malware terminology

The Terminology of Malware – What You Need to Know

Computer Virus

A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and performs malicious actions. In more technical terms, a computer virus is a type of malicious code or program written to alter the way a computer operates. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros (software code inside of a Word document) to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data. (more…)

malvertising

The Anatomy of Malvertising

Malicious Advertisements

Online advertising companies are notorious for not protecting their information systems from malware, and that has resulted in a flood of malware infections commonly known as a malvertisement. Thousands of computers can be infected within minutes of a malvertisement going live. Online advertisement companies have made a small course correction in the last two years, but the effort is not nearly enough to stem the tide of malvertising. Publishers and ad brokers still lack authentication and authorization mechanisms along with necessary malware scanning because of the volume of advertisements that are submitted, so a complaint system is used to tackle issues. We carefully review which advertisements are placed on our website, so you don’t have to worry. (more…)

phishing emails

The Anatomy of Phishing Emails

Think Before You Click

The Engineering

Before we get into the anatomy of phishing emails, we need to define what social engineering is. For the sake of simplicity, it’s a scam that is created by con artists using the same tricks from decades ago when scams were done on the street and over the phone to now, where it’s conducted over the phone, but predominately through email. (more…)

pulse wave

Pulse Wave is a New Technique Using an Old Attack

DDoS

Before we get into the nitty-gritty of how the pulse wave attack behaves, we must first define what a distributed-denial-of-service (DDoS) and denial-of-service (DoS) is, so we are all on the same page. Instead of regurgitating text from resources on the internet I have included a nice quote from Wired.

Simple DoS attacks, performed from a single machine, are uncommon these days. Instead, they’ve been supplanted by DDoS attacks, distributed denial-of-service attacks that come from many computers distributed across the internet, sometimes hundreds or thousands of systems at once. The attacking machines are generally not initiating the assault on their own but are compromised machines that are part of a botnet controlled by hackers who use the machines as an army to target a website or system.

(more…)