Malicious Software
Adware
e is one of the most visible forms of malware that you'll encounter, most of us see it every day. software that displays advertisements and collects data.
integrity
means keeping our data accurate and untampered with.
confidentiality
means keeping things hidden. In I.T., it means keeping the data that you have hidden safely from unwanted eyes.
availability
means that the information we have is readily accessible to those people that should have it. This can mean many things, like being prepared if your data is lost or if your system is down.
One particular method of confidentiality that you probably use everyday is
password protection
Botnets are designed to
utilize the power of the Internet-connected machines to perform some distributed function.
ILOVEYOU or Love Bug
worm spread to millions of Windows machines. Someone would email a message with a subject line of I Love You, and an attachment that was actually the worm disguised as a love letter text file. The text file was actually an executable file that when opened would execute many attacks like copying itself to several files and folders, launching other malicious software, replacing files, and then hiding itself after it was done.
Vulnerability
A flaw in the system that could be exploited to compromise the system. can be holes that you may or may not be aware of.
Example of a Botnet
A popular attack has been creating Botnets to do stuff like mine Bitcoins. mining Bitcoin requires a machine to perform some computation that takes up your machine's resources. instead of having one computer run computations, attackers can now have a thousand computers running computations and raking in more and more Bitcoin.
0-day vulnerability or zero day for short.
Which is a vulnerability that is not known to the software developer or vendor, but is known to an attacker. The name refers to the amount of time the software vendor has had to react to and to fix the vulnerability, zero days.
Attack
Which is an actual attempt at causing harm to a system.
If there are a collection of one or more Bots, we call that network of devices
a Botnet.
rootkit
a collection of software or tools that an admin would use. It allows admin level modification to an operating system.
Keylogger
a common type of spyware that's used to record every keystroke you make. It can capture all of the messages you type, your confidential information, your passwords, and even more.
CIA triad (Confidentiality, Integrity, Availability)
a guiding model for designing information security policies.
Logic bomb
a type of Malware that's intentionally installed, after a certain event or time has triggered, it will run the malicious program.
Ransomware
a type of attack that holds your data or system hostage until you pay some sort of ransom.
Malware
a type of malicious software that can be used to obtain your sensitive information or delete or modify files.
Worms
are similar to viruses except that instead of having to attach themselves onto something to spread, worms can live on their own and spread through channels like the network.
white hat hackers
attempt to find weaknesses in a system, but also alert the owners of those systems so that they can fix it before someone else does something malicious.
What are the two common types of hackers
black hat and white hat hackers
How did the ILOVEYOU worm spread
by stealing e-mail addresses that were in the victim's computer and chat clients. It then proceeded to send that email out to everyone in the address book.
CIA Triad
confidentiality, integrity, and availability.
How does spyware spy on you?
could mean monitoring your computer screens, key presses, webcams, and then reporting or streaming all of this information to another party
Backdoors are most commonly installed after an attacker has
gain access to your system and wants to maintain that access.
How does a Trojan work?
has to be accepted by the user, meaning the program has to be executed by the user. are meant to entice you to install them by disguising themselves as other software.
Backdoor
is a way to get into a system if the other methods to get in a system aren't allowed, it's a secret entryway for attackers.
Trojan
is malware that disguises itself as one thing but does something else.
Hacker
is someone who attempts to break into or exploit a system.
Spyware
is the type of malware that's meant to spy on you.
The rootkit can be running lots of malicious processes, but at the same time those processes wouldn't show up in task manager because
it can hide its own presence.
A rootkit can be hard to detect because
it can hide itself from the system using the system itself.
WannaCry
ransomware attack in May of 2017. The malware took advantage of a vulnerability in older Windows systems, infecting hundreds of thousands of machines across the world. shutdown the systems for the National Health Services in England, causing a health-related crisis.
The data that we send or receive should remain
the same throughout its entire journey.
black hat hackers
try to get into systems to do something malicious.
Bots
Malware that can utilize someone else's machine to perform a task that is centrally controlled by the attacker.
Viruses
Most common type of malware. attaches itself to some sort of executable code like a program. When the program is running, it touches many files, each of which is now susceptible to being infected with the virus. So, the virus replicates itself on these files, does the malicious work it's intended to do, and repeats this over and over until it spreads as far as it can.
Exploit
Software that is used to take advantage of a security bug or vulnerability.
How do you get Adware?
Sometimes we legitimately download adware. That happens when you agree to the terms of service that allows you to use free software in exchange for showing you advertisements. Other times, it may get installed without your consent and may do other malicious things than just display advertisements.
Threat
The possibility of danger that could exploit a vulnerability. just possible attackers, sort of like burglars.
Risk
The possibility of suffering a loss in the event of an attack on the system.
