Notable Threats in Cyber (Malware, Ransomware, etc.)

Question 1

What is malware?

Answer 1

Malware is malicious software designed to harm, exploit, or otherwise compromise computers, networks, or devices.

Question 2

What are common types of malware?

Answer 2

Common types of malware include viruses, worms, Trojans, spyware, and adware.

Question 3

What is ransomware?

Answer 3

Ransomware is a type of malware that encrypts a victim’s files, locking them until a ransom is paid.

Question 4

What impact can ransomware have?

Answer 4

Ransomware can lead to data loss, financial losses, and operational disruptions.

Question 5

Name three notable ransomware strains.

Answer 5

Cryptolocker, WannaCry, and REvil.

Question 6

What is phishing?

Answer 6

Phishing is a social engineering attack where attackers impersonate legitimate entities to steal sensitive information like passwords and credit card details.

Question 7

How does spear phishing differ from regular phishing?

Answer 7

Spear phishing targets specific individuals, whereas regular phishing is often indiscriminate.

Question 8

What is an Advanced Persistent Threat (APT)?

Answer 8

An APT is a long-term, targeted attack by sophisticated actors, often state-sponsored, aimed at infiltrating networks and stealing data.

Question 9

What is a DDoS attack?

Answer 9

A Distributed Denial of Service (DDoS) attack overwhelms servers with traffic, rendering services unavailable to legitimate users.

Question 10

What is the primary goal of a DDoS attack?

Answer 10

The primary goal of a DDoS attack is to disrupt business operations.

Question 11

What are zero-day exploits?

Answer 11

Zero-day exploits are attacks that target previously unknown vulnerabilities before developers can issue a patch.

Question 12

Why are zero-day exploits particularly dangerous?

Answer 12

They are dangerous because they lack immediate defenses, leading to potential data breaches and unauthorized access.

Question 13

What is social engineering in cybersecurity?

Answer 13

Social engineering is the exploitation of human psychology to gain unauthorized access, often without technical hacking.

Question 14

Name three common social engineering techniques.

Answer 14

Phishing, pretexting, and baiting.

Question 15

What is an insider threat?

Answer 15

An insider threat is malicious action by employees or internal stakeholders who have access to sensitive information.

Question 16

What is the impact of insider threats?

Answer 16

Insider threats can cause data leaks, intellectual property theft, and operational disruptions.

Question 17

What is a Man-in-the-Middle (MitM) attack?

Answer 17

A MitM attack is when attackers intercept and alter communications between two parties to steal data or inject malicious content.

Question 18

What does credential stuffing involve?

Answer 18

Credential stuffing involves using stolen credentials to access accounts through automated login attempts.

Question 19

What is cryptojacking?

Answer 19

Cryptojacking is the unauthorized use of a device’s resources to mine cryptocurrency.

Question 20

What are IoT vulnerabilities?

Answer 20

IoT vulnerabilities are security weaknesses in Internet of Things devices, often due to insufficient security features.

Question 21

What risks do IoT vulnerabilities present?

Answer 21

They lead to botnet formation, privacy violations, and exploitation of connected systems.

Question 22

What are cloud security threats?

Answer 22

Cloud security threats are attacks specifically targeting cloud environments, exploiting weak configuration, API vulnerabilities, or insecure interfaces.

Question 23

What are the risks associated with supply chain attacks?

Answer 23

Supply chain attacks compromise systems by infiltrating networks via trusted third-party providers.

Question 24

Give an example of a high-profile supply chain attack.

Answer 24

The SolarWinds attack is an example of a high-profile supply chain attack.

Question 25

What are deepfakes?

Answer 25

Deepfakes are AI-generated media, often video or audio, that impersonates individuals convincingly.

Question 26

What is the impact of deepfakes on security?

Answer 26

Deepfakes facilitate misinformation, identity fraud, and can compromise trust in digital media.

Question 27

What are mobile security threats?

Answer 27

Mobile security threats are attacks targeting mobile devices, often through app vulnerabilities or rogue Wi-Fi networks.

Question 28

Name two examples of mobile security threats.

Answer 28

Malicious apps and SMS phishing (smishing).

Question 29

What is fileless malware?

Answer 29

Fileless malware doesn’t rely on files but exploits legitimate programs, running in memory to avoid detection.

Question 30

How does fileless malware evade detection?

Answer 30

It avoids detection by traditional antivirus software, allowing attackers to bypass many defenses.

Question 31

What is rogue software?

Answer 31

Rogue software pretends to be legitimate security or utility software, often tricking users into installing it.

Question 32

What is scareware?

Answer 32

Scareware uses fake warnings to scare users into taking unsafe actions, often leading to malware installations.

Question 33

What are watering hole attacks?

Answer 33

Watering hole attacks compromise websites frequently visited by specific organizations or industries to infect visitors.

Question 34

What is a Business Email Compromise (BEC)?

Answer 34

BEC is a phishing attack where attackers impersonate executives or partners to request transfers of funds or sensitive information.

Question 35

What are Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)?

Answer 35

XSS and CSRF are web vulnerabilities where attackers inject scripts or trick users into actions they didn’t intend.

Question 36

What is privilege escalation?

Answer 36

Privilege escalation is when attackers exploit vulnerabilities to gain higher access levels within a system.

Question 37

What is DNS spoofing?

Answer 37

DNS spoofing is when attackers alter DNS records to redirect users to malicious websites.

Question 38

What is SQL injection?

Answer 38

SQL injection is an attack where attackers inject malicious SQL commands to manipulate or retrieve sensitive data from databases.

Question 39

What is a drive-by download attack?

Answer 39

A drive-by download attack installs malware on a user’s device simply by visiting a compromised website.

Question 40

What is SIM swapping?

Answer 40

SIM swapping is when attackers hijack phone numbers by tricking telecom providers into transferring them to a new SIM.

Question 41

What is the dark web’s role in cybersecurity?

Answer 41

The dark web facilitates the buying and selling of stolen data, including personal information, credentials, and credit card details.

Question 42

How can attackers exploit AI and machine learning?

Answer 42

They can manipulate AI systems to produce incorrect outputs or exploit weaknesses, affecting decision-making and security.

Question 43

What is code injection?

Answer 43

Code injection is when attackers insert malicious code into a system through software vulnerabilities.

Question 44

What are typosquatting and URL hijacking?

Answer 44

Typosquatting and URL hijacking involve attackers registering domains similar to legitimate ones to trick users into visiting malicious sites.

Question 45

What is firmware, and why are firmware attacks dangerous?

Answer 45

Firmware is software embedded in hardware components; firmware attacks can lead to persistent system compromise.

Question 46

What is quantum computing’s potential threat to cybersecurity?

Answer 46

Quantum computing could break many current encryption standards, making them obsolete.

Question 47

What are behavioral analytics in cybersecurity?

Answer 47

Behavioral analytics detect anomalies like unusual login patterns to identify potential threats.

Question 48

What is Zero Trust Architecture?

Answer 48

Zero Trust Architecture continuously verifies user identity and access, reducing the risk of unauthorized access.

Question 49

What are Hardware Security Modules (HSMs)?

Answer 49

HSMs are secure hardware components used to protect encryption keys from attacks.

Question 50

What is the purpose of threat intelligence feeds?

Answer 50

Threat intelligence feeds provide the latest information on threats and indicators of compromise to help organizations stay informed.