Apprenticeship shit Flashcards
What is phishing
attempting to steal personal information
What is vishing?
attempting to steal personal information over the phone
what is smishing?
attempting to steal personal information over text
what is spam?
sending out lots of unsolicited emails
What is dumpster diving?
Going through bins or rubbish to identify personal information
What is shoulder surfing?
Watching people enter personal information.
What is pharming?
redirecting users traffic to a malicious site.
DNS cache poisoning.
What is tailgating?
Following someone into a building into a high security area
What are hoaxes?
Creating a fake situation to get information.
What is prepending?
Adding mentions on social media posts to seem legitimate
What is impersonation
Pretending to be someone or something else
What is identity fraud
doing things under someone elses identity
What is an invoice scam
Asking someone to pay a fraudulent invoice
What is credential harvesting?
Gathering credentials at a large scale
What s a watering hole attack?
Identifying a site a group use, and targeting this site
What typo squatting / url highjaking?
choosing a domain name that is a typo of a popular domain name
What is hybrid warfare?
A combination of techniques for a campaign (cyber activities, proxy organisations)
What are social media campaigns?
Campaigns that influence social media users
What are the principles of attacks
Authority
Intimidation
Consensus
Familiarity
Trust
Urgency
What is consensus
acting with the consensus of the larger group
What is familiarity
favoring something because they know / like it
What is trust?
Acting because you trust something
What is urgency?
Forcing someone to act quickly and with bad jugement
What are IOCs
Artifacts observerd that indicate being hacked
What is a virus?
Malicious code that requires user interaction to install or replicate
What is ransomware?
Malicious programs that hold an asset at ransom in exchange for another asset.
What is a trojan
A malicious piece of code, inside a legitimate application. Often called a RAT
What is a worm?
A self replicating peice of malicious code
What are potentially unwanted programs?
An application downloaded as part of another program.
What is a fileless virus?
A virus that is in memory and never written to disk
What are botnets?
A large network of slave computers to a c2
What is a logic bomb?
Malicous code that executes when a condition is met
What is spyware?
Malicious code that captures users activity and reports back.
What is a keylogger?
Malicious code that captures keystrokes
What is a rootkit
Malicious kernel mods that hide at the kernel level
What is a backdoor
A way to maintain persitance in after the exploitation of a vulnerability
