KERNELiOS KERNELiOS Cyber Security Courses קרנליוס קורסים סייבר ואבטחת מידע Mon, 15 Feb 2021 10:59:49 +0000 en-US hourly 1 KERNELiOS 32 32 What is Cyberspace Tue, 03 Jul 2018 12:38:48 +0000 “The physical and logical space in which virtual processes exist which influence physical activity, physical life, and logic interactions.”

In the emerging cyberspace, it is possible to see a range of current and developing enterprises characterized by new effort, which may be compared  to military conceptualization of the “emerging battlefield”, in which it is necessary to cope with diverse cyber attacks of varying strength that can upset the enemy’s functional equilibrium.

As such, cyberspace brings good news to humanity, but its very dependence on the human factor embodies substantial built-in vulnerability, both in error, but especially through malicious behavior.  It can therefore be concluded that the “force multiplier” in cyber technology is liable to turn, if wrongly used, into a “damage multiplier”.

The cyber effort basically comprises three overlapping dimensions/interfaces:

Data protection and support technologies – including integrated actions to prevent harm to data completeness and reliability, and protecting the availability of support technologies’ capabilities and immunity of support systems

Intelligence gathering – listening and gathering information about the opponent’s systems for inquiry, counterintelligence, and intelligence investigation of the information

Intelligence warfare – all operations intended to disrupt, up to the point of paralyzing, functional continuity through information- and embedded computer systems

What is Cyberspace

K 1 s eng

Diagram interpretation:

  • User (machine, application, or process) as an data creator or consumer
  • Databases which accumulate data created and processed by the user
  • Communications infrastructures and facilities are the foundations on which the applications and data rely
  • Applied infrastructures are the “brain” which enables data creation and interactions between the physical factor and the logic device.

Support components:

  • Policies, regulations, and procedures
  • Technical intelligence gathering tools
  • Command and control means – processes for collection, correlation, and filtering irregularities from the organizational rules
  • o Integrativity and connectivity between organizations and IT- and data systems
  • Simulation, analysis, and decision support tools
  • Ongoing operational/business activation
  • Operation and maintenance
  • Training and Certifications

Thinking of becoming a Cyber Specialist? Come and learn from our experts. For more information CLICK HIRE!

]]> 0
Cyber Defense Systems Tue, 03 Jul 2018 12:34:18 +0000
  • From a multidimensional perspective, it is possible to view defense systems from two interesting points of view: one from an aspect of protecting the information and its secrecy (inside-out) while the second allows a comprehensive protective view in the context of the systems’ robustness and prevention of their disruption (top-down).
  • The person responsible for information security will place the item of information at the center of his world, and it is the asset that he will seek to protect, both in terms of privacy and in terms of protecting the “secret” that allows operational function and continuity to exist. ‎
  • The person responsible for protecting the cyber space will seek to create matrix (length, width, and depth) defense systems at the enterprise and its infrastructures, ‎ beginning from the external physical access perimeter to the enterprise, through enterprise’s communications, computer, and control systems, and up to the information assets them self.
  • Cyber Defense Systems

    K 2 s eng

    Thinking of becoming a Cyber Specialist? Come and learn from our experts. For more information CLICK HIRE!

    ]]> 0
    Principles for Planning Cyber Defense Systems Tue, 03 Jul 2018 12:33:17 +0000 K 3 s eng

    The planning of “building blocks” to protection – organization, method and technology vector:

    k 4 s eng

    Thinking of becoming a Cyber Specialist? Come and learn from our experts. For more information CLICK HIRE!

    ]]> 0
    What Do Vulnerabilities and The stages of a cyber attack Tue, 03 Jul 2018 12:23:23 +0000 A cyber attack is liable to occur across the broadest range of forms, which means that at the time that the attacker makes an effort to penetrate the enterprise at a certain point which is unknown to the defender, the latter must make a broad, perimeter and in-depth defense investment at all levels of the cyberspace environment in order to create effective defense that meets the enterprise’s goals.

    What Do Vulnerabilities Look like and How to Investigate Them

    Aggressive cyber warefare has several possible objectives, either jointly or separately:  ‎

    • Espionage, obtaining and/or damage information. ‎
    • Software and/or hardware disruption/sabotage. ‎
    • Paralyze availability and/or critically damage functional continuity of the enterprise’s infrastructure.

