transmitted data.
MITM - JANUS ATTACK The term "Janus" refers to a two- faced Roman god, symbolizing deception. This name reflects the attacker's ability to deceive both parties involved in the communication by impersonating each one and manipulating the data in the middle.
MITM - SESSION HIJACKING This name focuses on the attacker's objective of hijacking an established session between two parties. By gaining control of the session, the attacker can manipulate or inject their own commands or data into the ongoing communication.
MITM - BUCKET BRIGADE ATTACK This name draws an analogy to a bucket brigade, where people pass buckets of water down a line to extinguish a fire. Similarly, in a bucket brigade attack, the attacker relays messages between the sender and the recipient, often altering or injecting their own content.
STORY In March 2011, the ComodoHacker (name of a hacker) successfully tricked one of Comodo's trusted resellers, Registration Authority (RA), into issuing fraudulent SSL certificates for popular websites like Google, Yahoo, Skype, and Microsoft's Live.com. These certificates were used to authenticate secure connections between users and the targeted websites, making it possible for the attacker to intercept and decrypt supposedly secure communications.
STORY By compromising the RA's systems and impersonating legitimate entities, the attacker was able to issue these unauthorized certificates. This enabled them to intercept user data, including login credentials, financial information, and private communications, leading to potential unauthorized access and data theft. The attack was discovered when an observant user noticed a mismatch in the SSL certificate presented by Google. Comodo was alerted to the issue, and they promptly revoked the fraudulent certificates.
PRESENTATION…
HOW TO PROTECT YOURSELF FROM A MITM ATTACK 1.Use secure networks and avoid public Wi-Fi whenever possible. Consider using a VPN for added security. 2.Ensure communication channels are encrypted and look for "https" and a padlock symbol. 3.Verify the authenticity of digital certificates presented by websites or applications. 4.Keep software and devices up to date to patch vulnerabilities. 5.Be cautious with email, links, and downloads, and watch for phishing attempts.
HOW TO PROTECT YOURSELF FROM A MITM ATTACK 6. Create strong, unique passwords and use a password manager. 7. Enable two-factor authentication (2FA) for added security. 8. Only download mobile apps from trusted sources and reviewer missions. 9. Install reputable anti-malware software and keep it updated. 10. Stay informed, be vigilant, and trust your instincts.
THANK YOU

Recomendados

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Middle man cheating
Middle man cheatingMiddle man cheating
Middle man cheatingtarunikahsundrajahpi
 
Cyber theft !!!
Cyber theft !!!Cyber theft !!!
Cyber theft !!!Milan Kapoor
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
basics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackbasics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackPILAMPIRAYAsstProfes
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityDeepanshu Kapoor
 
Different Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDifferent Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDaniel Martin
 

Recomendados

Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Middle man cheating
Middle man cheatingMiddle man cheating
Middle man cheatingtarunikahsundrajahpi
 
Cyber theft !!!
Cyber theft !!!Cyber theft !!!
Cyber theft !!!Milan Kapoor
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
basics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackbasics of hacking- threat basics, types of attack
basics of hacking- threat basics, types of attackPILAMPIRAYAsstProfes
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityDeepanshu Kapoor
 
Different Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDifferent Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDaniel Martin
 
Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsdeorwine infotech
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxMuhammadKashif584561
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
cyber_crim.pptx
cyber_crim.pptxcyber_crim.pptx
cyber_crim.pptxVishwanath976500
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats InvolvedSumitKala7
 
Security threats ecom
Security threats ecomSecurity threats ecom
Security threats ecomVijay Kumar Verma
 
Cyber crime
Cyber crimeCyber crime
Cyber crimewindows21
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptSukhdev48
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
Seminar
SeminarSeminar
SeminarChëëñå Båbü
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docxMehwishAnsari11
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptxjamesdavis7162
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securityAdvAbdulMueedAhmad
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docxTanushreeChakraborty27
 
Cybercrime
CybercrimeCybercrime
CybercrimeYash Kothari
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHemantSharma134028
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSHackingmantra
 
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdfCyber security professional services- Detox techno
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Más contenido relacionado

Similar a MAN IN THE MIDDLE ATTACK (MITM).pptx

Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsdeorwine infotech
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxMuhammadKashif584561
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats InvolvedSumitKala7
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptSukhdev48
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docxMehwishAnsari11
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptxjamesdavis7162
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHemantSharma134028
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSHackingmantra
 

