2.4 – Indicators of Malicious Activity
An Overview of Malware
Malware is a significant security concern on our modern networks. In this video, you’ll learn how malware and ransomware is used in cybersecurity attacks.
Viruses and Worms
Viruses and worms can be used to gain access to our systems. In this video, you’ll learn about the differences between viruses and worms, and how fileless viruses can attack from a system’s RAM.
Spyware and Bloatware
Some malware is designed to track, monitor, or overwhelm your system. In this video, you’ll learn about the operation of common spyware and bloatware.
Other Malware Types
There are many other malware types than viruses or worms. In this video, you’ll learn about keyloggers, logic bombs, and rootkits.
Physical Attacks
Some attacks take advantage of vulnerabilities in our physical world. In this video, you’ll learn about brute force attacks, RFID cloning, and environmental attacks.
Denial of Service
An attacker may only be interested in disabling services on your network. In this video, you’ll learn about many different forms of denial of service attacks.
DNS Attacks
Our DNS services are critical components on our networks, and attackers can use these services as attack vectors. In this video, you’ll learn about DNS spoofing, domain hijacking, and URL hijacking.
Wireless Attacks
Wireless networks are susceptible to many different types of attacks. In this video, you’ll learn about deauthentication attacks, RF jamming, and more.
On-path Attacks
An on-path attack allows an attacker to intercept and redirect critical network traffic. In this video, you’ll learn about the processes used to implement an on-path attack.
Replay Attacks
Some attacks can reuse our network communication to gain unauthorized access. In this video, you’ll learn about pass the hash, session hijacking, and other ways to implement a replay attack.
Malicious Code
An attacker often writes their own software to exploit a vulnerability. In this video, you’ll learn about malicious code and how it has been used to gain access to some of the largest networks in the world.
Application Attacks
Our applications can be the weakest links in our security armor. In this video, you’ll learn about privilege escalation, directory traversal, and more.
Cryptographic Attacks
Poorly implemented cryptography can often be the source of an attack. In this video, you’ll learn about downgrade attacks, SSL stripping, and hash collisions.
Password Attacks
Our passwords are often the first and last security measure we use. In this video, you’ll learn how attackers obtain our credentials using password spraying and brute force.
Indicators of Compromise
It’s important to identify an intrusion as soon as possible. In this video, you’ll learn about indicators such as account lockouts, impossible travel, resource consumption, and more.
2.5 – Mitigation Techniques
Segmentation and Access Control
Segmenting the network can provide significant security advantages. In this video, you’ll learn about access control lists, application allow lists, and more.
Mitigation Techniques
There are many ways to prevent or reduce the impact of a cybersecurity attack. In this video, you’ll learn about patching, encryption, monitoring, least privilege, and more.
Hardening Techniques
There are many different techniques for making a system more difficult to exploit. In this video, you’ll learn about encryption, open ports, default passwords, and more.