Chapter 2
Allows the attacker to take control over a device without the user's knowledge.
Man-In-The-Middle (MitM)
When a malicious application accesses memory allocated to other processes
Buffer overflow
Incorrectly regulating who does what and what they can do with resources
Access Control Problems
Sometimes bundled with other software, this malware is designed to automatically deliver advertisements
Adware
Malware designed to automatically perform action, usually online
Bot
Attacker builds a network of infected hosts, called a botnet
DDoS Attack
Originates from multiple, coordinated sources
DDoS Attack
Relatively simple to conduct, even by an unskilled attacker
DoS Attack
When a maliciously formatted packet is sent to a host or application and the receiver is unable to handle it
DoS Attack
When a network, host, or application is sent an enormous quantity of data at a rate which it cannot handle
DoS Attack
Malware used to take control over a mobile device
Man-In-The-Mobile (MitMo)
Data coming into a program with malicious content, designed to force the program to behave in an unintended way
Non-Validated Input
when the output of an event depends on ordered or timed outputs
Race conditions
Malware designed to hold a computer system or the data it contains captive until a payment is made
Ransomware
Malware designed to modify the operating system to create a backdoor
Rootkit
Increase traffic to malicious sites that may host malware or perform social engineering
SEO Poisoning Attack
Make a malicious website appear higher in search results
SEO Poisoning Attack
Zombies are controlled by handler systems
SEO Poisoning Attack
Malware designed to persuade the user to take a specific action based on fear
Scareware
Often bundled with legitimate software, this malware is designed to track a user's activity
Spyware
Malware that carries out malicious operations under the guise of a desired operation
Trojan horse
Malicious executable code that is attached to other executable files, often legitimate programs
Virus
When developers attempt to create their own security applications
Weakness in security practices
Malicious code that replicates itself by independently exploiting vulnerabilities in networks
Worms