Temple University

Week 9 – Malware

Malware  today stands for malicous software. This encompasses viruses, trojans, root kits, worms, logic bombs,etc. The reading article defines and explains the differences between those examples above, including backdoors, spyware,bots and botnets. It also talks about replication mechanisms and highlights how viruses require hosts while other types of malware do not.  The SANS 6 Step Handling Process was mentioned in the reading and suggests the following steps in chronological order: Preparation – Identification – Containment – Eradication – Recovery – Lessons Learned. For IT Security professionals, the preparation step is key because new methods and ways to circumvent or bypass anti-virus software are always being created. Since this is a cat and mouse game, this highlights how important it is to keep systems updated so the anti-virus software is patched and contains the latest definitions so it can detect the newly-cooked or discovered attacks or means of attack.  This is the only way it can stand a chance against malware.  If it is a step behind, it has no way of catching new threats.  Viruses are usually classified based on Memory Operation, Target , Obfuscation Technique and Payload.  There are multiple methods for each classification that show both the complexity and how resiliency and adaptabilty are designed into these malicious programs.

 

 

Cyber-Security News:

 

How a criminal ring defeated the secure chip-and-PIN credit cards

Hackers were able to do a classic man-in-the-middle attack by programming a second hobbyist chip called a FUN card to accept any PIN entry, and soldering that chip onto the card’s original chip. This increased the thickness of the chip from 0.4mm to 0.7mm, “making insertion into a PoS somewhat uneasy but perfectly feasible,”.

 

Leave a Reply

Your email address will not be published. Required fields are marked *