Breaches Flashcards
What is a zero-day exploit?
A previously unknown vulnerability in a system that the vendor has not yet patched. They are often exploited by attackers.
What is a worm?
Malware that can self-replicate to spread to other uninfected computers while staying active on the currently infected systems.
What is a vulnerability?
A flaw in hardware or software that an attacker could exploit.
What is a virus?
A type of computer program that replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be “infected.”
What is a trojan?
A type of malware that disguises itself as legitimate software.
What is suspicious activity?
Activity that can be seen as potentially malicious, but could also have legitimate uses. For example, an IP address that is scanning a system could be from an attacker, or could be from a harmless program.
What is SQL injection?
A web attack technique that exploits vulnerabilities in websites, allowing an attacker to query the underlying database and access information.
What is spyware?
A type of malware that enables a user to obtain information about another user’s computer activities by transmitting data covertly from their hard drive.
What is spoofing?
The act of modifying traffic or network information to impersonate another system.
What is scareware?
A malware tactic that uses pop-up ads and social engineering to manipulate individuals into believing they need to download or buy software that may appear legitimate, but could contain malware.
What is scanning?
Searching for vulnerabilities on a computer network or internet service using a program (remote scanner).
What is a rootkit?
A set of tools installed on a system that enables an attacker to gain control of that system without being detected.
What is remote code execution?
Used to describe a vulnerability that can be exploited without physical access to the device.
What is ransomware?
A type of malware designed to block access to a computer system or files until the ransom amount is paid.
What is Ransomware-as-a-Service?
A ransomware developer sells or leases their ransomware variants to individuals or groups who then use it to carry out attacks. RaaS reduces the cost to perform ransomware attacks and can provide 24x7 customer support and a platform for managing the malware.
What is proxy malware?
Malware that turns infected systems into intermediaries and allows network traffic to go through them.
What is a payload?
Malware that an attacker delivers to a victim.