Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:06,960 --> 00:00:10,559
hello everyone
2
00:00:07,919 --> 00:00:11,519
this is ayam nigi and i am a part of
3
00:00:10,559 --> 00:00:13,440
infosec train
4
00:00:11,519 --> 00:00:16,000
i am one of the trainers uh in
5
00:00:13,440 --> 00:00:17,199
infrastream talking about my experience
6
00:00:16,000 --> 00:00:19,039
uh i have like five
7
00:00:17,199 --> 00:00:20,560
plus years of experience earlier talking
8
00:00:19,039 --> 00:00:21,680
about the days i was into web
9
00:00:20,560 --> 00:00:23,840
development
10
00:00:21,680 --> 00:00:25,840
later down the line i switched to your
11
00:00:23,840 --> 00:00:26,080
cyber security field because i like have
12
00:00:25,840 --> 00:00:28,960
a
13
00:00:26,080 --> 00:00:29,599
keen interest over this field right so i
14
00:00:28,960 --> 00:00:31,279
rather than
15
00:00:29,599 --> 00:00:33,200
going with them and continuing with the
16
00:00:31,279 --> 00:00:34,480
web development i try to grow myself
17
00:00:33,200 --> 00:00:36,399
into cyber security
18
00:00:34,480 --> 00:00:38,000
because i like have a future plans
19
00:00:36,399 --> 00:00:40,559
regarding your dev setups
20
00:00:38,000 --> 00:00:42,559
which is inclusion of your development
21
00:00:40,559 --> 00:00:44,879
part your security part and your
22
00:00:42,559 --> 00:00:46,559
operation part as well right so already
23
00:00:44,879 --> 00:00:47,200
i have a like a bit of an experience
24
00:00:46,559 --> 00:00:49,680
regarding
25
00:00:47,200 --> 00:00:51,520
your development field so i'm more into
26
00:00:49,680 --> 00:00:53,760
now uh cyber security so
27
00:00:51,520 --> 00:00:54,640
covering this field of area and rather
28
00:00:53,760 --> 00:00:55,840
than like
29
00:00:54,640 --> 00:00:58,160
later then i will be going for the
30
00:00:55,840 --> 00:00:59,199
operations as well right so you can say
31
00:00:58,160 --> 00:01:01,840
i like a future
32
00:00:59,199 --> 00:01:02,399
or goal of mine it can be like devsecops
33
00:01:01,840 --> 00:01:03,760
right
34
00:01:02,399 --> 00:01:05,760
moreover we are dealing with other
35
00:01:03,760 --> 00:01:07,439
regarding cyber security right now
36
00:01:05,760 --> 00:01:09,040
right so these are the domains of my
37
00:01:07,439 --> 00:01:11,119
experience like the security testing
38
00:01:09,040 --> 00:01:14,240
cloud security and devops
39
00:01:11,119 --> 00:01:16,000
right so uh talking about the
40
00:01:14,240 --> 00:01:17,600
training and experiences i have
41
00:01:16,000 --> 00:01:18,960
delivered plenty of the batches with
42
00:01:17,600 --> 00:01:21,520
inclusive training
43
00:01:18,960 --> 00:01:23,759
right and talking about the course for
44
00:01:21,520 --> 00:01:27,360
now right the security plus
45
00:01:23,759 --> 00:01:28,159
so security please are it's a defensive
46
00:01:27,360 --> 00:01:30,240
course
47
00:01:28,159 --> 00:01:31,680
right as you guys know uh you guys know
48
00:01:30,240 --> 00:01:35,520
about the teamings right
49
00:01:31,680 --> 00:01:38,320
the red team and the blue team correct
50
00:01:35,520 --> 00:01:40,400
so talking about the teams red teams are
51
00:01:38,320 --> 00:01:43,680
totally guys for your
52
00:01:40,400 --> 00:01:44,799
attacking phase right so regarding the
53
00:01:43,680 --> 00:01:47,200
security plus right
54
00:01:44,799 --> 00:01:48,159
uh and this whole course so basically
55
00:01:47,200 --> 00:01:50,320
guys uh
56
00:01:48,159 --> 00:01:51,200
as i was mentioning we have two teams
57
00:01:50,320 --> 00:01:54,560
right the red
58
00:01:51,200 --> 00:01:55,040
team and the blue team right so that
59
00:01:54,560 --> 00:01:57,119
team
60
00:01:55,040 --> 00:01:58,719
morally focus on your offensive side
61
00:01:57,119 --> 00:01:59,600
right you can see in an attacking site
62
00:01:58,719 --> 00:02:01,520
where they
63
00:01:59,600 --> 00:02:03,119
they exploits the thing they they enter
64
00:02:01,520 --> 00:02:04,159
into the system
65
00:02:03,119 --> 00:02:06,240
right they found all those
66
00:02:04,159 --> 00:02:07,119
vulnerabilities in your network and try
67
00:02:06,240 --> 00:02:08,879
to
68
00:02:07,119 --> 00:02:11,520
exploit them and get an access control
69
00:02:08,879 --> 00:02:14,000
over the system right
70
00:02:11,520 --> 00:02:15,280
and uh it's targeting 601 basically
71
00:02:14,000 --> 00:02:17,760
right but moreover
72
00:02:15,280 --> 00:02:18,319
we'll be covering the topics right since
73
00:02:17,760 --> 00:02:20,800
you know
74
00:02:18,319 --> 00:02:22,640
six hours or three hours of a day it's
75
00:02:20,800 --> 00:02:25,520
not sufficient to cover the whole
76
00:02:22,640 --> 00:02:26,480
topics of the 60 601 right or the whole
77
00:02:25,520 --> 00:02:28,400
security
78
00:02:26,480 --> 00:02:29,760
uh course so we will be covering the
79
00:02:28,400 --> 00:02:32,000
broad areas
80
00:02:29,760 --> 00:02:34,000
right and so we'll be covering broad
81
00:02:32,000 --> 00:02:37,200
areas we'll be covering bits of
82
00:02:34,000 --> 00:02:37,920
of all of them right so yeah and more
83
00:02:37,200 --> 00:02:39,440
specifically
84
00:02:37,920 --> 00:02:41,040
if you're asking about a five zero one
85
00:02:39,440 --> 00:02:41,760
and six zero one will be targeting the
86
00:02:41,040 --> 00:02:43,519
cardinal
87
00:02:41,760 --> 00:02:45,760
security plus six zero one which is the
88
00:02:43,519 --> 00:02:48,080
latest version going on you know
89
00:02:45,760 --> 00:02:49,519
comp shia right the vendor which is
90
00:02:48,080 --> 00:02:50,000
providing security places your comms
91
00:02:49,519 --> 00:02:53,440
here
92
00:02:50,000 --> 00:02:56,800
so your latest version is when your 601
93
00:02:53,440 --> 00:02:57,519
okay so as i was saying security plus
94
00:02:56,800 --> 00:02:59,360
it's your
95
00:02:57,519 --> 00:03:01,040
blue teaming uh blue team course right
96
00:02:59,360 --> 00:03:02,159
which is totally a defensive one it's
97
00:03:01,040 --> 00:03:04,800
not basically
98
00:03:02,159 --> 00:03:06,319
based off your attacking one right here
99
00:03:04,800 --> 00:03:06,800
you loan regarding the defensive side of
100
00:03:06,319 --> 00:03:09,280
the
101
00:03:06,800 --> 00:03:10,720
whole cyber security right so the low
102
00:03:09,280 --> 00:03:11,200
the skills you will be learning in your
103
00:03:10,720 --> 00:03:13,040
cyber
104
00:03:11,200 --> 00:03:14,480
or security place would be like
105
00:03:13,040 --> 00:03:16,440
regarding the terminologies
106
00:03:14,480 --> 00:03:17,599
regarding your attacks threats
107
00:03:16,440 --> 00:03:19,879
vulnerabilities
108
00:03:17,599 --> 00:03:22,319
right architecture and design the
109
00:03:19,879 --> 00:03:24,959
implementation of the policies
110
00:03:22,319 --> 00:03:26,480
right all those about the compliances
111
00:03:24,959 --> 00:03:28,239
your incident deploy
112
00:03:26,480 --> 00:03:30,080
response and operational response if
113
00:03:28,239 --> 00:03:32,799
there is any sort of an attack happen
114
00:03:30,080 --> 00:03:34,400
or your mitigation techniques right so
115
00:03:32,799 --> 00:03:35,680
these are the skills which you learn in
116
00:03:34,400 --> 00:03:38,000
this whole security
117
00:03:35,680 --> 00:03:39,760
plus course right which is provided up
118
00:03:38,000 --> 00:03:42,400
by a conscience
119
00:03:39,760 --> 00:03:44,959
correct so but today we'll be covering
120
00:03:42,400 --> 00:03:47,599
the broader areas so for today's session
121
00:03:44,959 --> 00:03:49,840
right we'll be discussing regarding your
122
00:03:47,599 --> 00:03:52,000
threat actors and threat intelligence
123
00:03:49,840 --> 00:03:53,280
and your malwares and your social
124
00:03:52,000 --> 00:03:54,879
engineering attacks
125
00:03:53,280 --> 00:03:56,319
all right so these are our today's
126
00:03:54,879 --> 00:03:59,360
agenda and that are
127
00:03:56,319 --> 00:04:01,760
topics which we'll be covering
128
00:03:59,360 --> 00:04:02,799
so basically if you talk about uh the
129
00:04:01,760 --> 00:04:05,200
agenda of the
130
00:04:02,799 --> 00:04:06,720
security plus right so like there are
131
00:04:05,200 --> 00:04:08,080
plenty of job roles you will be getting
132
00:04:06,720 --> 00:04:09,760
in it right like your security
133
00:04:08,080 --> 00:04:11,200
administrator right your system
134
00:04:09,760 --> 00:04:13,519
administrator
135
00:04:11,200 --> 00:04:15,439
like your help desk manager your endless
136
00:04:13,519 --> 00:04:16,320
your network engineer your security
137
00:04:15,439 --> 00:04:19,519
engineer
138
00:04:16,320 --> 00:04:20,160
right you can even go for the profiles
139
00:04:19,519 --> 00:04:22,800
of your
140
00:04:20,160 --> 00:04:24,560
devops software developer your i.t
141
00:04:22,800 --> 00:04:25,440
auditors right and your id project
142
00:04:24,560 --> 00:04:27,040
manager as well
143
00:04:25,440 --> 00:04:29,280
so basically uh what you can say
144
00:04:27,040 --> 00:04:30,720
security players are it's a
145
00:04:29,280 --> 00:04:32,720
base level which will be covering each
146
00:04:30,720 --> 00:04:35,120
and every ground of your
147
00:04:32,720 --> 00:04:37,040
other high level techniques right so you
148
00:04:35,120 --> 00:04:39,199
will be setting up your ground level
149
00:04:37,040 --> 00:04:40,080
with this security plus course right so
150
00:04:39,199 --> 00:04:43,280
you will be
151
00:04:40,080 --> 00:04:44,800
getting a much more insight in this
152
00:04:43,280 --> 00:04:47,680
cyber security
153
00:04:44,800 --> 00:04:48,160
specifically talking about the blue team
154
00:04:47,680 --> 00:04:50,400
side
155
00:04:48,160 --> 00:04:51,360
right you will get to know about the red
156
00:04:50,400 --> 00:04:53,919
team as well
157
00:04:51,360 --> 00:04:55,520
right uh like not as an attacking phase
158
00:04:53,919 --> 00:04:57,120
like how to attack and how to code and
159
00:04:55,520 --> 00:04:59,360
how to write scripts
160
00:04:57,120 --> 00:05:01,199
but you will get a few bits of an idea
161
00:04:59,360 --> 00:05:04,400
regarding these things
162
00:05:01,199 --> 00:05:07,360
okay like what sort of a scripts
163
00:05:04,400 --> 00:05:09,680
look like how you launch an attack right
164
00:05:07,360 --> 00:05:11,199
what are the uh like steps to do that
165
00:05:09,680 --> 00:05:13,199
right how do you do the information
166
00:05:11,199 --> 00:05:15,759
gathering because it can be like useful
167
00:05:13,199 --> 00:05:16,320
from the security purpose as well right
168
00:05:15,759 --> 00:05:19,039
and like
169
00:05:16,320 --> 00:05:20,639
how do you attack and particular port
170
00:05:19,039 --> 00:05:21,440
how do you scan them and all these
171
00:05:20,639 --> 00:05:23,840
scenarios
172
00:05:21,440 --> 00:05:25,680
you can cover with the security plus
173
00:05:23,840 --> 00:05:28,400
side as well so you will get a
174
00:05:25,680 --> 00:05:29,039
like you can say an overlook of an
175
00:05:28,400 --> 00:05:32,160
attacking
176
00:05:29,039 --> 00:05:34,240
uh area just to know how things
177
00:05:32,160 --> 00:05:35,600
look around from that side right but
178
00:05:34,240 --> 00:05:38,639
moreover it focus on your
179
00:05:35,600 --> 00:05:43,120
defensive side all right so
180
00:05:38,639 --> 00:05:45,280
uh talking about the examination as well
181
00:05:43,120 --> 00:05:46,639
right talking about the examination you
182
00:05:45,280 --> 00:05:48,400
will be having if you go for the
183
00:05:46,639 --> 00:05:50,080
examination of security please like
184
00:05:48,400 --> 00:05:52,560
accomplish the vendor as i
185
00:05:50,080 --> 00:05:54,000
already mentioned over there so if you
186
00:05:52,560 --> 00:05:55,840
talk about the number of questions in
187
00:05:54,000 --> 00:05:58,880
your examination guys that will be
188
00:05:55,840 --> 00:06:00,319
90 questions over there okay in an
189
00:05:58,880 --> 00:06:02,880
examination it will be of
190
00:06:00,319 --> 00:06:03,759
90 questions it will be if you talk
191
00:06:02,880 --> 00:06:05,440
about the
192
00:06:03,759 --> 00:06:07,680
pattern of the type of questions over
193
00:06:05,440 --> 00:06:10,080
there it will be a multiple choice
194
00:06:07,680 --> 00:06:10,720
examination over there or uh security
195
00:06:10,080 --> 00:06:13,840
plus
196
00:06:10,720 --> 00:06:16,800
and the length of this test would be of
197
00:06:13,840 --> 00:06:18,240
90 minutes guys okay the length of the
198
00:06:16,800 --> 00:06:20,479
test would be 90 minutes
199
00:06:18,240 --> 00:06:22,080
there will be 90 questions over there
200
00:06:20,479 --> 00:06:24,400
and that two will be of
201
00:06:22,080 --> 00:06:25,600
multiple choice so if you talk about the
202
00:06:24,400 --> 00:06:27,840
passing score
203
00:06:25,600 --> 00:06:30,319
uh it would be like if the question will
204
00:06:27,840 --> 00:06:33,039
be like a thousand you can say of
205
00:06:30,319 --> 00:06:34,400
750 right and these sort of things so
206
00:06:33,039 --> 00:06:37,120
750 of a margin
207
00:06:34,400 --> 00:06:37,759
it will be of on a scale of 100 to 900
208
00:06:37,120 --> 00:06:41,120
it will
209
00:06:37,759 --> 00:06:44,160
750 without passing scenarios over there
210
00:06:41,120 --> 00:06:45,840
okay so that was a bit regarding your
211
00:06:44,160 --> 00:06:48,080
whole certificate scenario if you want
212
00:06:45,840 --> 00:06:51,919
to offer the certification
213
00:06:48,080 --> 00:06:54,000
you have to opt for this right
214
00:06:51,919 --> 00:06:55,120
so if you can see uh com she is the
215
00:06:54,000 --> 00:06:57,120
vendor of this and
216
00:06:55,120 --> 00:06:58,720
the code which is latency being for like
217
00:06:57,120 --> 00:07:01,759
followed by x601
218
00:06:58,720 --> 00:07:03,680
right sy-0601 which is of a security
219
00:07:01,759 --> 00:07:05,360
601 so these are the skills which we'll
220
00:07:03,680 --> 00:07:07,280
be covering over here
221
00:07:05,360 --> 00:07:09,039
in this whole courses these are the jobs
222
00:07:07,280 --> 00:07:10,000
and opportunities out there regarding
223
00:07:09,039 --> 00:07:11,360
this course
224
00:07:10,000 --> 00:07:12,960
and you can always found the exam
225
00:07:11,360 --> 00:07:14,800
details over here right the maximum
226
00:07:12,960 --> 00:07:16,880
number of questions are 90
227
00:07:14,800 --> 00:07:18,479
your 750 will be passing score length
228
00:07:16,880 --> 00:07:19,599
the test is 90 and you will be the
229
00:07:18,479 --> 00:07:22,639
multiple choice
230
00:07:19,599 --> 00:07:23,039
questions over there all right so these
231
00:07:22,639 --> 00:07:25,759
are the
232
00:07:23,039 --> 00:07:26,560
bits regarding your certification part
233
00:07:25,759 --> 00:07:28,479
all right
234
00:07:26,560 --> 00:07:30,400
it can be like very efficient to have
235
00:07:28,479 --> 00:07:32,880
this certification or
236
00:07:30,400 --> 00:07:34,080
moreover if you have the knowledge for
237
00:07:32,880 --> 00:07:36,080
this particular
238
00:07:34,080 --> 00:07:37,440
field right as per your job purpose and
239
00:07:36,080 --> 00:07:38,880
like if you're entering into cyber
240
00:07:37,440 --> 00:07:40,479
security field it can be really very
241
00:07:38,880 --> 00:07:43,039
helpful and insightful
242
00:07:40,479 --> 00:07:44,240
to stand out from rest of the public in
243
00:07:43,039 --> 00:07:47,360
this particular
244
00:07:44,240 --> 00:07:48,560
domain all right so proceeding further
245
00:07:47,360 --> 00:07:50,479
with the course lies
246
00:07:48,560 --> 00:07:51,840
right just to mention regarding about
247
00:07:50,479 --> 00:07:54,479
infosect train
248
00:07:51,840 --> 00:07:56,800
we are established in 2016 we are one of
249
00:07:54,479 --> 00:07:58,639
the finest security and technology
250
00:07:56,800 --> 00:08:00,800
training and consulting company
251
00:07:58,639 --> 00:08:02,759
right we provide a wide range of
252
00:08:00,800 --> 00:08:05,280
professional training programs
253
00:08:02,759 --> 00:08:05,759
certifications and consulting services
254
00:08:05,280 --> 00:08:08,879
in the
255
00:08:05,759 --> 00:08:10,879
itn cyber security domain and we have
256
00:08:08,879 --> 00:08:12,879
high quality technical services
257
00:08:10,879 --> 00:08:14,639
certifications or customized training
258
00:08:12,879 --> 00:08:16,479
programs created with
259
00:08:14,639 --> 00:08:18,479
professionals of over 15 years of
260
00:08:16,479 --> 00:08:20,000
combined experience in the domain in
261
00:08:18,479 --> 00:08:22,319
their respective domains
262
00:08:20,000 --> 00:08:23,120
all right and if you talk about our
263
00:08:22,319 --> 00:08:25,440
endorsements
264
00:08:23,120 --> 00:08:27,360
we have like four plus years of services
265
00:08:25,440 --> 00:08:28,400
right and we have a 70-plus school of
266
00:08:27,360 --> 00:08:30,400
trainers
267
00:08:28,400 --> 00:08:31,759
we are already offering 150 plus of
268
00:08:30,400 --> 00:08:33,440
courses right
269
00:08:31,759 --> 00:08:35,120
and we have 100 plus corporate
270
00:08:33,440 --> 00:08:37,279
deliveries we have
271
00:08:35,120 --> 00:08:39,599
valuable partners which has a number of
272
00:08:37,279 --> 00:08:42,880
10 plus and we have 15 000 because of
273
00:08:39,599 --> 00:08:44,159
profession train all right and these are
274
00:08:42,880 --> 00:08:45,760
our trusted clients
275
00:08:44,159 --> 00:08:49,360
you can have a look on them right
276
00:08:45,760 --> 00:08:51,839
samsung microsoft vmware deloitte hcl
277
00:08:49,360 --> 00:08:53,279
and many more and if we talk about why
278
00:08:51,839 --> 00:08:54,880
infosec train
279
00:08:53,279 --> 00:08:56,640
because we have already have certified
280
00:08:54,880 --> 00:08:59,360
and experienced instructors
281
00:08:56,640 --> 00:09:00,240
right and we have these flexible modes
282
00:08:59,360 --> 00:09:02,399
of training
283
00:09:00,240 --> 00:09:04,240
according to our requirements according
284
00:09:02,399 --> 00:09:05,839
to you participants like
285
00:09:04,240 --> 00:09:07,279
whenever you guys are comfortable
286
00:09:05,839 --> 00:09:08,640
regarding the trainings and all those
287
00:09:07,279 --> 00:09:11,680
scenarios and periods
288
00:09:08,640 --> 00:09:13,200
uh any time of the day so we provide
289
00:09:11,680 --> 00:09:16,480
these of flexibilities
290
00:09:13,200 --> 00:09:17,839
for you participants right and like
291
00:09:16,480 --> 00:09:19,839
you can always have the access to the
292
00:09:17,839 --> 00:09:22,000
recorded sessions right we
293
00:09:19,839 --> 00:09:23,760
go through this go to meeting platform
294
00:09:22,000 --> 00:09:25,760
only and whatever the training you will
295
00:09:23,760 --> 00:09:27,680
be having for each and every day
296
00:09:25,760 --> 00:09:29,440
all those session and all those recorded
297
00:09:27,680 --> 00:09:31,200
uh these session will be get recorded
298
00:09:29,440 --> 00:09:32,640
and these recording will be passed on to
299
00:09:31,200 --> 00:09:36,160
you guys via email
300
00:09:32,640 --> 00:09:36,959
and everything right so moreover we also
301
00:09:36,160 --> 00:09:38,959
provide this
302
00:09:36,959 --> 00:09:40,399
uh tailor-made training right for any
303
00:09:38,959 --> 00:09:43,200
particular course
304
00:09:40,399 --> 00:09:45,440
and according to customers or like
305
00:09:43,200 --> 00:09:47,760
participants like you if you have any
306
00:09:45,440 --> 00:09:48,959
you can say any specific requirement
307
00:09:47,760 --> 00:09:51,040
regarding any particular
308
00:09:48,959 --> 00:09:52,480
certification or any particular course
309
00:09:51,040 --> 00:09:54,480
we can always go through all your
310
00:09:52,480 --> 00:09:55,920
requirements and we provide you like
311
00:09:54,480 --> 00:09:56,959
tailor-made training right we can
312
00:09:55,920 --> 00:09:58,800
customize it
313
00:09:56,959 --> 00:10:00,160
according to your needs and we can
314
00:09:58,800 --> 00:10:04,079
provide you that
315
00:10:00,160 --> 00:10:04,640
right all right so basically guys first
316
00:10:04,079 --> 00:10:06,800
of all
317
00:10:04,640 --> 00:10:08,160
talking regarding this cyber security
318
00:10:06,800 --> 00:10:10,000
right
319
00:10:08,160 --> 00:10:12,160
okay so guys what do you understand by
320
00:10:10,000 --> 00:10:15,040
the term security
321
00:10:12,160 --> 00:10:16,160
all right so there's security like you
322
00:10:15,040 --> 00:10:18,399
can say uh
323
00:10:16,160 --> 00:10:20,800
gets you uh in short you can say a
324
00:10:18,399 --> 00:10:21,200
freedom from all those potential harms
325
00:10:20,800 --> 00:10:22,800
right
326
00:10:21,200 --> 00:10:24,480
as you mentioned it gives you the
327
00:10:22,800 --> 00:10:26,560
protection you see it gives you the
328
00:10:24,480 --> 00:10:29,519
safety it gives you securing your and
329
00:10:26,560 --> 00:10:30,800
your environment right so it protects
330
00:10:29,519 --> 00:10:32,800
you from all those
331
00:10:30,800 --> 00:10:34,240
external attacks you can see or any
332
00:10:32,800 --> 00:10:34,800
internal direction attacks we'll talk
333
00:10:34,240 --> 00:10:38,240
about that
334
00:10:34,800 --> 00:10:40,560
later on as well right so these will be
335
00:10:38,240 --> 00:10:43,519
providing what uh your security is
336
00:10:40,560 --> 00:10:44,720
a protection of your own network or
337
00:10:43,519 --> 00:10:46,720
organization
338
00:10:44,720 --> 00:10:47,920
regarding in general terminology as well
339
00:10:46,720 --> 00:10:50,160
it's a protection from
340
00:10:47,920 --> 00:10:52,320
each and everything right which can harm
341
00:10:50,160 --> 00:10:55,279
us which can affect us in a
342
00:10:52,320 --> 00:10:56,399
uh more negative way correct so security
343
00:10:55,279 --> 00:10:59,120
is to provide you with a
344
00:10:56,399 --> 00:11:00,000
protection from them isn't it so guys
345
00:10:59,120 --> 00:11:02,640
when we talk about
346
00:11:00,000 --> 00:11:04,720
uh security right so information
347
00:11:02,640 --> 00:11:07,600
security or you can refer it as your
348
00:11:04,720 --> 00:11:08,480
infosec as well right it refers to the
349
00:11:07,600 --> 00:11:11,920
protection of
350
00:11:08,480 --> 00:11:14,000
data resources from any unauthorized
351
00:11:11,920 --> 00:11:15,440
access right isn't it like from any sort
352
00:11:14,000 --> 00:11:18,959
of an attack
353
00:11:15,440 --> 00:11:20,640
theft or a damage right so these data
354
00:11:18,959 --> 00:11:22,320
are talking about this data right uh
355
00:11:20,640 --> 00:11:24,240
which your organization holds so this
356
00:11:22,320 --> 00:11:25,680
data may be vulnerable right because of
357
00:11:24,240 --> 00:11:27,279
the way it is stored
358
00:11:25,680 --> 00:11:29,279
the way it is transferred over the
359
00:11:27,279 --> 00:11:32,160
network or the way it is processed
360
00:11:29,279 --> 00:11:33,600
correct so the system the systems of
361
00:11:32,160 --> 00:11:37,279
yours they use to store
362
00:11:33,600 --> 00:11:40,240
or transmit and process these data must
363
00:11:37,279 --> 00:11:41,519
demonstrate the properties of security
364
00:11:40,240 --> 00:11:45,040
guys
365
00:11:41,519 --> 00:11:47,120
okay and you can also say this cia right
366
00:11:45,040 --> 00:11:48,399
these like since your secure information
367
00:11:47,120 --> 00:11:51,040
has three properties
368
00:11:48,399 --> 00:11:53,360
which are referred to as your cia trade
369
00:11:51,040 --> 00:11:57,519
cia stands for confidentiality
370
00:11:53,360 --> 00:12:00,399
integrity right and the availability
371
00:11:57,519 --> 00:12:01,760
okay so basically you can also mention
372
00:12:00,399 --> 00:12:04,959
them as a three pillars
373
00:12:01,760 --> 00:12:06,639
of your security all right so
374
00:12:04,959 --> 00:12:07,600
confidentiality basically right that's
375
00:12:06,639 --> 00:12:09,040
what you understand by the term
376
00:12:07,600 --> 00:12:12,079
confidentiality
377
00:12:09,040 --> 00:12:14,240
so confidentiality means that certain
378
00:12:12,079 --> 00:12:16,560
information should only be known to
379
00:12:14,240 --> 00:12:19,440
certain people isn't it
380
00:12:16,560 --> 00:12:20,720
exactly no one can access right yeah
381
00:12:19,440 --> 00:12:23,040
data to be accessed by
382
00:12:20,720 --> 00:12:25,040
authorized people correct so you can
383
00:12:23,040 --> 00:12:26,399
maintain guys this confidentiality by
384
00:12:25,040 --> 00:12:27,760
encryption isn't it
385
00:12:26,399 --> 00:12:28,880
like you can use encryption for
386
00:12:27,760 --> 00:12:29,920
maintaining the confidence
387
00:12:28,880 --> 00:12:34,079
confidentiality
388
00:12:29,920 --> 00:12:36,160
right then talking about the integrity
389
00:12:34,079 --> 00:12:38,160
it means in short that the data is
390
00:12:36,160 --> 00:12:41,279
stored and transferred
391
00:12:38,160 --> 00:12:43,600
as intended right correct
392
00:12:41,279 --> 00:12:44,639
as it was like sent from one user to
393
00:12:43,600 --> 00:12:47,680
another user it was
394
00:12:44,639 --> 00:12:50,880
going as intended nothing sort of a
395
00:12:47,680 --> 00:12:53,440
alteration or modification
396
00:12:50,880 --> 00:12:55,440
is there correct and you can maintain
397
00:12:53,440 --> 00:12:58,160
this integrity by
398
00:12:55,440 --> 00:12:59,200
hashing isn't it right you can put up
399
00:12:58,160 --> 00:13:02,399
integrity by using
400
00:12:59,200 --> 00:13:03,279
hashing then guys we have availability
401
00:13:02,399 --> 00:13:05,760
as well
402
00:13:03,279 --> 00:13:06,720
availability means that information is
403
00:13:05,760 --> 00:13:10,000
