Because you have parted with money, this is a subtle form of ransomware.
An example of crypto-malware is ransomware where the victim's hard drive is encrypted and held to ransom.
A worm replicates itself and can use either ports 4444 or 5000.
A Trojan inserts a .dll into either the SysWOW64 or System 32 folder.
A remote access Trojan is a Trojan that sends the user's username and password to an external source so that they can create a remote session.
A rootkit virus attacks the root in windows it is the /system 32 folder or in Linux it is the /usr/bin/ directory.
A logic bomb virus is triggered off by an event; for example, the Fourth of July logic bomb would activate when the date on the computer was July 4.
A keylogger is a piece of software that could run from a USB flash drive plugged into the back of a computer it then records all of the keystrokes being used. It can capture sensitive data that is being typed in such as bank account details and passwords.
A botnet is a group of computers that have been infected so that they can be used to carry out malicious acts with the real attacker being identified. They could be used for a DDoS attack.
A phishing attack is when a user receives an email asking him to fill in a form requesting his bank details.
Spear phishing is a phishing attack that has been sent to a group of users.
A whaling attack targets the CEO or a high-level executive in a company.
A vishing attack can use a telephone or leave a voicemail.
Social engineering tailgating is where someone has used a smart card or entered a pin to access a door then someone behind them enters the door before it closes and they enter no credentials.
Social engineering exploits an individual's character in a situation that they are not used to.
If I dress as a policeman it could be an impersonation attack.
If I let fireman into the server room to put out a fire that is a social engineering urgency attack.
I am using an ATM queue and someone films the transaction this is a subtle shoulder surfing attack.
Fake software that will not install is a hoax. An email alert telling you to delete a system file as it is a virus is also a hoax.
A watering hole attack infects a website that a certain group of people visit regularly.
An email that looks like it has come from the CEO telling you to carry out an action is a social engineering authority attack.
This is a social engineering consensus attack where the person being attacked wants to be accepted by their peers.
An attack with multiple Syn flood attacks is a DDoS attack.
A man-in-the middle attack is where a connection between hosts has been intercepted, replaying and changing the conversation, but the people still believe that they are talking directly to each other.
A reply attack is similar to a man-in-the-middle attack, except the intercepted packet is replayed at a later date.
A POODLE attack is a man-in-the-middle attack using an SSL3.0 browser that uses Chain Block Cipher (CBC).
A man-in-the-browser attack is a Trojan that intercepts your session between your browser and the internet; it aims at obtaining financial transactions.
Kerberos authentication uses USN and time stamps and can prevent a replay attack, as the USN packets need to be sequential and the time stamps need to be in order.
Disabling NTLM will prevent a pass the hash attack.
XSS uses HTML tags with JavaScript.
A zero day virus has no patches and cannot be detected by the NIDS or NIPS as it may take the anti-virus vendor up to five days to release a patch.
Domain hijacking is where someone tries to register your domain, access your hosted control panel, and set up a website that is similar to yours.
Bluejacking is hijacking someone's Bluetooth phone so that you can take control of it and send text messages.
Bluesnarfing is where you steal someone's contacts from their Bluetooth phone.
An ARP attack is a local attack that can be prevented by using IP Sec.
Strcpy can be used for a buffer overflow attack.
An integer overflow inserts a number larger than what is allowed.
An attack that uses the phrase 1=1 is an SQL injection attack.
Input Validation and Stored Procedures can prevent an SQL injection attack.
Session hijacking is where your cookies are stolen so someone can pretend to be you.
Typosquatting is where an attack launches a website with a similar name to the legitimate website in the hope that victims misspell the URL.
Shimming or refactoring are used for a driver manipulation attack.
Digital signatures are susceptible to a birthday attack.
Rainbow tables are a pre-computed list of passwords with the relevant hash in either MD5 or SHA1.
If I salt passwords it will insert a random value and prevent dictionary attacks as a dictionary does not contain random characters.
Two tools that can be used for key stretching are bcrypt and PBKDF2.
Brute forces is the fastest password attack that crack any password as it uses all combinations of characters, letters, and symbols.
An account locked with a low value is the only way to prevent a brute force attack.
If account lockout is not available the best way to slow down a brute force attack is making the password length longer or to salt the passwords.
Using passwords for authentication is more likely prone to errors as certificates and smart cards don't tend to have many errors.
An evil twin is a WAP that is made to look like a legitimate WAP.
Using an 802.1x authentication switch can prevent an attack by a rogue WAP as the device needs to authenticate itself to attach to the switch.
A wireless disassociation attack is where the attacker prevents the victim from connecting to the WAP.
An attacker need to be within 4 cm of my card to launch an NFC attack.
This is a gray box pen test; although it says he has no information that would make it black box, at the last minute he is given a password, making it gray box. He is given some information.
A black box pen tester has no information.
A white box pen tester has all of the information.
A credentialed vulnerability scan can be used for auditing.
A non-credentialed vulnerability scan can only see missing patches of the systems on your network
Active reconnaissance is where I try to obtain a password reset.
Listening is a passive reconnaissance technique; active listening means that you are concentrating on what is being said, and you are not taking any action.
A pivot is where you gain access to a network so that you can launch an attack on a secondary system.
