Intro to CyberSecurity + Pumpkin Pi Rogue AP Attack

Photo by Clint Patterson on Unsplash

Defining Vulnerabilities & Exploits

First, of many, Mr.Robot references (sorry not sorry)

On Public WiFi? Use a VPN or else.

MITM attack VS using a secure VPN (green line)

What’s a Man-in-the-Middle Attack?

Choosing a VPN

The ‘Evil Twin’ Starbucks Attack Example

Disclaimer:

Pumpkin Pi

All the attacker needs is a bit of familiarity with the bash command line, a $35 Raspberry Pi with Kali Linux installed, a wireless network adaptor (roughly $25), and WiFi-Pumpkin installed.

Image credit: Null-Byte
My Raspberry Pi
Rogue AP named ‘Free WiFi’
Rogue AP diagram (source)
Another Mr.Robot GIF

You’ve Just Been Owned.

Plugins mentioned above (keylogger, script injection, etc)
WannaCry ransomware screenshot — $300 worth of Bitcoin ransom

What is Ransomware?

What You Can Do: 2FA, VPNs, and Password Managers

I will not be owned (fan-art) | Can you tell I like this show..?

So now that I’ve got you sufficiently paranoid, I have some good news: there’s something you can do.

LastPass

Password Managers

What is 2FA? Getting Started with Two-Factor Authentication

Fantastic resources for further research:

Best Method for Creating a Strong Password by AVG

MITM Information by GlobalSign

Info on Remote Access Trojans by Malwarebytes

Raspberry Pi 101+ Projects by PiMyLifeUp

Huge shout-out to Null-Byte for the Pumpkin Pi Tutorial (Null-Byte full tutorial)

More Awesome Raspberry Pi Projects by UbuntuPit

The Motherboard Guide to Not Getting Hacked (Motherboard by Vice’s comprehensive guide, great read)

--

--

--

Full-stack developer. Alumna of Flatiron School's Software Engineering Immersive bootcamp. Portfolio: https://tiffany-codes.com/

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Offensive Security Proving Grounds Walk Through “Depreciated”

I’m not paranoid, a secure lifestyle: Part 2

{UPDATE} Encontre & Pesquisa de Palavra Hack Free Resources Generator

Vulnerability Discovered in Google Chrome CSP Enforcement

An Introduction to Homomorphic Encryption Systems

How to improve your IT and network security with VAPT?

A Huge Bump In Data Breaches Is Stoking Bot-Driven Attacks

{UPDATE} Idle Civilization Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tiffany Abraham

Tiffany Abraham

Full-stack developer. Alumna of Flatiron School's Software Engineering Immersive bootcamp. Portfolio: https://tiffany-codes.com/

More from Medium

What’s Magic In Cybersecurity?

Learning more about DLL Hijacking

Enable Number Matching for Microsofts AzureAD

All Signs Point to a Schism in Cybersecurity