What is the newest trend in ransomware?
Ransomware as a service
This model allows attackers to rent ransomware tools and services.
What are Trojans in the context of malware?
- Do not have replicating abilities like viruses or worms
- Can be part of a more elaborate distributed denial of service or botnet attack
- Remote access Trojans (RAT) allow remote control of infected computers
Trojans disguise themselves as legitimate software.
What is the primary characteristic of viruses?
They replicate and spread to other systems
Viruses attach themselves to clean files and spread throughout a computer system.
Define worms in the context of malware.
A special form of self-replicating virus networks
Worms can spread independently without user intervention.
What is spyware?
Malware designed to gather information from a user’s device without their knowledge
Spyware can track user activity and collect sensitive data.
What is bloatware?
Unnecessary software that consumes system resources
Often pre-installed on devices and can slow down performance.
What are key loggers?
Malware that records keystrokes to capture sensitive information
Key logger detectors are special mitigation tools to combat this threat.
What are root kits?
Type of malware that gives threat actors control of systems without user consent or knowledge
Root kits can hide their presence and maintain persistent access.
Define logic bombs.
Malware triggered by specific events
Logic bombs can execute malicious actions when certain conditions are met.
What are examples of physical attacks?
- Penetration of safes
- Penetration of doors
Physical attacks target tangible assets and infrastructure.
What is RFID cloning?
The unauthorized copying of RFID tags
This can lead to unauthorized access to secure areas.
What does skimming refer to?
The theft of card information using a device that reads magnetic stripes
Skimming often occurs at ATMs or point-of-sale terminals.
What are environmental attacks?
Attacks on any environmental system that is not air-gapped
These attacks can compromise systems connected to the internet.
What does DOS stand for?
Denial of Service
DOS attacks aim to make a service unavailable to its intended users.
What is a DDOS attack?
Distributed Denial of Service
DDOS attacks use multiple systems to flood a target with traffic.
What are botnets?
Networks of compromised computers controlled by a single attacker
Botnets can be used for various malicious activities, including DDOS attacks.
What is cache poisoning?
A type of DNS attack that can cause redirects
Cache poisoning manipulates DNS records to redirect users to malicious sites.
What is DNS hijacking?
An attack that redirects users from legitimate websites to fraudulent ones
DNS hijacking can lead to phishing and data theft.
What does DNS spoofing involve?
Falsifying DNS responses to redirect traffic
DNS spoofing can be used to lead users to malicious sites.
What is an NXDOMAIN attack?
An attack that exploits DNS queries for non-existent domains
NXDOMAIN attacks can be used to disrupt services or gather information.
What is DNS flooding?
A type of attack that overwhelms DNS servers with requests
DNS flooding can lead to service outages.
What is an amplification attack?
An attack that exploits a small request to generate a larger response
Amplification attacks can significantly increase the volume of traffic directed at a target.
What is DNS tunneling?
Exploiting the DNS protocol to install malware
DNS tunneling can be used to bypass security measures.
What are wireless attacks?
Attacks targeting wireless networks and devices
Wireless attacks can exploit vulnerabilities in Wi-Fi security.
