Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malware March 26, 2018.

Published byGiles Russell Modified over 6 years ago

Similar presentations

Presentation on theme: "Malware March 26, 2018."— Presentation transcript:

1 Malware March 26, 2018

2 Social Engineering One method that has proven extremely potent over the years is social engineering—trying to earn the trust of a target. Call on the phone, claim to be from IT, ask for username and password. Walk into a store wearing a nametag and Polo shirt, then put a small black box over the self-checkout credit card readers. Act/dress like you belong there. It’s human nature to trust someone in a suit…

3 Social Engineering Past example: USB flash drives containing malware left in a Stanford parking lot. Count on the curiosity of others… Windows automatically runs certain code on an inserted drive. A more secure operating system (e.g., macOS) will only permit the user to browse the contents upon inserting a drive.

4 Passive vs. Active Content
“Passive” content such as a .txt file or image file is typically safe to open—it can’t actually do anything. Programs (i.e., .exe files) are extremely dangerous if they arrive from an unknown/untrusted sender. If you(r computer) run(s) the code, the computer has been compromised—now it can do the hacker’s bidding. Think of the White House intruder incident in 2014. Problem: many seemingly passive file types (e.g., .docx) have “program-like” qualities that can make them dangerous, such as macros in Word and Excel files.

5 Trojan Horse A “Trojan horse” is malware disguised as something else—the user downloads it but has no idea that it’s malware. RyanGoslingJPEG.exe AntiVirus.exe (very common!) Some operating systems ask you to confirm that you want to open the file if it is from an unknown/unverified developer. macOS requires the user do a “workaround” to open such a file. Stay safe: Google the name of the download site before downloading and opening the file.

6 Keylogger A keylogger is a program installed on a computer that records all keystrokes. Often runs in the background without the user’s knowledge. Sometimes used by corporations to track an employee’s computer usage if they suspect illegal/illicit activity. Be EXTREMELY cautious about using computers provided at Internet cafés! NEVER log into your or other sensitive accounts from these computers! Be careful with their Wi-Fi also—use a VPN.

7 Vulnerability Some programs (such as Adobe Flash) have a vulnerability (or bug) that can allow a hacker to take control. When the vulnerability is exploited (through software, data, or a series of commands), the program gives access to the machine running it. Merely visiting the page containing the exploit is sufficient to compromise the visiting machine if it is vulnerable (hasn’t been patched). Think Microsoft and the constant “critical” updates. “Zero-day” vulnerability refers to a vulnerability discovered before a patch (fix) has been issued.

8 Vulnerability Something else to keep in mind: these vulnerabilities are a “strike” against proprietary (rather than open-source) software. Adobe Flash is proprietary, for instance. When a vulnerability is discovered, Adobe is responsible for developing and releasing a patch. In theory, this should happen quickly. In practice, Adobe’s record is very mixed.

9 Additional Malware Ransomware: User’s files are encrypted (rather than erased); user must pay a Bitcoin “ransom” to obtain the decryption password or key. Zombie botnets (used in DDoS). DDoS and phishing attacks are considered malware as well. Phishing is a type of social engineering attack.

Download ppt "Malware March 26, 2018."

Similar presentations

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Computer Viruses.

Computer Viruses.
Threats To A Computer Network

Threats To A Computer Network
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA

How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.

Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
the protection of computer systerms and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same.

the protection of computer systerms and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.

Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing 

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Similar presentations

Ads by Google