What is Social Engineering? Social engineering is a ‘deadly’ art form which relies on persuasive psychology to manipulate victims to give up confidential information. Social engineers (the perpetrators) seek various types of information to deceive you into providing your confidential information such as banking details, passwords, and other information. They may also secretly install malicious […]
How Viruses Hide: Metamorphic CodeMetamorphic viruses represent the end of the road in present day virus detection avoidance. Think of a metamorphic virus as a polymorphic virus on steroids. Instead of changing parts of itself for each new infection or under certain defined criteria, a metamorphic virus COMPLETELY rewrites itself each time they infect a new target. This requires […]
How Viruses Hide: Polymorphic CodePolymorphic viruses threw a new gauntlet down at the feet of anti-virus software makers. It makes detection of viruses several orders of magnitude more difficult than any other previous virus-hiding technique. A polymorphic virus contains what is known as a polymorphic or mutating engine. This engine functions like a unique re-coding agent that modifies the […]
How Viruses Hide: Self EncryptionViruses encrypt themselves to avoid signature detection in 3 common ways. The first is an older and very small footprint type of encryption that uses the XOR cipher. A XOR cipher is a simple form of encoding that encrypts the input by a using a simple key that is XORed against the input to create […]
How Viruses Hide: Self-ModificationViruses, like Woody Allen in ‘Zelig’ have the ability to change their identity and look and feel. One method of doing this is called ‘Self-Modification.’ Understanding self-modification requires understanding the dominant way anti-virus software identifies evil code. The process is called scanning for virus signatures. This is less sophisticated than the term implies. Anti-virus software […]
How Viruses Hide: Read Request InterceptsRead request intercepts take advantage of the fact that large parts of the Windows operating system are proprietary and inaccessible by non-Windows software. As such, an anti-virus program made by another company has to query the Windows OS by sending a read request to the Windows OS for the files it wants to examine. It […]
Definition of the Day: BaitingBaiting is another sibling to phishing. Whereas phishing creates urgency and fear to drive actions baiting uses…well…bait. A baiter entices the target to give information or visit a poisoned website by offering something of value to the target. It might be free music or movie downloads. It might be an extended trial license of an […]
The 14 Most Common Types of TrojansThe original Trojan was, indeed, a mythological wooden horse that turned out to be something entirely different than the gift from the gods the mythic Trojans thought it to be. In the realm of cyber security the term Trojan denotes a very specific type of malware with specific boundaries. Strictly speaking, Trojans are defined as […]
Stealth Attack Types: Fake WiFi Access PointsOne of the most common stealth attack types is creating a fake wireless access point. This attack is common because it; Leverages people’s desire for free WiFi The software required to do it is widely available for free on the internet and, Much sensitive data is passed through wireless networks in the form of unencrypted […]
Stealth Attack Types: Host File RedirectionHost file redirection is a stealth attack technique that rightfully falls into the ‘simple genius’ category. Most computer users today are unaware of a Windows DNS-related file named Hosts. (You can find it on your own machine here: C:\Windows\System32\Drivers\Etc ) The ‘Hosts’ file acts somewhat like a local DNS server in that it contains a […]