I INF 453 Lecture Notes - Lecture 3: Gmail, Wire Transfer, Business Process
Malware and Software Security
•Types of malware -
1. Viruses
2. Worms
3. Trojan Horses
4. Rootkits
5. Ransomware
6. Keyloggers
7. Grayware
•ATP - a category of security solutions that defend against sophisticated malware or hacking-based
attacks targeting sensitive data.
•Propagatio vectors - the method that this code uses to propagate itself or infect a computer.
•Payloads - The header identifies the source and destination of the packet, while the actual data is
referred to as the payload.
•Coutereasures –
• Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data
in a separate and secure location. Backup copies of sensitive data should not be readily
accessible from local networks.
• Scrutinize links contained in emails, and do not open attachments included in unsolicited emails.
• Enable automated patches for your operating system and Web browser.
• Early identification through next-gen network security and anti-malware solutions
• Capability to stop spread and lateral movement at endpoints leveraging advanced endpoint
threat detection and response
• An integrated, advanced SOC and analytics capability for early detection and faster incident
response.
• Prepare & Practice an incident response playbook which can be followed in case of such major
infection.
Example and Countermeasures
Bad phish: CEO Fraud
Background:
•Maufatuig Company: 150 employees, 1 primary location
•Eail: Hosted by Office365
•Reote aess: VPN
find more resources at oneclass.com
find more resources at oneclass.com