accessible to
404
00:13:06,720 --> 00:13:11,360
those authorized to view or modified
405
00:13:10,000 --> 00:13:13,519
right or you can say like
406
00:13:11,360 --> 00:13:14,399
it is available like if we talk in terms
407
00:13:13,519 --> 00:13:16,959
of here like
408
00:13:14,399 --> 00:13:17,920
uh your this ecommerce website or anyone
409
00:13:16,959 --> 00:13:21,120
so like it is
410
00:13:17,920 --> 00:13:22,720
uh available for the users right
411
00:13:21,120 --> 00:13:24,160
to their authorized users or their
412
00:13:22,720 --> 00:13:26,800
genuine users isn't it
413
00:13:24,160 --> 00:13:28,399
so we can maintain these availability by
414
00:13:26,800 --> 00:13:31,680
using the load balances
415
00:13:28,399 --> 00:13:34,480
isn't it or the backup plans right so
416
00:13:31,680 --> 00:13:35,600
uh as we are talking about uh the cia
417
00:13:34,480 --> 00:13:37,519
tried right
418
00:13:35,600 --> 00:13:39,279
so guys what happens some security
419
00:13:37,519 --> 00:13:41,839
models and resources
420
00:13:39,279 --> 00:13:42,720
identify other properties that secure
421
00:13:41,839 --> 00:13:44,639
systems
422
00:13:42,720 --> 00:13:45,760
or like should exhibit right they should
423
00:13:44,639 --> 00:13:47,440
opt for them there as well
424
00:13:45,760 --> 00:13:50,079
because these are not enough to maintain
425
00:13:47,440 --> 00:13:52,120
the security so the most important of
426
00:13:50,079 --> 00:13:54,480
these is you have
427
00:13:52,120 --> 00:13:55,760
non-reputation have you heard about
428
00:13:54,480 --> 00:14:02,000
non-reputation guys what do you
429
00:13:55,760 --> 00:14:05,279
understand by non-reputation
430
00:14:02,000 --> 00:14:08,079
non-reputation means that the subject
431
00:14:05,279 --> 00:14:08,399
right he cannot deny doing something
432
00:14:08,079 --> 00:14:11,760
right
433
00:14:08,399 --> 00:14:13,199
such as creating or like modifying or
434
00:14:11,760 --> 00:14:15,120
sending a resource
435
00:14:13,199 --> 00:14:16,320
right for example if we talk about a
436
00:14:15,120 --> 00:14:18,560
legal document
437
00:14:16,320 --> 00:14:20,560
uh such as a will or like it must
438
00:14:18,560 --> 00:14:21,120
usually be witnessed when it is signed
439
00:14:20,560 --> 00:14:22,959
right
440
00:14:21,120 --> 00:14:25,360
so if there is a dispute about whether
441
00:14:22,959 --> 00:14:28,000
the document was correctly
442
00:14:25,360 --> 00:14:28,880
executed the witness can provide
443
00:14:28,000 --> 00:14:31,760
evidence that
444
00:14:28,880 --> 00:14:33,519
it was right so moreover you can if you
445
00:14:31,760 --> 00:14:35,279
talk about a simply example regarding
446
00:14:33,519 --> 00:14:37,920
this noun repetition you can always talk
447
00:14:35,279 --> 00:14:39,360
about a system camera isn't it
448
00:14:37,920 --> 00:14:41,120
right it's a very common example for
449
00:14:39,360 --> 00:14:43,199
that and a very strong one
450
00:14:41,120 --> 00:14:45,199
so something you do is caught in your
451
00:14:43,199 --> 00:14:47,040
sweet smoothie cam or cctv camera and
452
00:14:45,199 --> 00:14:47,839
you cannot deny about it isn't it you
453
00:14:47,040 --> 00:14:49,839
maintain
454
00:14:47,839 --> 00:14:51,600
non reputation by digital signatures as
455
00:14:49,839 --> 00:14:54,560
well guys uh
456
00:14:51,600 --> 00:14:56,839
there is also authentication as well
457
00:14:54,560 --> 00:14:59,839
right what do you understand about
458
00:14:56,839 --> 00:14:59,839
authentication
459
00:15:00,160 --> 00:15:03,680
okay so guys uh actually what happens
460
00:15:02,959 --> 00:15:05,760
when we
461
00:15:03,680 --> 00:15:07,040
talk about security alright so when we
462
00:15:05,760 --> 00:15:09,120
talk about security
463
00:15:07,040 --> 00:15:11,199
your information security and cyber
464
00:15:09,120 --> 00:15:14,480
security task can be classified in
465
00:15:11,199 --> 00:15:16,240
like five functions right uh
466
00:15:14,480 --> 00:15:18,560
it can be classified in five function
467
00:15:16,240 --> 00:15:22,320
like they what they do they follow the
468
00:15:18,560 --> 00:15:22,320
framework which is developed by our
469
00:15:23,920 --> 00:15:31,120
nest right next stands for national
470
00:15:27,600 --> 00:15:33,199
institute of standards and technology
471
00:15:31,120 --> 00:15:34,240
right so nest it is a set of best
472
00:15:33,199 --> 00:15:36,160
practices
473
00:15:34,240 --> 00:15:37,839
the standards and recommendations that
474
00:15:36,160 --> 00:15:40,320
help an organization
475
00:15:37,839 --> 00:15:42,079
to improve its cyber security measures
476
00:15:40,320 --> 00:15:45,040
right so it is focusing
477
00:15:42,079 --> 00:15:46,639
exclusively on iit security so the next
478
00:15:45,040 --> 00:15:47,279
cyber security framework seeks to
479
00:15:46,639 --> 00:15:49,120
address
480
00:15:47,279 --> 00:15:50,720
the lack of standards right when it
481
00:15:49,120 --> 00:15:52,880
comes to security
482
00:15:50,720 --> 00:15:54,399
so there are currently like major
483
00:15:52,880 --> 00:15:56,320
differences in the way
484
00:15:54,399 --> 00:15:57,680
companies are using technologies
485
00:15:56,320 --> 00:16:00,000
actually right
486
00:15:57,680 --> 00:16:01,839
and the languages and the rules to fight
487
00:16:00,000 --> 00:16:02,880
hackers you can say or the malicious
488
00:16:01,839 --> 00:16:04,560
actors
489
00:16:02,880 --> 00:16:06,000
right and those i can call them as a
490
00:16:04,560 --> 00:16:09,519
data pirates and the
491
00:16:06,000 --> 00:16:12,720
ransomware as well so cyber attacks
492
00:16:09,519 --> 00:16:14,240
right are becoming more widespread and
493
00:16:12,720 --> 00:16:15,920
complex isn't it
494
00:16:14,240 --> 00:16:18,079
becoming very very complex and they are
495
00:16:15,920 --> 00:16:20,720
getting advanced with the time right
496
00:16:18,079 --> 00:16:22,480
so fighting these attacks are becoming
497
00:16:20,720 --> 00:16:25,040
much more difficult
498
00:16:22,480 --> 00:16:26,639
right time is going on or the hackers or
499
00:16:25,040 --> 00:16:27,600
the malicious actors are also upgrading
500
00:16:26,639 --> 00:16:29,360
themselves
501
00:16:27,600 --> 00:16:30,880
they are making their strategies more
502
00:16:29,360 --> 00:16:33,199
and more complex right
503
00:16:30,880 --> 00:16:34,079
so fighting them going against them as a
504
00:16:33,199 --> 00:16:36,160
security person
505
00:16:34,079 --> 00:16:37,920
is also becoming difficult this is
506
00:16:36,160 --> 00:16:41,040
compounded by the lack of
507
00:16:37,920 --> 00:16:42,639
unified strategy among organization so
508
00:16:41,040 --> 00:16:46,079
that's why your nest
509
00:16:42,639 --> 00:16:49,199
it provides a uniform set of rules
510
00:16:46,079 --> 00:16:51,519
guidelines and standards which makes it
511
00:16:49,199 --> 00:16:52,320
easier to share information between two
512
00:16:51,519 --> 00:16:54,959
companies
513
00:16:52,320 --> 00:16:55,360
and easier to get everybody on the same
514
00:16:54,959 --> 00:16:58,560
page
515
00:16:55,360 --> 00:17:00,639
on the same note right so
516
00:16:58,560 --> 00:17:01,600
as i mentioned uh it is classified into
517
00:17:00,639 --> 00:17:06,319
five functions
518
00:17:01,600 --> 00:17:06,319
right so they are your first is
519
00:17:06,559 --> 00:17:12,640
is identify all right
520
00:17:11,360 --> 00:17:16,079
so what do you understand the term
521
00:17:12,640 --> 00:17:18,799
identify guys so what you do you develop
522
00:17:16,079 --> 00:17:19,520
security policies and capabilities over
523
00:17:18,799 --> 00:17:22,000
here guys
524
00:17:19,520 --> 00:17:23,199
you evaluate the risk threads and
525
00:17:22,000 --> 00:17:26,160
vulnerabilities
526
00:17:23,199 --> 00:17:28,400
and recommend your security controls to
527
00:17:26,160 --> 00:17:30,720
mitigate them or to resolve them
528
00:17:28,400 --> 00:17:32,080
right that's your identity part over
529
00:17:30,720 --> 00:17:34,080
here right the function
530
00:17:32,080 --> 00:17:36,480
of your identity then is there your
531
00:17:34,080 --> 00:17:36,480
protect
532
00:17:36,720 --> 00:17:40,000
right so protect what it does it
533
00:17:39,200 --> 00:17:43,120
determine
534
00:17:40,000 --> 00:17:46,160
how your current cyber security policies
535
00:17:43,120 --> 00:17:47,440
protect your organization right and
536
00:17:46,160 --> 00:17:50,720
where they
537
00:17:47,440 --> 00:17:51,200
fell or fall short right where they are
538
00:17:50,720 --> 00:17:54,240
like
539
00:17:51,200 --> 00:17:54,559
having those uh loopholes or the you can
540
00:17:54,240 --> 00:17:56,320
say
541
00:17:54,559 --> 00:17:58,160
the shortage right so this function
542
00:17:56,320 --> 00:18:00,320
supports the ability to
543
00:17:58,160 --> 00:18:02,320
limit and contain any impact resulting
544
00:18:00,320 --> 00:18:05,440
from your cyber security right
545
00:18:02,320 --> 00:18:06,640
so you can categorize uh like which fall
546
00:18:05,440 --> 00:18:09,440
under protection like
547
00:18:06,640 --> 00:18:10,640
like in your access control data
548
00:18:09,440 --> 00:18:12,799
security
549
00:18:10,640 --> 00:18:14,080
information protection and procedure in
550
00:18:12,799 --> 00:18:17,120
your maintenance so
551
00:18:14,080 --> 00:18:18,640
you can like categorize them into
552
00:18:17,120 --> 00:18:21,120
these shortings right in your
553
00:18:18,640 --> 00:18:23,600
organization so that falls under your
554
00:18:21,120 --> 00:18:25,840
protect then you have your detect as
555
00:18:23,600 --> 00:18:25,840
well
556
00:18:26,880 --> 00:18:31,280
all right so what do you understand by
557
00:18:29,120 --> 00:18:32,960
detecting what might be in this function
558
00:18:31,280 --> 00:18:34,880
so what you will be doing you will be
559
00:18:32,960 --> 00:18:37,280
performing ongoing
560
00:18:34,880 --> 00:18:38,080
you can say proactive monitoring to
561
00:18:37,280 --> 00:18:42,000
ensure that
562
00:18:38,080 --> 00:18:45,200
controls are effective and capable of
563
00:18:42,000 --> 00:18:48,720
protecting against new types of threats
564
00:18:45,200 --> 00:18:51,760
absolutely money right then we have guys
565
00:18:48,720 --> 00:18:51,760
respond as well
566
00:18:53,760 --> 00:19:00,240
all right so what you doing respond uh
567
00:18:56,960 --> 00:19:04,080
in this category you identify you
568
00:19:00,240 --> 00:19:07,760
analyze you contain and eradicate
569
00:19:04,080 --> 00:19:11,200
threads to systems and data
570
00:19:07,760 --> 00:19:12,880
security all right you identify you
571
00:19:11,200 --> 00:19:14,000
analyze the contain and eradicate
572
00:19:12,880 --> 00:19:17,760
threats to systems
573
00:19:14,000 --> 00:19:22,240
and data security all right
574
00:19:17,760 --> 00:19:22,240
perfect then you have recover
575
00:19:23,600 --> 00:19:26,960
what do you understand about the term
576
00:19:24,640 --> 00:19:28,320
recover guys yeah you recover from the
577
00:19:26,960 --> 00:19:30,080
incident you have plans
578
00:19:28,320 --> 00:19:31,360
right you moreover you implement cyber
579
00:19:30,080 --> 00:19:34,000
security resilience
580
00:19:31,360 --> 00:19:36,320
to restore your systems and data if
581
00:19:34,000 --> 00:19:38,320
other controls are unable to
582
00:19:36,320 --> 00:19:40,480
prevent your attacks perfect you can
583
00:19:38,320 --> 00:19:44,080
call them a backup strategy as well
584
00:19:40,480 --> 00:19:44,799
all right perfect so when we talk about
585
00:19:44,080 --> 00:19:46,480
security
586
00:19:44,799 --> 00:19:48,080
control category side so your
587
00:19:46,480 --> 00:19:49,760
implementation implementation of cyber
588
00:19:48,080 --> 00:19:52,480
security function is often
589
00:19:49,760 --> 00:19:54,400
the responsibility of the iit department
590
00:19:52,480 --> 00:19:57,360
isn't it so we have like few
591
00:19:54,400 --> 00:19:59,120
security controls so security control is
592
00:19:57,360 --> 00:20:01,520
to provide the system
593
00:19:59,120 --> 00:20:03,039
or the data asset the property is like
594
00:20:01,520 --> 00:20:04,880
your confidentiality
595
00:20:03,039 --> 00:20:06,400
integrity availability and your
596
00:20:04,880 --> 00:20:08,559
non-reputation isn't it
597
00:20:06,400 --> 00:20:09,760
that's the main agent of our to provide
598
00:20:08,559 --> 00:20:11,360
all these
599
00:20:09,760 --> 00:20:13,840
properties to the system of the data
600
00:20:11,360 --> 00:20:15,919
asset correct so control these controls
601
00:20:13,840 --> 00:20:16,320
guys they uh can be divided into three
602
00:20:15,919 --> 00:20:19,200
pro
603
00:20:16,320 --> 00:20:21,039
categories right so these are like
604
00:20:19,200 --> 00:20:23,600
representing how the
605
00:20:21,039 --> 00:20:25,120
control is implemented right so if you
606
00:20:23,600 --> 00:20:27,919
talk about technical
607
00:20:25,120 --> 00:20:30,240
right in the technical it is the control
608
00:20:27,919 --> 00:20:32,159
the control is implemented as a
609
00:20:30,240 --> 00:20:34,000
system like you can say hardware or
610
00:20:32,159 --> 00:20:36,640
software like for example
611
00:20:34,000 --> 00:20:37,679
in your or like firewalls antivirus
612
00:20:36,640 --> 00:20:39,679
software eyes
613
00:20:37,679 --> 00:20:41,440
and your operating system access control
614
00:20:39,679 --> 00:20:45,280
modules and are your
615
00:20:41,440 --> 00:20:47,919
technical controls okay yeah exactly
616
00:20:45,280 --> 00:20:49,039
so technical controls may be or like may
617
00:20:47,919 --> 00:20:51,679
also be described as
618
00:20:49,039 --> 00:20:53,039
logical controls over right then we have
619
00:20:51,679 --> 00:20:55,679
operational
620
00:20:53,039 --> 00:20:57,120
so the control is implemented primarily
621
00:20:55,679 --> 00:20:59,200
by people rather than
622
00:20:57,120 --> 00:21:00,720
systems over here for example you can
623
00:20:59,200 --> 00:21:02,720
say the security guard
624
00:21:00,720 --> 00:21:04,559
right and the training programs are
625
00:21:02,720 --> 00:21:07,360
operation controls rather than
626
00:21:04,559 --> 00:21:08,480
technical controls correct then you have
627
00:21:07,360 --> 00:21:10,960
managerial
628
00:21:08,480 --> 00:21:12,720
so the control gives you oversight of
629
00:21:10,960 --> 00:21:14,559
the information system right
630
00:21:12,720 --> 00:21:16,640
example could be like including risk
631
00:21:14,559 --> 00:21:18,880
identity identification
632
00:21:16,640 --> 00:21:21,039
or a tool that is allowing the
633
00:21:18,880 --> 00:21:25,520
evaluation and selection of other
634
00:21:21,039 --> 00:21:28,000
security controls absolutely perfect
635
00:21:25,520 --> 00:21:30,159
so security controls guys can also be
636
00:21:28,000 --> 00:21:32,640
classified like in types of
637
00:21:30,159 --> 00:21:34,240
types according to the goal or function
638
00:21:32,640 --> 00:21:38,880
they perform actually
639
00:21:34,240 --> 00:21:38,880
okay so it can be your preventive
640
00:21:39,200 --> 00:21:45,120
it can be a preventive exactly right
641
00:21:44,320 --> 00:21:47,679
what do you understand about the
642
00:21:45,120 --> 00:21:49,360
preventive so this control acts to
643
00:21:47,679 --> 00:21:52,400
eliminate or reduce the
644
00:21:49,360 --> 00:21:55,919
likelihood that an attack can succeed
645
00:21:52,400 --> 00:21:57,919
isn't it so a preventive
646
00:21:55,919 --> 00:21:59,280
or you can say the preventative control
647
00:21:57,919 --> 00:22:01,760
operates before an
648
00:21:59,280 --> 00:22:03,679
attack can take place right you can like
649
00:22:01,760 --> 00:22:05,679
like your access control list right
650
00:22:03,679 --> 00:22:07,600
configured on your firewalls isn't it
651
00:22:05,679 --> 00:22:09,840
and i like your file systems objects of
652
00:22:07,600 --> 00:22:11,919
your preventative type controls
653
00:22:09,840 --> 00:22:13,280
right and there is a detective or sorry
654
00:22:11,919 --> 00:22:16,480
detective as you mentioned what do you
655
00:22:13,280 --> 00:22:16,480
understand about the term detective
656
00:22:18,480 --> 00:22:24,880
so this control may not prevent access
657
00:22:21,600 --> 00:22:28,240
okay but it will identify and record
658
00:22:24,880 --> 00:22:31,520
any attempted or successful intrusion
659
00:22:28,240 --> 00:22:34,720
right so a detective control operates
660
00:22:31,520 --> 00:22:37,200
during the progress of an attack okay
661
00:22:34,720 --> 00:22:38,799
so pretty much good example for that
662
00:22:37,200 --> 00:22:41,520
would be on logs isn't it
663
00:22:38,799 --> 00:22:42,240
logs provide one of the best example for
664
00:22:41,520 --> 00:22:45,360
your
665
00:22:42,240 --> 00:22:49,280
detective type controls right
666
00:22:45,360 --> 00:22:49,280
then guys we have one more which is your
667
00:22:49,760 --> 00:22:53,440
corrective so what do you understand
668
00:22:51,840 --> 00:22:56,559
with the term corrective
669
00:22:53,440 --> 00:22:58,080
so this control acts to eliminate or
670
00:22:56,559 --> 00:23:00,480
reduce the impact
671
00:22:58,080 --> 00:23:02,640
of an inclusion event so a corrective
672
00:23:00,480 --> 00:23:05,280
control is used
673
00:23:02,640 --> 00:23:05,840
after an attack right a good example is
674
00:23:05,280 --> 00:23:07,600
a
675
00:23:05,840 --> 00:23:10,240
backup system isn't it that can restore
676
00:23:07,600 --> 00:23:12,640
data that was damaged during an
677
00:23:10,240 --> 00:23:13,600
intrusion right and there are like few
678
00:23:12,640 --> 00:23:15,280
other types
679
00:23:13,600 --> 00:23:16,720
also guys like that can be used to
680
00:23:15,280 --> 00:23:18,799
define other cases over here
681
00:23:16,720 --> 00:23:20,159
regarding the security control one is
682
00:23:18,799 --> 00:23:24,159
your pretty much
683
00:23:20,159 --> 00:23:24,159
physically right the physical one
684
00:23:26,880 --> 00:23:31,120
in physical what you can put over here
685
00:23:29,600 --> 00:23:34,640
like controls regarding your
686
00:23:31,120 --> 00:23:35,520
like physical inclusion but ccd camera
687
00:23:34,640 --> 00:23:38,559
perfect
688
00:23:35,520 --> 00:23:39,679
anything else guys barrier doors all
689
00:23:38,559 --> 00:23:42,799
right
690
00:23:39,679 --> 00:23:45,919
fences perfect locks
691
00:23:42,799 --> 00:23:48,720
great security guard awesome
692
00:23:45,919 --> 00:23:50,720
perfect swipe card all right okay so
693
00:23:48,720 --> 00:23:52,000
controls as you already have mentioned a
694
00:23:50,720 --> 00:23:52,559
lot of examples right there are the
695
00:23:52,000 --> 00:23:55,120
pretty
696
00:23:52,559 --> 00:23:57,440
good ones so a control such as your
697
00:23:55,120 --> 00:24:00,559
alarms your gateways
698
00:23:57,440 --> 00:24:01,760
locks lighting right your security
699
00:24:00,559 --> 00:24:04,720
cameras
700
00:24:01,760 --> 00:24:05,760
and your guards right that deter and
701
00:24:04,720 --> 00:24:09,279
detect
702
00:24:05,760 --> 00:24:11,600
accesses to premises right and hardware
703
00:24:09,279 --> 00:24:12,640
so that's a physical security control
704
00:24:11,600 --> 00:24:14,240
then you have
705
00:24:12,640 --> 00:24:16,400
i believe one of you have mentioned the
706
00:24:14,240 --> 00:24:21,360
deterrent before
707
00:24:16,400 --> 00:24:21,360
right so what is in your data right guys
708
00:24:23,200 --> 00:24:28,080
perfect so in detroit to discourage
709
00:24:26,720 --> 00:24:31,600
people from doing things
710
00:24:28,080 --> 00:24:33,200
all right okay like cctv camera
711
00:24:31,600 --> 00:24:34,720
system camera as we mentioned so it
712
00:24:33,200 --> 00:24:36,960
would be like in your physical one right
713
00:24:34,720 --> 00:24:38,960
like the control like you can say may
714
00:24:36,960 --> 00:24:39,919
not physically or logically prevent the
715
00:24:38,960 --> 00:24:42,960
access but
716
00:24:39,919 --> 00:24:43,919
it controls psychologically isn't it it
717
00:24:42,960 --> 00:24:46,240
discourages
718
00:24:43,919 --> 00:24:47,039
an attacker from attempting any
719
00:24:46,240 --> 00:24:49,039
intrusion
720
00:24:47,039 --> 00:24:50,880
right as you mentioned perfect the sign
721
00:24:49,039 --> 00:24:53,360
boos it includes sign boards and
722
00:24:50,880 --> 00:24:55,279
warnings of legal penalties correct
723
00:24:53,360 --> 00:24:57,360
uh if you're like trust uh trust uh
724
00:24:55,279 --> 00:24:58,960
trespassing any or trying to
725
00:24:57,360 --> 00:25:01,120
make an intrusion into an organization
726
00:24:58,960 --> 00:25:03,200
or in the premises they're like science
727
00:25:01,120 --> 00:25:05,039
uh or like science uh like taking a very
728
00:25:03,200 --> 00:25:07,440
basic example is as you mentioned
729
00:25:05,039 --> 00:25:08,480
be aware of dogs right so it
730
00:25:07,440 --> 00:25:11,440
psychologically
731
00:25:08,480 --> 00:25:12,000
uh discourages that particular threat
732
00:25:11,440 --> 00:25:14,720
actor
733
00:25:12,000 --> 00:25:15,919
protector as in the hacker or any any
734
00:25:14,720 --> 00:25:17,279
malicious person
735
00:25:15,919 --> 00:25:19,440
going on over there right who is trying
736
00:25:17,279 --> 00:25:21,520
to do any sort of a
737
00:25:19,440 --> 00:25:22,960
activity which can harm us right so we
738
00:25:21,520 --> 00:25:25,760
put out these
739
00:25:22,960 --> 00:25:26,080
signs which can like play around with
740
00:25:25,760 --> 00:25:28,240
them
741
00:25:26,080 --> 00:25:29,919
mentally right so these are not
742
00:25:28,240 --> 00:25:31,520
physically or logically they are like
743
00:25:29,919 --> 00:25:33,440
more of your
744
00:25:31,520 --> 00:25:35,840
psychological right so it
745
00:25:33,440 --> 00:25:36,640
psychologically discourages an attacker
746
00:25:35,840 --> 00:25:40,159
from
747
00:25:36,640 --> 00:25:44,720
attempting an intrusion correct
748
00:25:40,159 --> 00:25:44,720
then we have compensating
749
00:25:45,679 --> 00:25:48,880
so what do you understand by the term
750
00:25:46,880 --> 00:25:51,840
compensating eyes so
751
00:25:48,880 --> 00:25:52,240
the control this control right it serve
752
00:25:51,840 --> 00:25:55,679
as a
753
00:25:52,240 --> 00:25:57,039
substitute for a like main control or
754
00:25:55,679 --> 00:26:00,159
the principal control right
755
00:25:57,039 --> 00:26:02,000
and efforts like the same or better even
756
00:26:00,159 --> 00:26:04,559
the better level of protection
757
00:26:02,000 --> 00:26:05,840
but it uses a different methodology or
758
00:26:04,559 --> 00:26:08,320
technology you can see
759
00:26:05,840 --> 00:26:10,240
isn't it so a single employee has the
760
00:26:08,320 --> 00:26:12,240
duties of accepting cash payments
761
00:26:10,240 --> 00:26:14,000
let's say right for example a single
762
00:26:12,240 --> 00:26:15,120
employee has the duties of accepting
763
00:26:14,000 --> 00:26:17,200
cash payments
764
00:26:15,120 --> 00:26:19,600
recording the deposit and like
765
00:26:17,200 --> 00:26:20,320
reconciling the monthly financial report
766
00:26:19,600 --> 00:26:21,840
or like
767
00:26:20,320 --> 00:26:24,880
making the settlement of all those
768
00:26:21,840 --> 00:26:27,360
reports so to prevent
769
00:26:24,880 --> 00:26:28,320
arrows and or like all those sort of
770
00:26:27,360 --> 00:26:31,360
frauds
771
00:26:28,320 --> 00:26:34,720
additional oversight is required right
772
00:26:31,360 --> 00:26:37,919
this means we need a compensating
773
00:26:34,720 --> 00:26:38,640
control such as the leader we can put up
774
00:26:37,919 --> 00:26:41,520
over there
775
00:26:38,640 --> 00:26:42,799
right up like who can perform a review
776
00:26:41,520 --> 00:26:44,400
of those settlements or
777
00:26:42,799 --> 00:26:46,000
another unit who is performing the
778
00:26:44,400 --> 00:26:46,880
settlement instead of like of that
779
00:26:46,000 --> 00:26:48,799
single employer
780
00:26:46,880 --> 00:26:50,240
correct so we can put up an alternate or
781
00:26:48,799 --> 00:26:53,039
you can say the substitute which
782
00:26:50,240 --> 00:26:53,919
might be giving the same or the better
783
00:26:53,039 --> 00:26:56,640
level of a
784
00:26:53,919 --> 00:26:57,760
protections right and might be using
785
00:26:56,640 --> 00:26:59,760
different methodology or
786
00:26:57,760 --> 00:27:01,120
methodology or technology or those
787
00:26:59,760 --> 00:27:02,400
technique but
788
00:27:01,120 --> 00:27:04,240
it will be just like a compensating
789
00:27:02,400 --> 00:27:05,120
which can give you the better control
790
00:27:04,240 --> 00:27:06,880
out there
791
00:27:05,120 --> 00:27:08,320
right so since we are talking about
792
00:27:06,880 --> 00:27:10,480
these things guys
793
00:27:08,320 --> 00:27:11,360
right so security control and uh
794
00:27:10,480 --> 00:27:13,360
everything
795
00:27:11,360 --> 00:27:14,480
so they are always we are dealing with
796
00:27:13,360 --> 00:27:17,760
vulnerabilities
797
00:27:14,480 --> 00:27:17,760
threat and risk isn't it
798
00:27:17,919 --> 00:27:21,200
so we are always dealing with the
799
00:27:19,520 --> 00:27:24,720
vulnerability threat
800
00:27:21,200 --> 00:27:26,480
and risk correct so talking about them
801
00:27:24,720 --> 00:27:29,120
one by one guys what do you understand
802
00:27:26,480 --> 00:27:32,399
by the term vulnerability
803
00:27:29,120 --> 00:27:35,039
perfect like a flaw isn't it if you talk
804
00:27:32,399 --> 00:27:38,240
about the vulnerability it can be a
805
00:27:35,039 --> 00:27:41,200
flaw am i right right all right
806
00:27:38,240 --> 00:27:42,960
