Social media can be made safer if you take simple steps to strengthen your accounts. In fact, it has been found in many cases that with a little care and effort, you can lessen or avoid many common security issues and risks. You can reuse some of the guidance from earlier chapters and apply it … Read more
Over the last decade, some of the biggest security threats have come from the use of social networking. The rapid growth of these technologies lets millions of users each day post on Facebook, Twitter, and many other networks. What type of information are they posting? ■ Personal information ■ Photos ■ Location information ■ Friend … Read more
An attacker will look for targets of opportunity or potential victims who have the most to offer. Some common targets include receptionists, help desk personnel, users, executives, system administrators, and outside vendors. Let’s look at each and see why this is. Receptionists—one of the first people visitors see in many companies—represent prime targets. They see … Read more
Social engineering is a term that is widely used but poorly understood. It’s generally defined as any type of attack that is nontechnical in nature and that involves some type of human interaction with the goal of trying to trick or coerce a victim into revealing information or violate normal security practices. Social engineers are … Read more
Sniffing tools are extremely common applications. A few interesting ones are: Wireshark One of the most widely known and used packet sniffers. Offers a tremendous number of features designed to assist in the dissection and analysis of traffic. TCPdump A well-known command-line packet analyzer. Provides the ability to intercept and observe TCP/IP and other packets … Read more
When you are working with Trojans and other malware, you need to be aware of covert and overt channels. As mentioned earlier in the chapter , the difference between the two is that an overt channel is put in place by design and represents the legitimate or intended way for the system or process to … Read more
A wide range of tools exist that are used to take control of a victim’s system and leave behind a gift in the form of a backdoor. This is not an exhaustive list, and newer versions of many of these are released regularly: let me rule—A remote access Trojan authored entirely in Delphi. It uses … Read more
A Trojan can be detected in many ways. Port scanning, which can prove very effective if you know what to look for. Because a Trojan is used to allow access through backdoors or covert channels, a port must be opened to allow this communication. A port scan using a tool such as Nmap reveals these … Read more
One of the older and potentially widely misunderstood forms of malware is the Trojan. Simply put, a Trojan is a software application that is designed to provide covert access to a victim’s system. The malicious code is packaged in such a way that it appears harmless and thus gets around both the scrutiny of the … Read more
A relatively new type of software is scareware. This type of malware warns the victim of potential harm that could befall them if they don’t take some action. Typically, this action involves providing a credit card or doing something else to buy a utility they need to clean their system. In many cases, the utility … Read more