Attack Vectors Flashcards
What is a virus?
A computer virus is a type of malicious software, or malware that spreads between computers and causes damage to data and software.
How is a virus spread?
Viruses spread through malicious code which can get into a system, modify it, and spread it to other computers. A virus can spread itself by attaching it to legitimate programs or documents that support macros which enable it to execute its code.
What damage can viruses cause?
Viruses can steal passwords and sensitive data, corrupt or delete files, slow down performance or even crash the entire system.
What is a boot sector virus?
A virus that takes control when you start you computer and can spread via infected USB drives.
What is a polymorphic virus?
A virus that changes its code to avoid detection.
What is a direct action virus?
A virus that is activated by opening downloaded files or programs.
What is XSS?
XSS is a type of security vulnerability that can occur in web applications and websites. XSS attacks involve injecting malicious JavaScript code into a web application, which can then be executed by other users when they enter the site.
How can XSS vulnerabilities occur?
XSS vulnerabilities occur when a web application or website adopts user supplied input into the page without properly validating or encoding the input which allow attacks to inject their own code into the site.
What damage can XSS attacks cause?
Attackers can steal cookies and impersonate users, steal personal information like usernames, passwords and credit card information, alter the content of websites to spread misinformation and redirect users to malicious websites.
What is a reflected XSS attack?
Reflected attacks are those where the injected script is reflected off the web server, such as in an error message. Reflected attacks are delivered to the victim via another route, such as in an email or on another website. When a user clicks a malicious link or browses a malicious website, the injected code travels to the vulnerable website which reflects the attack onto the users browser which will execute the code because it came from a trusted source.
What is a stored attack?
Stored attacks are attacks where the injected script is permanently stored on the target servers, such as in a database or a message forum. The victim then retrieves the malicious script from the server when it requests the stored information.
What is a worm?
A worm is a type of malware that can replicate itself and spread across a network of devices.
How can worms be spread?
Worms can be spread via email attachments, instant messaging, software vulnerabilities, shared access and clicking links.
What damage can worms cause?
Worms can overload systems by consuming large amounts of bandwidth and memory, exploit vulnerabilities in security software, steal sensitive information, change, delete and corrupt files and install backdoors that allow access to the system.
What is an email worm?
Email worms use emails to spread, often by disguising themselves as attachments. When an unsuspecting user opens an email and downloads the attachment, the virus is released into the system. The first worm distributed via the internet, the Morris worm was of this type.
