Malware, Rootkits & Botnets A Beginner's Guide
Christopher C. Elisan
Format: PDF / Kindle (mobi) / ePub
Security Smarts for the Self-Guided IT Professional
Learn how to improve the security posture of your organization and defend against some of the most pervasive network attacks. Malware, Rootkits & Botnets: A Beginner's Guide explains the nature, sophistication, and danger of these risks and offers best practices for thwarting them.
After reviewing the current threat landscape, the book describes the entire threat lifecycle, explaining how cybercriminals create, deploy, and manage the malware, rootkits, and botnets under their control. You'll learn proven techniques for identifying and mitigating these malicious attacks. Templates, checklists, and examples give you the hands-on help you need to get started protecting your network right away.
Malware, Rootkits & Botnets: A Beginner's Guide features:
- Lingo--Common security terms defined so that you're in the know on the job
- IMHO--Frank and relevant opinions based on the author's years of industry experience
- Budget Note--Tips for getting security technologies and processes into your organization's budget
- In Actual Practice--Exceptions to the rules of security explained in real-world contexts
- Your Plan--Customizable checklists you can use on the job now
- Into Action--Tips on how, why, and when to apply new skills and techniques at work
RootkitBuster, among others. If the rootkit technology is hard to beat, especially if it is new or unknown to the rootkit detection tools, an offline analysis of the system is done. This means that the system’s OS is not running or active during analysis as a result of booting from another device or attaching the hard drive of the compromised system to an analysis system. In this situation, the incident responder can either go the computer forensics route, as discussed in the previous section,
credit cards to buy merchandise from the Internet. The money mules think they have a legitimate job. They earn money and probably file taxes reflecting this work-from-home income. They always realize later that they were duped and used as pawns by the attackers when law enforcement agents come knocking on their door because their bank account was tagged as a possible conduit for money laundering, and credit card companies start contacting them on fraudulent purchases delivered to their address.
The result of the code is shown here, and how it looks in a browser window is shown in Figure 7-13. Figure 7-13 The link on the webpage is different from the real link it is pointing to, as shown in the mouse hover. Although the malicious site is obviously displayed when the mouse cursor hovers above it, it’s still able to infect users, especially those that are not that tech savvy. URL Shortening With the popularity of short messaging services limited to 140 characters like Twitter and
components in plain sight. Figure 8-4 Hidden folders appear lighter when displayed in Windows Explorer. Hiding in Plain Sight Another way of hiding malware components without the use of any attributes or when the attributes have been stripped from the files is to hide them in plain sight. Hiding in plain sight means that the malware files must be able to blend in with other files to avoid standing out like a sore thumb. This is very useful, especially when the malware component is copied to
impacted because the system compromised by a hacker or by an information-stealing malware hosts customer information. This incident can have a negative impact to the customers because their information is exposed, and it will also have a detrimental business impact, both in brand reputation and in cost. One recent case was the Sony hacking in early 2011 where customer data was compromised. This was not caused by malware, but it illustrates the impact of user data being stolen, not only to the