3 hours 35 minutes
hello and welcome to P C Security Intermediate course.
In this lesson, I will be talking about attack electors
that are there the most important, the ones that exist when people are attacking a PC.
But before we talk about the collectors, I have to mention that PC.
And actually, I have to emphasize that PC's insecure by design and what I mean. But saying that so not PC is a concept but PC as a as a tool that we're using today.
So, um, first thing that everybody's using on a PCs, for example, email,
and when you read email, you actually execute code. So your email message
is, Ah, not the way you see what you see. This HTML interpreted version off the actually interpreted version off HTML file that is actually your email message. So you see here message there have reads received
and to the right to the actual HTML file
that creates this message so you don't see it all because it's very long. Just an example. But
a female is the language, so it's kind of a code, and this code is essentially interpreted by your email client or by your browser. If you're using,
uh where mail service.
And then you see there's a like a plain text or text with the links or text with some pictures in it, or texted some attachments or text with some links to some some sites
or whatever. So whatever email you received,
it's essentially shaped upon the HTML file you received. So if somebody inserts the malicious park piece of coding that HTML file, then it can do something to your PC that you actually don't want to be done.
A similar thing is when you open enough his documents so we all use on a daily basis. We write texts or off course. I mean on a daily basis, with many do business. So business today revolves around the written documents, PDF files
and Excel sheets and Power Point presentations. This is but most of office workers to they use on a daily basis.
So when you open something like an office document, you actually execute code because off his document is actually an XML file. So your dot XLs X file is actually a ZIP file. So if you rename your
Xel file to duck zip
and then open it with some kind of zip your you will see the folder structure. It's an XML file. So if you open one of those external files like you see here on this picture,
to the left the actual Excel file and then to the right, you see how it looks in XML. So XML is slightly more advanced version off html,
and you simply get it
a za code that is then interpreted by Excell program.
within the limitations and off what Excell program allows you to do, you can put similar she's code and executed. For example, you can go online and download some payload and then drop it on your PC,
not you, but the cold itself.
Yes, everything is like when you open a Web page. This is also HTML,
and when you're browsing, you're basically constantly interpreting some code. So if there is some malicious content in that code, it can vice pass species security and this advantage.
there is one more reason why PC's and secured by design,
and this is because operating systems have not been designed with security is the number on priority so always for ah, manufacturer of operating system and there are not so many of them today. So you have, like, when those you have Apple Microsoft apple and then you have Google with the android and chrome operating systems,
and then you have leanings, and
this is pretty much it when it comes to what people are using
today. When you look comes to PC users, unless you're some hardcore professional, you're probably not using Linux, so you're either using Windows or
Apple's operating system like Mako a six. And if you are in academia, you might be using herma birthing system because you're using chromebook.
So what's going to details? And they said, e mails are written html
and accept the body of the email that can be infiltrated by malicious code.
You can have attachments that contain Marber. For example, you could have Excel file that is infected within the email, so email itself is benign. It's OK, but the file is ineffective, and also email can contain links to militias sites.
So this practice off adding links to malicious sites or infected attachments
is something that is widely used in attack method that is called phishing, in which people simply received the emails with the content that might be or might not look legit
in In terms off. It's a business conversation between some of the you do business on a regular basis. But even if it looks completely bogus, said, there are people who will click on the link or open the attachment just for the curiosity or did you just don't care?
So this is the reason why
we have the huge increase in phishing attacks in the past few years,
and I said the malicious code can be hidden in documents, and you have seen already the example off something with them Excel file.
But this can also spread to some other
types of files, like pdf files
or photos. For example,
if you go back to PDF files, you see, the PdF file is actually some kind of cold as well,
and it can be into infiltrated with Mount Melber or malicious code.
And then you have photos interest, for example, technology using stay exploit, which hides cold, actually a link to a dropper to a J pic file using technological steganography, which chides binary data within, or some kind of data within J pic files.
So if it's hidden there you. Can you open it in a browser? Then they can direct browser to do something militias to your PC.
And in the end, there is waste to put malicious cold into some kind off
video files. For example, in Dr SF, we have the documented the behavior of get Codec warm,
which in care infects their files and ask you toe doubled Codec to view it. And then you Uranus expecting user. You click on it. You it gets you tum toe downloads the malicious file and then infects your PC. Now the question you're probably asking yourself
is, Why can't we stop this behavior? I can predict that there is malicious code
inside the email message or a document. Well, we can't.
And for those of you who want to look at the details, uh, please look at the link below. It's a paper written by Professor Evans of the University of Virginia,
where he explains,
why is it impossible toe make 100 to make a software that will determine if some other software is wires or not with 100% certainty? So
it's mathematically, let's a proven to be impossibility, and this is the thing we have to live with.
So it's rather difficult to understand if you're not mathematician, so you can just look for it from from for the sake of film use meant if you're if,
but I I didn't understand it completely. I understand the conclusion understood the conclusion, but I didn't understand that the whole
process in this file.
So in this video you have learned about the fundamental in security of PC Platform and some of the attack directors and PC, and the next lesson, I'm going to continue elaborating on this topic.