Sunday, June 30, 2019

Week 4: Malware

This week we are going to discuss the Malware, some common types of malware and how to detect and prevent it.

Malware - Malware is a short form for malicious software. Its program or a file or software that cause damage to the system.
According to the Norton security, the malware initially started as a prank to the computer, and later on, it got developed as the extorting making, stealing sensitive data or destroying the targeted systems.

How do we prevent it- Most of the malware gets spread through the emails or adware or banner that displays on the unsecured sites. Before downloading any attachments from the emails, verify the trust of the email sender and also add antivirus scan within the email service as well. Also before clicking on any banner, hover over the link and see if whether the ad is pointing to the right site or not.

Let's see some common types of malware

1. Adware: It's the most common malware that most of us could have encountered in our life where a click on the banner or advertisement takes us to the malicious website that affects our system performance or browser crashes.

2. Computer Virus: Virus is another most common type where we have seen in detail in our previous weeks. Its malicious program where it affects or deletes the records in the system or steals the data from the system. Installing antivirus and scanning system regularly will avoid and eradicate the virus ultimately from the system.

3. Trojans: Trojans is a malware where it poses like legitimate software but performs actions that are not intended or described by it. The most type of Trojans is where the browser gets a message stating your system is infected and installing antivirus will terminate the virus.

4. Worms: Worms are old legacy malware available for a very long time. It's most dangerous as, without any influence, it can quickly spread and make the entire system or records to collapse entirely within a few hours.

References:

Roger A. Grimes ( 2019, May 1). 9 types of malware and how to recognize them. Retrieved from https://www.csoonline.com/article/2615925/security-your-quick-guide-to-malware-types.html

Malware. Retrieved from https://us.norton.com/internetsecurity-malware.html


Sunday, June 23, 2019

Week 3: Ransomware

This week we are going to discuss the ransomware and some common types of ransomware used in recent years and how to prevent those attacks. Ransomware: Ransomware is a malicious code or software where it locks the user system or mobile and unlocks only after paying the ransom to the attacker. Ransomware caused mainly through Phishing and spam emails. In most cases, ransomware demands timing where money has to paid on time or else data will be lost forever. There are some occurrences where victims, even after paying the cash, they didn't receive the decryption key back from the attackers. Ransomware gets popularity after the emergences of the cryptocurrency like bitcoin. How do we prevent those attacks? Prevention is better than cure. Avoid opening the malicious email, and having secure email transfers in the organization will prevent ransomware. Regular updates of the antivirus in the system and mobile antivirus are some ways in avoiding the ransomware. Avoid clicking unwanted banner or links that display on the side of the site. Common types of Ransomware:
Crypto locker: It's one of the old forms of ransomware where it locks the computer with powerful encryption and its very difficult to decrypt until a ransom is paid by the victim. Wannacry: Wannacry is another ransomware in 2017 where it locked almost close to 300000 computers across the globe. And it happened due to security loophole in the old Microsoft window operating system. Although a patch was released long back by Microsoft even before the attacks, many organization missed updating the security patches. Bad Rabbit: Its another kind of ransomware where it spread through a fake update of Adobe Flash updates. It affected mainly Russia and Ukraine media companies. Notpetya: Notpetya is one of the famous ransomware just like the wannacry where it locked the master boot record of the windows operating system. Several reports suggested that even after paying the ransom victims were unable to unlock the operating system.

References

Josh Fruhlinger(2018, August 8).What is WannaCry ransomware, how does it infect, and who was responsible?. Retrieved from https://www.csoonline.com/article/3227906/what-is-wannacry-ransomware-how-does-it-infect-and-who-was-responsible.html

Ransomware is big business. Retrieved from https://www.proofpoint.com/us/threat-reference/ransomware

Different Types of Ransomware. Retrieved from https://enterprise.comodo.com/different-types-of-ransomware.php





Sunday, June 16, 2019

Week 2: Computer Virus

This week we are going to discuss the most famous common threat to information
security Computer Virus.

Computer Virus: It's just like a human flu virus which affects the human body where
computer virus is a malicious code or malicious software that affects the data of your
computer either by deleting or corrupting or stealing the personal information from your
system.

How does it affect your system? Computer Virus might come while viewing the
unsecured websites or click on the malicious link that comes through an email,
downloading the file that comes from suspicious phishing emails.

How to prevent it? By installing the antivirus software in the system and regular
periodic scanning and having updates up to dates on the antivirus. Avoid opening
suspicious or spam emails. Avoid downloading the attachment or clicking the link on
the phishing emails.

Common types of Virus:

Browser Hijacker: Its common kind of virus where when you click on anywhere
in the home page of the website, it will take you the different site for the advertisement
without your knowledge.

Web Scripting Virus: Its common virus in video streaming sites like youtube and
social networking sites facebook where hackers would leave a comment with a link below
the video where on the click it will try to extort the personal information from your computer.

Resident virus: Resident virus are the problematic one where it resides in the memory of
the system even after deletion by antivirus. So, it will load whenever we restart our system,
it boots and loads the virus back into the system.

File infector: File inspector virus loads or save as .exe in the system where it confuses
the user to look like exe file, but on click or execution, it will create harm or hinders the
performance of the computer.

References:

Margaret Rouse(2016, December). virus (computer virus). Retrieved from

Admin(2016, April 14). 9 Types Of Computer Viruses That You Should Know About
– And How To Avoid Them. Retrieved from

Sunday, June 9, 2019

Week 1: Phishing

Week 1: June 9th, 2019


Here we are going to discuss the common threats to information security every week
with a detailed analysis of one topic per week. This week will look into Phishing threat.


Phishing- What does it mean. It's a social engineering technique to obtain other's
confidential information by a trick where an attacker sends an email or link which
appears to be a legitimate one, but it contains an either hidden a malicious link that
redirects them to a third-party website to extract personal info or might download
some malicious software without user's knowledge.


Let see some common categories of phishing and how to protect ourselves from those
attacks.


Vishing: Getting confidential information over a phone call by pretending to be company
agents or charities or government official is called Vishing. Ex: Asking SSN no over the
phone by pretending to call from government offices. How do we avoid it- Don't provide
any confidential information over the phone before verification either through email or
other modes of communication.


Smishing: Phishing happening through SMS is called Smishing.Ex: Getting SMS alerts
stating that you won a lottery and to claim the prize click in the SMS. On Click, it might
download a malicious virus on our phone. How do we avoid it?- Delete an SMS if it
comes from unknown parties without any proper knowledge.


Spear Phishing: Spear phishing targets specific user by posting themselves as employer
or friend where they get target info from either linked-in or Facebook sites. Before opening
up any such email, verify the credibility of the sender to avoid phishing.


URL Phishing: Its most common type phishing happening more frequently in many
places where attackers send a link similar to the original bank or organization with little
change in the spelling or domain. Before clicking on the link in the email, verify that the link
comes from the right source and letters not misspelled anywhere.


References
SECURITYTRAILS TEAM(2018, October 16). The most common network security threats.
Retrieved from

Preethi (n.d). 14 Types of Phishing Attacks That IT Administrators Should Watch For.

Retrieved from https://blog.syscloud.com/types-of-phishing/