so any flaw or any sort of a weaknesses
807
00:27:41,200 --> 00:27:44,399
we know or we call them as a
808
00:27:42,960 --> 00:27:46,320
vulnerability right any sort of a
809
00:27:44,399 --> 00:27:48,960
weakness or flow in your network
810
00:27:46,320 --> 00:27:50,480
right uh that could be like triggered
811
00:27:48,960 --> 00:27:53,600
accidentally or which can be
812
00:27:50,480 --> 00:27:55,919
exploited right by or any
813
00:27:53,600 --> 00:27:56,880
attacker like it can be intentionally to
814
00:27:55,919 --> 00:27:58,880
cause a
815
00:27:56,880 --> 00:28:00,159
security breach right that's your
816
00:27:58,880 --> 00:28:03,679
vulnerability for you
817
00:28:00,159 --> 00:28:05,760
isn't it correct so those are
818
00:28:03,679 --> 00:28:07,360
vulnerabilities what do you understand
819
00:28:05,760 --> 00:28:10,640
by the term guys uh
820
00:28:07,360 --> 00:28:13,919
next one is risk
821
00:28:10,640 --> 00:28:14,960
so basically in general way we can put
822
00:28:13,919 --> 00:28:17,919
out your risk
823
00:28:14,960 --> 00:28:18,240
as like the possibility of occurring of
824
00:28:17,919 --> 00:28:21,120
an
825
00:28:18,240 --> 00:28:21,840
incident it may happen or it may not
826
00:28:21,120 --> 00:28:23,760
isn't it
827
00:28:21,840 --> 00:28:25,679
but let's say if i'm holding a glass of
828
00:28:23,760 --> 00:28:29,279
water over my laptop guys
829
00:28:25,679 --> 00:28:30,960
right it may spill it may not isn't it
830
00:28:29,279 --> 00:28:32,720
correct so going with the terminology
831
00:28:30,960 --> 00:28:34,640
like if like proper definition it's like
832
00:28:32,720 --> 00:28:36,320
the likelihood and impact
833
00:28:34,640 --> 00:28:38,159
or you can say the consequence of a
834
00:28:36,320 --> 00:28:41,440
threat actor
835
00:28:38,159 --> 00:28:43,120
exploiting a vulnerability right
836
00:28:41,440 --> 00:28:45,200
so to assess risk you identify a
837
00:28:43,120 --> 00:28:47,039
vulnerability and then evaluate the
838
00:28:45,200 --> 00:28:48,399
likelihood of it right of it being
839
00:28:47,039 --> 00:28:50,799
exploited by a threat
840
00:28:48,399 --> 00:28:51,840
and the impact that is successful
841
00:28:50,799 --> 00:28:54,159
exploit
842
00:28:51,840 --> 00:28:55,760
you could have over there isn't it so
843
00:28:54,159 --> 00:28:58,000
moreover when we talk about
844
00:28:55,760 --> 00:28:59,279
a risk guys this this can be positive or
845
00:28:58,000 --> 00:29:02,000
negative isn't it
846
00:28:59,279 --> 00:29:04,320
if i take an example bug bounties by
847
00:29:02,000 --> 00:29:07,200
companies role how can it be like a
848
00:29:04,320 --> 00:29:08,399
risk like how can be outcome of positive
849
00:29:07,200 --> 00:29:10,720
or negative
850
00:29:08,399 --> 00:29:12,480
okay we'll discuss later on but moreover
851
00:29:10,720 --> 00:29:12,960
just let me take you the example which i
852
00:29:12,480 --> 00:29:15,039
have
853
00:29:12,960 --> 00:29:16,159
it can be like you put up something in
854
00:29:15,039 --> 00:29:17,840
the share market right
855
00:29:16,159 --> 00:29:19,520
if the share goes up you you are doing
856
00:29:17,840 --> 00:29:20,159
in the rest basis right the share goes
857
00:29:19,520 --> 00:29:22,240
up
858
00:29:20,159 --> 00:29:24,399
correct all right you have a positive
859
00:29:22,240 --> 00:29:26,159
outcome if it goes down you have a
860
00:29:24,399 --> 00:29:28,320
negative outcome of that isn't it so
861
00:29:26,159 --> 00:29:31,919
that's a risk we are playing over there
862
00:29:28,320 --> 00:29:33,600
right perfect so then we have
863
00:29:31,919 --> 00:29:36,320
which brings us to our next one which is
864
00:29:33,600 --> 00:29:37,520
your thread
865
00:29:36,320 --> 00:29:40,880
so what do you understand with the term
866
00:29:37,520 --> 00:29:44,480
thread guys so threat is something
867
00:29:40,880 --> 00:29:45,120
that can harm your asset in a manner
868
00:29:44,480 --> 00:29:48,880
right
869
00:29:45,120 --> 00:29:52,399
so these threat is the potential
870
00:29:48,880 --> 00:29:55,039
for someone or something to exploit a
871
00:29:52,399 --> 00:29:55,840
vulnerability isn't it a threat maybe
872
00:29:55,039 --> 00:29:58,480
you're
873
00:29:55,840 --> 00:29:59,600
intentional or unintentional right the
874
00:29:58,480 --> 00:30:02,720
person
875
00:29:59,600 --> 00:30:03,679
or the thing that poses the threat it is
876
00:30:02,720 --> 00:30:06,640
called your
877
00:30:03,679 --> 00:30:07,200
threat actor or you can say a threat
878
00:30:06,640 --> 00:30:10,240
agent
879
00:30:07,200 --> 00:30:13,360
right okay the person
880
00:30:10,240 --> 00:30:16,240
or thing that poses the threat
881
00:30:13,360 --> 00:30:16,240
is called as your
882
00:30:17,440 --> 00:30:23,840
threat actor
883
00:30:20,559 --> 00:30:25,520
or your threat agent people call it with
884
00:30:23,840 --> 00:30:26,320
various name like a malicious actor you
885
00:30:25,520 --> 00:30:30,000
can say
886
00:30:26,320 --> 00:30:33,039
right and all those things correct
887
00:30:30,000 --> 00:30:33,840
so i and the path right a path or the
888
00:30:33,039 --> 00:30:37,279
tool
889
00:30:33,840 --> 00:30:40,880
used by your malicious threat actor
890
00:30:37,279 --> 00:30:40,880
can be referred as your
891
00:30:42,960 --> 00:30:45,360
attack
892
00:30:46,159 --> 00:30:52,640
vector right that's a thread for you
893
00:30:50,480 --> 00:30:54,399
so since we are talking about threat and
894
00:30:52,640 --> 00:30:57,600
threat actors right
895
00:30:54,399 --> 00:30:59,519
which brings us to our next thing our
896
00:30:57,600 --> 00:31:02,640
next slide which is your
897
00:30:59,519 --> 00:31:04,159
threat actors right isn't it
898
00:31:02,640 --> 00:31:06,240
so if you talk about trajectories you
899
00:31:04,159 --> 00:31:09,519
can say uh you can see pretty much of a
900
00:31:06,240 --> 00:31:11,120
good list out here right so your nation
901
00:31:09,519 --> 00:31:13,679
states cyber criminals
902
00:31:11,120 --> 00:31:14,480
activists terrorist groups thrill
903
00:31:13,679 --> 00:31:16,960
seekers
904
00:31:14,480 --> 00:31:19,120
incited threats isn't it so national
905
00:31:16,960 --> 00:31:19,600
states are like a jeopard political one
906
00:31:19,120 --> 00:31:21,039
the
907
00:31:19,600 --> 00:31:23,039
government provided one right you can
908
00:31:21,039 --> 00:31:26,000
say them as a state
909
00:31:23,039 --> 00:31:27,120
based also isn't it like state sponsored
910
00:31:26,000 --> 00:31:28,880
you can say that
911
00:31:27,120 --> 00:31:30,480
right cyber criminal uh criminals they
912
00:31:28,880 --> 00:31:32,960
have a motivation of a profit
913
00:31:30,480 --> 00:31:33,760
right they go for the profit scenarios
914
00:31:32,960 --> 00:31:36,399
and they
915
00:31:33,760 --> 00:31:37,360
do this cyber attacks over there right
916
00:31:36,399 --> 00:31:39,360
then we have this
917
00:31:37,360 --> 00:31:41,440
hacktivist what do you understand by the
918
00:31:39,360 --> 00:31:44,840
hacktivist guys
919
00:31:41,440 --> 00:31:46,080
as it says motivation is ideological
920
00:31:44,840 --> 00:31:48,080
right
921
00:31:46,080 --> 00:31:49,200
so we can say them like they are like
922
00:31:48,080 --> 00:31:52,320
anonymous
923
00:31:49,200 --> 00:31:54,000
like other common you can say set up by
924
00:31:52,320 --> 00:31:56,720
example for that the activist
925
00:31:54,000 --> 00:31:58,159
right it's a group of attackers or these
926
00:31:56,720 --> 00:32:00,399
activists you can say
927
00:31:58,159 --> 00:32:02,240
so they they hack you can say they have
928
00:32:00,399 --> 00:32:04,480
for an agenda right you can divide this
929
00:32:02,240 --> 00:32:06,000
or terminology into two words like hack
930
00:32:04,480 --> 00:32:09,200
plus activist
931
00:32:06,000 --> 00:32:10,240
correct so they hack for an agenda it
932
00:32:09,200 --> 00:32:12,399
can be like
933
00:32:10,240 --> 00:32:14,080
any any for any purpose right it can be
934
00:32:12,399 --> 00:32:17,840
ideological in terms of like
935
00:32:14,080 --> 00:32:19,519
uh to support the humans out there like
936
00:32:17,840 --> 00:32:20,880
turning like against the government and
937
00:32:19,519 --> 00:32:22,799
all those things so they have this
938
00:32:20,880 --> 00:32:24,480
agenda political gender you can say
939
00:32:22,799 --> 00:32:25,840
and they perform those attacks regarding
940
00:32:24,480 --> 00:32:27,840
that only so if you take an
941
00:32:25,840 --> 00:32:29,200
example of an anonymous group you guys
942
00:32:27,840 --> 00:32:32,320
might have remember this
943
00:32:29,200 --> 00:32:33,679
paris attack was there right so they
944
00:32:32,320 --> 00:32:36,559
help in finding a few
945
00:32:33,679 --> 00:32:37,600
much of details regarding the other isis
946
00:32:36,559 --> 00:32:40,240
party you can say right
947
00:32:37,600 --> 00:32:42,000
and this also happened a big one this
948
00:32:40,240 --> 00:32:44,640
black lives matter
949
00:32:42,000 --> 00:32:45,440
right so anonymous group were also there
950
00:32:44,640 --> 00:32:47,760
as a part of it
951
00:32:45,440 --> 00:32:49,760
right there what they did they got into
952
00:32:47,760 --> 00:32:52,000
the whole organization system that they
953
00:32:49,760 --> 00:32:54,000
uh leaked out few much useful
954
00:32:52,000 --> 00:32:55,039
information which they were hiding from
955
00:32:54,000 --> 00:32:58,000
the people
956
00:32:55,039 --> 00:32:59,519
right and they they like leaked all
957
00:32:58,000 --> 00:33:01,840
those footages which can be like
958
00:32:59,519 --> 00:33:02,960
seen by people out there and they can
959
00:33:01,840 --> 00:33:03,760
like see what the government are
960
00:33:02,960 --> 00:33:05,200
planning against
961
00:33:03,760 --> 00:33:06,320
right and all this sort of weight so
962
00:33:05,200 --> 00:33:07,519
anonymous you can take a very good
963
00:33:06,320 --> 00:33:10,799
example over there
964
00:33:07,519 --> 00:33:13,200
right so terrorist groups you can say uh
965
00:33:10,799 --> 00:33:14,320
always there are cyber uh this threat
966
00:33:13,200 --> 00:33:16,799
which is doing what
967
00:33:14,320 --> 00:33:18,880
it is like having a motivation of uh
968
00:33:16,799 --> 00:33:21,760
violence over there isn't it
969
00:33:18,880 --> 00:33:23,360
so they always deal with the loss of
970
00:33:21,760 --> 00:33:25,840
human life or say
971
00:33:23,360 --> 00:33:27,200
right so if i take an example for that
972
00:33:25,840 --> 00:33:29,760
if you guys have known about the
973
00:33:27,200 --> 00:33:30,640
stuxx net right so a malware was
974
00:33:29,760 --> 00:33:33,200
implemented
975
00:33:30,640 --> 00:33:34,720
almost compromised a nuclear power plant
976
00:33:33,200 --> 00:33:38,000
in iran
977
00:33:34,720 --> 00:33:40,799
so you can put up in the category of
978
00:33:38,000 --> 00:33:42,880
cipher terrorists right so insider
979
00:33:40,799 --> 00:33:45,039
threats any these things real secrets
980
00:33:42,880 --> 00:33:46,640
these sequels they always do for the
981
00:33:45,039 --> 00:33:48,559
exactly shaman attack perfect
982
00:33:46,640 --> 00:33:50,559
so thrill seekers they are always going
983
00:33:48,559 --> 00:33:53,679
for the satisfaction inside the threads
984
00:33:50,559 --> 00:33:56,799
we'll be talking about it later on so
985
00:33:53,679 --> 00:33:59,200
continuing this thing right we have some
986
00:33:56,799 --> 00:34:00,320
other types of it as well so we can look
987
00:33:59,200 --> 00:34:02,880
over here
988
00:34:00,320 --> 00:34:04,240
hackers script kitties and hack device
989
00:34:02,880 --> 00:34:05,039
activities we have already discussed
990
00:34:04,240 --> 00:34:08,159
right
991
00:34:05,039 --> 00:34:10,320
so if you talk about these hackers right
992
00:34:08,159 --> 00:34:12,079
so we have these three type of hackers
993
00:34:10,320 --> 00:34:13,599
right and if you talk about a hacker you
994
00:34:12,079 --> 00:34:14,879
know hacker is someone who has a sound
995
00:34:13,599 --> 00:34:16,079
knowledge of computer and system
996
00:34:14,879 --> 00:34:18,000
administration
997
00:34:16,079 --> 00:34:19,839
right so he has a good knowledge
998
00:34:18,000 --> 00:34:21,119
regarding the hardwares as well as the
999
00:34:19,839 --> 00:34:24,159
networking part
1000
00:34:21,119 --> 00:34:25,280
right and like he's sufficient
1001
00:34:24,159 --> 00:34:27,440
having sufficient amount of knowledge
1002
00:34:25,280 --> 00:34:30,879
regarding all those tools so requires to
1003
00:34:27,440 --> 00:34:33,919
do those attacks right perfect bro d3
1004
00:34:30,879 --> 00:34:36,879
categories in hackers blackhead
1005
00:34:33,919 --> 00:34:37,839
greyhead and whitehead so what do you
1006
00:34:36,879 --> 00:34:40,560
understand by the term
1007
00:34:37,839 --> 00:34:42,000
blackhead hackers guys so we can
1008
00:34:40,560 --> 00:34:45,280
collectively say
1009
00:34:42,000 --> 00:34:48,560
a guy is having malicious intent and
1010
00:34:45,280 --> 00:34:50,960
those who hack for personal benefits
1011
00:34:48,560 --> 00:34:53,760
right guys having malicious intent and
1012
00:34:50,960 --> 00:34:56,000
those who hack for the person's benefits
1013
00:34:53,760 --> 00:34:57,920
we can like put them into the category
1014
00:34:56,000 --> 00:35:00,320
of black hat hacker
1015
00:34:57,920 --> 00:35:01,760
isn't it so guys these black hat gray
1016
00:35:00,320 --> 00:35:02,000
hat white head i as we have mentioned
1017
00:35:01,760 --> 00:35:03,760
right
1018
00:35:02,000 --> 00:35:05,200
they have a pretty much good sound
1019
00:35:03,760 --> 00:35:07,119
knowledge regarding the
1020
00:35:05,200 --> 00:35:08,400
whole computer and system right and the
1021
00:35:07,119 --> 00:35:11,119
whole network
1022
00:35:08,400 --> 00:35:13,040
so this gray hat as well what do you
1023
00:35:11,119 --> 00:35:15,119
understand by the gray hat guys
1024
00:35:13,040 --> 00:35:16,720
so you can see the moment they see an
1025
00:35:15,119 --> 00:35:18,000
opportunity right they shift towards it
1026
00:35:16,720 --> 00:35:19,760
you can see in that way
1027
00:35:18,000 --> 00:35:21,119
uh basically let's take an example
1028
00:35:19,760 --> 00:35:22,640
regarding greyhead hacker let's say
1029
00:35:21,119 --> 00:35:24,640
there is a hacker
1030
00:35:22,640 --> 00:35:26,320
was just going through a let's say an
1031
00:35:24,640 --> 00:35:28,400
organization their server
1032
00:35:26,320 --> 00:35:30,160
right and and he was able to find a
1033
00:35:28,400 --> 00:35:30,480
vulnerability or you can see a bug in
1034
00:35:30,160 --> 00:35:33,599
that
1035
00:35:30,480 --> 00:35:35,599
okay so what he did he went to that uh
1036
00:35:33,599 --> 00:35:38,640
organization or to the person
1037
00:35:35,599 --> 00:35:40,160
who is like taking uh who's in charge of
1038
00:35:38,640 --> 00:35:42,240
all these reporting and everything
1039
00:35:40,160 --> 00:35:44,240
he went there he mentioned over there
1040
00:35:42,240 --> 00:35:46,400
okay i was able to find out a bug in
1041
00:35:44,240 --> 00:35:48,800
your server or in your network
1042
00:35:46,400 --> 00:35:49,520
now uh i will tell you about the bug if
1043
00:35:48,800 --> 00:35:51,520
you
1044
00:35:49,520 --> 00:35:53,359
pay me for that right you can let's say
1045
00:35:51,520 --> 00:35:54,480
uh like not a bug boundary program but
1046
00:35:53,359 --> 00:35:56,240
he needs some
1047
00:35:54,480 --> 00:35:57,760
some amount regarding that telling about
1048
00:35:56,240 --> 00:35:59,359
those bugs and all those things so
1049
00:35:57,760 --> 00:36:02,480
basically he has a very
1050
00:35:59,359 --> 00:36:04,000
good intention not to exploit it not not
1051
00:36:02,480 --> 00:36:05,520
to take up the control of all those
1052
00:36:04,000 --> 00:36:07,839
organization and try to
1053
00:36:05,520 --> 00:36:08,640
make any a negative effect out of it
1054
00:36:07,839 --> 00:36:10,160
right
1055
00:36:08,640 --> 00:36:11,599
so person what he's doing uh like he
1056
00:36:10,160 --> 00:36:13,280
went to the organization of the person
1057
00:36:11,599 --> 00:36:14,720
who is in charge of it he reported over
1058
00:36:13,280 --> 00:36:16,960
there okay i found a bug in here
1059
00:36:14,720 --> 00:36:19,119
on the server in your network so i want
1060
00:36:16,960 --> 00:36:20,960
to like a repair like a price money for
1061
00:36:19,119 --> 00:36:23,040
that right a small amount
1062
00:36:20,960 --> 00:36:24,640
but but the person over there he he
1063
00:36:23,040 --> 00:36:26,480
denied for it he said okay
1064
00:36:24,640 --> 00:36:27,680
we won't be paying for you or we won't
1065
00:36:26,480 --> 00:36:29,920
be paying you for that
1066
00:36:27,680 --> 00:36:30,720
particular thing so now what he did he
1067
00:36:29,920 --> 00:36:33,280
went to the
1068
00:36:30,720 --> 00:36:35,760
yeah dark net right the dark night here
1069
00:36:33,280 --> 00:36:37,599
dark web and he
1070
00:36:35,760 --> 00:36:39,040
released all those information all those
1071
00:36:37,599 --> 00:36:40,320
bugs over there and you know
1072
00:36:39,040 --> 00:36:42,240
everything over the dark knight has a
1073
00:36:40,320 --> 00:36:43,200
price right for a for each and
1074
00:36:42,240 --> 00:36:46,480
everything
1075
00:36:43,200 --> 00:36:48,240
it has a price correct so he sell out
1076
00:36:46,480 --> 00:36:49,599
things over there so it can be like an
1077
00:36:48,240 --> 00:36:51,680
opportunity over there like he found
1078
00:36:49,599 --> 00:36:53,680
about him he can sell over there he was
1079
00:36:51,680 --> 00:36:55,200
getting a like good amount from there so
1080
00:36:53,680 --> 00:36:57,599
he gave all those
1081
00:36:55,200 --> 00:36:59,040
details over the dark way that's what's
1082
00:36:57,599 --> 00:37:01,520
your gray hair hacker
1083
00:36:59,040 --> 00:37:02,960
then what's up white hat hacker guys the
1084
00:37:01,520 --> 00:37:05,280
one who performs
1085
00:37:02,960 --> 00:37:06,160
uh all these activity with permission of
1086
00:37:05,280 --> 00:37:09,680
pen tester
1087
00:37:06,160 --> 00:37:12,800
perfect sample right so what they do
1088
00:37:09,680 --> 00:37:14,640
they go by the rules or the books
1089
00:37:12,800 --> 00:37:16,000
isn't it right so as we are talking
1090
00:37:14,640 --> 00:37:17,040
about the fantastic right so you might
1091
00:37:16,000 --> 00:37:18,560
have seen this
1092
00:37:17,040 --> 00:37:20,320
fantast programs or over there all those
1093
00:37:18,560 --> 00:37:21,520
certifications if anyone is interested
1094
00:37:20,320 --> 00:37:24,240
since we brought it up
1095
00:37:21,520 --> 00:37:25,119
it's a pretty much good feel to go out
1096
00:37:24,240 --> 00:37:27,359
if you're more
1097
00:37:25,119 --> 00:37:28,320
inclined towards this attacking
1098
00:37:27,359 --> 00:37:31,599
situation or
1099
00:37:28,320 --> 00:37:33,359
all these sides right so what they do
1100
00:37:31,599 --> 00:37:35,599
like if you talk about the fantasy and
1101
00:37:33,359 --> 00:37:37,200
everything so first of all they they
1102
00:37:35,599 --> 00:37:37,839
found all those vulnerabilities all
1103
00:37:37,200 --> 00:37:39,359
those
1104
00:37:37,839 --> 00:37:41,359
loopholes which are they are signed for
1105
00:37:39,359 --> 00:37:43,599
they go by the book right so organize
1106
00:37:41,359 --> 00:37:45,599
the organization they hire a pen test
1107
00:37:43,599 --> 00:37:46,640
fantastic so you can say right they hire
1108
00:37:45,599 --> 00:37:48,560
a fantastic
1109
00:37:46,640 --> 00:37:50,880
they set up some rules you can say or
1110
00:37:48,560 --> 00:37:52,640
like a scoping thing right uh
1111
00:37:50,880 --> 00:37:54,160
planning and scoping is in the very
1112
00:37:52,640 --> 00:37:57,520
initial stage
1113
00:37:54,160 --> 00:37:59,200
for this your pen testing right the very
1114
00:37:57,520 --> 00:38:01,520
first phase planning and scoping
1115
00:37:59,200 --> 00:38:03,119
so you go with the organization you come
1116
00:38:01,520 --> 00:38:04,079
up in a deal you plan and scope all
1117
00:38:03,119 --> 00:38:06,880
those scenarios
1118
00:38:04,079 --> 00:38:08,320
right when you can do the pen testing
1119
00:38:06,880 --> 00:38:09,359
which sort of a server is allowed to do
1120
00:38:08,320 --> 00:38:11,920
pen testing
1121
00:38:09,359 --> 00:38:12,480
at what time i can do the pen testing
1122
00:38:11,920 --> 00:38:14,960
right and
1123
00:38:12,480 --> 00:38:16,960
like what all techniques i can use like
1124
00:38:14,960 --> 00:38:20,480
it will will it be the black box
1125
00:38:16,960 --> 00:38:22,240
white box gray box right and like huh
1126
00:38:20,480 --> 00:38:24,320
can i perform social engineering attacks
1127
00:38:22,240 --> 00:38:26,000
or not right what are the key cards of
1128
00:38:24,320 --> 00:38:28,720
your organization so that i can like
1129
00:38:26,000 --> 00:38:29,680
like i cannot do fantastic at that time
1130
00:38:28,720 --> 00:38:32,400
or even
1131
00:38:29,680 --> 00:38:32,960
what day like i should do the pen test
1132
00:38:32,400 --> 00:38:34,560
right
1133
00:38:32,960 --> 00:38:36,800
which should it be monday at use or if
1134
00:38:34,560 --> 00:38:38,720
any any sort of specific days mentioned
1135
00:38:36,800 --> 00:38:39,440
for up and tester to do the pen testing
1136
00:38:38,720 --> 00:38:41,760
on the day
1137
00:38:39,440 --> 00:38:43,040
so planning and scoping is like defined
1138
00:38:41,760 --> 00:38:44,720
in such a way right
1139
00:38:43,040 --> 00:38:46,560
all those things are mentioned and all
1140
00:38:44,720 --> 00:38:47,920
your scopes and all those permissions
1141
00:38:46,560 --> 00:38:50,160
are mentioned over there
1142
00:38:47,920 --> 00:38:51,359
and then the new you perform you and
1143
00:38:50,160 --> 00:38:53,520
test right then you do
1144
00:38:51,359 --> 00:38:54,720
rest of the stuff that you're scanning
1145
00:38:53,520 --> 00:38:56,960
like enumeration
1146
00:38:54,720 --> 00:38:58,320
and taking advantage of uneven
1147
00:38:56,960 --> 00:38:59,119
vulnerabilities or exploits which are
1148
00:38:58,320 --> 00:39:01,520
found out
1149
00:38:59,119 --> 00:39:02,320
right so these are the jobs of a pen
1150
00:39:01,520 --> 00:39:05,040
tester right
1151
00:39:02,320 --> 00:39:06,960
but he goes by the rules right he
1152
00:39:05,040 --> 00:39:07,920
organization is up has appointed a pen
1153
00:39:06,960 --> 00:39:10,400
tester
1154
00:39:07,920 --> 00:39:10,960
he make a planning and scoping as i
1155
00:39:10,400 --> 00:39:13,359
mentioned
1156
00:39:10,960 --> 00:39:14,000
right so in that planning and scoping
1157
00:39:13,359 --> 00:39:15,920
everything
1158
00:39:14,000 --> 00:39:18,000
is clearly mentioned like all your
1159
00:39:15,920 --> 00:39:21,359
limits all your boundaries
1160
00:39:18,000 --> 00:39:24,079
are mentioned over there and you cannot
1161
00:39:21,359 --> 00:39:25,760
go around or go beyond those limitations
1162
00:39:24,079 --> 00:39:26,480
which are set up by the organization for
1163
00:39:25,760 --> 00:39:30,000
you
1164
00:39:26,480 --> 00:39:32,160
right so that's your white hat hacker
1165
00:39:30,000 --> 00:39:33,200
pen tester which go by the books and
1166
00:39:32,160 --> 00:39:36,000
they too are the
1167
00:39:33,200 --> 00:39:37,520
authorized one isn't it i hope that's
1168
00:39:36,000 --> 00:39:40,480
clear
1169
00:39:37,520 --> 00:39:42,640
so uh talking about these guys uh there
1170
00:39:40,480 --> 00:39:47,040
are few more as you have mentioned
1171
00:39:42,640 --> 00:39:47,040
just the script kitties
1172
00:39:48,160 --> 00:39:52,640
what do you understand about the term
1173
00:39:49,280 --> 00:39:52,640
guys script kiddies
1174
00:39:55,599 --> 00:40:00,000
so moreover we can classy them or
1175
00:39:57,440 --> 00:40:02,000
classify them up into a person who have
1176
00:40:00,000 --> 00:40:03,200
no knowledge but are like you can say a
1177
00:40:02,000 --> 00:40:05,040
curious mind
1178
00:40:03,200 --> 00:40:06,960
right under skilled one perfect but
1179
00:40:05,040 --> 00:40:08,000
those who are like a curious minds and
1180
00:40:06,960 --> 00:40:09,359
don't do have
1181
00:40:08,000 --> 00:40:10,960
much of a knowledge regarding these
1182
00:40:09,359 --> 00:40:11,599
things right like they don't or they
1183
00:40:10,960 --> 00:40:13,760
don't have
1184
00:40:11,599 --> 00:40:15,599
like specific knowledge regarding the
1185
00:40:13,760 --> 00:40:16,400
tools what tools and what sort of a
1186
00:40:15,599 --> 00:40:18,720
scripts
1187
00:40:16,400 --> 00:40:20,319
but to write and how to use the tools
1188
00:40:18,720 --> 00:40:21,119
they do just what they go through the
1189
00:40:20,319 --> 00:40:24,240
youtube
1190
00:40:21,119 --> 00:40:26,720
and they will just randomly like they
1191
00:40:24,240 --> 00:40:27,599
pick that script and try to run it that
1192
00:40:26,720 --> 00:40:29,760
doesn't know what
1193
00:40:27,599 --> 00:40:31,520
might be the outcome of it like they
1194
00:40:29,760 --> 00:40:33,200
know like what it be doing by watching
1195
00:40:31,520 --> 00:40:36,079
youtube but they don't know like
1196
00:40:33,200 --> 00:40:37,280
what each script what each particular
1197
00:40:36,079 --> 00:40:40,319
code
1198
00:40:37,280 --> 00:40:41,760
does over there right so he doesn't uh
1199
00:40:40,319 --> 00:40:43,760
give a thought regarding these scripts
1200
00:40:41,760 --> 00:40:45,680
but uh but he just use them you
1201
00:40:43,760 --> 00:40:47,119
utilize them so like you can say
1202
00:40:45,680 --> 00:40:48,800
scripted these are those who don't
1203
