Cybersecurity Essentials Chapter 3 Malware and Malicious Code

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Rogue Access Points

Access point is a wireless access point installed on a secure network without explicit authorization.

Zero-day

An attack that tries to exploit software vulnerabilities that are unknown, or undisclosed, by the software vendor.

Remote Code Executions

Application or web attack that establishes distant access to a program, service or device.

ActiveX Controls and Java

Application or web attack that exploits remote host by installing malicious program plugins.

XML/SQL Injections

Application or web attack that exploits the failure to validate database queries.

Buffer Overflows

Application or web attack that purposely submits excessive data overfilling the memory designed to receive the input.

ActiveX controls

Are pieces of software installed by users to provide extended capabilities. Third parties write some controls and they may be malicious. They can monitor browsing habits, install malware, or log keystrokes. It also works in other Microsoft applications.

Scarcity

Coaxing as a result of believing there is a limited quantity available.

Urgency

Coaxing as a result of believing there is a limited time to act.

Consensus or Social Proof

Coaxing based on the belief and actions of others.

RF Jamming

Deliberate jamming, with Radio frequency (RF) machinge that disrupts the transmission of a radio or satellite station so that the signal does not reach the receiving station.

Adware

Displays annoying pop-ups to generate revenue for its authors. The malware may analyze user interests by tracking the websites visited. It can then send pop-up advertising pertinent to those sites.

Tailgating

Following an authorized person to gain entry into a secure location or restricted area.

Online, Email, and Web-based Trickery

Forwarding hoax emails and other jokes, funny movies, and non-work-related emails at work may violate the company's acceptable use policy and result in disciplinary actions.

Spear phishing

Highly targeted phishing attack. uses emails to reach the victims, it sends customized emails to a specific person.

Grayware

Includes applications that behave in an annoying or undesirable manner. It may not have recognizable malware concealed within, but it still may pose a risk to the user. it is becoming a problem area in mobile security with the popularity of smartphones.

Buffer Overflow

It overflow occurs when data goes beyond the limits of a buffer. By changing data beyond the boundaries of a buffer, the application accesses memory allocated to other processes. This can lead to a system crash, data compromise, or provide escalation of privileges.

Java Virtual Machine (JVM)

It sandboxes or isolates untrusted code from the rest of the operating system. There are vulnerabilities, which allow untrusted code to go around the restrictions imposed by the sandbox.

SMiShing is short for SMS phishing

It uses Short Message Service to send fake text messages. The criminals trick the user into visiting a website or calling a phone number. Unsuspecting victims may then provide sensitive information such as credit card information. Visiting a website might result in the user unknowingly downloading malware that infects the device

Spam

Junk mail, or unsolicited email, that is used to send advertisements, harmful links, malware, or deceptive content.

Defending Against Application Attacks (5 ways)

Keep all software including operating systems and applications up to date, and do not ignore update prompts.

Ransomware

Malicious code that holds a computer system, or the data it contains, captive until the target makes a payment.

Spyware/Adware

Malicious code that is transmitted by email or downloaded from the web, that can collect user information or install banner ads in programs, web browsers, or webpages.

Rootkit

Malicious code that is used to compromise a system using backdoors.

Browser Hijacker

Malicious code that modifies browser configurations.

Worm

Malicious code that replicates itself by independently exploiting vulnerabilities in the networks.

Virus

Malicious executable code that is attached to another executable file, such as a legitimate program.

Logic Bomb

Malicious program that uses a trigger to awaken the malicious code.

Trojan Horse

Malware that carries out malicious operations under the disguise of a desired operation.

Defending Against Application Attacks (5 ways)

Not all programs update automatically, so at the very least, always select the manual update option.

Code Injections Attacks

One way to store data at a website is to use a database. There are several different types of databases such as a Structured Query Language (SQL) database or an Extensible Markup Language (XML) database. Both XML and SQL injection attacks exploit weaknesses in the program such as not validating database queries properly.

Impersonation

Pretending to be someone else to gain trust or access to unauthorized areas or data.

Keylogger

Program used to record or log the keystrokes of the user on a system.

Defending Against Application Attacks (5 ways)

Regardless of the language used, or the source of outside input, prudent programming practice is to treat all input from outside a function as hostile.

Dumpster Diving

Retrieving documents from the trash or recycling containers.

SEO Poisoning

Search engines such as Google work by ranking pages and presenting relevant results based on users' search queries. Depending on the relevancy of web site content, it may appear higher or lower in the search result list. ______________, short for Search Engine Optimization, is a set of techniques used to improve a website's ranking by a search engine. While many legitimate companies specialize in optimizing websites to better position them, _____________ uses _______to make a malicious website appear higher in search results

Bluejacking and Bluesnarfing

Term used for sending unauthorized messages to another Bluetooth device. Also occurs when the attacker copies the victim's information from his device. This information can include emails and contact lists

Plugins

The Flash and Shockwave ______________from Adobe enable the development of interesting graphic and cartoon animations that greatly enhance the look and feel of a web page. _____________ display the content developed using the appropriate software

Defending Against Application Attacks (5 ways)

The first line of defense against an application attack is to write solid code.

Whaling

The use of email, IM, or other social media, to attempt to gather private information, such as login credentials, of senior executives.

Phishing

The use of email, IM, or other social media, to try and gather private information, such as login credentials, by masquerading as a reputable person.

Vishing

The use of voice communications to try and gather private information, such as login credentials, by masquerading as a reputable person.

Pharming

The use of website to try to gather private information, such as login credentials, by masquerading as a reputable website.

Browser Hijacker

This is malware that alters a computer's browser settings to redirect the user to websites paid for by the cyber criminals' customers. It usually installs without the user's permission and is usually part of a drive-by download.

Pretexting

This is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data. An example involves an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.

Something for Something (Quid pro quo)

This is when an attacker requests personal information from a party in exchange for something, like a gift.

DoS and DDoS

Type of attack that denies access to authorized users making the network, network services, or data on the network, unavailable.

Sniffing

Type of attack that examines all network traffic as it passes through the NIC, even when it is not addressed to the attacking system.

Man-in-the-middle

Type of attack that intercepts communications between computers to steal information while traveling across the network.

Spoofing

Type of attack that uses impersonation to take advantage of a trusted relationship between two systems.

Intimidation

Use of bullying or threats to persuade.

Hoaxes

Use of deception to elicit a user's irrational reaction.

Authority

Use of power or the ability to persuade.

Familiarity/Liking

Use of rapport with the victim to establish a relationship and trust.

Defending Against Application Attacks (5 ways)

Validate all inputs as if they were hostile.

Remote Code Executions

Vulnerabilities allow a cybercriminal to execute malicious code and take control of a system with the privileges of the user running the application. Remote code execution allows a criminal to execute any command on a target machine.

Cross-site scripting (XSS)

Vulnerability found in web applications. It allows criminals to inject scripts into the web pages viewed by users. This script can contain malicious code. It has three participants: the criminal, the victim, and the website. The cyber-criminal does not target a victim directly. The criminal exploits vulnerability within a website or web application. Criminals inject client-side scripts into web pages viewed by users, the victims

Shoulder Surfing

Watching a victim enter a PIN, access code, or credit card number.

Social Engineering

is a completely non-technical means for a criminal to gather information on a target._________ is an attack that attempts to manipulate individuals into performing actions or divulging confidential information

Scareware

persuades the user to take a specific action based on fear. It forges pop-up windows that resemble operating system dialogue windows.


Set pelajaran terkait

Health Assessment Extra Practice

View Set

Biology 115 Exam 1: Multiple choice

View Set

History Chapter 8 - Section 2 (Ray)

View Set