    The stages of a cyber attack: ‎

    • A cyber attack usually begins with collecting information about the opponent. ‎ For example, this stage might include phishing attacks on the opponent’s officers in order to obtain email addresses and passwords. ‎
    • After the initial data gathering, an attack usually spreads “across the target network” and the collection of information, such as what computers are used by the network, their addresses, which operating systems they run, and the communications equipment, etc. ‎
    • ‎Later on, the attacker will usually plant in the target system a code, which serves as a “beachhead” for the next stage of the attack.
    • ‎At this point, the attacker will try to understand which antivirus systems are used by the target network, what type of security equipment is embedded in it, etc.
    • Afterwards, the attacker will plant the “harmful cargo” using means of concealment as needed. ‎
    • The stage at which the “harmful cargo” is embedded in the target system and reports back to “command and control” may last for several years. ‎
    • Finally, a sophisticated attacker will ensure the destruction of the effective cargo and erase its tracks. ‎

    Methods of attack: ‎

    Treating cyberspace as a multilayer environment according to the 7-layer model and focusing on the attacked layer, which serves as a target for the attacker’s action.  ‎

    It is also possible to see the use of a wide range of traditional intelligence methods, such as impersonation as a virtual entity, use of social engineering techniques, and even the recruitment of actual human agents. ‎

    Connecting to the network’s physical layer ‎

    • The attack is directed against the physical layer – i.e. by connecting to the copper wire (or fiber optics) to actually eavesdropping on the line. ‎ Eavesdropping is a technique that is millennia old, and most countries have extensive organizations specializing in this field. ‎
    • Another way is to install a component in the communications or IT equipment. Usually, the organization eavesdropping on a hostile network is the military and/or an intelligence gathering entity, and the organization eavesdropping on the country’s own citizens is part of counter intelligence. ‎ There are several bugging methods: ‎
      • Commando raids – ‎ most countries have elite military units specializing in eavesdropping on communications and computer networks.‎
      • Local agents – ‎ use of local manpower recruited by the party seeking to connect to the network and bug it‎.
      • Attacking the production and supply chain – ‎ usually, the local manufacturer does not know the end use of its components. ‎ As the semiconductor industry has grown, the various stages of production are carried out by subcontractors around the world.‎ Today, in 2015, almost all of the world’s semiconductor manufacturers separate development, design, production, packaging, and so forth. In practice, all of the world’s large semiconductor manufacturers are dispersed among several countries, some of which are political rivals. ‎ Many semiconductor manufacturers have fabs in both China and Taiwan, for example. ‎ This geographic dispersion enables easy physical access to components in his comfort zone. ‎The organizational structure outline of these manufacturers show appears in a book about manufacturer’s activity in China (in the “further reading” section below). ‎ For example, the United States bans the use of Lenovo computers by government agencies and also forbids them to use mobile devices by one of China’s largest mobile manufacturers. ‎ The disadvantage of this method is that it is not focused on particular targets. ‎ Its major advantage is the very wide distribution‎
      • Attacking the distribution chain – ‎ similar to the broad dispersal of manufacturing plants, in the modern era, distribution chains are global commercial enterprises. ‎ The advantage of this method is the possibility of embedding means only in equipment intended for a specific target

    Common methods of attack: ‎

    • Fake MAC address – in the connectivity layer, the data link, messages are addressed on the basis of a MAC (Medial Access Control) address, ‎ which is installed on the network card or modem during the manufacturing stage. ‎ This technique of attacking this layer includes a fake MAC address. ‎ MACs can be also activated against physical computers as well as against virtual machines. ‎
    • Fake IP address – network traffic can be routed in the third layer, on the internet and a large number of other networks by the logic address known as IP. ‎ This address is not installed in the equipment during its manufacture, but is a logic address, which can be altered. ‎
    • Attacking the middleman – at higher levels of the network layers there is the method of attack known as the “middleman attack”. ‎ In this method, the attacker routes the network traffic to pass through the middleman without the parties at either end (the sender and the recipient) being aware of it. ‎ Middleman attacks are carried out by manipulating the Hypertext Transfer Protocol. Since this type of attack has become so commonplace, a complete mechanism has been specially designed for it, which uses the “signature” of a trusted third party together with the HTTP Secure traffic encryption. ‎
    • XSS attack – an XSS attack allows the injection of malicious code into websites by entering the user’s surfing data. ‎ This method can infect the target sites by tempting the user to surf the infected site in order to infect him with the malicious code. ‎ Currently (in 2014), this method constitutes the main risk on the Internet, and was used in some famous attacks, such as the attack on oil and gas exploration companies, known as The Mask. ‎
    • Denial of service attacks – this very common method of attack inundates the site that hosts the service provider with messages, slowing its ability to respond to users and even crashing it.‎

    Sources – Wikipedia and open online information

    Thinking of becoming a Cyber Specialist? Come and learn from our experts. For more information CLICK HIRE!