00:40:47,119 --> 00:40:50,640
have a much of a knowledge but they are
1204
00:40:48,800 --> 00:40:52,319
the curious mind right
1205
00:40:50,640 --> 00:40:54,560
like you can put up all those categories
1206
00:40:52,319 --> 00:40:56,720
those who want to like hack their
1207
00:40:54,560 --> 00:40:58,160
like girlfriend's instagram or all those
1208
00:40:56,720 --> 00:40:59,520
things how to do that they just go to
1209
00:40:58,160 --> 00:41:01,599
the youtube and try to
1210
00:40:59,520 --> 00:41:02,880
exploit it in that way right so you can
1211
00:41:01,599 --> 00:41:05,839
put it into
1212
00:41:02,880 --> 00:41:06,880
that particular section for your kitties
1213
00:41:05,839 --> 00:41:09,599
right
1214
00:41:06,880 --> 00:41:10,400
perfect then guys there is the one more
1215
00:41:09,599 --> 00:41:15,040
which goes
1216
00:41:10,400 --> 00:41:15,040
by the name suicide hackles
1217
00:41:17,440 --> 00:41:21,839
like how can you define a suicide hacker
1218
00:41:19,599 --> 00:41:21,839
guys
1219
00:41:23,520 --> 00:41:27,280
the one who knows what is the outcome of
1220
00:41:26,800 --> 00:41:29,520
it right
1221
00:41:27,280 --> 00:41:30,640
they know that there will be the bad
1222
00:41:29,520 --> 00:41:34,319
consequences
1223
00:41:30,640 --> 00:41:37,200
isn't it but still they make that call
1224
00:41:34,319 --> 00:41:38,400
isn't it they know let's say if someone
1225
00:41:37,200 --> 00:41:39,440
is hacking a facebook or something like
1226
00:41:38,400 --> 00:41:41,440
that they know okay
1227
00:41:39,440 --> 00:41:42,560
they'll be like a lifetime imprisonment
1228
00:41:41,440 --> 00:41:43,680
or something like that if you're trying
1229
00:41:42,560 --> 00:41:45,440
to steal a lot of
1230
00:41:43,680 --> 00:41:47,200
money from a bank account or something
1231
00:41:45,440 --> 00:41:48,160
like that they know the outcome right
1232
00:41:47,200 --> 00:41:50,560
they know everything
1233
00:41:48,160 --> 00:41:51,280
but still they are going for that thing
1234
00:41:50,560 --> 00:41:55,200
right they are
1235
00:41:51,280 --> 00:41:58,079
making that call so that's your suicide
1236
00:41:55,200 --> 00:41:58,640
hacker all right i hope that's clear to
1237
00:41:58,079 --> 00:42:01,119
everyone
1238
00:41:58,640 --> 00:42:02,640
so these are the bits regarding our fed
1239
00:42:01,119 --> 00:42:06,160
actors
1240
00:42:02,640 --> 00:42:09,440
right a few more which brings us to
1241
00:42:06,160 --> 00:42:11,440
attributes of threat actors
1242
00:42:09,440 --> 00:42:12,720
so we are talking about the attributes
1243
00:42:11,440 --> 00:42:16,000
of threat actors
1244
00:42:12,720 --> 00:42:18,240
they are internal external intent and
1245
00:42:16,000 --> 00:42:19,760
motivation so guys first of all what do
1246
00:42:18,240 --> 00:42:22,560
you understand by this term
1247
00:42:19,760 --> 00:42:23,760
internal threat actor so or you can say
1248
00:42:22,560 --> 00:42:26,720
an internal or
1249
00:42:23,760 --> 00:42:27,040
insider threat actor is one that has
1250
00:42:26,720 --> 00:42:29,359
been
1251
00:42:27,040 --> 00:42:30,160
granted permissions on the system isn't
1252
00:42:29,359 --> 00:42:31,920
it
1253
00:42:30,160 --> 00:42:33,839
so as you mentioned the example of it
1254
00:42:31,920 --> 00:42:37,599
it's a employee of the company
1255
00:42:33,839 --> 00:42:38,720
right perfect so uh we can like uh have
1256
00:42:37,599 --> 00:42:40,640
this malicious
1257
00:42:38,720 --> 00:42:43,359
insider threat as well right here like
1258
00:42:40,640 --> 00:42:44,000
your employees your contractors your
1259
00:42:43,359 --> 00:42:46,079
partners
1260
00:42:44,000 --> 00:42:47,520
you can classify them as well into your
1261
00:42:46,079 --> 00:42:51,680
internal threat
1262
00:42:47,520 --> 00:42:54,240
actors exactly yeah perfect exactly guys
1263
00:42:51,680 --> 00:42:55,280
then uh like we can also put above like
1264
00:42:54,240 --> 00:42:56,560
your internal
1265
00:42:55,280 --> 00:42:58,800
these threads can be like your
1266
00:42:56,560 --> 00:43:00,319
unintentional as well isn't it guys
1267
00:42:58,800 --> 00:43:01,440
intentional like you can put employees
1268
00:43:00,319 --> 00:43:03,359
and everything over there but
1269
00:43:01,440 --> 00:43:05,520
intentionals are also over there right
1270
00:43:03,359 --> 00:43:07,839
your unintentional
1271
00:43:05,520 --> 00:43:09,839
insider threat right so like weak
1272
00:43:07,839 --> 00:43:12,000
policies you can put it over there
1273
00:43:09,839 --> 00:43:14,079
like weak policies and procedures like
1274
00:43:12,000 --> 00:43:16,079
or even the lack of training
1275
00:43:14,079 --> 00:43:18,079
or to the employees or the security
1276
00:43:16,079 --> 00:43:20,160
awareness to them isn't it
1277
00:43:18,079 --> 00:43:22,400
like uh if i take a very good example of
1278
00:43:20,160 --> 00:43:25,119
that like if you are trying to
1279
00:43:22,400 --> 00:43:26,960
trying a phishing attack doesn't it so
1280
00:43:25,119 --> 00:43:27,520
obviously organization what they do they
1281
00:43:26,960 --> 00:43:29,440
they
1282
00:43:27,520 --> 00:43:30,800
give the training to their employees
1283
00:43:29,440 --> 00:43:32,079
regarding the fishing and everything to
1284
00:43:30,800 --> 00:43:35,040
make their awareness
1285
00:43:32,079 --> 00:43:36,000
right so if they're not providing a
1286
00:43:35,040 --> 00:43:38,240
sufficient
1287
00:43:36,000 --> 00:43:39,920
training or like not training their
1288
00:43:38,240 --> 00:43:41,359
employees regarding and making them
1289
00:43:39,920 --> 00:43:42,400
aware regarding all these sort of an
1290
00:43:41,359 --> 00:43:44,880
attacks
1291
00:43:42,400 --> 00:43:46,000
an attacker like can take an advantage
1292
00:43:44,880 --> 00:43:48,560
of that
1293
00:43:46,000 --> 00:43:51,440
am i right so these were like regarding
1294
00:43:48,560 --> 00:43:54,560
internal ones right then there is your
1295
00:43:51,440 --> 00:43:54,960
so external threat can be someone not
1296
00:43:54,560 --> 00:43:57,920
from
1297
00:43:54,960 --> 00:43:59,040
inside the organization but from the
1298
00:43:57,920 --> 00:44:01,839
outside right
1299
00:43:59,040 --> 00:44:02,880
that can enter to the security system of
1300
00:44:01,839 --> 00:44:05,680
the company
1301
00:44:02,880 --> 00:44:07,200
using malwares or any social engineering
1302
00:44:05,680 --> 00:44:10,480
attack right
1303
00:44:07,200 --> 00:44:13,680
exactly perfect so an external thread
1304
00:44:10,480 --> 00:44:14,560
actor has no account or he's not having
1305
00:44:13,680 --> 00:44:17,680
any authorized
1306
00:44:14,560 --> 00:44:19,520
access to the target system right that's
1307
00:44:17,680 --> 00:44:21,440
why he uses techniques
1308
00:44:19,520 --> 00:44:22,720
like malwares or social engineering
1309
00:44:21,440 --> 00:44:26,160
attacks to enter the
1310
00:44:22,720 --> 00:44:27,280
security system an external actor if you
1311
00:44:26,160 --> 00:44:29,920
talk about it right
1312
00:44:27,280 --> 00:44:30,400
he may get hands-on like security system
1313
00:44:29,920 --> 00:44:33,359
by
1314
00:44:30,400 --> 00:44:34,079
like doing an attack on like remotely or
1315
00:44:33,359 --> 00:44:36,319
either on the
1316
00:44:34,079 --> 00:44:37,440
premises right of like breaking up into
1317
00:44:36,319 --> 00:44:39,040
the headquarters by
1318
00:44:37,440 --> 00:44:40,720
bypassing all those fences and all those
1319
00:44:39,040 --> 00:44:42,960
things right so he cannot
1320
00:44:40,720 --> 00:44:44,000
attack either remotely or click on
1321
00:44:42,960 --> 00:44:46,240
premises
1322
00:44:44,000 --> 00:44:47,520
so it's make it very clear right so it
1323
00:44:46,240 --> 00:44:50,480
is a threat actor
1324
00:44:47,520 --> 00:44:51,119
that is defined as external not the
1325
00:44:50,480 --> 00:44:54,720
attacking
1326
00:44:51,119 --> 00:44:57,440
method he is using doesn't it that's a
1327
00:44:54,720 --> 00:44:58,160
actual thread actor for you right then
1328
00:44:57,440 --> 00:45:00,000
guys they have
1329
00:44:58,160 --> 00:45:02,240
intent and motivation what do you
1330
00:45:00,000 --> 00:45:06,400
understand by the intent guys
1331
00:45:02,240 --> 00:45:09,040
so intent means what the hacker is
1332
00:45:06,400 --> 00:45:09,680
hoping to get from the attack right
1333
00:45:09,040 --> 00:45:12,160
doesn't it
1334
00:45:09,680 --> 00:45:13,520
intent means what the attacker is hoping
1335
00:45:12,160 --> 00:45:15,200
to get from the
1336
00:45:13,520 --> 00:45:17,040
attack doesn't it and what's the
1337
00:45:15,200 --> 00:45:19,040
motivation guys
1338
00:45:17,040 --> 00:45:20,720
these are the attackers reason to
1339
00:45:19,040 --> 00:45:24,000
perform the attack isn't it
1340
00:45:20,720 --> 00:45:27,920
a malicious threat actor like
1341
00:45:24,000 --> 00:45:31,200
he can be motivated by greed
1342
00:45:27,920 --> 00:45:32,000
curiosity or some sort of grievances you
1343
00:45:31,200 --> 00:45:34,560
can say right
1344
00:45:32,000 --> 00:45:35,680
for instance exactly to gain money you
1345
00:45:34,560 --> 00:45:38,400
can say right
1346
00:45:35,680 --> 00:45:39,280
exactly right so like if you talk about
1347
00:45:38,400 --> 00:45:42,400
intention like
1348
00:45:39,280 --> 00:45:44,160
it would be like regarding to disrupt a
1349
00:45:42,400 --> 00:45:47,359
system or to steal some sort of
1350
00:45:44,160 --> 00:45:48,480
information out of it correct so
1351
00:45:47,359 --> 00:45:51,200
since we are talking about the threat
1352
00:45:48,480 --> 00:45:54,079
actors right we always have this
1353
00:45:51,200 --> 00:45:55,760
threat intelligence as an outcome of it
1354
00:45:54,079 --> 00:45:57,680
isn't it
1355
00:45:55,760 --> 00:45:59,200
so threat intelligence basically of
1356
00:45:57,680 --> 00:46:02,480
cyber threat intelligence is
1357
00:45:59,200 --> 00:46:05,680
information an organization
1358
00:46:02,480 --> 00:46:08,800
uses to understand the threats that have
1359
00:46:05,680 --> 00:46:11,760
like bill or are currently targeting the
1360
00:46:08,800 --> 00:46:13,440
organization right so this information
1361
00:46:11,760 --> 00:46:17,119
is used to prepare
1362
00:46:13,440 --> 00:46:19,359
prevent and identify cyber threats
1363
00:46:17,119 --> 00:46:20,800
right to like counter them or i'll
1364
00:46:19,359 --> 00:46:23,839
control all those adverse effects
1365
00:46:20,800 --> 00:46:25,440
isn't it so so these these are used to
1366
00:46:23,839 --> 00:46:28,480
prepare prevent and identify
1367
00:46:25,440 --> 00:46:31,839
cyber threats looking to take advantage
1368
00:46:28,480 --> 00:46:34,000
of valuable resources out there right
1369
00:46:31,839 --> 00:46:35,520
so over here as it is defined as we all
1370
00:46:34,000 --> 00:46:36,560
know the world of technology is growing
1371
00:46:35,520 --> 00:46:38,400
day by day
1372
00:46:36,560 --> 00:46:39,920
and so as the cyber attacks right so
1373
00:46:38,400 --> 00:46:42,960
threat intelligence
1374
00:46:39,920 --> 00:46:43,520
is the knowledge by which we can prevent
1375
00:46:42,960 --> 00:46:46,720
or
1376
00:46:43,520 --> 00:46:49,359
mitigate those attacks right
1377
00:46:46,720 --> 00:46:51,200
so guys if i say like if you are talking
1378
00:46:49,359 --> 00:46:52,960
about the intelligence right what's an
1379
00:46:51,200 --> 00:46:56,560
intelligence just define it so if i
1380
00:46:52,960 --> 00:47:00,480
write if i'm writing let's say
1381
00:46:56,560 --> 00:47:00,480
twenty three slash zero
1382
00:47:01,200 --> 00:47:08,079
zero five slash twenty twenty one
1383
00:47:04,319 --> 00:47:11,200
right twenty five slash zero five slash
1384
00:47:08,079 --> 00:47:15,520
twenty twenty one 20
1385
00:47:11,200 --> 00:47:20,000
8 0 5 20 21
1386
00:47:15,520 --> 00:47:22,160
let's say 2 0 6 slash 2021
1387
00:47:20,000 --> 00:47:24,000
and so on right first of all if i
1388
00:47:22,160 --> 00:47:27,200
mention these things
1389
00:47:24,000 --> 00:47:29,920
what are they for you they are just
1390
00:47:27,200 --> 00:47:30,720
dates isn't it right they're just dates
1391
00:47:29,920 --> 00:47:33,680
over here
1392
00:47:30,720 --> 00:47:35,520
not information yet not information yet
1393
00:47:33,680 --> 00:47:37,599
for now these are just a
1394
00:47:35,520 --> 00:47:39,839
data for us am i right they are just a
1395
00:47:37,599 --> 00:47:41,760
data yeah i am mentioning dates
1396
00:47:39,839 --> 00:47:43,760
which which are like a data for us for
1397
00:47:41,760 --> 00:47:47,440
now right but
1398
00:47:43,760 --> 00:47:47,440
if i write something like this
1399
00:47:47,599 --> 00:47:50,079
list of
1400
00:47:51,200 --> 00:47:55,119
holidays at the heading you can say or
1401
00:47:54,240 --> 00:47:58,160
the
1402
00:47:55,119 --> 00:48:01,040
title of it then you can say
1403
00:47:58,160 --> 00:48:03,520
exactly it's like an information right
1404
00:48:01,040 --> 00:48:06,160
correct it's a information exactly
1405
00:48:03,520 --> 00:48:07,680
perfect right so these are your
1406
00:48:06,160 --> 00:48:09,200
information isn't it
1407
00:48:07,680 --> 00:48:11,440
like it is giving now some sort of
1408
00:48:09,200 --> 00:48:14,319
information to us okay these days
1409
00:48:11,440 --> 00:48:14,880
are like your list of holidays for us
1410
00:48:14,319 --> 00:48:16,559
right
1411
00:48:14,880 --> 00:48:17,920
so these these are your list of holidays
1412
00:48:16,559 --> 00:48:18,720
it can be like a list of holidays over
1413
00:48:17,920 --> 00:48:22,400
here
1414
00:48:18,720 --> 00:48:26,240
but okay if i specify this
1415
00:48:22,400 --> 00:48:27,839
right and like if i specify this date
1416
00:48:26,240 --> 00:48:30,400
and like i'm planning to go to
1417
00:48:27,839 --> 00:48:31,599
somewhere out there not now since the
1418
00:48:30,400 --> 00:48:33,839
covert is over there
1419
00:48:31,599 --> 00:48:35,359
right but later on if there is a date
1420
00:48:33,839 --> 00:48:36,640
right and i'm planning to
1421
00:48:35,359 --> 00:48:38,319
like since the list of qualities are
1422
00:48:36,640 --> 00:48:40,000
mentioned i'm planning to go at a
1423
00:48:38,319 --> 00:48:42,160
particular location or any place
1424
00:48:40,000 --> 00:48:44,880
right on these mentioned dates right
1425
00:48:42,160 --> 00:48:44,880
that can be a
1426
00:48:44,960 --> 00:48:50,559
intelligence reason being
1427
00:48:48,079 --> 00:48:52,160
we are doing what we are making the
1428
00:48:50,559 --> 00:48:53,760
decisions out here we are making the
1429
00:48:52,160 --> 00:48:55,760
decisions out here
1430
00:48:53,760 --> 00:48:57,680
so when it's decision making it's your
1431
00:48:55,760 --> 00:48:58,880
intelligence isn't it
1432
00:48:57,680 --> 00:49:00,880
like when you're planning out to do
1433
00:48:58,880 --> 00:49:04,319
something out of those deeds right
1434
00:49:00,880 --> 00:49:06,000
so these are your intelligence correct
1435
00:49:04,319 --> 00:49:07,359
all right so which brings us closer
1436
00:49:06,000 --> 00:49:08,000
threat intelligence which i've already
1437
00:49:07,359 --> 00:49:09,599
told right
1438
00:49:08,000 --> 00:49:11,760
so that intelligence or cyber threat
1439
00:49:09,599 --> 00:49:13,599
intelligence is information
1440
00:49:11,760 --> 00:49:15,119
an organization used to understand the
1441
00:49:13,599 --> 00:49:17,680
threats that have
1442
00:49:15,119 --> 00:49:19,920
will or are currently targeting the
1443
00:49:17,680 --> 00:49:22,400
organization right which can be helpful
1444
00:49:19,920 --> 00:49:23,680
for us to prepare and like prevent the
1445
00:49:22,400 --> 00:49:25,119
organization from all those cyber
1446
00:49:23,680 --> 00:49:26,160
threats right which can be taking an
1447
00:49:25,119 --> 00:49:28,240
advantage of
1448
00:49:26,160 --> 00:49:30,000
our valuable resources out there isn't
1449
00:49:28,240 --> 00:49:32,400
it so when we talk about
1450
00:49:30,000 --> 00:49:33,839
these things there are always some
1451
00:49:32,400 --> 00:49:37,200
resources for the threats
1452
00:49:33,839 --> 00:49:40,000
search right so we have threat research
1453
00:49:37,200 --> 00:49:41,680
sources as well so threat research is a
1454
00:49:40,000 --> 00:49:43,520
counter intelligence right
1455
00:49:41,680 --> 00:49:45,520
it's a counter intelligence gathering
1456
00:49:43,520 --> 00:49:47,119
effort in which like your security
1457
00:49:45,520 --> 00:49:50,160
companies and researchers
1458
00:49:47,119 --> 00:49:53,359
the attempt to discover the
1459
00:49:50,160 --> 00:49:57,359
tactics techniques
1460
00:49:53,359 --> 00:50:02,000
and procedures right
1461
00:49:57,359 --> 00:50:05,760
tend to discover tactics
1462
00:50:02,000 --> 00:50:05,760
right techniques
1463
00:50:08,559 --> 00:50:16,800
and the procedures
1464
00:50:13,599 --> 00:50:18,160
right so we'll talk about it right
1465
00:50:16,800 --> 00:50:20,000
like they are they fall in the category
1466
00:50:18,160 --> 00:50:22,160
of your threat intelligence providers
1467
00:50:20,000 --> 00:50:23,040
okay moreover when we talk about your
1468
00:50:22,160 --> 00:50:24,960
threat research
1469
00:50:23,040 --> 00:50:26,319
sources right we can go get from the
1470
00:50:24,960 --> 00:50:27,280
firewalls regarding your logs and all
1471
00:50:26,319 --> 00:50:28,880
those bits
1472
00:50:27,280 --> 00:50:30,400
and like we have these honey nets as
1473
00:50:28,880 --> 00:50:32,480
well right
1474
00:50:30,400 --> 00:50:33,920
so moreover like in short what you are
1475
00:50:32,480 --> 00:50:37,520
trying to do is like you
1476
00:50:33,920 --> 00:50:38,559
provide them few areas right to attack
1477
00:50:37,520 --> 00:50:41,040
right you can say
1478
00:50:38,559 --> 00:50:41,680
uh you have a dummy server you pull it
1479
00:50:41,040 --> 00:50:44,960
up
1480
00:50:41,680 --> 00:50:45,520
over there right and you are luring or
1481
00:50:44,960 --> 00:50:48,559
like you
1482
00:50:45,520 --> 00:50:49,599
you are like giving those server the
1483
00:50:48,559 --> 00:50:52,000
dummy ones right
1484
00:50:49,599 --> 00:50:52,720
to the attackers okay you have your main
1485
00:50:52,000 --> 00:50:55,280
server
1486
00:50:52,720 --> 00:50:57,119
right which like can be a similar of
1487
00:50:55,280 --> 00:50:59,359
functionality you can say right
1488
00:50:57,119 --> 00:51:01,680
and all those network architecture out
1489
00:50:59,359 --> 00:51:02,000
there but moreover main is on another
1490
00:51:01,680 --> 00:51:03,760
one
1491
00:51:02,000 --> 00:51:05,680
and you you put out those or that dummy
1492
00:51:03,760 --> 00:51:07,680
one out there right for an attacker
1493
00:51:05,680 --> 00:51:09,359
so attacker will do what he will try to
1494
00:51:07,680 --> 00:51:10,640
exploit it right he will try to
1495
00:51:09,359 --> 00:51:13,040
figure out the vulnerabilities and he
1496
00:51:10,640 --> 00:51:15,359
will try to take an advantage of that
1497
00:51:13,040 --> 00:51:16,880
but you are the smart people are around
1498
00:51:15,359 --> 00:51:17,520
here right the security one so what he
1499
00:51:16,880 --> 00:51:19,839
did
1500
00:51:17,520 --> 00:51:20,640
so what all techniques what all
1501
00:51:19,839 --> 00:51:23,280
procedures
1502
00:51:20,640 --> 00:51:24,720
you can say right what all are tactics
1503
00:51:23,280 --> 00:51:26,880
techniques and procedures he's
1504
00:51:24,720 --> 00:51:28,079
trying to put it over there right into
1505
00:51:26,880 --> 00:51:30,319
your dummy one
1506
00:51:28,079 --> 00:51:31,119
doesn't it so whatever his all the
1507
00:51:30,319 --> 00:51:33,200
strategies
1508
00:51:31,119 --> 00:51:34,640
tactics techniques and procedures trying
1509
00:51:33,200 --> 00:51:37,599
to put up over that dummy one
1510
00:51:34,640 --> 00:51:38,800
you are observing them right you are
1511
00:51:37,599 --> 00:51:40,559
thinking you can say you can you are
1512
00:51:38,800 --> 00:51:43,359
taking the note out of them
1513
00:51:40,559 --> 00:51:45,119
so now what happened like after okay
1514
00:51:43,359 --> 00:51:46,559
that dummy one will be like you gave
1515
00:51:45,119 --> 00:51:49,359
some sort of a
1516
00:51:46,559 --> 00:51:51,280
privileges you can say like you gave uh
1517
00:51:49,359 --> 00:51:53,280
basically this honey one is like
1518
00:51:51,280 --> 00:51:55,359
or divided into three categories low
1519
00:51:53,280 --> 00:51:57,520
level or medium level and
1520
00:51:55,359 --> 00:51:59,520
high level right so that defines like
1521
00:51:57,520 --> 00:52:01,200
how much of a portion of a server or
1522
00:51:59,520 --> 00:52:01,839
network you are allowing an attacker to
1523
00:52:01,200 --> 00:52:03,599
exploit
1524
00:52:01,839 --> 00:52:05,680
right so these are defined on those
1525
00:52:03,599 --> 00:52:07,920
bases so whatsoever you have put it in
1526
00:52:05,680 --> 00:52:09,920
your dummy network or in a dummy server
1527
00:52:07,920 --> 00:52:11,440
right so attacker will try to exploit it
1528
00:52:09,920 --> 00:52:13,040
and from those exploits
1529
00:52:11,440 --> 00:52:14,960
you will take the information out of
1530
00:52:13,040 --> 00:52:15,760
them right so what all ports he might
1531
00:52:14,960 --> 00:52:17,599
have uh
1532
00:52:15,760 --> 00:52:19,440
like exploit or like what all
1533
00:52:17,599 --> 00:52:21,119
vulnerabilities he attacked over there
1534
00:52:19,440 --> 00:52:23,119
right and all the logs and all those
1535
00:52:21,119 --> 00:52:24,559
ips and everything you will try to
1536
00:52:23,119 --> 00:52:26,400
observe over there and through that you
1537
00:52:24,559 --> 00:52:28,960
will be patching up into your
1538
00:52:26,400 --> 00:52:30,559
real or you can see the main server
1539
00:52:28,960 --> 00:52:32,319
right so this is like a
1540
00:52:30,559 --> 00:52:34,640
threat resource regarding your honey
1541
00:52:32,319 --> 00:52:37,119
nets or honeypots right
1542
00:52:34,640 --> 00:52:38,559
then we have dark web and dark knight i
1543
00:52:37,119 --> 00:52:39,520
guess it's pretty clear to each and
1544
00:52:38,559 --> 00:52:41,040
every one right
1545
00:52:39,520 --> 00:52:43,119
so if you talk about a dark net it's
1546
00:52:41,040 --> 00:52:44,000
like a network infrastructure which is
1547
00:52:43,119 --> 00:52:45,760
established to
1548
00:52:44,000 --> 00:52:48,880
overlay your internet right and can be
1549
00:52:45,760 --> 00:52:50,559
used by using some softwares like your
1550
00:52:48,880 --> 00:52:53,280
tor you might have heard about it isn't
1551
00:52:50,559 --> 00:52:56,400
it or your i2p or freenet
1552
00:52:53,280 --> 00:52:56,800
right so this darknet is most often used
1553
00:52:56,400 --> 00:52:59,680
for
1554
00:52:56,800 --> 00:53:00,640
illegal activities right like your black
1555
00:52:59,680 --> 00:53:02,480
markets
1556
00:53:00,640 --> 00:53:04,880
your illegal file sharing over there and
1557
00:53:02,480 --> 00:53:06,559
exchanging of illegal goods or services
1558
00:53:04,880 --> 00:53:09,280
presented like regarding a stolen
1559
00:53:06,559 --> 00:53:11,040
financial or any sort of private data
1560
00:53:09,280 --> 00:53:12,559
so it basically prevent a third party
1561
00:53:11,040 --> 00:53:14,480
from knowing about the existence of the
1562
00:53:12,559 --> 00:53:16,240
network right or analyzing any activity
1563
00:53:14,480 --> 00:53:18,319
taking place over the network
1564
00:53:16,240 --> 00:53:20,000
so you can take an advantage over there
1565
00:53:18,319 --> 00:53:21,280
right so you can like it basically
1566
00:53:20,000 --> 00:53:22,079
provides you multiple layers of
1567
00:53:21,280 --> 00:53:24,960
encryption
1568
00:53:22,079 --> 00:53:26,319
right uh which is put up between the
1569
00:53:24,960 --> 00:53:27,760
nodes to achieve this
1570
00:53:26,319 --> 00:53:29,920
anonymity that's why you've become
1571
00:53:27,760 --> 00:53:32,880
anonymous with that so use this
1572
00:53:29,920 --> 00:53:34,640
uh you use this dark web right which is
1573
00:53:32,880 --> 00:53:36,240
not visible to search engines right it
1574
00:53:34,640 --> 00:53:39,280
can only be accessed over the dark
1575
00:53:36,240 --> 00:53:41,119
not only this dark web so like
1576
00:53:39,280 --> 00:53:42,559
you can use them into investigating this
1577
00:53:41,119 --> 00:53:44,960
dark web
1578
00:53:42,559 --> 00:53:47,119
websites and message boards like which
1579
00:53:44,960 --> 00:53:49,440
are which can be a valuable source
1580
00:53:47,119 --> 00:53:51,280
of counter intelligence over there right
1581
00:53:49,440 --> 00:53:53,680
so this the anonymity of dark web
1582
00:53:51,280 --> 00:53:55,760
services has made it easy for
1583
00:53:53,680 --> 00:53:56,800
investigator to infiltrate the forums
1584
00:53:55,760 --> 00:53:58,880
and web stores
1585
00:53:56,800 --> 00:54:00,240
that have been set up to exchange any
1586
00:53:58,880 --> 00:54:01,760
sort of a stolen data and
1587
00:54:00,240 --> 00:54:03,440
hacking tools so you can just put up
1588
00:54:01,760 --> 00:54:05,119
like use of this
1589
00:54:03,440 --> 00:54:06,559
dark web for the account intelligence
1590
00:54:05,119 --> 00:54:07,839
you can see all those data and all those
1591
00:54:06,559 --> 00:54:09,680
information out there
1592
00:54:07,839 --> 00:54:11,119
and you can put it as like a counter
1593
00:54:09,680 --> 00:54:12,240
intelligence now you can just patch up
1594
00:54:11,119 --> 00:54:14,720
things over there
1595
00:54:12,240 --> 00:54:15,520
regarding all those threat researchers
1596
00:54:14,720 --> 00:54:17,119
right
1597
00:54:15,520 --> 00:54:19,200
so these were regarding your threat
