In an increasingly digital world, it is important to pay attention to the security of our information. Network and system hacking is a reality that occurs every day and, in recent years, the types of attacks have not only increased but have also become more sophisticated. It is important to be aware of them so that we can protect ourselves more assertively.
This is something we call Social Engineering , which are practices that use deception and persuasion to gain access to important, unauthorized or confidential information, both from organizations and individuals. These are techniques used by malicious people who exploit people's own security flaws. This is a brief summary of what Social Engineering is, but we have an article that goes into more depth about what social engineering is and how it works.
Therefore, when we talk about the area of Security within Information Technology, it is common for there to be terms that we have heard of, but we do not know exactly what they mean. Therefore, in this guide, we will look at some common security terms that are important for you to know.
Honeypot
A honeypot is a tool or system that contains vulnerabilities chinese america data and may even contain false data. It is like a “bait” to catch attackers, where you configure the computer in such a way as to leave it vulnerable to invasion.
When an attacker tries to access your system and successfully performs the invasion, he really believes that he has managed to invade an application, but in reality, he is in a honeypot: a simulated environment precisely to deceive the attacker.
By using a honeypot, all of the attacker's steps are monitored, allowing all of their activities to be recorded and controlled. This makes it possible to know which tools were used for the attack and which loopholes the attacker is using. All of these steps are sent to the person monitoring the honeypot.
With this, invaders can be fought more efficiently, as we can study the information captured, in order to create means and techniques to block the - real - attack of new invaders.
Types of honeypots
Research - These are tools programmed to observe the actions of attackers, allowing detailed analyses of their motivations, tools used and vulnerabilities that were exploited. It is widely used to study the pattern of each attacker.
Production - They are used in production networks as a complement or in place of systems to detect, analyze or even deflect attacks against network assets. They can be used by companies and institutions that aim to protect their networks. They aim to analyze and detect attackers on the network.
If you want to know more about the subject, what service levels it has and what tools are used for this purpose, we have a specific article about Honeypot .
Phishing
You've probably received an email from your bank or some trusted company, but when you opened it, you found it suspicious, not being sure if it was really from the sender it said it was.
Phishing is a way hackers use to trick us into revealing important information, such as personal data, passwords, credit card details, bank account numbers and even making payments/bank transfers.
To do this, they send emails pretending to be from a trustworthy person or company with the intention of attracting victims, but in reality, it is nothing more than a virtual scam. This email usually contains links that direct you to fake websites.