Security + Malicious Activity/Malware

Security +

Any software intentionally designed to cause damage to a computer, server, client, or computer network

Malware

A type of malicious software (malware) designed to spread to other computers. It typically attaches itself to legitimate software and executes its code when the host software runs. Requires some form of user action to spread.

Virus

A type of malware that replicates itself in order to spread to other computers. Unlike a virus, it does not need to attach itself to an existing program or need human intervention to spread.

Worm

A type of malware that disguises itself as legitimate software, or is hidden within legitimate software. It often tricks us users into loading and executing it on their systems.

Trojan/Trojan Horse

Malicious software designed to block access to a computer system or encrypt files until a sum of money is paid, typically in the form of cryptocurrency. It's main career rates are encryption and payment demand.

Ransomware

A type of Malware that is designed to gather data from a user or organization without their knowledge or consent. It can monitor and collect various types of personal and sensitive information, such as Internet usage, data, login, credentials, etc. Typically runs hidden in the background.

Spyware

Malware the hides itself and gives attacker secret control of a system.

RootKit

A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.It is inactive until triggered by a specific event, such as a date/time a certain command, etc.

Logic Bomb

A type of surveillance software or hardware that once installed on a system has the ability to record every key stroke made on that system. It's primary purpose is to monitor and log all the key presses made by user, including sensitive data like usernames, passwords, etc..

Keylogger

Refers to unwanted software that comes pre-installed on a device typically by the manufacturer or is included in other software installations. It is not inherently malicious, but it can't slow down systems and include vulnerabilities that could be exploited.

Bloatware

An attack where many systems flood a target with traffic, causing it to crash or slow down.

DDos (Distributed denial-of-service)

The attacker tricks other servers into sending their responses to the victim instead of the attacker.

Reflected DDos

The attacker sends a small request that causes servers to send much larger responses to the victim, increasing the attack size.

Amplification attack

Attacks that target the DNS system (the system that turns website names into IP addresses).

Often includes

• DNS Spoofing (Cache Poisoning): Fake DNS data sends users to a malicious website.

• DNS Amplification: Uses DNS servers to overload a victim with a large amount of traffic (DDoS).

• DNS Tunneling: Hides data inside DNS requests to secretly send it out.

DNS Attacks

A type of attack where the attacker positions themselves in the communication path between two parties. It was previously known as a man in the middle (MitM) attack.

On-path Attack

An attacker steals valid login data (like a password or session token) and reuses it later to log in as the real user.

Credential Replay

When an attacker gains higher access rights than they are supposed to have on a system. The two types include:

Vertical privilege escalation - Low-level user → becomes admin/root

Horizontal privilege escalation - Accessing another user’s account or data (same level, different user)

Privilege Escalation

Tricking an app into doing something it should NOT do, by making it think a fake request is real.

Forgery

An attack which aims to access files and directories that are stored outside the web route folder which can expose sensitive data.

Directory Traversal

Account lockout, concurrent session usage, blocked content, impossible, travel, resource consumption, resource inaccessibility, out of cycle, logging, published/documented, and missing logs are all indicators of

Malicious Activity