1598
00:54:17,119 --> 00:54:22,079
resource sources
1599
00:54:19,200 --> 00:54:23,520
right then we have your guys your threat
1600
00:54:22,079 --> 00:54:27,440
intelligence provider
1601
00:54:23,520 --> 00:54:30,000
right so we have this behavioral
1602
00:54:27,440 --> 00:54:31,680
we have reputation we have threat data
1603
00:54:30,000 --> 00:54:33,280
right so basically our primary research
1604
00:54:31,680 --> 00:54:36,079
which we did like you had your
1605
00:54:33,280 --> 00:54:36,960
ips and logs and all this dark web and
1606
00:54:36,079 --> 00:54:40,000
your
1607
00:54:36,960 --> 00:54:41,680
honeypot or your honey nets right so all
1608
00:54:40,000 --> 00:54:43,119
these primary research
1609
00:54:41,680 --> 00:54:45,599
you can say dark web on the second
1610
00:54:43,119 --> 00:54:48,880
resource okay so basically all these
1611
00:54:45,599 --> 00:54:51,280
researches by threat research uh sources
1612
00:54:48,880 --> 00:54:53,520
they are categorized in broad forms
1613
00:54:51,280 --> 00:54:55,680
right first is your behavioral threat
1614
00:54:53,520 --> 00:54:57,680
research right so what does your
1615
00:54:55,680 --> 00:54:59,920
behavioral threat research does
1616
00:54:57,680 --> 00:55:01,760
as i mentioned those ttp right so it
1617
00:54:59,920 --> 00:55:04,160
describes the examples of
1618
00:55:01,760 --> 00:55:07,440
attacks and the ttps which are gathered
1619
00:55:04,160 --> 00:55:12,799
out there ttp as in your
1620
00:55:07,440 --> 00:55:12,799
tactics techniques
1621
00:55:13,760 --> 00:55:20,160
and the procedures isn't it
1622
00:55:18,880 --> 00:55:22,720
so what do you understand about the term
1623
00:55:20,160 --> 00:55:24,160
tactics guys so basically as your ttp
1624
00:55:22,720 --> 00:55:26,960
that refers to the pattern
1625
00:55:24,160 --> 00:55:28,000
of activities and methods associated
1626
00:55:26,960 --> 00:55:29,599
with specific
1627
00:55:28,000 --> 00:55:31,440
like you can say threat actor or group
1628
00:55:29,599 --> 00:55:33,119
of threat or group of actors right we
1629
00:55:31,440 --> 00:55:35,119
analyze from their patterns
1630
00:55:33,119 --> 00:55:36,799
and we try to strategize the liking to
1631
00:55:35,119 --> 00:55:38,799
say put up as a
1632
00:55:36,799 --> 00:55:40,000
threat intelligence over there right so
1633
00:55:38,799 --> 00:55:41,839
you analyze all those uh
1634
00:55:40,000 --> 00:55:43,760
tactics tactics as in like it is a
1635
00:55:41,839 --> 00:55:46,799
guideline that describes the way
1636
00:55:43,760 --> 00:55:48,880
an attacker performs the attack from
1637
00:55:46,799 --> 00:55:51,599
beginning to the end isn't it
1638
00:55:48,880 --> 00:55:53,839
so it consists various tactics of
1639
00:55:51,599 --> 00:55:55,839
information gathering to perform
1640
00:55:53,839 --> 00:55:57,040
initial exploitation perform cleveland
1641
00:55:55,839 --> 00:56:00,000
escalation
1642
00:55:57,040 --> 00:56:01,040
perform the lateral movement right and
1643
00:56:00,000 --> 00:56:03,359
etcetera
1644
00:56:01,040 --> 00:56:04,480
that's your tactics then it comes your
1645
00:56:03,359 --> 00:56:07,200
techniques
1646
00:56:04,480 --> 00:56:08,559
techniques it is a like technical method
1647
00:56:07,200 --> 00:56:12,079
used by an attacker
1648
00:56:08,559 --> 00:56:13,599
to achieve like an intermediate resource
1649
00:56:12,079 --> 00:56:17,359
right
1650
00:56:13,599 --> 00:56:18,640
exactly so uh use an attacker to achieve
1651
00:56:17,359 --> 00:56:21,359
intermediate results during the
1652
00:56:18,640 --> 00:56:22,480
attack so it includes like your initial
1653
00:56:21,359 --> 00:56:24,960
exploitation
1654
00:56:22,480 --> 00:56:26,960
setting up right and maintaining command
1655
00:56:24,960 --> 00:56:29,040
and control channels out there
1656
00:56:26,960 --> 00:56:30,240
right so all those techniques are being
1657
00:56:29,040 --> 00:56:32,720
mentioned at this
1658
00:56:30,240 --> 00:56:34,400
phase then you have this procedure
1659
00:56:32,720 --> 00:56:35,200
proceduralizing like organization
1660
00:56:34,400 --> 00:56:37,119
approach
1661
00:56:35,200 --> 00:56:39,040
like they followed by the threat actors
1662
00:56:37,119 --> 00:56:41,760
to launch an attack right so they
1663
00:56:39,040 --> 00:56:42,799
set up a whole procedure which has to be
1664
00:56:41,760 --> 00:56:44,640
take place
1665
00:56:42,799 --> 00:56:46,400
to attack an organization isn't it so
1666
00:56:44,640 --> 00:56:48,640
like procedure of information gathering
1667
00:56:46,400 --> 00:56:50,480
you can say step type steps instructions
1668
00:56:48,640 --> 00:56:52,319
right so like what like an attacker
1669
00:56:50,480 --> 00:56:53,520
collects information about the target
1670
00:56:52,319 --> 00:56:55,520
organization
1671
00:56:53,520 --> 00:56:57,599
right he identified key targets over
1672
00:56:55,520 --> 00:57:00,000
there the employees and they
1673
00:56:57,599 --> 00:57:01,440
collect their contact details and on the
1674
00:57:00,000 --> 00:57:03,359
rest of the things right
1675
00:57:01,440 --> 00:57:04,960
so all those step-by-step processes are
1676
00:57:03,359 --> 00:57:08,319
being done in your
1677
00:57:04,960 --> 00:57:10,079
procedure that was your behavioral part
1678
00:57:08,319 --> 00:57:12,000
okay behavioral threat research then
1679
00:57:10,079 --> 00:57:13,760
your then is your reputational
1680
00:57:12,000 --> 00:57:16,400
reputational threat intelligence it's
1681
00:57:13,760 --> 00:57:18,000
like list of ip addresses and domains
1682
00:57:16,400 --> 00:57:19,280
which are associated with malicious
1683
00:57:18,000 --> 00:57:19,839
behavior which might have gone through
1684
00:57:19,280 --> 00:57:22,000
your
1685
00:57:19,839 --> 00:57:23,200
honeypot you can say right and like
1686
00:57:22,000 --> 00:57:25,839
identifying all those
1687
00:57:23,200 --> 00:57:27,440
signatures of file based malware and
1688
00:57:25,839 --> 00:57:28,000
those things right so that falls under
1689
00:57:27,440 --> 00:57:30,240
the
1690
00:57:28,000 --> 00:57:31,200
reputation category then you have thread
1691
00:57:30,240 --> 00:57:33,359
data as well
1692
00:57:31,200 --> 00:57:34,480
thread data like the data that can
1693
00:57:33,359 --> 00:57:37,599
relate
1694
00:57:34,480 --> 00:57:40,480
like events observed by looking
1695
00:57:37,599 --> 00:57:41,520
like your customer logs okay that's your
1696
00:57:40,480 --> 00:57:43,280
thread data
1697
00:57:41,520 --> 00:57:46,000
then we have also these platforms and
1698
00:57:43,280 --> 00:57:48,000
feed guys like closed property
1699
00:57:46,000 --> 00:57:50,000
so your threat research and like your
1700
00:57:48,000 --> 00:57:52,799
these cti data it's
1701
00:57:50,000 --> 00:57:54,160
it's made available as a like paid
1702
00:57:52,799 --> 00:57:56,720
subscription basis right
1703
00:57:54,160 --> 00:57:58,079
you have seen this fire i and this ibm
1704
00:57:56,720 --> 00:57:59,599
x4 so like you
1705
00:57:58,079 --> 00:58:01,119
put up a price for that and they'll be
1706
00:57:59,599 --> 00:58:03,760
doing these strategies for you
1707
00:58:01,119 --> 00:58:05,280
right then obviously this academic as
1708
00:58:03,760 --> 00:58:06,880
well academy journals you can see their
1709
00:58:05,280 --> 00:58:09,040
papers and all those things
1710
00:58:06,880 --> 00:58:10,480
right other like platforms from there
1711
00:58:09,040 --> 00:58:11,520
you can use get these threat
1712
00:58:10,480 --> 00:58:13,040
intelligence right
1713
00:58:11,520 --> 00:58:14,240
these are the providers for all those
1714
00:58:13,040 --> 00:58:15,920
threat intelligence you can go for the
1715
00:58:14,240 --> 00:58:17,119
academic journals all these papers and
1716
00:58:15,920 --> 00:58:18,319
all those things they might have put an
1717
00:58:17,119 --> 00:58:21,359
article about it
1718
00:58:18,319 --> 00:58:23,599
social media pretty obvious right like
1719
00:58:21,359 --> 00:58:25,200
they they companies and like uh
1720
00:58:23,599 --> 00:58:25,920
individual researchers and practitioners
1721
00:58:25,200 --> 00:58:28,559
what they do
1722
00:58:25,920 --> 00:58:29,839
they write informative blogs or like on
1723
00:58:28,559 --> 00:58:32,160
the social media feeds
1724
00:58:29,839 --> 00:58:33,520
isn't it so you can always get those
1725
00:58:32,160 --> 00:58:35,200
sort of
1726
00:58:33,520 --> 00:58:36,480
intelligence from that particular area
1727
00:58:35,200 --> 00:58:37,280
from social media it's a pretty big
1728
00:58:36,480 --> 00:58:39,359
thing right
1729
00:58:37,280 --> 00:58:41,119
so you might have like even as of now
1730
00:58:39,359 --> 00:58:43,599
you guys might go through various
1731
00:58:41,119 --> 00:58:44,240
blogs and all those articles which might
1732
00:58:43,599 --> 00:58:46,559
help you
1733
00:58:44,240 --> 00:58:48,400
uh like gain all those threat
1734
00:58:46,559 --> 00:58:51,359
intelligence it is it
1735
00:58:48,400 --> 00:58:51,680
yeah perfect around the year ioc system
1736
00:58:51,359 --> 00:58:53,920
so
1737
00:58:51,680 --> 00:58:55,520
uh then there is conferences right so
1738
00:58:53,920 --> 00:58:56,079
like security conferences are always
1739
00:58:55,520 --> 00:58:57,599
being
1740
00:58:56,079 --> 00:58:59,119
hosted right and it's sponsored by
1741
00:58:57,599 --> 00:59:01,200
various institutes
1742
00:58:59,119 --> 00:59:02,640
isn't it and they they provide an
1743
00:59:01,200 --> 00:59:04,160
opportunity for presenting
1744
00:59:02,640 --> 00:59:06,319
presentation on the latest threats and
1745
00:59:04,160 --> 00:59:07,680
technologies right
1746
00:59:06,319 --> 00:59:10,079
these are your conferences from which
1747
00:59:07,680 --> 00:59:11,200
your like area from where you can go and
1748
00:59:10,079 --> 00:59:12,880
get all those
1749
00:59:11,200 --> 00:59:14,640
threat intelligence right then there is
1750
00:59:12,880 --> 00:59:17,760
a last one which is percent
1751
00:59:14,640 --> 00:59:18,400
open source intelligence right so some
1752
00:59:17,760 --> 00:59:20,880
companies
1753
00:59:18,400 --> 00:59:22,480
operate like intelligence services on an
1754
00:59:20,880 --> 00:59:25,040
open source basis as well
1755
00:59:22,480 --> 00:59:26,559
right so we'll show you that as well and
1756
00:59:25,040 --> 00:59:29,359
we'll also try a few tasks
1757
00:59:26,559 --> 00:59:30,319
on the basis of ocean as well okay guys
1758
00:59:29,359 --> 00:59:32,400
since you are asking about the
1759
00:59:30,319 --> 00:59:34,240
reputation guys reputations are elected
1760
00:59:32,400 --> 00:59:35,920
intelligence like regarding ip addresses
1761
00:59:34,240 --> 00:59:38,000
and all those domains
1762
00:59:35,920 --> 00:59:39,599
associated with your malicious behavior
1763
00:59:38,000 --> 00:59:42,000
okay and like even
1764
00:59:39,599 --> 00:59:42,960
regarding the signatures of your
1765
00:59:42,000 --> 00:59:44,480
malwares
1766
00:59:42,960 --> 00:59:46,000
so they falls under the reputation
1767
00:59:44,480 --> 00:59:48,559
threat intelligence
1768
00:59:46,000 --> 00:59:50,160
all right okay as always you mentioned
1769
00:59:48,559 --> 00:59:51,440
uh like as i mentioned uh
1770
00:59:50,160 --> 00:59:54,079
some companies they operate through
1771
00:59:51,440 --> 00:59:56,799
intelligence services on an open source
1772
00:59:54,079 --> 00:59:57,280
basis as well right so if i take you to
1773
00:59:56,799 --> 00:59:59,760
an
1774
00:59:57,280 --> 01:00:00,880
website ocean framework i guess everyone
1775
00:59:59,760 --> 01:00:03,599
knows knows about it
1776
01:00:00,880 --> 01:00:15,839
right for those who don't let me just
1777
01:00:03,599 --> 01:00:17,760
show you
1778
01:00:15,839 --> 01:00:19,359
okay if you go with the social framework
1779
01:00:17,760 --> 01:00:21,920
over here
1780
01:00:19,359 --> 01:00:23,680
right you can uh like search on the
1781
01:00:21,920 --> 01:00:24,319
respect of various things over here
1782
01:00:23,680 --> 01:00:25,920
right
1783
01:00:24,319 --> 01:00:28,640
this framework provide you lots of
1784
01:00:25,920 --> 01:00:30,319
options right lots of uh
1785
01:00:28,640 --> 01:00:32,079
crazy options you can go regarding these
1786
01:00:30,319 --> 01:00:34,319
things you can search out regarding any
1787
01:00:32,079 --> 01:00:35,200
any particular thing right so if i like
1788
01:00:34,319 --> 01:00:37,040
if you even
1789
01:00:35,200 --> 01:00:38,480
giving details about a person over here
1790
01:00:37,040 --> 01:00:39,839
right so if i click let's say if i'm
1791
01:00:38,480 --> 01:00:43,280
going with the email address
1792
01:00:39,839 --> 01:00:45,200
and respect email addre list of options
1793
01:00:43,280 --> 01:00:47,119
like email search common email formats
1794
01:00:45,200 --> 01:00:49,760
email verification bridge data
1795
01:00:47,119 --> 01:00:51,599
mail blacklist all those things so even
1796
01:00:49,760 --> 01:00:53,920
if i click on email search
1797
01:00:51,599 --> 01:00:54,880
right it will be giving throughout more
1798
01:00:53,920 --> 01:00:58,160
tools over here
1799
01:00:54,880 --> 01:01:01,280
right that's the one to email to address
1800
01:00:58,160 --> 01:01:04,319
pip pl right regarding people's right
1801
01:01:01,280 --> 01:01:05,839
the harvester in foga male db
1802
01:01:04,319 --> 01:01:07,280
and very small right so if i even go
1803
01:01:05,839 --> 01:01:07,920
with the hunter it'll be just hoping
1804
01:01:07,280 --> 01:01:09,920
that
1805
01:01:07,920 --> 01:01:11,760
letting a particular platform for you so
1806
01:01:09,920 --> 01:01:12,640
in respect to domain names you can just
1807
01:01:11,760 --> 01:01:15,760
find out the
1808
01:01:12,640 --> 01:01:17,440
email address over here right so that's
1809
01:01:15,760 --> 01:01:20,160
how your osint framework
1810
01:01:17,440 --> 01:01:21,599
can be utilized to gather more and more
1811
01:01:20,160 --> 01:01:23,359
intel in this regarding the thread
1812
01:01:21,599 --> 01:01:25,280
right so you can get that information
1813
01:01:23,359 --> 01:01:28,240
over here right
1814
01:01:25,280 --> 01:01:29,040
perfect so just giving a task over here
1815
01:01:28,240 --> 01:01:32,400
guys
1816
01:01:29,040 --> 01:01:35,440
a small task for now so task is
1817
01:01:32,400 --> 01:01:36,400
gather the email ids okay gather email
1818
01:01:35,440 --> 01:01:39,839
ids
1819
01:01:36,400 --> 01:01:39,839
and respect to domain
1820
01:01:41,680 --> 01:01:44,400
intersect
1821
01:01:45,040 --> 01:01:52,000
pain dot com
1822
01:01:48,319 --> 01:01:54,079
okay all right let's do one thing let's
1823
01:01:52,000 --> 01:01:55,839
put it on a hole uh let me show you one
1824
01:01:54,079 --> 01:01:57,039
more thing since we brought up hosting
1825
01:01:55,839 --> 01:01:59,680
and all those
1826
01:01:57,039 --> 01:02:01,119
techniques so even like ocean framework
1827
01:01:59,680 --> 01:02:02,720
we have been using over here
1828
01:02:01,119 --> 01:02:04,160
even guys your google is more than
1829
01:02:02,720 --> 01:02:06,160
enough to
1830
01:02:04,160 --> 01:02:08,079
like pretty much good utility to give
1831
01:02:06,160 --> 01:02:09,359
you a lot of information out there
1832
01:02:08,079 --> 01:02:10,880
right so basically what you do with the
1833
01:02:09,359 --> 01:02:12,400
ocean you narrow down all your search
1834
01:02:10,880 --> 01:02:15,359
over here right
1835
01:02:12,400 --> 01:02:17,119
so with the help of google you can do
1836
01:02:15,359 --> 01:02:20,720
that as well
1837
01:02:17,119 --> 01:02:23,200
correct so uh you can search in various
1838
01:02:20,720 --> 01:02:23,760
respects or in various aspects over here
1839
01:02:23,200 --> 01:02:26,960
all right
1840
01:02:23,760 --> 01:02:27,839
like uh for say if you want to find any
1841
01:02:26,960 --> 01:02:30,079
uh
1842
01:02:27,839 --> 01:02:31,520
pdf formats only like if you want to
1843
01:02:30,079 --> 01:02:34,799
search the let's say if
1844
01:02:31,520 --> 01:02:36,319
i'm let's say
1845
01:02:34,799 --> 01:02:38,079
all right okay let's say i click on
1846
01:02:36,319 --> 01:02:40,720
security plus right
1847
01:02:38,079 --> 01:02:42,079
the things you can see guys uh it's the
1848
01:02:40,720 --> 01:02:44,480
black thing which is mentioned over here
1849
01:02:42,079 --> 01:02:47,520
it's a url isn't it
1850
01:02:44,480 --> 01:02:48,880
correct these are the you are the black
1851
01:02:47,520 --> 01:02:52,000
one at the top one
1852
01:02:48,880 --> 01:02:53,520
right and if you see the blue one which
1853
01:02:52,000 --> 01:02:54,400
is being highlighted these are known as
1854
01:02:53,520 --> 01:02:58,000
your
1855
01:02:54,400 --> 01:02:59,760
titles right these are your titles
1856
01:02:58,000 --> 01:03:01,839
and if you can see over here the below
1857
01:02:59,760 --> 01:03:03,599
format which is it establishes the core
1858
01:03:01,839 --> 01:03:05,039
knowledge required by the file any cyber
1859
01:03:03,599 --> 01:03:08,480
security role and provides a site
1860
01:03:05,039 --> 01:03:11,200
springboard and also these are your text
1861
01:03:08,480 --> 01:03:12,640
isn't it so you can search in respect to
1862
01:03:11,200 --> 01:03:13,920
that and you can just narrow down your
1863
01:03:12,640 --> 01:03:16,640
results over here right
1864
01:03:13,920 --> 01:03:18,960
you can see 38 uh like lacks of results
1865
01:03:16,640 --> 01:03:22,640
are over here like you can do what
1866
01:03:18,960 --> 01:03:26,799
you can refine your search in respect to
1867
01:03:22,640 --> 01:03:26,799
url right if i hit this
1868
01:03:26,960 --> 01:03:31,839
oh this one is required
1869
01:03:31,920 --> 01:03:39,520
perfect so what it will be doing
1870
01:03:35,920 --> 01:03:39,520
the megan spelling stick over here
1871
01:03:39,599 --> 01:03:45,599
okay don't worry so basically it will be
1872
01:03:42,960 --> 01:03:46,559
uh searching out all those things
1873
01:03:45,599 --> 01:03:49,119
respect to your
1874
01:03:46,559 --> 01:03:49,599
url base right so if you can notice like
1875
01:03:49,119 --> 01:03:52,720
if i
1876
01:03:49,599 --> 01:03:54,559
iron in url security so it will be just
1877
01:03:52,720 --> 01:03:56,960
searching for this particular word in
1878
01:03:54,559 --> 01:03:58,240
your url part right
1879
01:03:56,960 --> 01:04:00,720
so you can see it narrowed down the
1880
01:03:58,240 --> 01:04:02,400
results from 38 lakh to like
1881
01:04:00,720 --> 01:04:04,000
seven eight seven lakh eighty five
1882
01:04:02,400 --> 01:04:06,319
thousand right so we just
1883
01:04:04,000 --> 01:04:07,119
cut it down the whole uh search scenario
1884
01:04:06,319 --> 01:04:09,119
over here
1885
01:04:07,119 --> 01:04:10,799
if you can like uh closely the url is
1886
01:04:09,119 --> 01:04:12,240
having security so each and every like
1887
01:04:10,799 --> 01:04:13,039
in your first page at least uh you will
1888
01:04:12,240 --> 01:04:15,119
be having all those
1889
01:04:13,039 --> 01:04:16,799
url which will be having each security
1890
01:04:15,119 --> 01:04:18,400
as a word in there
1891
01:04:16,799 --> 01:04:20,720
right so you can always play around with
1892
01:04:18,400 --> 01:04:22,400
it you can even mention the in title
1893
01:04:20,720 --> 01:04:24,480
so now in title what will be happening
1894
01:04:22,400 --> 01:04:27,760
it will be searching respect to a title
1895
01:04:24,480 --> 01:04:30,079
having security word in it right
1896
01:04:27,760 --> 01:04:30,880
so you can see security security will be
1897
01:04:30,079 --> 01:04:33,280
or the word
1898
01:04:30,880 --> 01:04:34,960
present in your title out there so it
1899
01:04:33,280 --> 01:04:35,680
will be reflecting all those results for
1900
01:04:34,960 --> 01:04:39,920
you
1901
01:04:35,680 --> 01:04:41,039
in which security is mentioned over the
1902
01:04:39,920 --> 01:04:43,039
title part
1903
01:04:41,039 --> 01:04:44,400
right so you can see it narrowed down
1904
01:04:43,039 --> 01:04:45,039
your results so similarly you can do
1905
01:04:44,400 --> 01:04:47,440
with the text
1906
01:04:45,039 --> 01:04:47,440
as well
1907
01:04:50,319 --> 01:04:54,640
so you will find this security part in
1908
01:04:53,520 --> 01:04:57,920
the
1909
01:04:54,640 --> 01:04:57,920
text one okay
1910
01:04:58,160 --> 01:05:01,920
so you can see you you are getting a lot
1911
01:05:00,160 --> 01:05:05,039
of results out here
1912
01:05:01,920 --> 01:05:06,559
but initially we were having 38 lakhs
1913
01:05:05,039 --> 01:05:08,720
format right
1914
01:05:06,559 --> 01:05:10,720
like our research or the results out
1915
01:05:08,720 --> 01:05:12,160
here 38 lakh but what we did we narrowed
1916
01:05:10,720 --> 01:05:15,520
down each and everything over here
1917
01:05:12,160 --> 01:05:16,160
so we we reduced our this labor work you
1918
01:05:15,520 --> 01:05:18,319
can say
1919
01:05:16,160 --> 01:05:19,760
right and we are like doing what we are
1920
01:05:18,319 --> 01:05:22,960
uh doing it very in a
1921
01:05:19,760 --> 01:05:24,559
smart way around right this whole google
1922
01:05:22,960 --> 01:05:25,520
thing this is also known as a google
1923
01:05:24,559 --> 01:05:28,319
docs you can say
1924
01:05:25,520 --> 01:05:30,000
do rks right google docs so there is
1925
01:05:28,319 --> 01:05:31,520
whole data feed or the database
1926
01:05:30,000 --> 01:05:32,960
regarding people what they do they
1927
01:05:31,520 --> 01:05:33,599
mention all their techniques and all
1928
01:05:32,960 --> 01:05:36,079
these
1929
01:05:33,599 --> 01:05:38,079
fancy way you can say or the smart way
1930
01:05:36,079 --> 01:05:39,920
around to play around your google and
1931
01:05:38,079 --> 01:05:41,839
get you the desired results out here
1932
01:05:39,920 --> 01:05:42,880
right so that's a whole different
1933
01:05:41,839 --> 01:05:45,039
database of the
1934
01:05:42,880 --> 01:05:46,720
google doc so you can also put it around
1935
01:05:45,039 --> 01:05:49,440
like if you want to file uh
1936
01:05:46,720 --> 01:05:50,559
only the pdf files over here so file
1937
01:05:49,440 --> 01:05:52,640
type is the option
1938
01:05:50,559 --> 01:05:53,680
right you can just mention it and giving
1939
01:05:52,640 --> 01:05:56,720
out the results
1940
01:05:53,680 --> 01:05:58,960
regarding your pdfs only
1941
01:05:56,720 --> 01:05:58,960
okay
1942
01:06:00,240 --> 01:06:05,839
oh boy
1943
01:06:06,720 --> 01:06:10,400
all right so you can see pdf pdf pdf is
1944
01:06:08,880 --> 01:06:10,880
mentioned over here so if i click on any
1945
01:06:10,400 --> 01:06:12,960
one
1946
01:06:10,880 --> 01:06:13,920
it will be prompting up an option to
1947
01:06:12,960 --> 01:06:15,440
download these
1948
01:06:13,920 --> 01:06:17,280
all those files so you'll be just
1949
01:06:15,440 --> 01:06:18,240
getting the results as an outcome over
1950
01:06:17,280 --> 01:06:21,440
here which are the
1951
01:06:18,240 --> 01:06:24,000
pdf ones right you can see
1952
01:06:21,440 --> 01:06:25,520
it's a pdf for you isn't it so this is
1953
01:06:24,000 --> 01:06:26,400
like the way you play around with all
1954
01:06:25,520 --> 01:06:29,680
those techniques
1955
01:06:26,400 --> 01:06:32,160
in your google right so you do what you
1956
01:06:29,680 --> 01:06:33,599
search for a particular thing in these
1957
01:06:32,160 --> 01:06:35,280
ways rather than just typing whole
1958
01:06:33,599 --> 01:06:37,359
portion or whole thing over here
1959
01:06:35,280 --> 01:06:39,039
you just make it more smartly you play
1960
01:06:37,359 --> 01:06:41,920
around with it and try to
1961
01:06:39,039 --> 01:06:42,640
gather information over here all right
1962
01:06:41,920 --> 01:06:46,319
okay
1963
01:06:42,640 --> 01:06:48,720
so uh i hope this is clear to everyone
1964
01:06:46,319 --> 01:06:49,839
okay so that brings us to back to the
1965
01:06:48,720 --> 01:06:52,000
challenge guys
1966
01:06:49,839 --> 01:06:53,440
all right so if you can look over here
1967
01:06:52,000 --> 01:06:57,680
how i use it
1968
01:06:53,440 --> 01:06:59,359
so i want you to find email ids
1969
01:06:57,680 --> 01:07:01,599
about like of infosect train with
1970
01:06:59,359 --> 01:07:04,640
respect to this domain name
1971
01:07:01,599 --> 01:07:07,280
okay perfect so
1972
01:07:04,640 --> 01:07:08,160
just to mention i what i prefer to go
1973
01:07:07,280 --> 01:07:11,680
with
1974
01:07:08,160 --> 01:07:12,880
is something okay i have to pause the
1975
01:07:11,680 --> 01:07:14,240
screen for a minute because i have to
1976
01:07:12,880 --> 01:07:17,280
enter my credentials
1977
01:07:14,240 --> 01:07:18,559
right so just give me okay so as you can
1978
01:07:17,280 --> 01:07:20,720
see over here uh
1979
01:07:18,559 --> 01:07:22,160
this is one of those utility or tool you
1980
01:07:20,720 --> 01:07:25,119
can say right
1981
01:07:22,160 --> 01:07:26,240
snug dot io you can go with it okay all
1982
01:07:25,119 --> 01:07:28,640
it need is
1983
01:07:26,240 --> 01:07:29,760
your this registration okay so you can
1984
01:07:28,640 --> 01:07:31,520
just log in over here
1985
01:07:29,760 --> 01:07:33,359
so if i can if i can show you this if
1986
01:07:31,520 --> 01:07:35,280
you are able to see find emails you can
1987
01:07:33,359 --> 01:07:38,000
go with the domain search
1988
01:07:35,280 --> 01:07:42,640
right and if i type the domain name over
1989
01:07:38,000 --> 01:07:45,280
here let's say infosec train for now
1990
01:07:42,640 --> 01:07:46,720
it's already already giving you this a
1991
01:07:45,280 --> 01:07:48,720
drop down option and you can see the
1992
01:07:46,720 --> 01:07:50,400
prospects are 29.
