Cybersecurity: What Is Malware?
Malware is malicious software inserted into a system to cause damage to systems or data or to gain unauthorized access to a network.
Some examples of malware are:
- Trojan horses
- Fileless malware
A virus is a type of self-replicating malware that attaches itself to other programs and executables without the permission of the user.
A worm is a type of self-replicating malware that copies itself from computer to computer without user intervention.
A worm could replicate so much that it overloads your client’s system. By doing this, the worm could bring down the system and violate availability.
Spyware is malware downloaded without a user’s authorization which is used to steal sensitive information and relay it to an outside party in a way that harms the original user.
The key word here is “spy”. Clicking suspicious links or downloads could result in spyware.
Adware is unwanted software designed to throw advertisements up on your screen. This malware is usually more annoying than dangerous.
Cybersecurity: Password Attacks
In Cybersecurity, a password attack is any attack that attempts to hack into a password-protected asset, like an account or encrypted file.
Authentication & Authorization
Authentication is who you are. Logging in with a username and password is an example of authentication.
Authorization is what you can do. Only being allowed into non-VIP sections of the site is an example of authorization.
Cybersecurity: Plaintext Data
Plaintext data is data that is stored in its original, readable format. This term is often used when referring to sensitive data to differentiate between secure data that is encrypted or hashed versus insecure data that is unencrypted and unhashed.
Brute Force Algorithms
- A brute force algorithm solves a problem through exhaustion: it goes through all possible choices until a solution is found.
- The time complexity of a brute force algorithm is often proportional to the input size.
- Brute force algorithms are simple and consistent, but very slow.
# pseudocode that prints all divisors of n by brute force define printDivisors, n for all numbers from 1 to n if the number is a divisor of n print the number
Cybersecurity: Plaintext Attacks
In Cybersecurity, plaintext attacks refer to attacks that attempt to exploit password storage techniques that do not use encryption. This is usually exploiting security misconfigurations or insecure designs.
Cybersecurity: Password Spraying
Password Spraying refers to a type of brute force attack in which a threat actor tries common passwords on multiple usernames.
Cybersecurity: Offline Password Attacks
An offline password attack refers to when a threat actor does NOT interact with a service’s authentication service.
Cybersecurity: Online Password Attacks
An online password attack refers to when a threat actor interacts with a service’s authentication service. These will often be detectable by looking at audit logs and seeing successful and failed logins.
Cybersecurity: Dictionary Attacks
In Cybersecurity, a dictionary attack is a type of brute force attack where a threat actor starts with a list, or “dictionary”, of plaintext passwords and runs through each item in the list to find a correct password or hash.
A rainbow table is a massive table of common passwords and password-hash combinations used by attackers to break into accounts. One common technique we can take to protect ourselves from rainbow table attacks is the use of salts.
A salt is a secret random string that is combined with a password prior to hashing specifically to defend against the use of rainbow tables.
Rainbow tables are large lookup databases that consist of pre-computed password-hash combinations which correlate plaintext passwords with their hashes.
Cybersecurity: Physical Attacks
In Cybersecurity a physical attack refers to an attack that uses physical means to carry out the attack. This can include an attacker’s physical body as well as physical devices given to victims.
In Cybersecurity, skimming refers to a physical attack technique which uses a fake card reader in order to skim, or copy, a smart card’s data. This can include ID cards, credit cards, and other smart cards.
Skimming is an example of a physical attack because skimmers rely on proximity to smart cards or installation on public card readers like ATMs.
Cybersecurity: Card Cloning
In Cybersecurity, card cloning refers to a physical attack technique which an attacker makes copies of an existing smart card. Card information might be gained by an attacker by using another attack known as “skimming”.