Time
3 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Transcription

00:00
hello and welcome to P C Security Intermediate course.
00:04
In this lesson, I will be talking about attack electors
00:09
that are there the most important, the ones that exist when people are attacking a PC.
00:18
But before we talk about the collectors, I have to mention that PC.
00:24
And actually, I have to emphasize that PC's insecure by design and what I mean. But saying that so not PC is a concept but PC as a as a tool that we're using today.
00:37
So, um, first thing that everybody's using on a PCs, for example, email,
00:43
and when you read email, you actually execute code. So your email message
00:49
is, Ah, not the way you see what you see. This HTML interpreted version off the actually interpreted version off HTML file that is actually your email message. So you see here message there have reads received
01:07
and to the right to the actual HTML file
01:11
that creates this message so you don't see it all because it's very long. Just an example. But
01:19
a female is the language, so it's kind of a code, and this code is essentially interpreted by your email client or by your browser. If you're using,
01:32
uh where mail service.
01:34
And then you see there's a like a plain text or text with the links or text with some pictures in it, or texted some attachments or text with some links to some some sites
01:51
or whatever. So whatever email you received,
01:55
it's essentially shaped upon the HTML file you received. So if somebody inserts the malicious park piece of coding that HTML file, then it can do something to your PC that you actually don't want to be done.
02:12
A similar thing is when you open enough his documents so we all use on a daily basis. We write texts or off course. I mean on a daily basis, with many do business. So business today revolves around the written documents, PDF files
02:30
and Excel sheets and Power Point presentations. This is but most of office workers to they use on a daily basis.
02:37
So when you open something like an office document, you actually execute code because off his document is actually an XML file. So your dot XLs X file is actually a ZIP file. So if you rename your
02:52
Xel file to duck zip
02:53
and then open it with some kind of zip your you will see the folder structure. It's an XML file. So if you open one of those external files like you see here on this picture,
03:05
you see
03:07
to the left the actual Excel file and then to the right, you see how it looks in XML. So XML is slightly more advanced version off html,
03:19
and you simply get it
03:22
a za code that is then interpreted by Excell program.
03:28
And
03:30
within the limitations and off what Excell program allows you to do, you can put similar she's code and executed. For example, you can go online and download some payload and then drop it on your PC,
03:44
not you, but the cold itself.
03:47
Yes, everything is like when you open a Web page. This is also HTML,
03:53
and when you're browsing, you're basically constantly interpreting some code. So if there is some malicious content in that code, it can vice pass species security and this advantage.
04:04
And also
04:06
there is one more reason why PC's and secured by design,
04:11
and this is because operating systems have not been designed with security is the number on priority so always for ah, manufacturer of operating system and there are not so many of them today. So you have, like, when those you have Apple Microsoft apple and then you have Google with the android and chrome operating systems,
04:30
and then you have leanings, and
04:31
this is pretty much it when it comes to what people are using
04:36
today. When you look comes to PC users, unless you're some hardcore professional, you're probably not using Linux, so you're either using Windows or
04:47
Apple's operating system like Mako a six. And if you are in academia, you might be using herma birthing system because you're using chromebook.
05:00
So what's going to details? And they said, e mails are written html
05:09
and accept the body of the email that can be infiltrated by malicious code.
05:15
You can have attachments that contain Marber. For example, you could have Excel file that is infected within the email, so email itself is benign. It's OK, but the file is ineffective, and also email can contain links to militias sites.
05:31
So this practice off adding links to malicious sites or infected attachments
05:38
is something that is widely used in attack method that is called phishing, in which people simply received the emails with the content that might be or might not look legit
05:53
in In terms off. It's a business conversation between some of the you do business on a regular basis. But even if it looks completely bogus, said, there are people who will click on the link or open the attachment just for the curiosity or did you just don't care?
06:10
So this is the reason why
06:12
we have the huge increase in phishing attacks in the past few years,
06:17
and I said the malicious code can be hidden in documents, and you have seen already the example off something with them Excel file.
06:28
But this can also spread to some other
06:33
types of files, like pdf files
06:38
or photos. For example,
06:43
if you go back to PDF files, you see, the PdF file is actually some kind of cold as well,
06:46
and it can be into infiltrated with Mount Melber or malicious code.
06:53
And then you have photos interest, for example, technology using stay exploit, which hides cold, actually a link to a dropper to a J pic file using technological steganography, which chides binary data within, or some kind of data within J pic files.
07:12
So if it's hidden there you. Can you open it in a browser? Then they can direct browser to do something militias to your PC.
07:23
And in the end, there is waste to put malicious cold into some kind off
07:30
video files. For example, in Dr SF, we have the documented the behavior of get Codec warm,
07:36
which in care infects their files and ask you toe doubled Codec to view it. And then you Uranus expecting user. You click on it. You it gets you tum toe downloads the malicious file and then infects your PC. Now the question you're probably asking yourself
07:57
is, Why can't we stop this behavior? I can predict that there is malicious code
08:03
inside the email message or a document. Well, we can't.
08:07
And for those of you who want to look at the details, uh, please look at the link below. It's a paper written by Professor Evans of the University of Virginia,
08:20
where he explains,
08:22
why is it impossible toe make 100 to make a software that will determine if some other software is wires or not with 100% certainty? So
08:33
it's mathematically, let's a proven to be impossibility, and this is the thing we have to live with.
08:41
So it's rather difficult to understand if you're not mathematician, so you can just look for it from from for the sake of film use meant if you're if,
08:54
but I I didn't understand it completely. I understand the conclusion understood the conclusion, but I didn't understand that the whole
09:01
process in this file.
09:03
So in this video you have learned about the fundamental in security of PC Platform and some of the attack directors and PC, and the next lesson, I'm going to continue elaborating on this topic.

Up Next

Intermediate PC Security

The Intermediate PC Security course will teach students about endpoint protection. Students will learn fundamental information about PC Security and common attack vectors.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor