Lesson 4 - Identifying Social Engineering and Malware Flashcards
A class of malware that modifies system files, often at the kernel level, to conceal its presence.
Rootkit
Malware that tries to extort money from the victim by blocking normal operation of a computer and/or encrypting the victim’s files and demanding payment.
Ramsomware
A malicious program or script that is set to run under particular circumstances or in response to a defined event.
Logic bomb
“mine”
A malicious program or script that is set to run under particular circumstances or in response to a defined event.
Logic bomb
Mine Trap
A Trojan that searches for files to encrypt and then prompts the victim to pay a sum of money before a certain countdown time, after which the malware destroys the key that allows the decryption.
Cryptolocker
A type of crypto-malware hijacks the resources of the host to perform cryptocurrency mining.
Crypto-mining or Cryptojacking
Software capable of detecting and removing virus infections and (in most cases) other types of malware, such as worms, Trojans, rootkits, adware, spyware, password crackers, network mappers, DoS tools, and so on.
Antivirus (A-V) software
A software agent and monitoring system that performs multiple security tasks.
Endpoint Protection Platforms (EPPs) or next-gen A-V
A system that can provide automated identification of suspicious activity by user accounts and computer hosts.
User and Entity Behavior Analytics (UEBA)
A computing environment that is isolated from a host system to guarantee that the environment runs in a controlled, secure fashion. Communication links between the sandbox and the host are usually completely prohibited.
Sandbox
Implementation of a sandbox for malware analysis.
Cuckoo
“cuckoosandbox.org”
A network monitoring system that uses a baseline of acceptable outcomes or event patterns to identify events that fall outside the acceptable range.
Anomaly analysis
Indicators that a legitimate OS process has been corrupted with malicious code for the purpose of damaging or compromising the system.
abnormal process behavior analysis