Monday, April 15, 2019
Developments in Hacking, Cybercrime, and Malware Essay Example for Free
Developments in Hacking, Cybercrime, and Malwargon endeavorThe return one nett ground beleaguer of 2009 was Malicious PDF activity 49% of web based attacksattempts to deliver malicious pdf content to victims through the web. The pdf attack is designed to effect arbitrary vulnerabilities in applications that are able to process pdfs. A successful pdf attack could compromise the integrity and security measures of affected computers. (Symantec Corporation, 2009)The number two web based attack of 2009 was the Microsoft meshing Explorer ADODB.Stream Object file installation weakness. This exploit accounted for 18% of the total number of web based exploits for the year. This vulnerability allows hackers to install malicious files on a vulnerable computer when a user visits a website hosting an exploit. In order for this attack to be successful, an attacker must exploit an arbitrary vulnerability that bypasses Internet Explorer Security settings.Then the attacker end serve th e malicious files that were installed by the initial security weakness. This vulnerability has been known since 2003, and patches have been released since 2004. This exploit exposes the fact that many another(prenominal) computer systems were not being kept up to date. (Symantec Corporation, 2009)The number three most common web based exploit of 2009 was the Microsoft Internet Explorer 7 uninitialized memory code execution vulnerability. This attack kit and caboodle by enticing a victim to open a malicious web page. Once a user opens the web page it gives the attacker the ability to execute remote code on the victims computer. Since this is a browser based attack, it gives the hacker potentially more tar drags than relying on a plugin that may not get installed. (Symantec Corporation, 2009)The top 3 Malware attacks of 2013 were W32.Downadup, W32.Sality, and W32.Ramnit. Although their names all begin with W32., each bug has its own federal agency of exploiting a system. Lets take for instance the W32.Downadup. Thisworm has been around since 2008. This worm spreads by fetching advantage of a remote code execution vulnerability found in Microsoft Windows server helping RFC. This worm strives to block access to security related web sites while attempting to spread to protected net shares via brute force of weak passwords. The Security of the entire mesh is at stake with this worm. This virus demonstrates shows how chief(prenominal) it is to keep servers and workstations updated with the latest virus definitions. (W32.Downadup.B, n.d.) The W32.Ramnit has been around since 2010. This worm is spread by infecting executable drives and removable drives. This malware steals assert usernames and passwords.Having a security policy prohibiting personal drives from being used in the workplace is paramount. This type of attack could cause data loss if unmitigated. (Symantec Corporation, 2013) The W32.Sality is in my opinion the nastiest of all three bugs. What makes the W32.Sality particularly nasty is that it can infect executable files on local, removable, and shared drives. W32.Sality is known as an (EPO) or entry point obscuring polymorphic file infector. Essentially, its a sophisticate worm-like virus that ensures its survival by downloading other malware and disabling security software. One of the most damaging features of the W32.Sality virus is how it decentralizes peer to peer networks with sophisticated code instruction that populates the network with infected computers. (W32.Sality., n.d.)ReferencesW32.Downadup.B. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2008-123015-3826-99 W32.Ramnit. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2010-011922-2056-99 W32.Sality. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2006-011714-3948-99 Symantec Corporation. (2009). Symantec Global Inter net Security Threat Report Trends for 2009. Mountain View Symantec Corporation. Symantec Corporation. (2013). Symantec Global Internet Security Threat Report Trends for 2009. Mountain View Symantec Corporation.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.