Threats, attacks, vulnerabilities Flashcards
What is an indicator of compromise?
Artifacts observed that indicate with a high degree of confidence a computer intrusion
What is a virus?
Malicious code that requires user interaction to install and replicate
Crypto-malware/Ransomware
Malicious applications that SCARE or SCAM users into taking some type of ACTION
Crypto-malware/Ransomware creates a sense of what
A sense of urgeny to pay in order to get data back
What is a worm?
Self replicating program that can spread w/o user interaction
Two types of worms
Network service worms
Mass mailing worms
What are network service worms?
Something in the network allows the worm to spead
Trojan
Seemingly friendly software that contains hidden malicious software
What is a remote access tool (RAT)
Allows attacker to upload/download files, watch webcams, turn on audio, keyloggers, etc
Rootkit
installs itself at the os or kernel level to avoid detection
What type of malware is very difficult to get rid of?
Rootkits
Why are rootkits difficult to get rid of?
It loads before the operating system loads, and can disable the anti virus and anti malware
Keylogger
Malicious application that once installed on a host can capture all keystrokes
Adware
Malware that is installed on an infected machince to deliver ads
Spyware
Malicious software that captures user activity and reports back
