Skip to main content

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks Cyber crime is no longer the province of the computer super-geek. In fact, it can almost be said to have gone mainstream with exploit lists, downloadable network tools and scripts – even hacking IT supportall available online at bargain prices.
As with any threat to our homes and businesses, knowing the nature of the threat we face helps us to minimize the danger.
Unless you are working for a big company or organization, it is unlikely that you will face a concerted cyber-attack, but there are enough nasties out there to cause damage and loss to your sensitive data if you don’t take the right precautions.

Six types of malware and how they work

The term ‘malware’ simply stands for ‘malicious software’ and is an umbrella term for all the harmful pieces of computer code designed to steal data, cause disruption or take control of devices.

1. Adware

Adware is simply software that contains integrated advertising materials often in the form of pop-ups or other visually prominent material. Adware can be a gray area as it is often legitimately included as part of a bundle to allow a service to be used free of charge or at a reduced price.
However, if you are tricked into downloading adware, if it is designed to be difficult or impossible to remove or if it downloads itself through browser vulnerabilities, it can rightly be thought of as malware.

2. Ransomware

Ransomware is a popular form of malware that is characterized by two things: it locks away or threatens to delete data as it asks for money – usually in a cryptocurrency like Bitcoins – to save or unlock it. Ransomware can take the form of a Trojan horse, virus, worm, or blended attack. (See below.) The May 2017 WannaCry attack was an example of a ransomware worm.

3. Spyware

Spyware often comes packaged with adware. Its purpose is to covertly collect data and pass it back to the author of the code.

4. Trojan Horse

Adware, ransomware and spyware are defined by what they do whereas trojan horses, viruses and worms are defined by how they work. A trojan horse is a malicious program that is designed to mimic another type of program (e.g. an anti-virus, screensaver, etc.) in order to avoid detection.
Unlike viruses and worms, trojan horses are rarely able to replicate themselves but are often used to steal data, alter or damage files, or create a ‘back door’ to facilitate remote control. Remote controlled devices are often recruited as part of a ‘botnet’ for launching attacks on other devices or networks.

5. Virus

A virus is a piece of code with the ability to replicate itself. It is introduced into another program and runs when that program is executed. Since most viruses reside on an executable file, they need to be activated by the recipient before they can do their damage. However, there is a subset of viruses that need no human assistance to spread.

6. Worm

Unlike its namesake, a computer worm is actually a type of self-sending virus that uses a system’s inbuilt transport features to infect further devices before replicating itself. A worm’s main method of attack is via system vulnerabilities, but authors may use social engineering tactics (see below) to initially introduce the malware into an unsuspecting victim’s device.
A blended attack uses one or more of the above methods and can be extremely potent once installed.

 Attack Strategies

There are two main attack vectors through which malware gains access to devices and networks:

1. Drive-by download/install

Drive-by attacks generally target vulnerabilities in browsers or insecure third-party API calls. The malware is introduced simply by browsing an infected website and may be encrypted to foil anti-virus programs. Most drive-by downloads can be thwarted by ensuring operating systems have been updated with the latest security patches.

2. Social engineering (phishing and pharming)

Whereas drive-by attacks can be triggered automatically or with minimal human input, social engineering attacks rely on human behavior to bypass safeguards. Phishing is the most widely mentioned tactic for targeting computer users. This is the practice of hiding malware behind emails or websites designed to look like legitimate organizations (banks, tax collection services, social media sites, shopping sites, etc.).
The strategy offers either a reward (prize, free gift, voucher, etc.) or a warning (stolen data, compromised password, etc.) in the hope that the recipient will drop their guard and click a link, download a file, or execute a similar action. Avoiding phishing attacks is best achieved through security education.
Pharming is an even more insidious tactic in that it poisons the host computer’s DNS cache or even an ISP’s DNS server so that a browser is redirected to a fake version of an intended website.
If you are concerned about any aspect of cyber security, you may wish to consider investing in high-quality IT consulting for tailored advice on creating an action plan for your business.


Popular posts from this blog

sxhkd volume andbrightness config for dwm on void

xbps-install  sxhkd ------------ mkdir .config/sxhkd cd .config/sxhkd nano/vim sxhkdrc -------------------------------- XF86AudioRaiseVolume         amixer -c 1 -- sset Master 2db+ XF86AudioLowerVolume         amixer -c 1 -- sset Master 2db- XF86AudioMute         amixer -c 1 -- sset Master toggle alt + shift + Escape         pkill -USR1 -x sxhkd XF86MonBrightnessUp          xbacklight -inc 20 XF86MonBrightnessDown          xbacklight -dec 20 ------------------------------------------------------------- amixer -c card_no -- sset Interface volume run alsamixer to find card no and interface names xbps-install -S git git clone xbps-install -S base-devel libX11-devel libXft-devel libXinerama-devel  vim # FREETYPEINC = ${X11INC}/freetype2 #comment for non-bsd make clean install   cp config.def.h config.h vim config.h xbps-install -S font-symbola #for emoji on statusbar support     void audio config xbps-i

download office 2021 and activate

get office from here open powershell as admin (win+x and a ) type cmd  goto insall dir 1.         cd /d %ProgramFiles(x86)%\Microsoft Office\Office16 2.           cd /d %ProgramFiles%\Microsoft Office\Office16 try 1 or 2 depending on installation  install volume license  for /f %x in ('dir /b ..\root\Licenses16\ProPlus2021VL_KMS*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%x" activate using kms cscript ospp.vbs /setprt:1688 cscript ospp.vbs /unpkey:6F7TH >nul cscript ospp.vbs /inpkey:FXYTK-NJJ8C-GB6DW-3DYQT-6F7TH cscript ospp.vbs / cscript ospp.vbs /act Automatic script (windefender may block it) ------------------------------------------------------------------------------------------------------------------- @echo off title Activate Microsoft Office 2021 (ALL versions) for FREE - =====================================================================================&

Hidden Wiki

Welcome to The Hidden Wiki New hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!! Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it. The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with. Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction Points - Clearnet search engine for Tor Hidden Services (allows you