Similar a MAN IN THE MIDDLE ATTACK (MITM).pptx (20)

Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methods
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
E-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptxE-commerce Security and Payment Systems.pptx
E-commerce Security and Payment Systems.pptx
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
cyber_crim.pptx
cyber_crim.pptxcyber_crim.pptx
cyber_crim.pptx
 
8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved8 Different Types of Cybersecurity and Threats Involved
8 Different Types of Cybersecurity and Threats Involved
 
Security threats ecom
Security threats ecomSecurity threats ecom
Security threats ecom
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber Crime
 
Seminar
SeminarSeminar
Seminar
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 
Cyber Security Services.pptx
Cyber Security Services.pptxCyber Security Services.pptx
Cyber Security Services.pptx
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptxHHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
HHW OF IT PRESENTATION ON INTERNET SECURITY BY AASTHA SHARMA 10TH KEATS^.pptx
 
DENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKSDENGAROUS CYBER ATTACKS
DENGAROUS CYBER ATTACKS
 
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
10 Types Of Cyber Attacks And How They Can Affect You- Detox technologies.pdf
 

Último

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Último (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

MAN IN THE MIDDLE ATTACK (MITM).pptx

  • 1. MAN IN THE MIDDLE ATTACK (MITM) NAME
  • 2. What is MAN IN THE MIDDLE (MITM) A man-in-the-middle (MITM) attack is a cyber attack where an attacker intercepts and potentially alters communication between two parties without their knowledge. The attacker positions themselves between the sender and the recipient, allowing them to eavesdrop on the communication or manipulate the data being transmitted. This attack can lead to unauthorized access, data theft, and other security breaches.
  • 3. MITM There are several other names used to refer to a man-in-the- middle (MITM) attack, which are often based on the specific techniques or variations of the attack. Here are a few common alternative names for MITM attacks:
  • 4. MITM - INTERCEPTION ATTACK This name emphasizes the attacker's ability to intercept and capture the communication between the sender and the recipient. It highlights the act of eavesdropping and unauthorized access to the transmitted data.
  • 5. MITM - JANUS ATTACK The term "Janus" refers to a two- faced Roman god, symbolizing deception. This name reflects the attacker's ability to deceive both parties involved in the communication by impersonating each one and manipulating the data in the middle.
  • 6. MITM - SESSION HIJACKING This name focuses on the attacker's objective of hijacking an established session between two parties. By gaining control of the session, the attacker can manipulate or inject their own commands or data into the ongoing communication.
  • 7. MITM - BUCKET BRIGADE ATTACK This name draws an analogy to a bucket brigade, where people pass buckets of water down a line to extinguish a fire. Similarly, in a bucket brigade attack, the attacker relays messages between the sender and the recipient, often altering or injecting their own content.
  • 8. STORY In March 2011, the ComodoHacker (name of a hacker) successfully tricked one of Comodo's trusted resellers, Registration Authority (RA), into issuing fraudulent SSL certificates for popular websites like Google, Yahoo, Skype, and Microsoft's Live.com. These certificates were used to authenticate secure connections between users and the targeted websites, making it possible for the attacker to intercept and decrypt supposedly secure communications.
  • 9. STORY By compromising the RA's systems and impersonating legitimate entities, the attacker was able to issue these unauthorized certificates. This enabled them to intercept user data, including login credentials, financial information, and private communications, leading to potential unauthorized access and data theft. The attack was discovered when an observant user noticed a mismatch in the SSL certificate presented by Google. Comodo was alerted to the issue, and they promptly revoked the fraudulent certificates.
  • 11. HOW TO PROTECT YOURSELF FROM A MITM ATTACK 1.Use secure networks and avoid public Wi-Fi whenever possible. Consider using a VPN for added security. 2.Ensure communication channels are encrypted and look for "https" and a padlock symbol. 3.Verify the authenticity of digital certificates presented by websites or applications. 4.Keep software and devices up to date to patch vulnerabilities. 5.Be cautious with email, links, and downloads, and watch for phishing attempts.
  • 12. HOW TO PROTECT YOURSELF FROM A MITM ATTACK 6. Create strong, unique passwords and use a password manager. 7. Enable two-factor authentication (2FA) for added security. 8. Only download mobile apps from trusted sources and reviewer missions. 9. Install reputable anti-malware software and keep it updated. 10. Stay informed, be vigilant, and trust your instincts.