1993
01:07:48,720 --> 01:07:54,000
so if you click on this you can see all
1994
01:07:50,400 --> 01:07:55,599
domain emails if i click over here guys
1995
01:07:54,000 --> 01:07:57,440
can you see how we are getting a pretty
1996
01:07:55,599 --> 01:07:59,680
big list out here regarding the emails
1997
01:07:57,440 --> 01:08:02,400
and i can just assure you these are the
1998
01:07:59,680 --> 01:08:02,400
valid ones
1999
01:08:03,520 --> 01:08:09,359
right so there are various ways uh you
2000
01:08:07,760 --> 01:08:11,760
might have gone to the google
2001
01:08:09,359 --> 01:08:12,799
like or searching for the social media
2002
01:08:11,760 --> 01:08:15,039
platforms
2003
01:08:12,799 --> 01:08:16,400
right even this uh webinar one you got
2004
01:08:15,039 --> 01:08:18,319
my email id
2005
01:08:16,400 --> 01:08:20,400
right of the mails and all those bits
2006
01:08:18,319 --> 01:08:21,920
from all those promotions out there so
2007
01:08:20,400 --> 01:08:23,359
that's a pretty good way right that's
2008
01:08:21,920 --> 01:08:23,679
the technical you are doing over here
2009
01:08:23,359 --> 01:08:25,759
this
2010
01:08:23,679 --> 01:08:26,799
you are strategizing your things over
2011
01:08:25,759 --> 01:08:27,920
here right
2012
01:08:26,799 --> 01:08:29,520
you are gathering as much as the
2013
01:08:27,920 --> 01:08:29,920
information you can like you are then
2014
01:08:29,520 --> 01:08:31,359
you are
2015
01:08:29,920 --> 01:08:33,279
doing what you are narrowing it down you
2016
01:08:31,359 --> 01:08:33,920
are playing now uh smart around here
2017
01:08:33,279 --> 01:08:36,159
right
2018
01:08:33,920 --> 01:08:37,040
so typically uh if you talk about these
2019
01:08:36,159 --> 01:08:39,679
tools they are locked
2020
01:08:37,040 --> 01:08:41,839
out out there like as you mentioned the
2021
01:08:39,679 --> 01:08:43,600
hunter dot io it's one of them
2022
01:08:41,839 --> 01:08:45,040
right so you can use this ocean
2023
01:08:43,600 --> 01:08:47,120
framework as well
2024
01:08:45,040 --> 01:08:48,719
right you may be for the subscription
2025
01:08:47,120 --> 01:08:50,719
base but it's generally free
2026
01:08:48,719 --> 01:08:52,159
so it may not always give you the
2027
01:08:50,719 --> 01:08:53,920
results okay that depends on
2028
01:08:52,159 --> 01:08:56,640
organizational organization but
2029
01:08:53,920 --> 01:08:58,640
uh it's like i would say a good
2030
01:08:56,640 --> 01:09:01,679
promising website not all time but
2031
01:08:58,640 --> 01:09:04,080
it gives you all those things okay
2032
01:09:01,679 --> 01:09:05,120
so this task we got a pretty good hit
2033
01:09:04,080 --> 01:09:08,319
over here isn't it
2034
01:09:05,120 --> 01:09:09,839
we got like 28 emails out there and
2035
01:09:08,319 --> 01:09:12,080
these are the valid ones i can
2036
01:09:09,839 --> 01:09:13,600
assure you okay i guess this was a
2037
01:09:12,080 --> 01:09:15,359
pretty much interesting task
2038
01:09:13,600 --> 01:09:16,640
okay so for now i guess this thing is
2039
01:09:15,359 --> 01:09:19,679
clear right
2040
01:09:16,640 --> 01:09:21,600
so after this we'll be moving on to the
2041
01:09:19,679 --> 01:09:24,880
next one which is your
2042
01:09:21,600 --> 01:09:26,560
malwares so uh guys what do you
2043
01:09:24,880 --> 01:09:29,920
understand by the term malware
2044
01:09:26,560 --> 01:09:32,159
so basically guys uh malware take this
2045
01:09:29,920 --> 01:09:32,159
term
2046
01:09:32,839 --> 01:09:36,880
mal and the
2047
01:09:34,880 --> 01:09:37,920
where right you can just divide into two
2048
01:09:36,880 --> 01:09:41,440
portions
2049
01:09:37,920 --> 01:09:41,440
right so mal is in
2050
01:09:42,319 --> 01:09:45,679
malicious right
2051
01:09:46,400 --> 01:09:51,120
the malicious whereas in
2052
01:09:53,759 --> 01:09:58,560
software isn't it so any software which
2053
01:09:56,719 --> 01:10:02,800
is there with an intent to harm
2054
01:09:58,560 --> 01:10:04,719
is known as your malware right guys
2055
01:10:02,800 --> 01:10:06,719
so malware is a like you can say a
2056
01:10:04,719 --> 01:10:07,760
catch-all term for any type of malicious
2057
01:10:06,719 --> 01:10:11,520
software
2058
01:10:07,760 --> 01:10:14,560
which is designed to harm or exploit any
2059
01:10:11,520 --> 01:10:17,679
programmable device your service
2060
01:10:14,560 --> 01:10:19,440
or network right so these cyber
2061
01:10:17,679 --> 01:10:19,920
criminals you can say they typically use
2062
01:10:19,440 --> 01:10:23,040
it to
2063
01:10:19,920 --> 01:10:26,080
extract data that can like help them
2064
01:10:23,040 --> 01:10:29,120
to that they can leverage over victims
2065
01:10:26,080 --> 01:10:32,239
for financial gain right and any other
2066
01:10:29,120 --> 01:10:34,400
personal benefit out of it right so
2067
01:10:32,239 --> 01:10:36,159
it can like damage the financial data
2068
01:10:34,400 --> 01:10:38,239
your healthcare records
2069
01:10:36,159 --> 01:10:39,440
your personal emails and passwords they
2070
01:10:38,239 --> 01:10:41,679
can get all those pi
2071
01:10:39,440 --> 01:10:43,520
out of it right so they compromise all
2072
01:10:41,679 --> 01:10:45,679
your information right you can say
2073
01:10:43,520 --> 01:10:47,199
in short right all those they take all
2074
01:10:45,679 --> 01:10:49,600
those leverages and
2075
01:10:47,199 --> 01:10:51,360
gain any in terms of financially like
2076
01:10:49,600 --> 01:10:54,400
they will be asking for the monies
2077
01:10:51,360 --> 01:10:55,199
and many more isn't it so typically uh
2078
01:10:54,400 --> 01:10:56,800
like there are
2079
01:10:55,199 --> 01:10:58,560
plenty more like malwares out there
2080
01:10:56,800 --> 01:11:01,920
various type of malwares
2081
01:10:58,560 --> 01:11:04,560
so few bits of them are like your
2082
01:11:01,920 --> 01:11:06,560
virus isn't it so if we talk about them
2083
01:11:04,560 --> 01:11:09,600
the types of malwares are like a virus
2084
01:11:06,560 --> 01:11:13,120
worms trojan right here root kits
2085
01:11:09,600 --> 01:11:13,520
and your keylogger right so if we talk
2086
01:11:13,120 --> 01:11:16,640
about
2087
01:11:13,520 --> 01:11:17,440
virus right what is a virus guys so
2088
01:11:16,640 --> 01:11:20,719
basically guys
2089
01:11:17,440 --> 01:11:23,199
your virus stands for
2090
01:11:20,719 --> 01:11:23,199
vital
2091
01:11:25,600 --> 01:11:28,400
information
2092
01:11:28,960 --> 01:11:34,800
right vital information resources
2093
01:11:38,840 --> 01:11:44,719
under
2094
01:11:41,679 --> 01:11:47,760
c's right
2095
01:11:44,719 --> 01:11:49,920
exactly bjn i mean perfect great so
2096
01:11:47,760 --> 01:11:51,360
it is a type of malware right so it
2097
01:11:49,920 --> 01:11:52,239
stands for vital information resource
2098
01:11:51,360 --> 01:11:54,440
underseas
2099
01:11:52,239 --> 01:11:56,239
so i guess this full form is
2100
01:11:54,440 --> 01:11:58,320
self-explanatory as well right
2101
01:11:56,239 --> 01:12:01,760
so what it does it seizes all the
2102
01:11:58,320 --> 01:12:04,400
information resources that are in your
2103
01:12:01,760 --> 01:12:04,800
system right so it works in multiple
2104
01:12:04,400 --> 01:12:06,800
ways
2105
01:12:04,800 --> 01:12:08,159
like whenever you feel like your system
2106
01:12:06,800 --> 01:12:09,840
is low
2107
01:12:08,159 --> 01:12:12,000
like do you see your system might be
2108
01:12:09,840 --> 01:12:14,400
infected by virus
2109
01:12:12,000 --> 01:12:15,920
isn't it so your information are seized
2110
01:12:14,400 --> 01:12:17,280
basically which makes it slow isn't it
2111
01:12:15,920 --> 01:12:21,920
so effect about
2112
01:12:17,280 --> 01:12:21,920
virus sees
2113
01:12:23,280 --> 01:12:26,640
okay so a fact about virus the very
2114
01:12:25,520 --> 01:12:29,199
first virus
2115
01:12:26,640 --> 01:12:31,199
was with the name brain it was created
2116
01:12:29,199 --> 01:12:34,000
by these two pakistani brothers
2117
01:12:31,199 --> 01:12:35,600
okay so like remember virus like
2118
01:12:34,000 --> 01:12:38,159
moreover it will be like a comparison
2119
01:12:35,600 --> 01:12:39,840
between virus and voms okay so virus can
2120
01:12:38,159 --> 01:12:42,320
replicate themselves
2121
01:12:39,840 --> 01:12:43,280
but they can only replicate themselves
2122
01:12:42,320 --> 01:12:46,800
within a
2123
01:12:43,280 --> 01:12:48,320
system right that means virus won't be
2124
01:12:46,800 --> 01:12:51,280
able to travel in a
2125
01:12:48,320 --> 01:12:52,000
network so let's say if all of us are
2126
01:12:51,280 --> 01:12:54,560
sitting
2127
01:12:52,000 --> 01:12:55,600
on a same room guys and even we are like
2128
01:12:54,560 --> 01:12:58,880
connected to the same
2129
01:12:55,600 --> 01:13:01,120
wi-fi person and if one of our system is
2130
01:12:58,880 --> 01:13:03,679
infected with a virus
2131
01:13:01,120 --> 01:13:04,880
that won't mean that all of us will get
2132
01:13:03,679 --> 01:13:08,159
infected with that
2133
01:13:04,880 --> 01:13:10,159
virus okay that won't
2134
01:13:08,159 --> 01:13:12,000
mean that all of us will get infected
2135
01:13:10,159 --> 01:13:13,120
with that virus that means it will
2136
01:13:12,000 --> 01:13:14,960
replicate
2137
01:13:13,120 --> 01:13:16,239
like it will replicate within a system
2138
01:13:14,960 --> 01:13:19,679
but not in the
2139
01:13:16,239 --> 01:13:22,560
network all right that's your perfect
2140
01:13:19,679 --> 01:13:23,920
so then we have your warm which brings
2141
01:13:22,560 --> 01:13:25,280
us to the warmth what do you understand
2142
01:13:23,920 --> 01:13:27,600
by warms guys
2143
01:13:25,280 --> 01:13:29,120
so these are like you can differentiate
2144
01:13:27,600 --> 01:13:29,920
with this basis only with the virus and
2145
01:13:29,120 --> 01:13:32,800
warm right
2146
01:13:29,920 --> 01:13:35,040
so like thing is like with virus like it
2147
01:13:32,800 --> 01:13:36,719
can replicate itself but in a
2148
01:13:35,040 --> 01:13:38,640
particular system right but when we talk
2149
01:13:36,719 --> 01:13:41,760
about warm it can replicate
2150
01:13:38,640 --> 01:13:43,920
itself in the network that means
2151
01:13:41,760 --> 01:13:45,440
like taking the same example right if we
2152
01:13:43,920 --> 01:13:47,840
are considering we all are sitting on a
2153
01:13:45,440 --> 01:13:49,920
same network right attached to uh
2154
01:13:47,840 --> 01:13:52,400
connected to the same wi-fi so if one
2155
01:13:49,920 --> 01:13:54,000
system is infected with a warm
2156
01:13:52,400 --> 01:13:56,080
taking the same consideration of the
2157
01:13:54,000 --> 01:13:57,520
example right it means everyone like
2158
01:13:56,080 --> 01:13:59,840
or like those who are currently in the
2159
01:13:57,520 --> 01:14:00,640
same network like the odds are very high
2160
01:13:59,840 --> 01:14:04,239
over here
2161
01:14:00,640 --> 01:14:07,040
that others can get infected through a
2162
01:14:04,239 --> 01:14:08,640
bomb so that's a basic difference
2163
01:14:07,040 --> 01:14:10,719
between your worms and
2164
01:14:08,640 --> 01:14:12,400
while it's right it propagates copies of
2165
01:14:10,719 --> 01:14:14,000
itself through one network from one
2166
01:14:12,400 --> 01:14:17,280
computer to
2167
01:14:14,000 --> 01:14:19,920
another right then we have guys uh your
2168
01:14:17,280 --> 01:14:20,719
trojan right so you know trojan what are
2169
01:14:19,920 --> 01:14:22,400
trojan
2170
01:14:20,719 --> 01:14:24,000
so these are general looking files which
2171
01:14:22,400 --> 01:14:26,239
tend to give you a backdoor
2172
01:14:24,000 --> 01:14:27,920
access right so it's a type of malicious
2173
01:14:26,239 --> 01:14:28,640
code or software that looks legitimately
2174
01:14:27,920 --> 01:14:32,400
made but
2175
01:14:28,640 --> 01:14:34,880
can take control of your system right
2176
01:14:32,400 --> 01:14:36,080
with uh putting up a trojan horse or not
2177
01:14:34,880 --> 01:14:39,280
trojan malware
2178
01:14:36,080 --> 01:14:41,120
attackers can control like whole
2179
01:14:39,280 --> 01:14:42,640
system of yours right that gives your
2180
01:14:41,120 --> 01:14:44,560
back door on your computer
2181
01:14:42,640 --> 01:14:46,080
and it lets an attacker access your
2182
01:14:44,560 --> 01:14:48,719
computer and
2183
01:14:46,080 --> 01:14:50,560
control it right then you have guys
2184
01:14:48,719 --> 01:14:51,679
another one which is your
2185
01:14:50,560 --> 01:14:53,920
key logger what do you understand about
2186
01:14:51,679 --> 01:14:55,600
the term keylogger like keylogger tools
2187
01:14:53,920 --> 01:14:57,840
can either be hardware or software meant
2188
01:14:55,600 --> 01:14:59,760
to automate the process of keystroke
2189
01:14:57,840 --> 01:15:01,280
login absolutely so whatever keystrokes
2190
01:14:59,760 --> 01:15:03,679
you are making in your system
2191
01:15:01,280 --> 01:15:04,560
it locks those keystrokes and sent to
2192
01:15:03,679 --> 01:15:07,440
the
2193
01:15:04,560 --> 01:15:08,640
remote location isn't it so like it can
2194
01:15:07,440 --> 01:15:10,719
be helpful like
2195
01:15:08,640 --> 01:15:12,560
like it can be like a spyware tool which
2196
01:15:10,719 --> 01:15:15,920
are used by your cyber criminals
2197
01:15:12,560 --> 01:15:17,120
so they can steal your pii pii is in
2198
01:15:15,920 --> 01:15:19,440
your
2199
01:15:17,120 --> 01:15:21,120
personally identifiable or viable
2200
01:15:19,440 --> 01:15:23,760
information right like your
2201
01:15:21,120 --> 01:15:25,199
email ids mobile numbers like if you're
2202
01:15:23,760 --> 01:15:27,280
like based out of u.s
2203
01:15:25,199 --> 01:15:29,360
social security number you talk about
2204
01:15:27,280 --> 01:15:32,560
india it's like your aadhaar card and
2205
01:15:29,360 --> 01:15:35,440
all those bits right so those are your
2206
01:15:32,560 --> 01:15:36,000
pia personally identifiable information
2207
01:15:35,440 --> 01:15:38,239
right
2208
01:15:36,000 --> 01:15:40,159
these tools record the data sent by
2209
01:15:38,239 --> 01:15:42,560
every key stroke
2210
01:15:40,159 --> 01:15:44,080
like into a text file to be retrieved at
2211
01:15:42,560 --> 01:15:47,280
the late time
2212
01:15:44,080 --> 01:15:47,920
that's your keylogger right then you
2213
01:15:47,280 --> 01:15:50,000
have
2214
01:15:47,920 --> 01:15:51,360
talking about the trojans right like
2215
01:15:50,000 --> 01:15:53,760
they similarly work like a
2216
01:15:51,360 --> 01:15:55,600
root kit regarding root kit you know
2217
01:15:53,760 --> 01:15:56,400
like these root kits are like put up in
2218
01:15:55,600 --> 01:15:58,159
your
2219
01:15:56,400 --> 01:15:59,600
hard drives or in your mbr you can say
2220
01:15:58,159 --> 01:16:02,719
right when they give you the backdrop
2221
01:15:59,600 --> 01:16:04,400
access over there right so
2222
01:16:02,719 --> 01:16:06,000
rootkits are not generally looking files
2223
01:16:04,400 --> 01:16:07,440
but you can put it on the
2224
01:16:06,000 --> 01:16:09,600
hardware on your operating system the
2225
01:16:07,440 --> 01:16:10,239
mbr must boot record right in your hard
2226
01:16:09,600 --> 01:16:13,840
disk
2227
01:16:10,239 --> 01:16:16,239
which holds all those boot loader
2228
01:16:13,840 --> 01:16:17,199
your this partition table you know the
2229
01:16:16,239 --> 01:16:18,719
partition tables
2230
01:16:17,199 --> 01:16:20,320
right when you you might have seen this
2231
01:16:18,719 --> 01:16:22,880
thing whenever you try to
2232
01:16:20,320 --> 01:16:23,920
uh set up a new window in your machine
2233
01:16:22,880 --> 01:16:26,000
in your system right
2234
01:16:23,920 --> 01:16:27,199
it always asks like uh regarding the
2235
01:16:26,000 --> 01:16:29,120
partitions of those
2236
01:16:27,199 --> 01:16:30,880
spaces right the c drive d drive and
2237
01:16:29,120 --> 01:16:32,320
everything isn't it you might have seen
2238
01:16:30,880 --> 01:16:34,159
that thing
2239
01:16:32,320 --> 01:16:36,400
right so basically attract that
2240
01:16:34,159 --> 01:16:38,960
particular portion for you
2241
01:16:36,400 --> 01:16:40,400
okay so you can do what like someone is
2242
01:16:38,960 --> 01:16:41,600
oh okay you
2243
01:16:40,400 --> 01:16:43,520
like you know you would give the
2244
01:16:41,600 --> 01:16:45,600
bootable pen drive and all those bits to
2245
01:16:43,520 --> 01:16:46,880
uh install the windows and every bit so
2246
01:16:45,600 --> 01:16:48,640
you what if like
2247
01:16:46,880 --> 01:16:50,320
i'm an attacker and like i'm putting up
2248
01:16:48,640 --> 01:16:52,960
all those things and all those
2249
01:16:50,320 --> 01:16:53,600
bootable files right and so if anyone's
2250
01:16:52,960 --> 01:16:55,600
trying to
2251
01:16:53,600 --> 01:16:57,520
put up a windows through that one dive
2252
01:16:55,600 --> 01:17:00,239
or the usb drive which i've given
2253
01:16:57,520 --> 01:17:00,719
yeah perfect jonathan so it can just
2254
01:17:00,239 --> 01:17:03,120
this
2255
01:17:00,719 --> 01:17:04,480
rotate will be given to uh through that
2256
01:17:03,120 --> 01:17:06,640
as well and it can just
2257
01:17:04,480 --> 01:17:07,520
give me the control so very good example
2258
01:17:06,640 --> 01:17:09,920
regarding this would be
2259
01:17:07,520 --> 01:17:11,280
like lenovo if you remember lenovo they
2260
01:17:09,920 --> 01:17:14,000
had to withdraw your
2261
01:17:11,280 --> 01:17:14,480
around like you can say 65 000 computer
2262
01:17:14,000 --> 01:17:16,719
or so
2263
01:17:14,480 --> 01:17:18,239
from the market have you read anything
2264
01:17:16,719 --> 01:17:20,400
regarding this thing
2265
01:17:18,239 --> 01:17:21,760
uh lenin will be drawing okay so back
2266
01:17:20,400 --> 01:17:24,159
somewhere a couple of years
2267
01:17:21,760 --> 01:17:25,679
they had to withdraw those let's say 65
2268
01:17:24,159 --> 01:17:27,280
000 computers from the market and the
2269
01:17:25,679 --> 01:17:29,280
whole reason they had to withdraw those
2270
01:17:27,280 --> 01:17:31,360
systems from the market was
2271
01:17:29,280 --> 01:17:33,600
uh because they found that root kits in
2272
01:17:31,360 --> 01:17:35,520
the lenovo based system
2273
01:17:33,600 --> 01:17:37,199
right and then what happened lenovo had
2274
01:17:35,520 --> 01:17:38,480
to pull up like pull them up from the
2275
01:17:37,199 --> 01:17:40,640
market
2276
01:17:38,480 --> 01:17:41,679
okay so like if you talk about the
2277
01:17:40,640 --> 01:17:44,480
lenovo guys
2278
01:17:41,679 --> 01:17:45,679
they did this uh on a good intention
2279
01:17:44,480 --> 01:17:48,080
actually right
2280
01:17:45,679 --> 01:17:49,440
because you know they put up a back door
2281
01:17:48,080 --> 01:17:50,800
in their firmware and the reason they
2282
01:17:49,440 --> 01:17:52,080
put up a back door is like you know
2283
01:17:50,800 --> 01:17:53,920
there are a lot of people who call
2284
01:17:52,080 --> 01:17:55,760
customer care and who are
2285
01:17:53,920 --> 01:17:57,360
arguing about things like this system is
2286
01:17:55,760 --> 01:17:59,679
not working properly
2287
01:17:57,360 --> 01:18:00,960
right and these pop the and these people
2288
01:17:59,679 --> 01:18:02,640
are not the techy people
2289
01:18:00,960 --> 01:18:05,280
to be specially mentioned about that
2290
01:18:02,640 --> 01:18:06,960
right so we can say any example
2291
01:18:05,280 --> 01:18:08,560
or like any other person from any other
2292
01:18:06,960 --> 01:18:11,520
department who's not a techy one
2293
01:18:08,560 --> 01:18:12,719
right so taking any department which is
2294
01:18:11,520 --> 01:18:15,920
not of a techie
2295
01:18:12,719 --> 01:18:16,960
one right any like you say sales or or
2296
01:18:15,920 --> 01:18:19,360
say any
2297
01:18:16,960 --> 01:18:20,880
customization all those ones right so
2298
01:18:19,360 --> 01:18:22,480
what they do they
2299
01:18:20,880 --> 01:18:24,080
like they are rushing to the system
2300
01:18:22,480 --> 01:18:26,159
admin saying okay my keyboard is not
2301
01:18:24,080 --> 01:18:27,679
working it is typing differently and all
2302
01:18:26,159 --> 01:18:29,120
the system admin tells you that your
2303
01:18:27,679 --> 01:18:32,320
keyword has been changed from
2304
01:18:29,120 --> 01:18:34,239
the us to uk one isn't it so
2305
01:18:32,320 --> 01:18:36,640
that sort of like people i'm talking
2306
01:18:34,239 --> 01:18:39,120
about who don't know anything about this
2307
01:18:36,640 --> 01:18:40,719
technology right so these people what
2308
01:18:39,120 --> 01:18:42,400
they do they have complaints but they
2309
01:18:40,719 --> 01:18:43,120
don't know what exactly it is happening
2310
01:18:42,400 --> 01:18:44,960
in the back end
2311
01:18:43,120 --> 01:18:47,040
so what can be done in these sort of
2312
01:18:44,960 --> 01:18:47,920
cases is like lenovo they added a
2313
01:18:47,040 --> 01:18:50,480
rootkit
2314
01:18:47,920 --> 01:18:52,080
and whenever anyone use to complain
2315
01:18:50,480 --> 01:18:54,400
regarding anything in lenovo
2316
01:18:52,080 --> 01:18:55,280
what they do they used to take remote
2317
01:18:54,400 --> 01:18:56,960
access
2318
01:18:55,280 --> 01:18:59,360
of their system and they used to solve
2319
01:18:56,960 --> 01:19:01,440
their problem right people were happy
2320
01:18:59,360 --> 01:19:02,480
but think of it when attackers they came
2321
01:19:01,440 --> 01:19:04,320
to know about it but
2322
01:19:02,480 --> 01:19:05,840
this particular route get right would
2323
01:19:04,320 --> 01:19:08,560
they leave it
2324
01:19:05,840 --> 01:19:09,920
would they leave this advantage after
2325
01:19:08,560 --> 01:19:10,239
knowing okay root kit is installed in
2326
01:19:09,920 --> 01:19:12,560
this
2327
01:19:10,239 --> 01:19:13,760
uh system then like you can take the
2328
01:19:12,560 --> 01:19:16,640
back door excel out of that
2329
01:19:13,760 --> 01:19:18,159
so they started exploited it and then
2330
01:19:16,640 --> 01:19:20,320
lenovo just had to
2331
01:19:18,159 --> 01:19:22,719
take back all those laptops on the
2332
01:19:20,320 --> 01:19:23,920
market right so this was regarding your
2333
01:19:22,719 --> 01:19:26,159
route yet
2334
01:19:23,920 --> 01:19:27,360
okay there are many more as you guys are
2335
01:19:26,159 --> 01:19:29,840
constantly
2336
01:19:27,360 --> 01:19:30,880
mentioning them right one is a
2337
01:19:29,840 --> 01:19:37,840
ransomware
2338
01:19:30,880 --> 01:19:37,840
isn't it so guys what's a ransomware
2339
01:19:38,719 --> 01:19:43,280
so uh it asks for money what it does it
2340
01:19:41,040 --> 01:19:45,120
tends to encrypt your file and in return
2341
01:19:43,280 --> 01:19:47,920
they ask for money right
2342
01:19:45,120 --> 01:19:49,440
you give money and they decrypt the file
2343
01:19:47,920 --> 01:19:53,120
for you
2344
01:19:49,440 --> 01:19:56,640
isn't it okay then there is your guys uh
2345
01:19:53,120 --> 01:19:58,640
spyware as well what does the spyware do
2346
01:19:56,640 --> 01:20:01,040
like just a one liner would be enough
2347
01:19:58,640 --> 01:20:01,040
over here
2348
01:20:01,920 --> 01:20:05,440
so spyware whenever you hear the word
2349
01:20:03,520 --> 01:20:08,560
spyware always remember basically guys
2350
01:20:05,440 --> 01:20:10,880
your browser yeah browser having
2351
01:20:08,560 --> 01:20:11,840
habits yes naveen mentioned browsing
2352
01:20:10,880 --> 01:20:13,600
history
2353
01:20:11,840 --> 01:20:15,360
right so what they do they are browser
2354
01:20:13,600 --> 01:20:16,080
specific it can never affect your system
2355
01:20:15,360 --> 01:20:18,560
in a way
2356
01:20:16,080 --> 01:20:21,280
that it can take data through files okay
2357
01:20:18,560 --> 01:20:23,440
so it specifically attacks your browser
2358
01:20:21,280 --> 01:20:25,120
and steal your browser's history browser
2359
01:20:23,440 --> 01:20:29,600
caching and that's what your
2360
01:20:25,120 --> 01:20:32,800
spyware do yeah perfect
2361
01:20:29,600 --> 01:20:36,159
correct okay then there is what more
2362
01:20:32,800 --> 01:20:36,159
have you guys heard about adware
2363
01:20:38,880 --> 01:20:43,520
what's an adware so now always remember
2364
01:20:42,000 --> 01:20:44,639
when we are using the term edward guys
2365
01:20:43,520 --> 01:20:46,880
it merely create
2366
01:20:44,639 --> 01:20:48,400
hoaxes right although you can see the
