Bangeter actors_attacks-80.pdf
Bangeter actors_attacks-80.pdf
Bangeter actors_attacks-80.pdf
Kartei Details
| Karten | 18 |
|---|---|
| Sprache | English |
| Kategorie | Technik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 19.06.2019 / 01.07.2021 |
| Lizenzierung | Keine Angabe |
| Weblink |
https://card2brain.ch/box/20190619_bangeter_actorsattacks80_pdf
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20190619_bangeter_actorsattacks80_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
What are the 6 steps in the kill-chain? (phases an attacker goes through)
- Reconnaisance
- First Foothold (Spear Phishing, Waterhole)
- Dropper as first Backdoor
- Lateral Movement
- Data Theft
- Data Exfiltration
What is malware?
Malware (short for malicious software) is software designed to infiltrate or damge a computer system without the owner's being informed or giving consent.
Once malware has compromised a system, an attacker can (sometimes fulliy) control the system.
What are typical areas where malware can be used?
Typical areas of malware usage:
- Cybercrime
- Espionage
- Disruption
- Cyber war
- Lawful interception
What is the difference between targeted and non targeted malware use?
Opportunistic /non-targeted attacks (~cybercrim): Attack on a large weakly targeted population, often oppertunistic. Even if success rate is low, the absolute number of successful infections and the resulting revenue might be high.
Targeted attacks (~espionage): Attacks that are targeted at few individuals.
What is meant by the tearm infection vector?
Infection vector: refers to the means and techniqyes for delivering a piece of malware onto the victime machine.
Name some examples of technical vulnrabilities.
There are may differen types of technical vulnerabilities:
- Misconfiguration of firewall, Web server, etc...
- Weak passwords allow login, and take over
- Etc...
- Software vulnerabilities are particularly interesting, since they allow for very powerfull attacks. They may be deployed via different infection vectors.
What is a software vulnerability?
A software vulnerability is a (sometimes) subtle programming error that triggers when processing maliciously crafted input data provided by an attacker, allowing the attacker to git her code executed in the victim program / process.
In short: Input data is turned into code.
What is meant by the terms (software) exploit and patch?
The malicious data / code that triggers a vulnerability is called a (software) exploit.
A patch is a software update that removes a known software vulnerability.
