Threats, Attacks and Vulnerabilities Flashcards
What is Malware
Malicious software that can cause harm to the user.
What are some example of malware?
Keystroke malware Botnet Adware Viruses and worms Crypto malware
How to get malware
Vulnerability exploitation
Installation
What does the virus need in order to reproduce itself?
Execute a program
How does the anti-virus protect against viruses?
Through virus signatures discovered every week
What are some virus kinds?
Program virus (part of a program)
Boot sector virus
Script virus
Macro virus
What is a worm?
Virus that can move itself through the network very quickly
How can you mitigate worms?
NGFW
IDS/IPS
What was the wannacry worm?
It infected a computer and encrypted its files
It looks for other systems in the network that has the same vulnerabilities
Once it finds it, it installs itself and runs on the vulnerable computer
It installs a backdoor from where wannacry is downloaded
What is ransomware?
Cryptograph the computer and ask for money in exchange of the decryption
How to avoid a ransomware attack?
Have a backup
Keep OS up to date
Keep applications up to date
Keep anti-virus up to date
What are Trojans or Remote Access Trojans (RATs)?
It is a software that pretends to be something else
What is a backdoor?
A way to go back into the system without going through the visible frontdoor
How to avoid Trojans?
Don’t run unknown software
Update anti-virus and anti-malware
Always have backup
What is a rootkit?
A software generally invisible to the software in the kernel, which makes it hard to remove
What is a keylogger?
A software that saves the keystrokes and send it to a pre-defined location.
What is an adware?
Software that pops-up advertisement that can hinder the performance
What is a spyware?
It watches for what is done in the computer
What is a botnet?
A special kind of malware that turns the computer into bots that waits for a command, usually comes from trojan horse or software installation
What is a logic bomb?
A specific kind of malware that waits for an event to happen. Usually difficult to identify and recover from it.
What is phishing?
A mixture of social engineering and spoofing that tries to deceive the user and make him click or send login information.
How to avoid phishing?
Check the URL, spelling, fonts, graphics
What is Vishing?
Voice phishing
What is spear phishin?
Customized phishing to focus on a specific target with a sense of real content
What is whaling?
Spear phishing a high stake target
What is Tailgating?
To use someone else to gain access to a building (ex: dress like the people and blend in)
How to prevent tailgating?
Make visitors visible and identifiable
One scan, one person at a time
Train organization to ask who they are?
What is impersonation?
To pretend to be someone you aren’t
Can come after a throughout study from the organization
How to prevent impersonation attacks?
Never volunteer information
Don’t disclosure personal details
Verify before revealing info
What is dumpster diving?
To go into the dumpster and searching for confidential information
What is important to dumpster diving?
The timing
Is it legal to dumpster dive?
In most of USA, yes. But it is recommended to verify.
How to protect the rubbish?
Secure the garbage
Shred your documents
Look at the trash and do a training based on it
What is shoulder surfing?
To look at someone else’s screen
How to prevent shoulder surfing?
Control your input
Privacy filter
Keep monitor out of sight
Be Careful of who is behind you
What are hoaxes?
Threats that don’t really exist (ex: hoax about a virus)
What is a watering hole attack?
Instead of attacking the machine itself, it attacks where people access (ex: industry related sites, local coffee shop) and infects who connect to them.
How to avoid watering hole attack?
Layered defense
Firewall
IPS
Anti-virus and Anti-malware installed
Social engineering principles
In person or online Authority Intimidation Social proof Scarcity and urgency Familiarity and trust
What is a Denial of Service (DOS)?
To make a service unavailable for any objective