2367
01:20:46,880 --> 01:20:50,000
false fitnesses
2368
01:20:48,400 --> 01:20:51,920
so you can see an ad we are saying a lot
2369
01:20:50,000 --> 01:20:53,520
of fancy things for you but it may end
2370
01:20:51,920 --> 01:20:55,440
up doing nothing for you right
2371
01:20:53,520 --> 01:20:56,639
so like whenever you visit torrent or a
2372
01:20:55,440 --> 01:20:59,360
website where you see
2373
01:20:56,639 --> 01:21:00,320
flashy pop-ups or all the time those
2374
01:20:59,360 --> 01:21:03,440
flashy pop-ups
2375
01:21:00,320 --> 01:21:05,120
are dangerous okay so what they do we
2376
01:21:03,440 --> 01:21:07,679
like so what we do we simply tend to
2377
01:21:05,120 --> 01:21:09,120
ignore like all those flashy pop-up of
2378
01:21:07,679 --> 01:21:10,400
times right because we know that they
2379
01:21:09,120 --> 01:21:12,080
are simply ads
2380
01:21:10,400 --> 01:21:15,920
even though that pop-up is saying that
2381
01:21:12,080 --> 01:21:19,280
your system is infected by any xyz virus
2382
01:21:15,920 --> 01:21:20,719
also right but something or anything
2383
01:21:19,280 --> 01:21:22,159
else but you know it's nothing more than
2384
01:21:20,719 --> 01:21:25,040
a flashy ad
2385
01:21:22,159 --> 01:21:26,719
okay so it create hoaxes right and like
2386
01:21:25,040 --> 01:21:28,639
it flashes or simply throw advertisement
2387
01:21:26,719 --> 01:21:30,400
in your in front of you
2388
01:21:28,639 --> 01:21:31,840
okay so you have seen those who have
2389
01:21:30,400 --> 01:21:33,280
used torrent and all those bits you
2390
01:21:31,840 --> 01:21:34,960
might have seen all those flash pop-ups
2391
01:21:33,280 --> 01:21:37,280
and all those gaming websites
2392
01:21:34,960 --> 01:21:38,800
and various more right so you get these
2393
01:21:37,280 --> 01:21:40,320
fleshy poppers over there so it will
2394
01:21:38,800 --> 01:21:41,679
just click on that it will be redirected
2395
01:21:40,320 --> 01:21:43,440
to another page
2396
01:21:41,679 --> 01:21:45,280
and that depends if uh attackers has put
2397
01:21:43,440 --> 01:21:47,840
on something inside it or not
2398
01:21:45,280 --> 01:21:48,560
right so this was regarding your adware
2399
01:21:47,840 --> 01:21:50,480
so
2400
01:21:48,560 --> 01:21:52,639
taking you back to the ransomware uh
2401
01:21:50,480 --> 01:21:54,960
have you guys heard the recent news
2402
01:21:52,639 --> 01:21:57,840
regarding the ransomware group with the
2403
01:21:54,960 --> 01:21:57,840
name
2404
01:21:58,880 --> 01:22:04,400
our evil so uh there is one more recent
2405
01:22:02,560 --> 01:22:07,520
one guys regarding your this
2406
01:22:04,400 --> 01:22:09,600
apple one so what they do uh hackers
2407
01:22:07,520 --> 01:22:11,760
they were able to get their hands on
2408
01:22:09,600 --> 01:22:15,360
these blueprints of the apple
2409
01:22:11,760 --> 01:22:19,199
products so yeah so there was this
2410
01:22:15,360 --> 01:22:19,520
quanta right the supplier or you can see
2411
01:22:19,199 --> 01:22:21,600
the
2412
01:22:19,520 --> 01:22:22,719
company right so what they do they were
2413
01:22:21,600 --> 01:22:24,239
able to get this
2414
01:22:22,719 --> 01:22:27,440
hands-on on the blueprint of the apple
2415
01:22:24,239 --> 01:22:30,560
and they were demanding for 50 million
2416
01:22:27,440 --> 01:22:31,360
dollar right for not leaking all those
2417
01:22:30,560 --> 01:22:35,120
blueprints
2418
01:22:31,360 --> 01:22:36,560
out okay so they were asking about this
2419
01:22:35,120 --> 01:22:38,560
you can say the ransom of 50 million
2420
01:22:36,560 --> 01:22:40,239
dollars for not clicking on all those
2421
01:22:38,560 --> 01:22:42,719
blueprints of the apple that's pretty
2422
01:22:40,239 --> 01:22:45,360
much latest one it's been like i guess
2423
01:22:42,719 --> 01:22:46,800
last month only also so yeah you can go
2424
01:22:45,360 --> 01:22:48,480
for that
2425
01:22:46,800 --> 01:22:51,840
all right so that was your bit regarding
2426
01:22:48,480 --> 01:22:53,280
your guys uh malwares
2427
01:22:51,840 --> 01:22:55,600
i hope everything is clear till this
2428
01:22:53,280 --> 01:22:57,840
point perfect
2429
01:22:55,600 --> 01:22:58,960
which brings to our next thing right
2430
01:22:57,840 --> 01:23:01,440
which is your
2431
01:22:58,960 --> 01:23:02,480
social engineering right so what do you
2432
01:23:01,440 --> 01:23:04,080
guys understand about the social
2433
01:23:02,480 --> 01:23:06,320
engineering
2434
01:23:04,080 --> 01:23:08,080
perfect so what you do you do malicious
2435
01:23:06,320 --> 01:23:10,880
activities out here right
2436
01:23:08,080 --> 01:23:11,280
by human interaction process isn't it
2437
01:23:10,880 --> 01:23:13,360
right
2438
01:23:11,280 --> 01:23:15,040
you manipulate them right you play
2439
01:23:13,360 --> 01:23:17,199
around with their trust
2440
01:23:15,040 --> 01:23:18,320
right you you gain their trust you
2441
01:23:17,199 --> 01:23:20,719
become so
2442
01:23:18,320 --> 01:23:21,440
likable that they trust you and like
2443
01:23:20,719 --> 01:23:23,920
whatever
2444
01:23:21,440 --> 01:23:24,960
you ask for they will like give you out
2445
01:23:23,920 --> 01:23:26,480
all those details
2446
01:23:24,960 --> 01:23:28,480
isn't it and you can take advantage of
2447
01:23:26,480 --> 01:23:29,679
that so basically you are manipulating
2448
01:23:28,480 --> 01:23:31,040
people around here you are playing
2449
01:23:29,679 --> 01:23:33,440
around with your trust
2450
01:23:31,040 --> 01:23:35,280
and all those things to gather the
2451
01:23:33,440 --> 01:23:37,760
information which can be very
2452
01:23:35,280 --> 01:23:39,840
crucial and very important for you isn't
2453
01:23:37,760 --> 01:23:42,880
it that's a social engineering attack
2454
01:23:39,840 --> 01:23:44,320
right so talking about this again uh
2455
01:23:42,880 --> 01:23:45,600
taking an example and all those things
2456
01:23:44,320 --> 01:23:46,719
as i mentioned before if you talk about
2457
01:23:45,600 --> 01:23:49,199
a pen tester
2458
01:23:46,719 --> 01:23:50,400
right so let's say these are this black
2459
01:23:49,199 --> 01:23:52,480
box testing right
2460
01:23:50,400 --> 01:23:54,400
so you know black box testing wasn't it
2461
01:23:52,480 --> 01:23:56,239
what's the black box testing guys
2462
01:23:54,400 --> 01:23:58,320
so the proper definition regarding this
2463
01:23:56,239 --> 01:24:00,000
would be like the one who is having
2464
01:23:58,320 --> 01:24:01,679
like zero information you can see
2465
01:24:00,000 --> 01:24:04,960
regarding the target
2466
01:24:01,679 --> 01:24:07,600
right so let's say if i say you
2467
01:24:04,960 --> 01:24:08,719
just pen test infosec train would be
2468
01:24:07,600 --> 01:24:10,880
able to do that
2469
01:24:08,719 --> 01:24:12,880
like you have to go a various way around
2470
01:24:10,880 --> 01:24:14,480
right but you have no idea regarding
2471
01:24:12,880 --> 01:24:16,800
your target over here
2472
01:24:14,480 --> 01:24:17,600
isn't it so that's your black box
2473
01:24:16,800 --> 01:24:19,280
testing
2474
01:24:17,600 --> 01:24:21,280
then there's gray box testing as well
2475
01:24:19,280 --> 01:24:22,400
when you have some information regarding
2476
01:24:21,280 --> 01:24:24,719
your target right
2477
01:24:22,400 --> 01:24:26,159
so let's say uh i gave you okay this
2478
01:24:24,719 --> 01:24:28,719
infosection is written in
2479
01:24:26,159 --> 01:24:29,520
like php apache server and all those bit
2480
01:24:28,719 --> 01:24:31,440
so you got a
2481
01:24:29,520 --> 01:24:32,639
few bits of information right so you can
2482
01:24:31,440 --> 01:24:34,560
just
2483
01:24:32,639 --> 01:24:36,000
strategize all those techniques and all
2484
01:24:34,560 --> 01:24:37,760
your procedures according to
2485
01:24:36,000 --> 01:24:39,520
those information right then we have
2486
01:24:37,760 --> 01:24:41,120
this white box testing as well
2487
01:24:39,520 --> 01:24:42,400
so what's in a white box testing when we
2488
01:24:41,120 --> 01:24:44,400
have full knowledge of the target let's
2489
01:24:42,400 --> 01:24:46,960
say i share whole source code with you
2490
01:24:44,400 --> 01:24:48,480
right now you can take like although
2491
01:24:46,960 --> 01:24:49,760
like it will be pretty much of a quick
2492
01:24:48,480 --> 01:24:51,280
technique right since you've got all the
2493
01:24:49,760 --> 01:24:51,679
information so it will be very easy to
2494
01:24:51,280 --> 01:24:54,639
you
2495
01:24:51,679 --> 01:24:56,400
uh for you to do the pen testing right
2496
01:24:54,639 --> 01:24:59,120
for the white box testing
2497
01:24:56,400 --> 01:25:00,800
so these all things are like mentioned
2498
01:24:59,120 --> 01:25:02,239
if we talk about okay
2499
01:25:00,800 --> 01:25:04,000
like planning and scoping of the pen
2500
01:25:02,239 --> 01:25:06,159
test right so you have
2501
01:25:04,000 --> 01:25:07,840
seen i have as i discussed right so in
2502
01:25:06,159 --> 01:25:10,400
planning and scoping if
2503
01:25:07,840 --> 01:25:12,480
they are around to go uh like basically
2504
01:25:10,400 --> 01:25:14,239
for a black box testing it will be very
2505
01:25:12,480 --> 01:25:16,000
helpful because he don't have any sort
2506
01:25:14,239 --> 01:25:16,880
of information rather than gray box in
2507
01:25:16,000 --> 01:25:18,080
the white box
2508
01:25:16,880 --> 01:25:19,600
they have a few bit of information
2509
01:25:18,080 --> 01:25:20,560
regarding their target but black box
2510
01:25:19,600 --> 01:25:22,000
testing
2511
01:25:20,560 --> 01:25:23,440
they have no information regarding
2512
01:25:22,000 --> 01:25:25,040
target right so they have to go around
2513
01:25:23,440 --> 01:25:27,199
with social engineering as well
2514
01:25:25,040 --> 01:25:28,480
which can lead some sort of a detail to
2515
01:25:27,199 --> 01:25:31,440
them as well over there
2516
01:25:28,480 --> 01:25:32,880
isn't it so then two is discussed over
2517
01:25:31,440 --> 01:25:34,800
the planning scoping for the pen testing
2518
01:25:32,880 --> 01:25:36,560
part that's another sort of a story
2519
01:25:34,800 --> 01:25:38,159
but yeah i guess you got the idea
2520
01:25:36,560 --> 01:25:41,040
regarding social engineering right
2521
01:25:38,159 --> 01:25:42,560
so these are the ways to manipulate and
2522
01:25:41,040 --> 01:25:44,560
play around with human
2523
01:25:42,560 --> 01:25:46,800
you can say mindsets getting theirs and
2524
01:25:44,560 --> 01:25:49,120
all those bits and then you try to
2525
01:25:46,800 --> 01:25:50,880
take advantage of that by getting
2526
01:25:49,120 --> 01:25:52,080
crucial information you can say right of
2527
01:25:50,880 --> 01:25:53,840
any information which
2528
01:25:52,080 --> 01:25:55,520
which might be very useful and which
2529
01:25:53,840 --> 01:25:58,560
might be very helpful for you
2530
01:25:55,520 --> 01:26:01,280
for the further base of
2531
01:25:58,560 --> 01:26:02,000
when testing or attacking whichever you
2532
01:26:01,280 --> 01:26:04,400
go for
2533
01:26:02,000 --> 01:26:05,199
right so that's your uh social
2534
01:26:04,400 --> 01:26:07,280
engineering
2535
01:26:05,199 --> 01:26:08,960
attack for you right so when you talk
2536
01:26:07,280 --> 01:26:11,199
about social engineering attacks guys uh
2537
01:26:08,960 --> 01:26:12,639
there are plenty of more over there
2538
01:26:11,199 --> 01:26:15,120
okay so types of social engineering
2539
01:26:12,639 --> 01:26:18,400
attacks are your fishing smishing
2540
01:26:15,120 --> 01:26:21,199
fishing waterfall spear fishing
2541
01:26:18,400 --> 01:26:22,320
uh whaling right shoulder surfing
2542
01:26:21,199 --> 01:26:25,120
dumpster diving
2543
01:26:22,320 --> 01:26:25,679
piggy backing tailgating deep stopping
2544
01:26:25,120 --> 01:26:28,400
right
2545
01:26:25,679 --> 01:26:29,360
let's discuss for these bits for now
2546
01:26:28,400 --> 01:26:32,320
right
2547
01:26:29,360 --> 01:26:33,520
okay so going with the very first one
2548
01:26:32,320 --> 01:26:34,800
which is your
2549
01:26:33,520 --> 01:26:37,360
fishing so guys what do you understand
2550
01:26:34,800 --> 01:26:39,440
by the term phishing so you fool around
2551
01:26:37,360 --> 01:26:41,360
people you send fake links but
2552
01:26:39,440 --> 01:26:42,480
moreover you send the emails which might
2553
01:26:41,360 --> 01:26:44,960
be like you know
2554
01:26:42,480 --> 01:26:46,400
very general one like you genuine one
2555
01:26:44,960 --> 01:26:47,520
you can say like if you read the email
2556
01:26:46,400 --> 01:26:50,480
and all those bits
2557
01:26:47,520 --> 01:26:52,159
you will see okay this is more of a
2558
01:26:50,480 --> 01:26:53,520
genuine one and i can like
2559
01:26:52,159 --> 01:26:55,920
trust this one let's say i am an
2560
01:26:53,520 --> 01:26:57,040
attacker also uh i have sent you this
2561
01:26:55,920 --> 01:26:59,679
phishing email
2562
01:26:57,040 --> 01:27:00,400
right what i have done i have just taken
2563
01:26:59,679 --> 01:27:02,880
let's say i
2564
01:27:00,400 --> 01:27:04,880
i can send this phishing email in
2565
01:27:02,880 --> 01:27:07,280
respect like i can be as an hr
2566
01:27:04,880 --> 01:27:08,960
at that infosection.com i will be send
2567
01:27:07,280 --> 01:27:10,960
up with this email id and i can
2568
01:27:08,960 --> 01:27:12,159
send this email to any person out there
2569
01:27:10,960 --> 01:27:14,480
who's from infrastructure
2570
01:27:12,159 --> 01:27:16,000
right i will just draft an email which
2571
01:27:14,480 --> 01:27:16,560
will be a very genuine looking email
2572
01:27:16,000 --> 01:27:18,400
right
2573
01:27:16,560 --> 01:27:20,719
email id i am spoofing over there you
2574
01:27:18,400 --> 01:27:22,480
can say right i'm using a fake email id
2575
01:27:20,719 --> 01:27:24,480
i can put reply as a char at the
2576
01:27:22,480 --> 01:27:26,639
screen.com and i can just
2577
01:27:24,480 --> 01:27:27,679
mail with that right so if i'm targeting
2578
01:27:26,639 --> 01:27:30,719
any person
2579
01:27:27,679 --> 01:27:32,320
or any employee from the infosec train
2580
01:27:30,719 --> 01:27:34,000
right and he'll be considering okay this
2581
01:27:32,320 --> 01:27:36,159
is from the hr team only
2582
01:27:34,000 --> 01:27:37,040
and it's with genuine one right so i can
2583
01:27:36,159 --> 01:27:38,639
trust this
2584
01:27:37,040 --> 01:27:40,639
and i will be just passing their link
2585
01:27:38,639 --> 01:27:42,960
over there which can be very harmful
2586
01:27:40,639 --> 01:27:44,239
right and which can be very like if the
2587
01:27:42,960 --> 01:27:46,639
user click on that link
2588
01:27:44,239 --> 01:27:47,760
i can take advantage of that right as an
2589
01:27:46,639 --> 01:27:50,880
attacker
2590
01:27:47,760 --> 01:27:54,400
so just to show you that bit just
2591
01:27:50,880 --> 01:27:56,159
give me a minute has anyone heard
2592
01:27:54,400 --> 01:27:58,080
regarding this old fish
2593
01:27:56,159 --> 01:27:59,679
there are many more frameworks out there
2594
01:27:58,080 --> 01:28:00,880
but office is one of them provided by
2595
01:27:59,679 --> 01:28:04,000
your
2596
01:28:00,880 --> 01:28:06,080
ec council as well if you can see our
2597
01:28:04,000 --> 01:28:09,280
dashboard over here
2598
01:28:06,080 --> 01:28:10,560
right so this is like to uh you can do
2599
01:28:09,280 --> 01:28:12,080
various things over here wishing is
2600
01:28:10,560 --> 01:28:15,199
missing i can like even do
2601
01:28:12,080 --> 01:28:16,880
a calling like uh i can impersonate one
2602
01:28:15,199 --> 01:28:18,239
of you guys i can use your numbers you
2603
01:28:16,880 --> 01:28:19,760
might have seen in the movies and ever
2604
01:28:18,239 --> 01:28:21,600
well you can see their private number is
2605
01:28:19,760 --> 01:28:23,679
mentioned over there even i can use
2606
01:28:21,600 --> 01:28:25,760
anyone's number and i can try to
2607
01:28:23,679 --> 01:28:27,600
call them with the same number but the
2608
01:28:25,760 --> 01:28:30,800
person on the other side will be me
2609
01:28:27,600 --> 01:28:32,480
right so i can use any i like uh say
2610
01:28:30,800 --> 01:28:34,000
naveen over here right so i can use
2611
01:28:32,480 --> 01:28:37,199
naming number to call
2612
01:28:34,000 --> 01:28:38,960
uh mando and i can call him like uh and
2613
01:28:37,199 --> 01:28:40,560
he'll be thinking okay it's naveen but
2614
01:28:38,960 --> 01:28:43,040
it will be me over here right so i can
2615
01:28:40,560 --> 01:28:44,880
just spoof that number as well
2616
01:28:43,040 --> 01:28:46,080
so many more over there smashing credit
2617
01:28:44,880 --> 01:28:48,480
harvesting attachment
2618
01:28:46,080 --> 01:28:50,159
right so just i will go with the entire
2619
01:28:48,480 --> 01:28:57,600
click
2620
01:28:50,159 --> 01:29:00,480
okay it will take time oh okay
2621
01:28:57,600 --> 01:29:02,960
perfect so i can do what i can just put
2622
01:29:00,480 --> 01:29:06,480
up a campaign name over here let's say
2623
01:29:02,960 --> 01:29:08,480
testing right
2624
01:29:06,480 --> 01:29:10,000
uh i'll be just you can create your own
2625
01:29:08,480 --> 01:29:11,199
template either way like but i will go
2626
01:29:10,000 --> 01:29:12,800
with accessing template
2627
01:29:11,199 --> 01:29:14,239
and i will be selecting the existing
2628
01:29:12,800 --> 01:29:15,920
template like your
2629
01:29:14,239 --> 01:29:18,320
that's the corona wireless coverage 19
2630
01:29:15,920 --> 01:29:21,520
right so over here
2631
01:29:18,320 --> 01:29:25,199
ah yeah regarding this one
2632
01:29:21,520 --> 01:29:27,920
select country it can be let's say
2633
01:29:25,199 --> 01:29:27,920
step in india
2634
01:29:28,960 --> 01:29:35,199
right select template let's say
2635
01:29:32,159 --> 01:29:38,320
work from home kobe 191 let's say i'm
2636
01:29:35,199 --> 01:29:40,320
so you can see it uh drafted a whole
2637
01:29:38,320 --> 01:29:42,800
uh email for you right can you see this
2638
01:29:40,320 --> 01:29:45,199
one on the right side
2639
01:29:42,800 --> 01:29:48,320
it's more of like a genuine one isn't it
2640
01:29:45,199 --> 01:29:48,320
this whole email out here
2641
01:29:48,880 --> 01:29:54,320
right perfect so what i can do uh
2642
01:29:52,159 --> 01:29:55,920
i can select this template right it says
2643
01:29:54,320 --> 01:29:59,760
one type it's selected
2644
01:29:55,920 --> 01:30:02,480
sender email uh let's pull it up like hr
2645
01:29:59,760 --> 01:30:04,639
another infosec train dot com since we
2646
01:30:02,480 --> 01:30:06,719
are posting up this work from home
2647
01:30:04,639 --> 01:30:08,880
uh this template right so it should be
2648
01:30:06,719 --> 01:30:09,960
very genuine looking so let's say send
2649
01:30:08,880 --> 01:30:11,840
an email would be your hr
2650
01:30:09,960 --> 01:30:13,920
infosectrine.com right
2651
01:30:11,840 --> 01:30:15,760
so send the name uh let's put your hr
2652
01:30:13,920 --> 01:30:18,239
resource team which will make it more
2653
01:30:15,760 --> 01:30:19,360
effective subject is work from home
2654
01:30:18,239 --> 01:30:21,440
policy
2655
01:30:19,360 --> 01:30:22,800
perfect time zone expired you can show
2656
01:30:21,440 --> 01:30:24,320
it later on as well
2657
01:30:22,800 --> 01:30:26,320
right what you will do you will import
2658
01:30:24,320 --> 01:30:27,840
users over here you will just
2659
01:30:26,320 --> 01:30:29,199
select them so there are various files
2660
01:30:27,840 --> 01:30:30,719
to go with the various options but i
2661
01:30:29,199 --> 01:30:33,040
will just go with a quick add
2662
01:30:30,719 --> 01:30:34,000
i'll just name add everything over here
2663
01:30:33,040 --> 01:30:37,870
let's say
2664
01:30:34,000 --> 01:30:41,080
let's put up my own gmail one
2665
01:30:37,870 --> 01:30:41,080
[Music]
2666
01:30:41,600 --> 01:30:45,600
all right enter the designation it says
2667
01:30:43,920 --> 01:30:49,360
security
2668
01:30:45,600 --> 01:30:52,960
department security right company
2669
01:30:49,360 --> 01:30:55,120
uh infosec train
2670
01:30:52,960 --> 01:30:57,280
branch that's it security again and
2671
01:30:55,120 --> 01:31:00,560
country let's say india over here
2672
01:30:57,280 --> 01:31:02,880
right so i'll just quickly add it up and
2673
01:31:00,560 --> 01:31:06,400
let's create one more one more i will
2674
01:31:02,880 --> 01:31:06,400
just go with the 10 minute email id
2675
01:31:09,120 --> 01:31:12,239
so it will just it's just a temporary
2676
01:31:10,719 --> 01:31:13,440
email id guys right so you can just
2677
01:31:12,239 --> 01:31:15,840
always use this one
2678
01:31:13,440 --> 01:31:17,040
whenever you're going to any websites
2679
01:31:15,840 --> 01:31:18,000
which in which you don't want to
2680
01:31:17,040 --> 01:31:20,560
register with your own
2681
01:31:18,000 --> 01:31:22,719
uh email id or the genuine one you can
2682
01:31:20,560 --> 01:31:24,800
always use this 10 minute email id to
2683
01:31:22,719 --> 01:31:26,480
give your temporary access right it can
2684
01:31:24,800 --> 01:31:30,159
work like the genuine one
2685
01:31:26,480 --> 01:31:33,280
let's put it up over here sorry name
2686
01:31:30,159 --> 01:31:33,840
test email id portable here designation
2687
01:31:33,280 --> 01:31:37,520
let's say
2688
01:31:33,840 --> 01:31:41,760
testo department testing
2689
01:31:37,520 --> 01:31:46,239
company let's say train
2690
01:31:41,760 --> 01:31:50,239
branch desktop country india
2691
01:31:46,239 --> 01:31:54,239
right i can just add up it as well
2692
01:31:50,239 --> 01:31:55,520
now quickly import them right so batch
2693
01:31:54,239 --> 01:31:56,800
count you have to just
2694
01:31:55,520 --> 01:31:58,800
click the batch count should be like
2695
01:31:56,800 --> 01:32:00,239
less than the number of users batch
2696
01:31:58,800 --> 01:32:01,120
interval you have to mention over here
2697
01:32:00,239 --> 01:32:03,840
like one
2698
01:32:01,120 --> 01:32:05,679
like send the messaging to breakage one
2699
01:32:03,840 --> 01:32:08,960
training type uh
2700
01:32:05,679 --> 01:32:12,080
okay it's not giving an option perfect
2701
01:32:08,960 --> 01:32:13,520
okay basically if you can see it's it
2702
01:32:12,080 --> 01:32:15,040
will be showing you the landing page
2703
01:32:13,520 --> 01:32:15,920
right whenever the person is clicked on
2704
01:32:15,040 --> 01:32:17,120
this one
2705
01:32:15,920 --> 01:32:20,560
link you'll be landing on this
2706
01:32:17,120 --> 01:32:23,840
particular page which is your
2707
01:32:20,560 --> 01:32:23,840
something like this okay
2708
01:32:24,239 --> 01:32:28,719
so uh problem is uh like uh mainly i
2709
01:32:27,360 --> 01:32:30,400
know i won't be writing this page
2710
01:32:28,719 --> 01:32:32,239
landing page because i have to do what
2711
01:32:30,400 --> 01:32:34,000
like the precautions so i put them like
2712
01:32:32,239 --> 01:32:35,760
white listing and all those bits
2713
01:32:34,000 --> 01:32:37,280
but no ways uh you will get an idea
2714
01:32:35,760 --> 01:32:37,920
regarding this simple scenario how this
2715
01:32:37,280 --> 01:32:40,719
email
2716
01:32:37,920 --> 01:32:41,760
is being sent to you so what will happen
2717
01:32:40,719 --> 01:32:44,000
uh
2718
01:32:41,760 --> 01:32:44,960
perfect this is the high name name will
2719
01:32:44,000 --> 01:32:47,040
be like uh
2720
01:32:44,960 --> 01:32:48,960
regarding this uh users which we have
2721
01:32:47,040 --> 01:32:49,920
added right at the bottom it will be
2722
01:32:48,960 --> 01:32:52,560
showing this link
2723
01:32:49,920 --> 01:32:54,000
and a chart team over here right okay
2724
01:32:52,560 --> 01:32:57,120
let's let's let's
2725
01:32:54,000 --> 01:33:00,080
do one thing let's create it up
2726
01:32:57,120 --> 01:33:00,080
right done
2727
01:33:00,320 --> 01:33:04,960
show this will take a bit of time
2728
01:33:05,760 --> 01:33:09,840
meanwhile let me just open my email id
2729
01:33:10,159 --> 01:33:14,480
okay as you can see it says campaign has
2730
01:33:12,800 --> 01:33:16,960
been successfully initiated so
2731
01:33:14,480 --> 01:33:18,480
let's take it you can see campaign has
2732
01:33:16,960 --> 01:33:18,960
been listed out over here campaigning
2733
01:33:18,480 --> 01:33:22,239
with the
2734
01:33:18,960 --> 01:33:24,000
name testing send two emails right
2735
01:33:22,239 --> 01:33:25,360
