Bangeter actors_attacks-80.pdf
Bangeter actors_attacks-80.pdf
Bangeter actors_attacks-80.pdf
Kartei Details
Karten | 18 |
---|---|
Sprache | English |
Kategorie | Technik |
Stufe | Universität |
Erstellt / Aktualisiert | 19.06.2019 / 01.07.2021 |
Lizenzierung | Keine Angabe |
Weblink |
https://card2brain.ch/box/20190619_bangeter_actorsattacks80_pdf
|
Einbinden |
<iframe src="https://card2brain.ch/box/20190619_bangeter_actorsattacks80_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
What is malware?
Malware (short for malicious software) is software designed to infiltrate or damge a computer system without the owner's being informed or giving consent.
Once malware has compromised a system, an attacker can (sometimes fulliy) control the system.
What are typical areas where malware can be used?
Typical areas of malware usage:
- Cybercrime
- Espionage
- Disruption
- Cyber war
- Lawful interception
What is the difference between targeted and non targeted malware use?
Opportunistic /non-targeted attacks (~cybercrim): Attack on a large weakly targeted population, often oppertunistic. Even if success rate is low, the absolute number of successful infections and the resulting revenue might be high.
Targeted attacks (~espionage): Attacks that are targeted at few individuals.
What is meant by the tearm infection vector?
Infection vector: refers to the means and techniqyes for delivering a piece of malware onto the victime machine.
Name some examples of technical vulnrabilities.
There are may differen types of technical vulnerabilities:
- Misconfiguration of firewall, Web server, etc...
- Weak passwords allow login, and take over
- Etc...
- Software vulnerabilities are particularly interesting, since they allow for very powerfull attacks. They may be deployed via different infection vectors.
What is a software vulnerability?
What is meant by the terms (software) exploit and patch?
The malicious data / code that triggers a vulnerability is called a (software) exploit.
A patch is a software update that removes a known software vulnerability.