Chapter 2

Allows the attacker to take control over a device without the user's knowledge.

Man-In-The-Middle (MitM)

When a malicious application accesses memory allocated to other processes

Buffer overflow

Incorrectly regulating who does what and what they can do with resources

Access Control Problems

Sometimes bundled with other software, this malware is designed to automatically deliver advertisements

Adware

Malware designed to automatically perform action, usually online

Bot

Attacker builds a network of infected hosts, called a botnet

DDoS Attack

Originates from multiple, coordinated sources

DDoS Attack

Relatively simple to conduct, even by an unskilled attacker

DoS Attack

When a maliciously formatted packet is sent to a host or application and the receiver is unable to handle it

DoS Attack

When a network, host, or application is sent an enormous quantity of data at a rate which it cannot handle

DoS Attack

Malware used to take control over a mobile device

Man-In-The-Mobile (MitMo)

Data coming into a program with malicious content, designed to force the program to behave in an unintended way

Non-Validated Input

when the output of an event depends on ordered or timed outputs

Race conditions

Malware designed to hold a computer system or the data it contains captive until a payment is made

Ransomware

Malware designed to modify the operating system to create a backdoor

Rootkit

Increase traffic to malicious sites that may host malware or perform social engineering

SEO Poisoning Attack

Make a malicious website appear higher in search results

SEO Poisoning Attack

Zombies are controlled by handler systems

SEO Poisoning Attack

Malware designed to persuade the user to take a specific action based on fear

Scareware

Often bundled with legitimate software, this malware is designed to track a user's activity

Spyware

Malware that carries out malicious operations under the guise of a desired operation

Trojan horse

Malicious executable code that is attached to other executable files, often legitimate programs

Virus

When developers attempt to create their own security applications

Weakness in security practices

Malicious code that replicates itself by independently exploiting vulnerabilities in networks

Worms