complex hundreds of ymd that's the
2736
01:33:24,000 --> 01:33:29,360
creator so let's
2737
01:33:25,360 --> 01:33:31,280
let's check it out okay can you guys see
2738
01:33:29,360 --> 01:33:32,560
over here i got an email from human
2739
01:33:31,280 --> 01:33:37,840
resource team
2740
01:33:32,560 --> 01:33:37,840
if i click on this
2741
01:33:39,679 --> 01:33:42,880
listen can you see guys i say my current
2742
01:33:41,760 --> 01:33:44,320
concert for that means you know this is
2743
01:33:42,880 --> 01:33:45,520
really an ongoing dynamic situation on
2744
01:33:44,320 --> 01:33:47,280
behalf of organization
2745
01:33:45,520 --> 01:33:48,719
i'm really worried about reaching to the
2746
01:33:47,280 --> 01:33:49,600
workplace that is then crowded in all
2747
01:33:48,719 --> 01:33:53,520
those bits
2748
01:33:49,600 --> 01:33:54,800
right and it says regards hr team though
2749
01:33:53,520 --> 01:33:56,639
it's mentioning note the phishing
2750
01:33:54,800 --> 01:33:58,960
simulator emails for the lab purposes
2751
01:33:56,639 --> 01:34:00,560
right so if you can see we we generated
2752
01:33:58,960 --> 01:34:04,000
a genuine email right and i'm
2753
01:34:00,560 --> 01:34:05,840
sending them to myself can you see
2754
01:34:04,000 --> 01:34:08,800
uh guys can you tell me what's the email
2755
01:34:05,840 --> 01:34:08,800
id mentioned over here
2756
01:34:10,960 --> 01:34:14,400
what is the email id from which email id
2757
01:34:12,560 --> 01:34:17,120
i have sent this mail
2758
01:34:14,400 --> 01:34:18,880
hr isn't it so i have used the rainbow
2759
01:34:17,120 --> 01:34:20,560
id over here to
2760
01:34:18,880 --> 01:34:22,719
send any one of the person one for
2761
01:34:20,560 --> 01:34:25,199
organization so he'll be just obviously
2762
01:34:22,719 --> 01:34:26,480
if they are not uh well trained well
2763
01:34:25,199 --> 01:34:27,679
aware regarding this thing they will
2764
01:34:26,480 --> 01:34:28,960
just
2765
01:34:27,679 --> 01:34:31,199
read this mail and they will be thinking
2766
01:34:28,960 --> 01:34:32,480
it's the genuine one though it's for
2767
01:34:31,199 --> 01:34:34,080
this is something mentioned which is for
2768
01:34:32,480 --> 01:34:36,320
the lab purpose that's why otherwise you
2769
01:34:34,080 --> 01:34:37,920
won't even get this notification as well
2770
01:34:36,320 --> 01:34:39,679
so if as soon as the person is clicking
2771
01:34:37,920 --> 01:34:40,400
on this link he'll be landing on another
2772
01:34:39,679 --> 01:34:42,639
page
2773
01:34:40,400 --> 01:34:44,000
so it's won't be opening on this one
2774
01:34:42,639 --> 01:34:46,480
right now
2775
01:34:44,000 --> 01:34:49,199
oh credit work perfect can you see the
2776
01:34:46,480 --> 01:34:51,280
landing page opened over here
2777
01:34:49,199 --> 01:34:53,360
so guys uh it says oh you have been
2778
01:34:51,280 --> 01:34:54,560
faced right so i can take with that link
2779
01:34:53,360 --> 01:34:58,320
i can take the uh
2780
01:34:54,560 --> 01:34:59,760
uh this user anywhere i want to right
2781
01:34:58,320 --> 01:35:01,520
so this is the one how you can play
2782
01:34:59,760 --> 01:35:02,560
around with this thing or else like you
2783
01:35:01,520 --> 01:35:04,320
what you can do
2784
01:35:02,560 --> 01:35:06,320
uh there are various ways to do social
2785
01:35:04,320 --> 01:35:09,280
engineering attacks right you create
2786
01:35:06,320 --> 01:35:10,159
a copy you url or whole page of let's
2787
01:35:09,280 --> 01:35:13,360
say facebook
2788
01:35:10,159 --> 01:35:15,440
login page you can just create a dummy
2789
01:35:13,360 --> 01:35:16,639
of that obviously url won't be like the
2790
01:35:15,440 --> 01:35:18,719
real ones
2791
01:35:16,639 --> 01:35:20,400
but you can put that url over the
2792
01:35:18,719 --> 01:35:23,040
phishing email and you can
2793
01:35:20,400 --> 01:35:24,800
do what let's say uh i copied the
2794
01:35:23,040 --> 01:35:26,159
infosec train whole page or the whole
2795
01:35:24,800 --> 01:35:28,960
design for the login
2796
01:35:26,159 --> 01:35:29,920
portion or the login portal right so i
2797
01:35:28,960 --> 01:35:32,560
copied it
2798
01:35:29,920 --> 01:35:33,600
and i copied my url which i have created
2799
01:35:32,560 --> 01:35:35,199
for that
2800
01:35:33,600 --> 01:35:37,280
taking the username and password from
2801
01:35:35,199 --> 01:35:37,760
the users right so what i will do i will
2802
01:35:37,280 --> 01:35:40,239
create
2803
01:35:37,760 --> 01:35:40,800
full copy of that and i will pass that
2804
01:35:40,239 --> 01:35:42,639
link
2805
01:35:40,800 --> 01:35:44,719
in my phishing email to that particular
2806
01:35:42,639 --> 01:35:46,159
user user will be thinking okay it's the
2807
01:35:44,719 --> 01:35:47,440
general one from the organization he
2808
01:35:46,159 --> 01:35:50,000
will click on that link
2809
01:35:47,440 --> 01:35:52,000
he will go to a login portal he will be
2810
01:35:50,000 --> 01:35:54,239
entering his username and password
2811
01:35:52,000 --> 01:35:55,760
and as soon as we click on it i will
2812
01:35:54,239 --> 01:35:59,040
just redirect him to the
2813
01:35:55,760 --> 01:36:02,320
original page and moreover i can get
2814
01:35:59,040 --> 01:36:03,760
those credentials of that person with me
2815
01:36:02,320 --> 01:36:05,600
the username and the password
2816
01:36:03,760 --> 01:36:07,119
this is to just how fool around the
2817
01:36:05,600 --> 01:36:08,480
people with these things
2818
01:36:07,119 --> 01:36:10,719
the social engineering techniques and
2819
01:36:08,480 --> 01:36:11,520
the phishing one all right i hope you
2820
01:36:10,719 --> 01:36:14,560
got the point
2821
01:36:11,520 --> 01:36:15,280
over here guys so let's get back to the
2822
01:36:14,560 --> 01:36:18,719
thing
2823
01:36:15,280 --> 01:36:20,800
is fishing right we were talking about a
2824
01:36:18,719 --> 01:36:22,480
phishing
2825
01:36:20,800 --> 01:36:25,280
so phishing is a cyber crime in which a
2826
01:36:22,480 --> 01:36:27,280
target or targets are contacted by email
2827
01:36:25,280 --> 01:36:28,880
telephone or text message by someone
2828
01:36:27,280 --> 01:36:29,440
posing as a legitimate institution to
2829
01:36:28,880 --> 01:36:30,800
load
2830
01:36:29,440 --> 01:36:32,800
your individuals into providing
2831
01:36:30,800 --> 01:36:34,159
sensitive data such as personally
2832
01:36:32,800 --> 01:36:35,840
identifiable information
2833
01:36:34,159 --> 01:36:37,280
banking and credit card details and
2834
01:36:35,840 --> 01:36:38,639
password right
2835
01:36:37,280 --> 01:36:40,880
then guys there is machine what do you
2836
01:36:38,639 --> 01:36:42,480
understand by the terms missing
2837
01:36:40,880 --> 01:36:44,400
so basically you got an idea right
2838
01:36:42,480 --> 01:36:45,760
regarding these things so what you do in
2839
01:36:44,400 --> 01:36:48,159
this one is like you would be
2840
01:36:45,760 --> 01:36:50,239
doing phishing in respect to sms space
2841
01:36:48,159 --> 01:36:51,760
right let's say the lottery one or you
2842
01:36:50,239 --> 01:36:53,679
want this particular price
2843
01:36:51,760 --> 01:36:55,520
yeah you want this car or something like
2844
01:36:53,679 --> 01:36:56,800
that so just faking around and you'll be
2845
01:36:55,520 --> 01:36:57,760
passing all those malicious things over
2846
01:36:56,800 --> 01:37:00,960
there in this
2847
01:36:57,760 --> 01:37:03,360
messages and trying to get the person
2848
01:37:00,960 --> 01:37:04,560
and view that person into that link
2849
01:37:03,360 --> 01:37:07,760
right
2850
01:37:04,560 --> 01:37:08,480
perfect okay then we have guys your
2851
01:37:07,760 --> 01:37:10,800
another one
2852
01:37:08,480 --> 01:37:11,520
which is wishing what do you understand
2853
01:37:10,800 --> 01:37:14,719
by the term
2854
01:37:11,520 --> 01:37:17,040
wishing so as you mentioned voice
2855
01:37:14,719 --> 01:37:18,560
over fishing right isn't it wishing a
2856
01:37:17,040 --> 01:37:20,080
combination of voice and phishing is a
2857
01:37:18,560 --> 01:37:22,560
telephone version of phishing this
2858
01:37:20,080 --> 01:37:25,040
technique uses a spoof caller id
2859
01:37:22,560 --> 01:37:26,320
that can make attacks look like they
2860
01:37:25,040 --> 01:37:30,000
originate from a
2861
01:37:26,320 --> 01:37:31,760
known number right so
2862
01:37:30,000 --> 01:37:33,280
over here like you know you might have
2863
01:37:31,760 --> 01:37:35,760
got got a call
2864
01:37:33,280 --> 01:37:36,880
right i guess everyone or so you get a
2865
01:37:35,760 --> 01:37:40,080
call over your phone
2866
01:37:36,880 --> 01:37:42,159
they might be saying okay uh so you have
2867
01:37:40,080 --> 01:37:44,239
like they might be like important some
2868
01:37:42,159 --> 01:37:46,159
of some of a person from a bank isn't it
2869
01:37:44,239 --> 01:37:47,520
and like they will like a fraud call as
2870
01:37:46,159 --> 01:37:49,440
you mentioned okay
2871
01:37:47,520 --> 01:37:51,360
so they were saying okay sir we are
2872
01:37:49,440 --> 01:37:52,159
contacting from this particular bank
2873
01:37:51,360 --> 01:37:55,679
it's what's a
2874
01:37:52,159 --> 01:37:56,400
yes bank or any sbi bank and uh we need
2875
01:37:55,679 --> 01:37:58,719
you to
2876
01:37:56,400 --> 01:37:59,520
give your otp and all those bits right
2877
01:37:58,719 --> 01:38:02,159
to to
2878
01:37:59,520 --> 01:38:02,639
maintain uh the count over there right
2879
01:38:02,159 --> 01:38:05,440
so
2880
01:38:02,639 --> 01:38:06,000
for say of example of mine they told me
2881
01:38:05,440 --> 01:38:07,280
okay so
2882
01:38:06,000 --> 01:38:09,600
i was traveling the metro and they gave
2883
01:38:07,280 --> 01:38:12,159
me a call so your
2884
01:38:09,600 --> 01:38:12,960
card has not been registered so your
2885
01:38:12,159 --> 01:38:15,040
account
2886
01:38:12,960 --> 01:38:16,719
due to that your account will be like
2887
01:38:15,040 --> 01:38:18,000
you can say diminish or like remove from
2888
01:38:16,719 --> 01:38:20,480
there
2889
01:38:18,000 --> 01:38:21,119
correct and for that uh you just need to
2890
01:38:20,480 --> 01:38:23,199
uh
2891
01:38:21,119 --> 01:38:24,239
give few bit of details to us right so
2892
01:38:23,199 --> 01:38:27,520
they asked and asked
2893
01:38:24,239 --> 01:38:28,880
and like account number atm number right
2894
01:38:27,520 --> 01:38:30,239
those weights they already have those
2895
01:38:28,880 --> 01:38:30,639
things right but moreover they ask for
2896
01:38:30,239 --> 01:38:33,920
those
2897
01:38:30,639 --> 01:38:36,320
this otp the main part right
2898
01:38:33,920 --> 01:38:38,000
that's your multi-factor authentication
2899
01:38:36,320 --> 01:38:40,000
so they ask for the otp
2900
01:38:38,000 --> 01:38:41,280
and you know obviously i haven't given
2901
01:38:40,000 --> 01:38:42,639
the otp
2902
01:38:41,280 --> 01:38:44,719
but main agenda is as soon as you
2903
01:38:42,639 --> 01:38:46,239
provide the otp there will be like
2904
01:38:44,719 --> 01:38:48,080
a transaction of hefty amount from your
2905
01:38:46,239 --> 01:38:49,280
account isn't it so these things are
2906
01:38:48,080 --> 01:38:50,639
done by the wishing
2907
01:38:49,280 --> 01:38:52,400
and the one who was asking the guardian
2908
01:38:50,639 --> 01:38:53,920
is uh how to figure out the email
2909
01:38:52,400 --> 01:38:55,600
from the valid user so just you have to
2910
01:38:53,920 --> 01:38:58,080
check the spf dkm your
2911
01:38:55,600 --> 01:38:59,199
demark your message id so that's another
2912
01:38:58,080 --> 01:39:00,800
story but these are
2913
01:38:59,199 --> 01:39:02,719
these are used to check the
2914
01:39:00,800 --> 01:39:04,400
authentication right the authentication
2915
01:39:02,719 --> 01:39:06,320
code is mentioned the return path is
2916
01:39:04,400 --> 01:39:08,239
over there the sender ip is there
2917
01:39:06,320 --> 01:39:09,679
so you can go with these things and
2918
01:39:08,239 --> 01:39:10,719
these are helping you to validate that
2919
01:39:09,679 --> 01:39:13,679
email id
2920
01:39:10,719 --> 01:39:14,480
so since fishing it's a pretty much like
2921
01:39:13,679 --> 01:39:17,199
you know
2922
01:39:14,480 --> 01:39:17,679
common but it's pretty much of a very
2923
01:39:17,199 --> 01:39:19,679
good
2924
01:39:17,679 --> 01:39:20,880
attack which can take an advantage right
2925
01:39:19,679 --> 01:39:22,880
so as a
2926
01:39:20,880 --> 01:39:24,159
security uh guys you should train the
2927
01:39:22,880 --> 01:39:24,960
employees you should have this training
2928
01:39:24,159 --> 01:39:26,719
around there and
2929
01:39:24,960 --> 01:39:28,639
make them aware regarding these things
2930
01:39:26,719 --> 01:39:31,040
right all right
2931
01:39:28,639 --> 01:39:32,080
so uh then we have this spear fishing
2932
01:39:31,040 --> 01:39:33,679
what do you guys understand with the
2933
01:39:32,080 --> 01:39:34,960
spear phishing
2934
01:39:33,679 --> 01:39:36,560
okay spear phishing is a social
2935
01:39:34,960 --> 01:39:38,239
engineering attack in which a
2936
01:39:36,560 --> 01:39:39,119
perpetrator disguises a trusted
2937
01:39:38,239 --> 01:39:40,800
individual
2938
01:39:39,119 --> 01:39:42,400
takes the target into clicking on the
2939
01:39:40,800 --> 01:39:44,080
link of spoof email
2940
01:39:42,400 --> 01:39:46,400
text message and stand matches so you
2941
01:39:44,080 --> 01:39:50,000
basically target specific
2942
01:39:46,400 --> 01:39:51,760
people over here right so
2943
01:39:50,000 --> 01:39:53,360
it can be any individual over here you
2944
01:39:51,760 --> 01:39:53,760
target an individual over here then we
2945
01:39:53,360 --> 01:39:57,040
have this
2946
01:39:53,760 --> 01:39:58,880
wailing wailing you know guys whaling is
2947
01:39:57,040 --> 01:40:00,560
like a cyber attack targeting a high
2948
01:39:58,880 --> 01:40:02,480
profile executive
2949
01:40:00,560 --> 01:40:04,480
exactly a top management or top high
2950
01:40:02,480 --> 01:40:07,199
class people we are targeting over here
2951
01:40:04,480 --> 01:40:08,000
right it use this happy email messages
2952
01:40:07,199 --> 01:40:09,520
targeting high level
2953
01:40:08,000 --> 01:40:12,000
decision makers within our organization
2954
01:40:09,520 --> 01:40:14,480
such as your eco cfos
2955
01:40:12,000 --> 01:40:15,360
right your cto and all those things
2956
01:40:14,480 --> 01:40:18,000
right
2957
01:40:15,360 --> 01:40:19,440
so when you're targeting high profile
2958
01:40:18,000 --> 01:40:22,159
people that's your
2959
01:40:19,440 --> 01:40:24,400
building then you have this shoulder
2960
01:40:22,159 --> 01:40:26,159
surfing guys what's the shoulder surfing
2961
01:40:24,400 --> 01:40:27,840
shoulder surfing refers to the act of
2962
01:40:26,159 --> 01:40:28,320
obtaining personal private information
2963
01:40:27,840 --> 01:40:30,239
through
2964
01:40:28,320 --> 01:40:31,840
direct observation right so you're
2965
01:40:30,239 --> 01:40:34,239
looking from person's
2966
01:40:31,840 --> 01:40:36,239
shoulder to get sort of information a
2967
01:40:34,239 --> 01:40:39,679
very common example would be like your
2968
01:40:36,239 --> 01:40:41,520
atm one right isn't it
2969
01:40:39,679 --> 01:40:43,520
so you know atm line you might have seen
2970
01:40:41,520 --> 01:40:45,520
these things uh but you do
2971
01:40:43,520 --> 01:40:47,600
like your shoulder surfing right you are
2972
01:40:45,520 --> 01:40:49,280
just speaking in front of the person
2973
01:40:47,600 --> 01:40:50,639
what sort of a password he is or like
2974
01:40:49,280 --> 01:40:52,239
what of course he's
2975
01:40:50,639 --> 01:40:54,239
entering while doing the transaction
2976
01:40:52,239 --> 01:40:55,679
right or moreover
2977
01:40:54,239 --> 01:40:57,760
like many people might have done in
2978
01:40:55,679 --> 01:41:01,119
their college days or this school days
2979
01:40:57,760 --> 01:41:03,280
back those days right so let's say last
2980
01:41:01,119 --> 01:41:04,800
11th hour of the exam oh sorry like last
2981
01:41:03,280 --> 01:41:06,400
hour the exam right
2982
01:41:04,800 --> 01:41:08,320
and you don't know like you you know
2983
01:41:06,400 --> 01:41:10,239
like you're gonna get get failed right
2984
01:41:08,320 --> 01:41:11,600
so what do you do you try to do shoulder
2985
01:41:10,239 --> 01:41:13,280
surfing over there isn't it
2986
01:41:11,600 --> 01:41:14,639
and you look over there you look in the
2987
01:41:13,280 --> 01:41:16,639
front seat like the person who is
2988
01:41:14,639 --> 01:41:18,159
sitting in front of you he will try to
2989
01:41:16,639 --> 01:41:19,760
like speak over there and he will try to
2990
01:41:18,159 --> 01:41:20,159
see whatever the answer he's writing is
2991
01:41:19,760 --> 01:41:22,400
that it
2992
01:41:20,159 --> 01:41:24,239
anyone done that because i have done
2993
01:41:22,400 --> 01:41:26,000
that in my college days
2994
01:41:24,239 --> 01:41:27,760
right so that's a pretty good example
2995
01:41:26,000 --> 01:41:29,679
regarding a shoulder surfing
2996
01:41:27,760 --> 01:41:31,440
right so we won't call it cheating now
2997
01:41:29,679 --> 01:41:32,880
we caught your shoulder surfing
2998
01:41:31,440 --> 01:41:35,280
then we have dumpster diving guys
2999
01:41:32,880 --> 01:41:37,280
dumpster diving those beans yeah
3000
01:41:35,280 --> 01:41:38,639
from the garbage from where you can get
3001
01:41:37,280 --> 01:41:40,400
uh like
3002
01:41:38,639 --> 01:41:42,400
print outs all those useful information
3003
01:41:40,400 --> 01:41:43,679
all those files and lock documents which
3004
01:41:42,400 --> 01:41:45,520
can be pretty much useful
3005
01:41:43,679 --> 01:41:47,040
for you so that's why organization also
3006
01:41:45,520 --> 01:41:49,040
they put up this policy or if
3007
01:41:47,040 --> 01:41:50,719
you say the practice to shred all those
3008
01:41:49,040 --> 01:41:51,920
documents those are which of no use
3009
01:41:50,719 --> 01:41:52,639
because if you dump them over the
3010
01:41:51,920 --> 01:41:54,320
dustbin
3011
01:41:52,639 --> 01:41:56,000
anyone would be like if there's an
3012
01:41:54,320 --> 01:41:58,400
attack or any person who
3013
01:41:56,000 --> 01:41:59,520
like anyone if they get there they get
3014
01:41:58,400 --> 01:42:00,400
their hands on these particular
3015
01:41:59,520 --> 01:42:03,119
documents
3016
01:42:00,400 --> 01:42:04,719
the files uh that could be pretty much
3017
01:42:03,119 --> 01:42:06,000
like an advantage for them right they
3018
01:42:04,719 --> 01:42:09,360
can
3019
01:42:06,000 --> 01:42:10,320
get a good hefty and good important
3020
01:42:09,360 --> 01:42:12,880
stuff out of it
3021
01:42:10,320 --> 01:42:14,560
right so what they do they ask you to
3022
01:42:12,880 --> 01:42:15,440
shred all those things because generally
3023
01:42:14,560 --> 01:42:16,960
we also practice
3024
01:42:15,440 --> 01:42:19,040
the same thing right in our house we
3025
01:42:16,960 --> 01:42:22,080
order something from the amazon
3026
01:42:19,040 --> 01:42:25,520
we receive it and what we do we
3027
01:42:22,080 --> 01:42:26,840
we just take the gift out of it write
3028
01:42:25,520 --> 01:42:28,960
the item out of it and we just throw
3029
01:42:26,840 --> 01:42:29,520
that package over the document but we
3030
01:42:28,960 --> 01:42:32,159
don't
3031
01:42:29,520 --> 01:42:33,440
if you notice the delivery thing is or
3032
01:42:32,159 --> 01:42:35,360
there'll be address or the billing
3033
01:42:33,440 --> 01:42:36,800
address and those statements are printed
3034
01:42:35,360 --> 01:42:38,320
over a paper over there on a slip and
3035
01:42:36,800 --> 01:42:41,520
which is attached to your
3036
01:42:38,320 --> 01:42:43,360
wrapper right so you don't just
3037
01:42:41,520 --> 01:42:44,480
shred it off and you just simply throw
3038
01:42:43,360 --> 01:42:46,239
it in the description so it can be very
3039
01:42:44,480 --> 01:42:48,639
advantageous for other people
3040
01:42:46,239 --> 01:42:49,920
right so that's your terms to type in so
3041
01:42:48,639 --> 01:42:51,280
always just shred your files and
3042
01:42:49,920 --> 01:42:53,280
everything which is of no use
3043
01:42:51,280 --> 01:42:55,119
before dumping it to the first pen then
3044
01:42:53,280 --> 01:42:57,520
we have piggybacking
3045
01:42:55,119 --> 01:42:58,560
right and we have tailgating basic uh
3046
01:42:57,520 --> 01:43:00,400
and tailgating
3047
01:42:58,560 --> 01:43:02,400
so tailgating guys you know you can see
3048
01:43:00,400 --> 01:43:03,040
uh basic difference main difference over
3049
01:43:02,400 --> 01:43:05,920
here is
3050
01:43:03,040 --> 01:43:06,960
authorization and non-authorized one so
3051
01:43:05,920 --> 01:43:10,239
tailgating is like
3052
01:43:06,960 --> 01:43:10,719
following somewhere or someone without
3053
01:43:10,239 --> 01:43:13,119
their
3054
01:43:10,719 --> 01:43:14,080
knowledge right yeah entry without
3055
01:43:13,119 --> 01:43:15,440
access
3056
01:43:14,080 --> 01:43:17,840
behind someone so let's say in your
3057
01:43:15,440 --> 01:43:19,360
office you you swipe your card and like
3058
01:43:17,840 --> 01:43:19,840
or you give you punch over there and you
3059
01:43:19,360 --> 01:43:22,080
get
3060
01:43:19,840 --> 01:43:24,480
an entrance to the organization right so
3061
01:43:22,080 --> 01:43:26,000
let's see if person is over there right
3062
01:43:24,480 --> 01:43:27,520
or any attacker what he will do he will
3063
01:43:26,000 --> 01:43:28,320
just follow you till the time that gate
3064
01:43:27,520 --> 01:43:30,400
is open
3065
01:43:28,320 --> 01:43:32,000
and you might have seen this in metro as
3066
01:43:30,400 --> 01:43:34,800
well people what they do
3067
01:43:32,000 --> 01:43:36,000
uh like someone is entering their token
3068
01:43:34,800 --> 01:43:37,600
and then they will just
3069
01:43:36,000 --> 01:43:39,119
go behind them with them right and they
3070
01:43:37,600 --> 01:43:42,480
will just pass that
3071
01:43:39,119 --> 01:43:44,560
security area isn't it so that's your
3072
01:43:42,480 --> 01:43:46,639
tail getting piggybacking is like when
3073
01:43:44,560 --> 01:43:47,920
like someone is opening that door
3074
01:43:46,639 --> 01:43:49,920
for you they know you and they are
3075
01:43:47,920 --> 01:43:51,920
opening the door for you right
3076
01:43:49,920 --> 01:43:53,199
so basically you are using the authority
3077
01:43:51,920 --> 01:43:55,840
as well over here
3078
01:43:53,199 --> 01:43:56,800
so that's also tailgating and
3079
01:43:55,840 --> 01:43:58,800
piggybacking
3080
01:43:56,800 --> 01:44:00,159
right then ev's dropping it's pretty
3081
01:43:58,800 --> 01:44:01,280
much common you have stopping let's say
3082
01:44:00,159 --> 01:44:03,440
two people are working in a
3083
01:44:01,280 --> 01:44:05,040
working space right and they are having
3084
01:44:03,440 --> 01:44:06,480
sort of a conversation or discussion
3085
01:44:05,040 --> 01:44:07,920
regarding their new deal
3086
01:44:06,480 --> 01:44:09,920
a new project that is going to get
3087
01:44:07,920 --> 01:44:12,159
deployed so what i will do i'll be just
3088
01:44:09,920 --> 01:44:14,320
i'm i'm i'm there hearing their
3089
01:44:12,159 --> 01:44:16,159
whole conversation and i'm trying to get
3090
01:44:14,320 --> 01:44:16,560
the ideas of information which can be
3091
01:44:16,159 --> 01:44:19,679
very
3092
01:44:16,560 --> 01:44:20,639
useful to me doesn't it that's you keep
3093
01:44:19,679 --> 01:44:22,719
stopping over here
3094
01:44:20,639 --> 01:44:23,920
you can say man in the middle perfect
3095
01:44:22,719 --> 01:44:26,480
great that's it guys
3096
01:44:23,920 --> 01:44:28,000
that's it for the whole today's agenda
3097
01:44:26,480 --> 01:44:30,000
like your malware threat
3098
01:44:28,000 --> 01:44:32,000
and threat intelligence and everything
3099
01:44:30,000 --> 01:44:32,639
right so that's it for the days i guess
3100
01:44:32,000 --> 01:44:34,480
you got
3101
01:44:32,639 --> 01:44:36,320
the whole concept were clear to you
3102
01:44:34,480 --> 01:44:39,600
regarding each and every terminology
3103
01:44:36,320 --> 01:44:45,040
we have discussed till this point okay
3104
01:44:39,600 --> 01:44:45,040
thank you guys that's it for the day
205052
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.