    ]]> 0
    Open source intelligence in cyberspace ‎(Overt, Technological) Mon, 30 Apr 2018 09:30:11 +0000

    Open source intelligence in cyberspace ‎

    The main objective of the intelligence effort is to provide the client with as much information as possible.‎

    Open source intelligence (OSINT) –  collecting information from  open sources (press and electronic media, government-issued information, academic papers, open databases and so forth). OSINT is distinguished from classified intelligence sources. ‎ There is also semi-open source intelligence gathered by diplomatic channels, including ambassadors, military attaches, and others. ‎

    OSINT involves data processing, which includes location, selection, and gathering of data from public resources and analyzing it to produce useful military, political, or business intelligence. ‎

    OSINT includes a wide range of intelligence and sources of intelligence:  Mass ‎

    • Mass media – newspapers, magazines, radio and television‎.
    • Internet communities – and data created by internet users on forums, video clip storage sites, Wiki-based sites, blogs, etc‎.
    • Public information – government reports and official information, such as budgets, demographics, minutes of cabinet and legislature meetings, press conferences, speeches, shipping and aircraft warnings, reports by environmental agencies, government tenders, etc.‎
    • Observation and reporting – amateur aviation reports, reports by airwaves and satellite monitors, online satellite images, etc. ‎
    • Professional and academic sources – professional conferences and public symposiums, unions and associations, scientific literature, etc. ‎
    • Open geospatial information – maps, atlases, seaport and airport plans, aeronautical information, maritime navigation and geodesic data.‎

    Creating intelligence from open sources, in contrast to general research, applies intelligence processes to open sources in order to produce reliable and precise intelligence that will support decision-making on specific questions posed by a person or organization. ‎

    Open source information is handled the same way as intelligence from other sources (such as secret sources).‎

    In contrast to secret intelligence sources, intelligence produced from open sources has great value with regard to its technological aspects, with an emphasis of cyber defense, ‎ since the latter can exploit open source intelligence to identify and close existing loopholes and vulnerabilities in the systems for which it is responsible. ‎

    Links and additional reading material: ‎


    Open source intelligence in cyberspace


    Wikipedia  ‎

    Israel Open source Intelligence Heritage & Commemoration Center‎

    Appendix – concrete example of open source intelligence in a real event

    Hacking team Leak – 06/07/2015

    “Moreover, it is our ESSENTIAL policy that under NO circumstances we confirm or deny allegations: our clients’ privacy and security are of the HIGHEST importance to us”


    On Sunday, Hacking Team was hacked.

    The attackers have published a Torrent file with 400GB of internal documents, source code, and email communications to the public at large.

    In addition, the attackers have taken to Twitter, defacing the Hacking Team account with a new logo, biography, and published messages with images of the compromised data.

    • Implemented PC code to avoid AVG anti-virus
    • Support call recording from:

    o   Skype

    o   WhatsApp

    o   Facebook

    o   Viber

    o   Tencent

    o   Google Talk

    • It seems they have the “Android Exploit Delivery Network” that seems to have a 4-stage Android exploit
    • Have a file “SELINUX_Exploit”

    Installation vectors

    • “Network injection” – SBT solution
    • “Exploit portal” – A way to transform web pages or files to exploits


    • Social Engineering Toolkit

    o   Official website:

    o   Spanish intro:

    o   Linux distribution with security testing tools.

    • Network tools:






    o   Blog and Podcast.

    • Other tools:

    o   Maltego:

    o   Intelligence online tolos:

    o   Nirsoft Windows appes:

    o   Nmap: (Network mapping tool).

    o   Ettercap for man-in-the-middle atacks

    o   Wireshark: (Network protocol analyzer).

    • Exif and metadata:

    o   FOCA:

    o   ExifReader:

    o   ExifTool: and its GUI:

    • Search engines:





    • Spcialized searching engines:

    o PCs, webcams, IPs, geolocation…

    o Check a username in more than 150 services.

    o More services than NameCHK.

    o Similar to image searching of Google.

    • People searching:



    o   Wink

    • Metadata:

    o   Metagoofil ( offimatic document metadata (pdf, doc, xls, ppt, docx, pptx, xlsx).

    o   Libextractor ( Support more formats than Metagoofil but less detailed.

    • Domains:

    o professional watch over domains and contracting holder.

    o reliability analysis and domain visits.

    o check which domains and services share an IP or server.

    • Other:

    o   GooScan ( automatic google searching.

    o   SiteDigger ( from McAfee; like GooScan but also searching in Google cache and revealing vulnerabilities.

    o   OsintStalker (FBStalker & GeoStalker): Collecting info about a person from social network profiles.

    o get locations, dates, etc from social network accounts.

    o   Theharvester: search people/companies information using search engines and social networks

    For more information on cyber security and online cyber learning call now or leave your message and we will get back to you.

    Thinking of becoming a Cyber Specialist? Come and learn from our experts. For more information CLICK HIRE!

    ]]> 0