Cybersecurity and Malware: Viruses, Scanning, and Encryption Techniques

Common way for a virus to spread

Viruses commonly spread through infected files, email attachments, downloads, or network connections.

Armored Virus

An armored virus uses techniques that make it hard to analyze.

Sparse infector Virus

A sparse infector virus attempts to elude detection by performing its malicious activities only sporadically.

MacDefender Virus

A type of malware that targets Mac OS users, often disguised as legitimate antivirus software.

Mimail Virus

A computer worm that spreads via email and is known for its ability to spoof email addresses.

Flame Virus

A sophisticated cyber espionage malware that targets computers in the Middle East and is capable of extensive data collection.

Trojan Horse

A type of malware that disguises itself as legitimate software to trick users into installing it.

Virus Scanner Examples

Software applications designed to detect and remove viruses, such as Norton, McAfee, and Bitdefender.

Worms

Self-replicating malware that spreads across networks without the need for a host file.

Buffer-Overflow

A vulnerability that occurs when a program writes more data to a buffer than it can hold, potentially allowing code execution.

Penetration Testing

A simulated cyber attack on a computer system to evaluate its security and identify vulnerabilities.

Phreaking

The practice of manipulating telephone systems to make free calls or gain unauthorized access.

Passive Scanning

A method of monitoring network traffic without actively probing the network for information.

1024 well-known ports

Ports ranging from 0 to 1023 that are reserved for specific services and protocols on the internet.

Nmap

A network scanning tool used to discover hosts and services on a computer network.

SYN scan

A technique used in network scanning to determine which ports are open by sending SYN packets.

Nmap Flags

Options used in Nmap to modify its behavior, such as -sS for SYN scan or -O for OS detection.

Enumeration

The process of extracting detailed information about a system or network, often used in penetration testing.

SQL Injection

A code injection technique that exploits vulnerabilities in an application's software by inserting malicious SQL statements.

Ophcrack

A tool used to recover passwords from Windows systems using rainbow tables.

Industrial Espionage

The theft of trade secrets or confidential information from a business for commercial advantage.

Exit interviews

Meetings conducted with departing employees to gather insights about their experiences and reasons for leaving.

Formula for the value of information

VI = Cost to produce + Value Gained

Asset Identification

The process of recognizing and classifying assets within an organization to manage risk and security.

Company accused of stealing trade secrets

Apple

Company that paid 7 million to keep corporate espionage secrets

Uber

Company who defends dumpster diving

Refers to organizations that argue for the legality or ethicality of retrieving discarded information from trash.

Cookies

Small pieces of data stored on a user's computer by a web browser while browsing a website.

Biggest risk to organizations

Common risks include cyber attacks, data breaches, and DISGRUNTLED EMPLOYEES

Least Privileges

A security principle that states users should have the minimum level of access necessary to perform their job functions.

Encryption

The process of converting information into a code to prevent unauthorized access.

Asymmetric Cryptography

A type of encryption that uses a pair of keys (public and private) for secure communication.

Symmetric Cryptography

An encryption method where the same key is used for both encryption and decryption of data.

Caesar Cipher

A simple encryption technique that shifts letters in the alphabet by a fixed number of places.

Multi-alphabet substitution

A cryptographic technique that uses multiple alphabets to substitute letters in a message.

Plain Text

Unencrypted data that is readable without any special decoding.

Cipher Text

Data that has been encrypted and is not readable without decryption.

Hashing

The process of converting data into a fixed-size string of characters, which is typically a hash value.

Public Key Encryption

A cryptographic system that uses pairs of keys: a public key for encryption and a private key for decryption.